Google Scholar 
Semantic Scholar

My group is working on Trustworthy Information Processing with a focus on the intersection of AI & Machine Learning with Security & Privacy.

Recent projects and initiatives related to health, privacy, AI:

• Leading Scientist: Helmholtz Medical Security, Privacy, and AI Research Center (HMSP)
• Coordinator and PI: Trustworthy Federated Data Analytics Project (TFDA)
• Coordinator and PI: Protecting Genetic Data with Synthetic Cohorts from Deep Generative Models (PRO-GENE-GEN)
• PI: Integrated Early Warning System for Local Recognition, Prevention, and Control for Epidemic Outbreaks (LOKI)
• Partner-PI: The German Human Genome-Phenome Archive (GHGA)
• Member of working group in “Forum Gesundheit” of BMBF: “AG Nutzbarmachung digitaler Daten für KI-Entwicklungen in der Gesundheitsforschung”

Recent work on DeepFake detecting, misinformation, attribution,and responsible disclosure:

• ICLR’22: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ArXiv’21: Open-Domain, Content-based, Multi-modal Fact-checking of Out-of-Context Images via Online Resources
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• ICCV’19: Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints

Recent publications:

• ICLR’22: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ICLR’22: RelaxLoss: Defending Membership Inference Attacks without Losing Utility
• Usenix’22: ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models
• PETS’22: Understanding Utility and Privacy of Demographic Data in Education Technology by Causal Analysis and Adversarial-Censoring

• IJCV’21: Semantic Bottlenecks: Quantifying and Improving Inspectability of Deep Representations
• CCS-W’21: Differential Privacy Defenses and Sampling Attacks for Membership Inference
• CCS-W’21: “What’s in the box?!”: Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models
• PKDD-W’21: IReEn: Reverse-Engineering of Black-Box Functions via Iterative Neural Program Synthesis
• PKDD-W’21: SampleFix: Learning to Generate Functionally Diverse Fixes
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• ICCV’21: Dual Contrastive Loss and Attention for GANs
• EXCLI’21: Privacy Considerations for Sharing Genomics Data
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• CVPR’21: Convolutional Dynamic Alignment Networks for Interpretable Classifications
• CVPR’21: Euro-PVI: Pedestrian Vehicle Interactions in Dense Urban Centers
• CVPR-W’21: MLCapsule: Guarded Offline Deployment of Machine Learning as a Service
• CVPR-W’21: InfoScrub: Towards Attribute Privacy by Targeted Obfuscation
• WACV’21: Future Moment Assessment for Action Query

• NeurIPS’20: GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators
• NeurIPS-W’20: SampleFix: Learning to Correct Programs by Sampling Diverse Fixes
• NeurIPS-W’20: IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis
• NeurIPS-W’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• CCS’20: VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
• CCS’20: GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs
• S&P’20: Automatically Detecting Bystanders in Photos to Reduce Privacy Risks
• USENIX Security’20: Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning
• ICLR’20: Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks
• CVPR’20: Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing
• CVPR’20: Normalizing Flows with Multi-scale Autoregressive Priors
• ECCV’20: Towards Automated Testing and Robustification by Semantic Adversarial Data Generation
• ECCV’20: Inclusive GAN: Improving Data and Minority Coverage in Generative Models
• ECCV’20: Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation
• ECCV-W’20: Body Shape Privacy in Images: Understanding Privacy and Preventing Automatic Shape Extraction
• ECCV-W’20: Synthetic Convolutional Features for Improved Semantic Segmentation
• NEUCOM’20: Deep gaze pooling: Inferring and visually decoding search intents from human gaze fixations
• GCPR’20: Semantic Bottlenecks: Quantifying & Improving Inspectability of Deep Representations
• GCPR’20: Long-Tailed Recognition Using Class-Balanced Experts
• GCPR’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• TPAMI’20: Person Recognition in Personal Photo Collections
• Explainable AI Book: Towards reverse-engineering black-box neural networks

