Prof. Dr. Mario Fritz
Faculty
CISPA Helmholtz Center for Information Security
Professor
Saarland University
Fellow
European Laboratory for Learning and Intelligent Systems (ELLIS)
Google Scholar
Semantic Scholar
We are looking for PhD students and Post-Docs! Please get in touch.
My group is working on Trustworthy Information Processing with a focus on the intersection of AI & Machine Learning with Security & Privacy.
Recent projects and initiatives related to health, privacy, AI:
Recent work on DeepFake detecting, misinformation, attribution,and responsible disclosure:
- CVPR’22: Open-Domain, Content-based, Multi-modal Fact-checking of Out-of-Context Images via Online Resources
- ICLR’22: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
- ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
- S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
- IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
- CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
- ICCV’19: Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints
Recent publications:
- CVPR’22: Open-Domain, Content-based, Multi-modal Fact-checking of Out-of-Context Images via Online Resources
- CVPR’22: B-cos Networks: Alignment is All We Need for Interpretability
- CHIL’22: Practical Challenges in Differentially-Private Federated Survival Analysis of Medical Data
- ICLR’22: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
- ICLR’22: RelaxLoss: Defending Membership Inference Attacks without Losing Utility
- Usenix’22: ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models
- PETS’22: Understanding Utility and Privacy of Demographic Data in Education Technology by Causal Analysis and Adversarial-Censoring
- IJCV’21: Semantic Bottlenecks: Quantifying and Improving Inspectability of Deep Representations
- CCS-W’21: Differential Privacy Defenses and Sampling Attacks for Membership Inference
- CCS-W’21: “What’s in the box?!”: Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models
- PKDD-W’21: IReEn: Reverse-Engineering of Black-Box Functions via Iterative Neural Program Synthesis
- PKDD-W’21: SampleFix: Learning to Generate Functionally Diverse Fixes
- ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
- ICCV’21: Dual Contrastive Loss and Attention for GANs
- EXCLI’21: Privacy Considerations for Sharing Genomics Data
- IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
- S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
- CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
- CVPR’21: Convolutional Dynamic Alignment Networks for Interpretable Classifications
- CVPR’21: Euro-PVI: Pedestrian Vehicle Interactions in Dense Urban Centers
- CVPR-W’21: MLCapsule: Guarded Offline Deployment of Machine Learning as a Service
- CVPR-W’21: InfoScrub: Towards Attribute Privacy by Targeted Obfuscation
- WACV’21: Future Moment Assessment for Action Query
Most recent work on ArXiv:
- ArXiv’21: Backdoor Attacks on Network Certification via Data Poisoning
- ArXiv’21: ProgFed: Effective, Communication, and Computation Efficient Federated Learning by Progressive Training
News, talks, events:
2019
Journal Articles
Xucong Zhang; Yusuke Sugano; Mario Fritz; Andreas Bulling
MPIIGaze: Real-World Dataset and Deep Appearance-Based Gaze Estimation Journal Article
In: Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2019.
@article{xucong19tpami,
title = {MPIIGaze: Real-World Dataset and Deep Appearance-Based Gaze Estimation},
author = {Xucong Zhang and Yusuke Sugano and Mario Fritz and Andreas Bulling},
url = {https://arxiv.org/abs/1711.09017
https://arxiv.org/pdf/1711.09017.pdf},
year = {2019},
date = {2019-02-04},
urldate = {2019-02-04},
journal = {Transactions on Pattern Analysis and Machine Intelligence (TPAMI)},
keywords = {2017, 2018, 2019},
pubstate = {published},
tppubtype = {article}
}
2018
Journal Articles
Seyedmajid Azimi; Dominik Britz; Michael Engstler; Mario Fritz; Frank Mücklich
Advanced Steel Microstructural Classification by Deep Learning Methods Journal Article
In: Scientific Reports, 2018.
