Google Scholar 
Semantic Scholar

My group is working on Trustworthy Information Processing with a focus on the intersection of AI & Machine Learning with Security & Privacy.

Recent projects and initiatives related to health, privacy, AI:

• Leading Scientist
  Helmholtz Medical Security, Privacy, and AI Research Center (HMSP)
• Coordinator and PI
  Trustworthy Federated Data Analytics Project (TFDA)
• Coordinator and PI
  Protecting Genetic Data with Synthetic Cohorts from Deep Generative Models (PRO-GENE-GEN)
• Partner-PI
  The German Human Genome-Phenome Archive (GHGA)
• Member of working group in “Forum Gesundheit” of BMBF
  “AG Nutzbarmachung digitaler Daten für KI-Entwicklungen in der Gesundheitsforschung”

Recent work on DeepFake detecting, attribution, watermarking and responsible disclosure:

• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• ICCV’19: Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints

Recent publications:

• IJCV’21: Semantic Bottlenecks: Quantifying and Improving Inspectability of Deep Representations
• CCS-W’21: Differential Privacy Defenses and Sampling Attacks for Membership Inference
• CCS-W’21: “What’s in the box?!”: Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models
• PKDD-W’21: IReEn: Reverse-Engineering of Black-Box Functions via Iterative Neural Program Synthesis
• PKDD-W’21: SampleFix: Learning to Generate Functionally Diverse Fixes
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• ICCV’21: Dual Contrastive Loss and Attention for GANs
• EXCLI’21: Privacy Considerations for Sharing Genomics Data
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• CVPR’21: Convolutional Dynamic Alignment Networks for Interpretable Classifications
• CVPR’21: Euro-PVI: Pedestrian Vehicle Interactions in Dense Urban Centers
• CVPR-W’21: MLCapsule: Guarded Offline Deployment of Machine Learning as a Service
• CVPR-W’21: InfoScrub: Towards Attribute Privacy by Targeted Obfuscation
• WACV’21: Future Moment Assessment for Action Query

• NeurIPS’20: GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators
• NeurIPS-W’20: SampleFix: Learning to Correct Programs by Sampling Diverse Fixes
• NeurIPS-W’20: IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis
• NeurIPS-W’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• CCS’20: VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
• CCS’20: GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs
• S&P’20: Automatically Detecting Bystanders in Photos to Reduce Privacy Risks
• USENIX Security’20: Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning
• ICLR’20: Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks
• CVPR’20: Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing
• CVPR’20: Normalizing Flows with Multi-scale Autoregressive Priors
• ECCV’20: Towards Automated Testing and Robustification by Semantic Adversarial Data Generation
• ECCV’20: Inclusive GAN: Improving Data and Minority Coverage in Generative Models
• ECCV’20: Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation
• ECCV-W’20: Body Shape Privacy in Images: Understanding Privacy and Preventing Automatic Shape Extraction
• ECCV-W’20: Synthetic Convolutional Features for Improved Semantic Segmentation
• NEUCOM’20: Deep gaze pooling: Inferring and visually decoding search intents from human gaze fixations
• GCPR’20: Semantic Bottlenecks: Quantifying & Improving Inspectability of Deep Representations
• GCPR’20: Long-Tailed Recognition Using Class-Balanced Experts
• GCPR’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• TPAMI’20: Person Recognition in Personal Photo Collections
• Explainable AI Book: Towards reverse-engineering black-box neural networks

Most recent work on ArXiv:

• ArXiv’21: Backdoor Attacks on Network Certification via Data Poisoning
• ArXiv’21: ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models
• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ArXiv’20: CosSGD: Nonlinear Quantization for Communication-efficient Federated Learning

News, talks, events:

• Recent program committees: ICML’21, NeurIPS’22, S&P’22, EuroS&P’22, CVPR’22 (AC)
• Runner-up Inria/CNIL Privacy Protection Prize 2020
  S&P’20 paper: “Automatically Detecting Bystanders in Photos to Reduce Privacy Risks”
• Co-Organizers of ICLR’21 Workshop on “Synthetic Data Generation – Quality, Privacy, Bias”
• Co-Organizers of CVPR’21 Workshop on “QuoVadis: Interdisciplinary, Socio-Technical Workshop on the Future of Computer Vision and Pattern Recognition (QuoVadis-CVPR)”
• Co-Organizers of CVPR’21 Workshop on “Causality in Vision”
• Founding member of Saarbrücken Artificial Intelligence & Machine Learning (SAM) unit of the European Laboratory of Learning and Intelligent Systems (ELLIS)
• Lecturer at Digital CISPA Summer School 2020
• Co-Organizer of Third International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at ECCV 2020
• Co-Organizer: 4. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’20
• Keynote at Workshop Machine Learning for Cybersecurity, ECMLPKDD’19
• Talk at Cyber Defense Campus (CYD) Conference on Artificial Intelligence in Defence and Security
• Co-Organizer of Second International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at CVPR 2019
• Co-Organizer: 3. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’19
• Leading scientist at new Helmholtz Medical Security and Privacy Research Center
• Member of ACM Technical Policy Committee Europe
• Mateusz Malinowski received the DAGM MVTec dissertation award as well as the Dr.-Eduard-Martin award for his PhD
• Associate Editor for IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI)