Most recent work on ArXiv:

• ArXiv’21: Open-Domain, Content-based, Multi-modal Fact-checking of Out-of-Context Images via Online Resources
• ArXiv’21: Backdoor Attacks on Network Certification via Data Poisoning
• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ArXiv’20: CosSGD: Nonlinear Quantization for Communication-efficient Federated Learning

News, talks, events:

• Recent program committees: ICML’21, NeurIPS’21, S&P’22, EuroS&P’22, CVPR’22 (AC); CCS’22
• Runner-up Inria/CNIL Privacy Protection Prize 2020
  S&P’20 paper: “Automatically Detecting Bystanders in Photos to Reduce Privacy Risks”
• Co-Organizers of ICLR’21 Workshop on “Synthetic Data Generation – Quality, Privacy, Bias”
• Co-Organizers of CVPR’21 Workshop on “QuoVadis: Interdisciplinary, Socio-Technical Workshop on the Future of Computer Vision and Pattern Recognition (QuoVadis-CVPR)”
• Co-Organizers of CVPR’21 Workshop on “Causality in Vision”
• Founding member of Saarbrücken Artificial Intelligence & Machine Learning (SAM) unit of the European Laboratory of Learning and Intelligent Systems (ELLIS)
• Lecturer at Digital CISPA Summer School 2020
• Co-Organizer of Third International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at ECCV 2020
• Co-Organizer: 4. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’20
• Keynote at Workshop Machine Learning for Cybersecurity, ECMLPKDD’19
• Talk at Cyber Defense Campus (CYD) Conference on Artificial Intelligence in Defence and Security
• Co-Organizer of Second International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at CVPR 2019
• Co-Organizer: 3. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’19
• Leading scientist at new Helmholtz Medical Security and Privacy Research Center
• Member of ACM Technical Policy Committee Europe
• Mateusz Malinowski received the DAGM MVTec dissertation award as well as the Dr.-Eduard-Martin award for his PhD
• Associate Editor for IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI)

2011 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022

All years 20222021202020192018201720162015201420132012201120102009200820072006200520042002 All types Journal ArticlesIncollectionsInproceedingsMasters ThesesMiscellaneousPhD ThesesProceedingsTechnical ReportsWorkshops All authors Pieter AbbeelSahar AbdelnabiPaarijaat AdityaVedika AgarwalZeynep AkataTim AlthoffOliver AmftMax AugustinSeyed Majid AzimiSeyedmajid AzimiMichael BackesJonathan T. BarronHector BaseviTobias BaumgartnerMatthias BeckerRodrigo BenensonBobby BhattacharjeeApratim BhattacharyyaUlf BlankeJeannette BohgDominik BritzAndreas BullingBarbara CaputoBryan CatanzaroDingfan ChenWei-Chen ChiuSreyasi Nag ChowdhuryDavid CrandallEmiliano De CristofaroTrevor DarrellLarry DavisLarry S. DavisPeter DruschelAysegul DundarSandra EbertEklundh, Jan-OlofMichael EngstlerPedro FelzenszwalbSanja FidlerMario FritzMario FritzFabio GalassoEfstratios GavvesStamatios GeorgoulisChristopher GeyerRoss GirshickDaniel GoehringLuc Van GoolOliver GrauKathrin GrosseChunhui GuHossein HajipourMichael HanselmannLucjan HanzlikRakibul HasanHayman, EricXinlei HeYang HeLisa Anne HendricksMathias HumbertTam HuynhAllie JanochAllison JanochYangqing JiaGregory S. JohnsonApu KapadiaSergey KarayevQiuhong KeMargret KeuperAnna KhorevaKatharina KrombholzGeert-Jan KruijffBrian KulisMarta KwiatkowskaLaura Leal-TaixeBastian LeibeAles LeonardisEvgeny LevinkovKe LiWenbin LiGuilin LiuYugeng LiuJonathan LongTobias LorenzMax LoschLiqian MaShweta MahajanJitendra MalikMateusz MalinowskiMaxim MaximovDaniel McculleyStephen MillerAshkan MokarianMoritz Bohle, Mario Fritz, Bernt SchieleFrank MücklichFrank MuecklichSabine MüllerChuong NguyenMarie OestreichSeong Joon OhTribhuvanesh OrekondyGerard Pons-MollShadi RahimianDaniel Olmeda ReinoKonstantinos RematasTobias RitschelMarcus RohrbachStefan RothKate SaenkoAhmed SalemHosnieh SattarJonas ScheerBernt SchieleSchieleBernt SchielePaul SchnitzspanIngo ScholzDominique SchroederJoachim L. SchultzeEdgar SeemannJulia SeiterRijurekha SenAbhishek SharmaSaurabh SharmaIaroslav ShcherbatyiRakshith ShettyAlex ShyrMark SimkinVladislav SkripniukHyun Oh SongCristian-Alexandru StaicuChristoph-Nikolas StraehleYusuke SuganoQianru SunAndrew TaoAyush TewariChristian TheobaltEdgar TretschkGerhard TroesterTinne TuytelaarsMisha WagnerHui-Po WangPing Chuan WangRui WenTongtong WuWeipeng XuYangqing YiaNing YuMaximilian ZenkXucong ZhangYang ZhangZhikun ZhangPeng ZhouStefan ZicklerMatthias Zobel All users Mario Fritz