@article{majid17srep,
title = {Advanced Steel Microstructural Classification by Deep Learning Methods},
author = {Seyedmajid Azimi and Dominik Britz and Michael Engstler and Mario Fritz and Frank Mücklich},
url = {https://www.nature.com/articles/s41598-018-20037-5
https://www.nature.com/articles/s41598-018-20037-5.pdf},
year = {2018},
date = {2018-02-01},
urldate = {2018-02-01},
journal = {Scientific Reports},
publisher = {Nature Publishing Group},
keywords = {2018},
pubstate = {published},
tppubtype = {article}
}
Stamatios Georgoulis; Konstantinos Rematas; Tobias Ritschel; Efstratios Gavves; Mario Fritz; Luc Van Gool; Tinne Tuytelaars
Reflectance and Natural Illumination from Single-Material Specular Objects Using Deep Learning Journal Article
In: Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2018.
@article{gergoulis18tpami,
title = {Reflectance and Natural Illumination from Single-Material Specular Objects Using Deep Learning},
author = {Stamatios Georgoulis and Konstantinos Rematas and Tobias Ritschel and Efstratios Gavves and Mario Fritz and Luc Van Gool and Tinne Tuytelaars},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
journal = {Transactions on Pattern Analysis and Machine Intelligence (TPAMI)},
keywords = {2017, 2018},
pubstate = {published},
tppubtype = {article}
}
Inproceedings
Rakshith Shetty; Mario Fritz; Bernt Schiele
Adversarial Scene Editing: Automatic Object Removal from Weak Supervision Inproceedings
In: Neural Information Processing Systems (NIPS), 2018.
@inproceedings{shetty18nips,
title = {Adversarial Scene Editing: Automatic Object Removal from Weak Supervision },
author = {Rakshith Shetty and Mario Fritz and Bernt Schiele},
url = {preliminary:
https://arxiv.org/abs/1806.01911
https://arxiv.org/pdf/1806.01911.pdf},
year = {2018},
date = {2018-12-03},
booktitle = {Neural Information Processing Systems (NIPS)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Yang He; Bernt Schiele; Mario Fritz
Diverse Conditional Image Generation by Stochastic Regression with Latent Drop-Out Codes Inproceedings
In: European Conference on Computer Vision (ECCV), 2018.
@inproceedings{he18eccv,
title = {Diverse Conditional Image Generation by Stochastic Regression with Latent Drop-Out Codes},
author = {Yang He and Bernt Schiele and Mario Fritz},
url = {http://openaccess.thecvf.com/content_ECCV_2018/papers/Yang_He_Diverse_Conditional_Image_ECCV_2018_paper.pdf},
year = {2018},
date = {2018-09-12},
booktitle = {European Conference on Computer Vision (ECCV)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Qianru Sun; Ayush Tewari; Weipeng Xu; Mario Fritz; Christian Theobalt; Bernt Schiele
A Hybrid Model for Identity Obfuscation by Face Replacement Inproceedings
In: European Conference on Computer Vision, 2018.
@inproceedings{sun18eccv,
title = {A Hybrid Model for Identity Obfuscation by Face Replacement},
author = {Qianru Sun and Ayush Tewari and Weipeng Xu and Mario Fritz and Christian Theobalt and Bernt Schiele},
url = {https://arxiv.org/abs/1804.04779
https://arxiv.org/pdf/1804.04779.pdf},
year = {2018},
date = {2018-09-09},
booktitle = {European Conference on Computer Vision},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Misha Wagner; Hector Basevi; Rakshith Shetty; Wenbin Li; Mateusz Malinowski; Mario Fritz; Ales Leonardis
Answering Visual What-If Questions: From Actions to Predicted Scene Descriptions Inproceedings
In: Visual Learning and Embodied Agents in Simulation Environments Workshop at European Conference on Computer Vision, 2018.
@inproceedings{wagner18eccvw,
title = {Answering Visual What-If Questions: From Actions to Predicted Scene Descriptions},
author = {Misha Wagner and Hector Basevi and Rakshith Shetty and Wenbin Li and Mateusz Malinowski and Mario Fritz and Ales Leonardis},
url = {https://arxiv.org/abs/1809.03707
https://arxiv.org/pdf/1809.03707.pdf},
year = {2018},
date = {2018-09-08},
booktitle = {Visual Learning and Embodied Agents in Simulation Environments Workshop at European Conference on Computer Vision},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Edgar Tretschk; Seong Joon Oh; Mario Fritz
Sequential Attacks on Agents for Long-Term Adversarial Goals Inproceedings
In: 2. ACM Computer Science in Cars Symposium -- Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles, 2018.