Show all

2020

Inproceedings

Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz

Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks Inproceedings

In: International Conference on Representation Learning (ICLR), 2020.

Links | BibTeX | Tags: 2019

@inproceedings{orekondy20iclr,

title = {Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks},

author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz},

url = {https://arxiv.org/abs/1906.10908

https://arxiv.org/pdf/1906.10908.pdf},

year  = {2020},

date = {2020-04-30},

urldate = {2020-04-30},

booktitle = {International Conference on Representation Learning (ICLR)},

type = {arXiv:1906.10908 },

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• https://arxiv.org/abs/1906.10908
• https://arxiv.org/pdf/1906.10908.pdf

Close

Technical Reports

Hui-Po Wang; Tribhuvanesh Orekondy; Mario Fritz

InfoScrub: Towards Attribute Privacy by Targeted Obfuscation Technical Report

arXiv:2005.10329 , 2020.

Links | BibTeX | Tags: 2019

@techreport{wang20arxiv,

title = {InfoScrub: Towards Attribute Privacy by Targeted Obfuscation},

author = {Hui-Po Wang and Tribhuvanesh Orekondy and Mario Fritz},

url = {https://arxiv.org/abs/2005.10329

https://arxiv.org/pdf/2005.10329.pdf

},

year  = {2020},

date = {2020-05-20},

type = {arXiv:2005.10329 },

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/2005.10329
• https://arxiv.org/pdf/2005.10329.pdf

Close

Workshops

Hossein Hajipour; Apratim Bhattacharyya; Mario Fritz

SampleFix: Learning to Correct Programs by Sampling Diverse Fixes Workshop

NeurIPS Workshop on Computer-Assisted Programming, 2020.

Links | BibTeX | Tags: 2019, 2020

@workshop{hajipour20neuripscap,

title = {SampleFix: Learning to Correct Programs by Sampling Diverse Fixes},

author = {Hossein Hajipour and Apratim Bhattacharyya and Mario Fritz},

url = {https://arxiv.org/abs/1906.10502

https://arxiv.org/pdf/1906.10502.pdf},

year  = {2020},

date = {2020-12-06},

urldate = {2020-12-06},

booktitle = {NeurIPS Workshop on Computer-Assisted Programming},

keywords = {2019, 2020},

pubstate = {published},

tppubtype = {workshop}

}

Close

• https://arxiv.org/abs/1906.10502
• https://arxiv.org/pdf/1906.10502.pdf

Close

2019

Journal Articles

Xucong Zhang; Yusuke Sugano; Mario Fritz; Andreas Bulling

MPIIGaze: Real-World Dataset and Deep Appearance-Based Gaze Estimation Journal Article

In: Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2019.

Links | BibTeX | Tags: 2017, 2018, 2019

@article{xucong19tpami,

title = {MPIIGaze: Real-World Dataset and Deep Appearance-Based Gaze Estimation},

author = {Xucong Zhang and Yusuke Sugano and Mario Fritz and Andreas Bulling},

url = {https://arxiv.org/abs/1711.09017

https://arxiv.org/pdf/1711.09017.pdf},

year  = {2019},

date = {2019-02-04},

urldate = {2019-02-04},

journal = {Transactions on Pattern Analysis and Machine Intelligence (TPAMI)},

keywords = {2017, 2018, 2019},

pubstate = {published},

tppubtype = {article}

}

Close

• https://arxiv.org/abs/1711.09017
• https://arxiv.org/pdf/1711.09017.pdf

Close

Incollections

Seong Joon Oh; Bernt Schiele; Mario Fritz

Towards reverse-engineering black-box neural networks Incollection

In: Explainable AI: Interpreting, Explaining and Visualizing Deep Learning, 2019.

Links | BibTeX | Tags: 2019

@incollection{oh20xai,

title = {Towards reverse-engineering black-box neural networks},

author = {Seong Joon Oh and Bernt Schiele and Mario Fritz},

url = {https://link.springer.com/chapter/10.1007/978-3-030-28954-6_7},

year  = {2019},

date = {2019-09-10},

booktitle = {Explainable AI: Interpreting, Explaining and Visualizing Deep Learning},

keywords = {2019},

pubstate = {published},

tppubtype = {incollection}

}

Close

• https://link.springer.com/chapter/10.1007/978-3-030-28954-6_7

Close

Inproceedings

Ning Yu; Larry Davis; Mario Fritz

Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints Inproceedings

In: International Conference on Computer Vision (ICCV), 2019.

Links | BibTeX | Tags: 2019

@inproceedings{yu19iccv,

title = {Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints},

author = {Ning Yu and Larry Davis and Mario Fritz},

url = {//arxiv.org/abs/1811.08180

//arxiv.org/pdf/1811.08180.pdf

},

year  = {2019},

date = {2019-10-30},

urldate = {2019-10-30},

booktitle = {International Conference on Computer Vision (ICCV)},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• //arxiv.org/abs/1811.08180
• //arxiv.org/pdf/1811.08180.pdf

Close

Maxim Maximov; Tobias Ritschel; Laura Leal-Taixe; Mario Fritz

Deep Appearance Maps Inproceedings

In: International Conference on Computer Vision (ICCV), 2019.

Links | BibTeX | Tags: 2019

@inproceedings{maximov19iccv,

title = {Deep Appearance Maps},

author = {Maxim Maximov and Tobias Ritschel and Laura Leal-Taixe and Mario Fritz},

url = {//arxiv.org/abs/1804.00863

//arxiv.org/pdf/1804.00863.pdf},

year  = {2019},

date = {2019-10-29},

urldate = {2019-10-29},

booktitle = {International Conference on Computer Vision (ICCV)},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• //arxiv.org/abs/1804.00863
• //arxiv.org/pdf/1804.00863.pdf

Close

Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz

Knockoff Nets: Stealing Functionality of Black-Box Models Inproceedings

In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2019.

Links | BibTeX | Tags: 2019

@inproceedings{orekondy19cvpr,

title = {Knockoff Nets: Stealing Functionality of Black-Box Models },

author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz},

url = {preliminary version:

https://arxiv.org/abs/1812.02766

https://arxiv.org/pdf/1812.02766},

year  = {2019},

date = {2019-06-18},

booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• preliminary version:
• https://arxiv.org/abs/1812.02766
• https://arxiv.org/pdf/1812.02766

Close

Rakshith Shetty; Bernt Schiele; Mario Fritz

Not Using the Car to See the Sidewalk: Quantifying and Controlling the Effects of Context in Classification and Segmentation Inproceedings

In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2019.