@inproceedings{edgar18cscs,
title = {Sequential Attacks on Agents for Long-Term Adversarial Goals},
author = {Edgar Tretschk and Seong Joon Oh and Mario Fritz}},
year = {2018},
date = {2018-09-01},
booktitle = {2. ACM Computer Science in Cars Symposium -- Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Rakshith Shetty; Bernt Schiele; Mario Fritz
A4NT: Author Attribute Anonymity by Adversarial Training of Neural Machine Translation Inproceedings
In: 27th USENIX Security Symposium (USENIX Security 18), 2018.
@inproceedings{usenix18rakshith,
title = {A4NT: Author Attribute Anonymity by Adversarial Training of Neural Machine Translation},
author = {Rakshith Shetty and Bernt Schiele and Mario Fritz},
url = {preliminary version:
https://arxiv.org/abs/1711.01921
https://arxiv.org/pdf/1711.01921.pdf
},
year = {2018},
date = {2018-08-17},
urldate = {2018-08-17},
booktitle = {27th USENIX Security Symposium (USENIX Security 18)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Apratim Bhattacharyya; Bernt Schiele; Mario Fritz
Accurate and Diverse Sampling of Sequences based on a “Best of Many” Sample Objective Inproceedings
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018.
@inproceedings{apratim18cvprb,
title = {Accurate and Diverse Sampling of Sequences based on a “Best of Many” Sample Objective},
author = {Apratim Bhattacharyya and Bernt Schiele and Mario Fritz},
url = {http://openaccess.thecvf.com/content_cvpr_2018/CameraReady/3890.pdf},
year = {2018},
date = {2018-06-22},
urldate = {2018-06-22},
booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Tribhuvanesh Orekondy; Mario Fritz; Bernt Schiele
Connecting Pixels to Privacy and Utility: Automatic Redaction of Private Information in Images Inproceedings
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018.
@inproceedings{tribhu18cvpr,
title = {Connecting Pixels to Privacy and Utility: Automatic Redaction of Private Information in Images},
author = {Tribhuvanesh Orekondy and Mario Fritz and Bernt Schiele},
url = {https://arxiv.org/abs/1712.01066
https://arxiv.org/pdf/1712.01066.pdf},
year = {2018},
date = {2018-06-18},
urldate = {2018-06-18},
booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Qianru Sun; Liqian Ma; Seong Joon Oh; Luc Van Gool; Bernt Schiele; Mario Fritz
Natural and Effective Obfuscation by Head Inpainting Inproceedings
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018.
@inproceedings{sun18cvpr,
title = {Natural and Effective Obfuscation by Head Inpainting},
author = {Qianru Sun and Liqian Ma and Seong Joon Oh and Luc Van Gool and Bernt Schiele and Mario Fritz},
url = {https://arxiv.org/abs/1711.09001
https://arxiv.org/pdf/1711.09001.pdf},
year = {2018},
date = {2018-06-18},
urldate = {2018-06-18},
booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Liqian Ma; Qianru Sun; Stamatios Georgoulis; Luc Van Gool; Bernt Schiele; Mario Fritz
Disentangled Person Image Generation Inproceedings
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018.
@inproceedings{ma18cvpr,
title = {Disentangled Person Image Generation },
author = {Liqian Ma and Qianru Sun and Stamatios Georgoulis and Luc Van Gool and Bernt Schiele and Mario Fritz},
url = {https://arxiv.org/abs/1712.02621
https://arxiv.org/pdf/1712.02621.pdf},
year = {2018},
date = {2018-06-18},
urldate = {2018-06-18},
booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Apratim Bhattacharyya; Mario Fritz; Bernt Schiele
Long-Term On-Board Prediction of People in Traffic Scenes under Uncertainty Inproceedings
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018.
@inproceedings{apratim18cvpr,
title = {Long-Term On-Board Prediction of People in Traffic Scenes under Uncertainty},
author = {Apratim Bhattacharyya and Mario Fritz and Bernt Schiele},
url = {https://arxiv.org/abs/1711.09026
https://arxiv.org/pdf/1711.09026.pdf},
year = {2018},
date = {2018-06-18},
urldate = {2018-06-18},
booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Seong Joon Oh; Max Augustin; Bernt Schiele; Mario Fritz
Towards Reverse-Engineering Black-Box Neural Networks Inproceedings
In: Internation Conference on Representation Learning (ICLR), 2018, (to appear).