Links | BibTeX | Tags: 2019

@inproceedings{shetty19cvpr,

title = {Not Using the Car to See the Sidewalk: Quantifying and Controlling the Effects of Context in Classification and Segmentation},

author = {Rakshith Shetty and Bernt Schiele and Mario Fritz},

url = {preliminary version:

https://arxiv.org/abs/1812.06707

https://arxiv.org/pdf/1812.06707.pdf},

year  = {2019},

date = {2019-06-17},

booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• preliminary version:
• https://arxiv.org/abs/1812.06707
• https://arxiv.org/pdf/1812.06707.pdf

Close

Qiuhong Ke; Mario Fritz; Bernt Schiele

Time-Conditioned Action Anticipation in One Shot Inproceedings

In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2019.

BibTeX | Tags: 2019

@inproceedings{ke19cvpr,

title = {Time-Conditioned Action Anticipation in One Shot},

author = {Qiuhong Ke and Mario Fritz and Bernt Schiele},

year  = {2019},

date = {2019-06-16},

booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

Apratim Bhattacharyya; Mario Fritz; Bernt Schiele

Bayesian Prediction of Future Street Scenes using Synthetic Likelihoods Inproceedings

In: International Conference on Representation Learning (ICLR), 2019.

Links | BibTeX | Tags: 2019

@inproceedings{apratim19iclr,

title = {Bayesian Prediction of Future Street Scenes using Synthetic Likelihoods},

author = {Apratim Bhattacharyya and Mario Fritz and Bernt Schiele},

url = {https://arxiv.org/abs/1810.00746

https://arxiv.org/pdf/1810.00746.pdf},

year  = {2019},

date = {2019-05-06},

booktitle = {International Conference on Representation Learning (ICLR)},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• https://arxiv.org/abs/1810.00746
• https://arxiv.org/pdf/1810.00746.pdf

Close

Ahmed Salem; Yang Zhang; Mathias Humbert; Mario Fritz; Michael Backes

ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models Inproceedings

In: Annual Network and Distributed System Security Symposium (NDSS), 2019, (to appear).

Links | BibTeX | Tags: 2019

@inproceedings{ndss19salem,

title = {ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models},

author = {Ahmed Salem and Yang Zhang and Mathias Humbert and Mario Fritz and Michael Backes},

url = {preliminary:

https://arxiv.org/abs/1806.01246

https://arxiv.org/pdf/1806.01246.pdf

},

year  = {2019},

date = {2019-02-24},

booktitle = {Annual Network and Distributed System Security Symposium (NDSS)},

note = {to appear},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• preliminary:
• https://arxiv.org/abs/1806.01246
• https://arxiv.org/pdf/1806.01246.pdf

Close

Hosnieh Sattar; Gerard Pons-Moll; Mario Fritz

Fashion is Taking Shape: Understanding Clothing Preference Based on Body Shape From Online Sources Inproceedings

In: IEEE Winter Conference on Applications of Computer Vision (WACV), 2019, (to appear).

Links | BibTeX | Tags: 2019

@inproceedings{sattar19wacv,

title = {Fashion is Taking Shape: Understanding Clothing Preference Based on Body Shape From Online Sources },

author = {Hosnieh Sattar and Gerard Pons-Moll and Mario Fritz},

url = {preliminary:

//arxiv.org/abs/1807.03235

//arxiv.org/pdf/1807.03235.pdf},

year  = {2019},

date = {2019-01-08},

urldate = {2019-01-08},

booktitle = {IEEE Winter Conference on Applications of Computer Vision (WACV)},

note = {to appear},

keywords = {2019},

pubstate = {published},

tppubtype = {inproceedings}

}

Close

• preliminary:
• //arxiv.org/abs/1807.03235
• //arxiv.org/pdf/1807.03235.pdf

Close

Technical Reports

Yang He; Shadi Rahimian; Bernt Schiele; Mario Fritz

Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation Technical Report

arXiv:1912.09685, 2019.

Links | BibTeX | Tags: 2019, 2020

@techreport{he19arxiv,

title = {Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation},

author = {Yang He and Shadi Rahimian and Bernt Schiele and Mario Fritz},

url = {https://arxiv.org/abs/1912.09685

https://arxiv.org/pdf/1912.09685.pdf},

year  = {2019},

date = {2019-12-19},

type = {arXiv:1912.09685},

keywords = {2019, 2020},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/1912.09685
• https://arxiv.org/pdf/1912.09685.pdf

Close

Vedika Agarwal; Rakshith Shetty; Mario Fritz

Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing Technical Report

2019.

Links | BibTeX | Tags: 2019, 2020

@techreport{agarwal19arxiv,

title = {Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing},

author = {Vedika Agarwal and Rakshith Shetty and Mario Fritz

},

url = {https://arxiv.org/abs/1912.07538

https://arxiv.org/pdf/1912.07538.pdf},

year  = {2019},

date = {2019-12-16},

keywords = {2019, 2020},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/1912.07538
• https://arxiv.org/pdf/1912.07538.pdf

Close

Apratim Bhattacharyya; Mario Fritz; Bernt Schiele

"Best-of-Many-Samples" Distribution Matching Technical Report

arXiv:1909.12598, 2019.

Links | BibTeX | Tags: 2019

@techreport{bhattacharyya19arxivb,

title = {"Best-of-Many-Samples" Distribution Matching},

author = {Apratim Bhattacharyya and Mario Fritz and Bernt Schiele},

url = {//arxiv.org/abs/1909.12598

//arxiv.org/pdf/1909.12598.pdf},

year  = {2019},

date = {2019-09-27},

urldate = {2019-09-27},

type = {arXiv:1909.12598},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• //arxiv.org/abs/1909.12598
• //arxiv.org/pdf/1909.12598.pdf

Close

Dingfan Chen; Ning Yu; Yang Zhang; Mario Fritz

GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs Technical Report

arXiv:1909.03935, 2019.

Links | BibTeX | Tags: 2019

@techreport{chen19arxiv,

title = {GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs},

author = {Dingfan Chen and Ning Yu and Yang Zhang and Mario Fritz},

url = {https://arxiv.org/abs/1909.03935

https://arxiv.org/pdf/1909.03935.pdf},

year  = {2019},

date = {2019-09-09},

urldate = {2019-09-09},

type = {arXiv:1909.03935},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/1909.03935
• https://arxiv.org/pdf/1909.03935.pdf

Close

Sahar Abdelnabi; Katharina Krombholz; Mario Fritz

WhiteNet: Phishing Website Detection by Visual Whitelists Technical Report

arXiv:1909.00300, 2019.

Links | BibTeX | Tags: 2019

@techreport{abdelnabi19arxiv,

title = {WhiteNet: Phishing Website Detection by Visual Whitelists},

author = {Sahar Abdelnabi and Katharina Krombholz and Mario Fritz},

url = {https://arxiv.org/abs/1909.00300

https://arxiv.org/pdf/1909.00300.pdf},

year  = {2019},

date = {2019-09-01},

urldate = {2019-09-01},

type = {arXiv:1909.00300},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/1909.00300
• https://arxiv.org/pdf/1909.00300.pdf

Close

Apratim Bhattacharyya; Michael Hanselmann; Mario Fritz; Bernt Schiele; Christoph-Nikolas Straehle

Conditional Flow Variational Autoencoders for Structured Sequence Prediction Technical Report

arXiv:1908.09008, 2019.