@inproceedings{joon18icrl,
title = {Towards Reverse-Engineering Black-Box Neural Networks},
author = {Seong Joon Oh and Max Augustin and Bernt Schiele and Mario Fritz},
url = {https://github.com/coallaoh/WhitenBlackBox
https://arxiv.org/abs/1711.01768
https://arxiv.org/pdf/1711.01768.pdf},
year = {2018},
date = {2018-04-30},
urldate = {2018-04-30},
booktitle = {Internation Conference on Representation Learning (ICLR)},
note = {to appear},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Apratim Bhattacharyya; Mateusz Malinowski; Bernt Schiele; Mario Fritz
Long-Term Image Boundary Prediction Inproceedings
In: Association for the Advancement of Artificial Intelligence (AAAI), 2018.
@inproceedings{apratim18aaai,
title = {Long-Term Image Boundary Prediction},
author = {Apratim Bhattacharyya and Mateusz Malinowski and Bernt Schiele and Mario Fritz},
url = {https://www.aaai.org/ocs/index.php/AAAI/AAAI18/paper/viewFile/17280/16540},
year = {2018},
date = {2018-02-02},
urldate = {2018-02-02},
booktitle = {Association for the Advancement of Artificial Intelligence (AAAI)},
keywords = {2018},
pubstate = {published},
tppubtype = {inproceedings}
}
Technical Reports
Rakshith Shetty; Bernt Schiele; Mario Fritz
Not Using the Car to See the Sidewalk: Quantifying and Controlling the Effects of Context in Classification and Segmentation Technical Report
arXiv:1812.06707, 2018.
@techreport{shetty8arxiv,
title = {Not Using the Car to See the Sidewalk: Quantifying and Controlling the Effects of Context in Classification and Segmentation},
author = {Rakshith Shetty and Bernt Schiele and Mario Fritz},
url = {https://arxiv.org/abs/1812.06707
https://arxiv.org/pdf/1812.06707.pdf},
year = {2018},
date = {2018-12-17},
type = {arXiv:1812.06707},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz
Knockoff Nets: Stealing Functionality of Black-Box Models Technical Report
arXiv:1812.02766, 2018.
@techreport{tribhu18arxivb,
title = {Knockoff Nets: Stealing Functionality of Black-Box Models},
author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz},
url = {https://arxiv.org/abs/1812.02766
https://arxiv.org/pdf/1812.02766.pdf
},
year = {2018},
date = {2018-12-10},
type = {arXiv:1812.02766},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Ning Yu; Larry Davis; Mario Fritz
Attributing Fake Images to GANs: Analyzing Fingerprints in Generated Images Technical Report
2018.
@techreport{yu18arxiv,
title = {Attributing Fake Images to GANs: Analyzing Fingerprints in Generated Images},
author = {Ning Yu and Larry Davis and Mario Fritz},
url = {https://arxiv.org/abs/1811.08180
https://arxiv.org/pdf/1811.08180.pdf},
year = {2018},
date = {2018-11-21},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Lucjan Hanzlik; Yang Zhang; Kathrin Grosse; Ahmed Salem; Max Augustin; Michael Backes; Mario Fritz
MLCapsule: Guarded Offline Deployment of Machine Learning as a Service Technical Report
arXiv:1808.00590 [cs.CR], 2018.
@techreport{hanzlik18arixv,
title = {MLCapsule: Guarded Offline Deployment of Machine Learning as a Service},
author = {Lucjan Hanzlik and Yang Zhang and Kathrin Grosse and Ahmed Salem and Max Augustin and Michael Backes and Mario Fritz},
url = {https://arxiv.org/abs/1808.00590
https://arxiv.org/pdf/1808.00590.pdf},
year = {2018},
date = {2018-08-03},
type = {arXiv:1808.00590 [cs.CR]},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Hosnieh Sattar; Gerard Pons-Moll; Mario Fritz
Fashion is Taking Shape: Understanding Clothing Preference Based on Body Shape From Online Sources Technical Report
arXiv:1807.03235, 2018.