Links | BibTeX | Tags: 2019

@techreport{bhattacharyya19arxiv,

title = {Conditional Flow Variational Autoencoders for Structured Sequence Prediction},

author = {Apratim Bhattacharyya and Michael Hanselmann and Mario Fritz and Bernt Schiele and Christoph-Nikolas Straehle},

url = {https://arxiv.org/abs/1908.09008

https://arxiv.org/pdf/1908.09008.pdf},

year  = {2019},

date = {2019-08-24},

urldate = {2019-08-24},

type = {arXiv:1908.09008},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/1908.09008
• https://arxiv.org/pdf/1908.09008.pdf

Close

Max Losch; Mario Fritz; Bernt Schiele

Interpretability Beyond Classification Output: Semantic Bottleneck Networks Technical Report

arXiv:1907.10882 , 2019.

Links | BibTeX | Tags: 2019

@techreport{losch19arxiv,

title = {Interpretability Beyond Classification Output: Semantic Bottleneck Networks},

author = {Max Losch and Mario Fritz and Bernt Schiele},

url = {//arxiv.org/abs/1907.10882

//arxiv.org/pdf/1907.10882.pdf},

year  = {2019},

date = {2019-07-25},

urldate = {2019-07-25},

type = {arXiv:1907.10882 },

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• //arxiv.org/abs/1907.10882
• //arxiv.org/pdf/1907.10882.pdf

Close

Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz

Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks Technical Report

2019.

Links | BibTeX | Tags: 2019

@techreport{orekondy19arxiv,

title = {Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks},

author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz},

url = {https://arxiv.org/abs/1906.10908

https://arxiv.org/pdf/1906.10908.pdf},

year  = {2019},

date = {2019-06-26},

urldate = {2019-06-26},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• https://arxiv.org/abs/1906.10908
• https://arxiv.org/pdf/1906.10908.pdf

Close

Hossein Hajipour; Apratim Bhattacharyya; Mario Fritz

SampleFix: Learning to Correct Programs by Sampling Diverse Fixes Technical Report

arXiv:1906.10502, 2019.

Links | BibTeX | Tags: 2019

@techreport{hajipour19arxiv,

title = {SampleFix: Learning to Correct Programs by Sampling Diverse Fixes},

author = {Hossein Hajipour and Apratim Bhattacharyya and Mario Fritz},

url = {//arxiv.org/abs/1906.10502

//arxiv.org/pdf/1906.10502.pdf},

year  = {2019},

date = {2019-06-24},

urldate = {2019-06-24},

type = {arXiv:1906.10502},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• //arxiv.org/abs/1906.10502
• //arxiv.org/pdf/1906.10502.pdf

Close

Hosnieh Sattar; Katharina Krombholz; Gerard Pons-Moll; Mario Fritz

Shape Evasion: Preventing Body Shape Inference of Multi-Stage Approaches Technical Report

arXiv:1905.11503 , 2019.

Links | BibTeX | Tags: 2019

@techreport{sattar19arxiv,

title = {Shape Evasion: Preventing Body Shape Inference of Multi-Stage Approaches},

author = {Hosnieh Sattar and Katharina Krombholz and Gerard Pons-Moll and Mario Fritz},

url = {//arxiv.org/abs/1905.11503

//arxiv.org/pdf/1905.11503.pdf},

year  = {2019},

date = {2019-05-30},

urldate = {2019-05-30},

type = {arXiv:1905.11503 },

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• //arxiv.org/abs/1905.11503
• //arxiv.org/pdf/1905.11503.pdf

Close

Wenbin Li; Ales Leonardis; Jeannette Bohg; Mario Fritz

Learning Manipulation under Physics Constraints with Visual Perception Technical Report

2019.

Links | BibTeX | Tags: 2019

@techreport{li19arxiv,

title = {Learning Manipulation under Physics Constraints with Visual Perception},

author = {Wenbin Li and Ales Leonardis and Jeannette Bohg and Mario Fritz},

url = {//arxiv.org/abs/1904.09860

//arxiv.org/pdf/1904.09860.pdf

},

year  = {2019},

date = {2019-04-19},

urldate = {2019-04-19},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• //arxiv.org/abs/1904.09860
• //arxiv.org/pdf/1904.09860.pdf

Close

Ahmed Salem; Apratim Bhattacharyya; Michael Backes; Mario Fritz; Yang Zhang

Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning Technical Report

2019.

Links | BibTeX | Tags: 2019

@techreport{salem19arxiv,

title = {Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning},

author = {Ahmed Salem and Apratim Bhattacharyya and Michael Backes and Mario Fritz and Yang Zhang},

url = {//arxiv.org/abs/1904.01067

//arxiv.org/pdf/1904.01067.pdf},

year  = {2019},

date = {2019-04-03},

journal = {arXiv:1904.01067},

keywords = {2019},

pubstate = {published},

tppubtype = {techreport}

}

Close

• //arxiv.org/abs/1904.01067
• //arxiv.org/pdf/1904.01067.pdf

Close

Workshops

Shadi Rahimian; Tribhuvanesh Orekondy; Mario Fritz

Differential Privacy Defenses and Sampling Attacks for Membership Inference Workshop

NeurIPS Workshop on Privacy in Machine Learning (PRIML), 2019.

Links | BibTeX | Tags: 2019

@workshop{Rahimian19priml,

title = {Differential Privacy Defenses and Sampling Attacks for Membership Inference},

author = {Shadi Rahimian and Tribhuvanesh Orekondy and Mario Fritz},

url = {https://priml-workshop.github.io/priml2019/papers/PriML2019_paper_47.pdf},

year  = {2019},

date = {2019-12-14},

booktitle = {NeurIPS Workshop on Privacy in Machine Learning (PRIML)},

keywords = {2019},

pubstate = {published},

tppubtype = {workshop}

}

Close

• https://priml-workshop.github.io/priml2019/papers/PriML2019_paper_47.pdf

Close

Ahmed Salem; Apratim Bhattacharyya; Michael Backes; Mario Fritz; Yang Zhang

Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning Workshop

Hot Topics in Privacy Enhancing Technologies (HotPETs), 2019.

Links | BibTeX | Tags: 2019

@workshop{salem19hotpet,

title = {Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning},

author = {Ahmed Salem and Apratim Bhattacharyya and Michael Backes and Mario Fritz and Yang Zhang},

url = {https://arxiv.org/abs/1904.01067

https://arxiv.org/pdf/1904.01067.pdf},

year  = {2019},

date = {2019-07-19},

urldate = {2019-07-19},

booktitle = {Hot Topics in Privacy Enhancing Technologies (HotPETs)},

keywords = {2019},

pubstate = {published},

tppubtype = {workshop}

}

Close

• https://arxiv.org/abs/1904.01067
• https://arxiv.org/pdf/1904.01067.pdf

Close

Rakibul Hasan; David Crandall; Mario Fritz; Apu Kapadia

Understanding and Recognizing Bystanders in Images for Privacy Protection Workshop

Privacy, Usability, and Transparency (PUT) @ PETs, 2019.

Links | BibTeX | Tags: 2019

@workshop{hasan19put,

title = {Understanding and Recognizing Bystanders in Images for Privacy Protection},

author = {Rakibul Hasan and David Crandall and Mario Fritz and Apu Kapadia},

url = {https://petsymposium.org/2019/files/workshop/abstracts/PUT_2019_paper_15.pdf},

year  = {2019},

date = {2019-07-15},

urldate = {2019-07-15},

booktitle = {Privacy, Usability, and Transparency (PUT) @ PETs},

keywords = {2019},

pubstate = {published},

tppubtype = {workshop}

}

Close

• https://petsymposium.org/2019/files/workshop/abstracts/PUT_2019_paper_15.pdf

Close