@techreport{sattar18arxiv,
title = {Fashion is Taking Shape: Understanding Clothing Preference Based on Body Shape From Online Sources},
author = {Hosnieh Sattar and Gerard Pons-Moll and Mario Fritz},
url = {//arxiv.org/abs/1807.03235
//arxiv.org/pdf/1807.03235.pdf
},
year = {2018},
date = {2018-07-10},
urldate = {2018-07-10},
type = {arXiv:1807.03235},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Ahmed Salem; Yang Zhang; Mathias Humbert; Mario Fritz; Michael Backes
ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models Technical Report
arXiv:1806.01246 [cs.CR], 2018.
@techreport{salem18arxiv,
title = {ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models},
author = {Ahmed Salem and Yang Zhang and Mathias Humbert and Mario Fritz and Michael Backes},
url = {https://arxiv.org/abs/1806.01246
https://arxiv.org/pdf/1806.01246.pdf
},
year = {2018},
date = {2018-06-05},
type = {arXiv:1806.01246 [cs.CR]},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Rakshith Shetty; Mario Fritz; Bernt Schiele
Adversarial Scene Editing: Automatic Object Removal from Weak Supervision Technical Report
2018.
@techreport{rakshith18arxiv,
title = {Adversarial Scene Editing: Automatic Object Removal from Weak Supervision},
author = {Rakshith Shetty and Mario Fritz and Bernt Schiele},
url = {https://arxiv.org/abs/1806.01911
https://arxiv.org/pdf/1806.01911.pdf},
year = {2018},
date = {2018-06-05},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Edgar Tretschk; Seong Joon Oh; Mario Fritz
Sequential Attacks on Agents for Long-Term Adversarial Goals Technical Report
arXiv:1805.12487, 2018.
@techreport{tretschk18arxiv,
title = {Sequential Attacks on Agents for Long-Term Adversarial Goals},
author = {Edgar Tretschk and Seong Joon Oh and Mario Fritz},
url = {https://arxiv.org/abs/1805.12487
https://arxiv.org/pdf/1805.12487.pdf
},
year = {2018},
date = {2018-05-31},
type = {arXiv:1805.12487},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Tribhuvanesh Orekondy; Seong Joon Oh; Bernt Schiele; Mario Fritz
Understanding and Controlling User Linkability in Decentralized Learning Technical Report
arXiv:1805.05838 [cs.CR], 2018.
@techreport{tribhu18arxiv,
title = {Understanding and Controlling User Linkability in Decentralized Learning},
author = {Tribhuvanesh Orekondy and Seong Joon Oh and Bernt Schiele and Mario Fritz},
url = {https://arxiv.org/abs/1805.05838
https://arxiv.org/pdf/1805.05838.pdf},
year = {2018},
date = {2018-05-16},
urldate = {2018-05-16},
type = {arXiv:1805.05838 [cs.CR]},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Qianru Sun; Ayush Tewari; Weipeng Xu; Mario Fritz; Christian Theobalt; Bernt Schiele
A Hybrid Model for Identity Obfuscation by Face Replacement Technical Report
arXiv:1804.04779 [cs.CV], 2018.
@techreport{sun18arxiv,
title = {A Hybrid Model for Identity Obfuscation by Face Replacement},
author = {Qianru Sun and Ayush Tewari and Weipeng Xu and Mario Fritz and Christian Theobalt and Bernt Schiele},
url = {https://arxiv.org/abs/1804.04779
https://arxiv.org/pdf/1804.04779.pdf},
year = {2018},
date = {2018-04-13},
urldate = {2018-04-13},
type = {arXiv:1804.04779 [cs.CV]},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
Maxim Maximov; Tobias Ritschel; Mario Fritz
Deep Appearance Maps Technical Report
arXiv:1804.00863 [cs.CV], 2018.
@techreport{maximov18arxiv,
title = {Deep Appearance Maps},
author = {Maxim Maximov and Tobias Ritschel and Mario Fritz},
url = {https://arxiv.org/abs/1804.00863
https://arxiv.org/pdf/1804.00863.pdf},
year = {2018},
date = {2018-04-03},
urldate = {2018-04-03},
type = {arXiv:1804.00863 [cs.CV]},
keywords = {2018},
pubstate = {published},
tppubtype = {techreport}
}