Show all

2020
Inproceedings
	Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks Inproceedings International Conference on Representation Learning (ICLR), 2020. Links | BibTeX | Tags: 2019 @inproceedings{orekondy20iclr, title = {Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks}, author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz}, url = {https://arxiv.org/abs/1906.10908 https://arxiv.org/pdf/1906.10908.pdf}, year = {2020}, date = {2020-04-30}, booktitle = {International Conference on Representation Learning (ICLR)}, type = {arXiv:1906.10908 }, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/1906.10908 https://arxiv.org/pdf/1906.10908.pdf Close
Technical Reports
	Hui-Po Wang; Tribhuvanesh Orekondy; Mario Fritz InfoScrub: Towards Attribute Privacy by Targeted Obfuscation Technical Report arXiv:2005.10329 , 2020. Links | BibTeX | Tags: 2019 @techreport{wang20arxiv, title = {InfoScrub: Towards Attribute Privacy by Targeted Obfuscation}, author = {Hui-Po Wang and Tribhuvanesh Orekondy and Mario Fritz}, url = {https://arxiv.org/abs/2005.10329 https://arxiv.org/pdf/2005.10329.pdf }, year = {2020}, date = {2020-05-20}, type = {arXiv:2005.10329 }, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2005.10329 https://arxiv.org/pdf/2005.10329.pdf Close
Workshops
	Hossein Hajipour; Apratim Bhattacharyya; Mario Fritz SampleFix: Learning to Correct Programs by Sampling Diverse Fixes Workshop NeurIPS Workshop on Computer-Assisted Programming, 2020. Links | BibTeX | Tags: 2019, 2020 @workshop{hajipour20neuripscap, title = {SampleFix: Learning to Correct Programs by Sampling Diverse Fixes}, author = {Hossein Hajipour and Apratim Bhattacharyya and Mario Fritz}, url = {https://arxiv.org/abs/1906.10502 https://arxiv.org/pdf/1906.10502.pdf}, year = {2020}, date = {2020-12-06}, booktitle = {NeurIPS Workshop on Computer-Assisted Programming}, keywords = {2019, 2020}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/1906.10502 https://arxiv.org/pdf/1906.10502.pdf Close
2019
Journal Articles
	Xucong Zhang; Yusuke Sugano; Mario Fritz; Andreas Bulling MPIIGaze: Real-World Dataset and Deep Appearance-Based Gaze Estimation Journal Article Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2019. Links | BibTeX | Tags: 2017, 2018, 2019 @article{xucong19tpami, title = {MPIIGaze: Real-World Dataset and Deep Appearance-Based Gaze Estimation}, author = {Xucong Zhang and Yusuke Sugano and Mario Fritz and Andreas Bulling}, url = {https://arxiv.org/abs/1711.09017 https://arxiv.org/pdf/1711.09017.pdf}, year = {2019}, date = {2019-02-04}, journal = {Transactions on Pattern Analysis and Machine Intelligence (TPAMI)}, keywords = {2017, 2018, 2019}, pubstate = {published}, tppubtype = {article} } Close https://arxiv.org/abs/1711.09017 https://arxiv.org/pdf/1711.09017.pdf Close
Incollections
	Seong Joon Oh; Bernt Schiele; Mario Fritz Towards reverse-engineering black-box neural networks Incollection Explainable AI: Interpreting, Explaining and Visualizing Deep Learning, 2019. Links | BibTeX | Tags: 2019 @incollection{oh20xai, title = {Towards reverse-engineering black-box neural networks}, author = {Seong Joon Oh and Bernt Schiele and Mario Fritz}, url = {https://link.springer.com/chapter/10.1007/978-3-030-28954-6_7}, year = {2019}, date = {2019-09-10}, booktitle = {Explainable AI: Interpreting, Explaining and Visualizing Deep Learning}, keywords = {2019}, pubstate = {published}, tppubtype = {incollection} } Close https://link.springer.com/chapter/10.1007/978-3-030-28954-6_7 Close
Inproceedings
	Ning Yu; Larry Davis; Mario Fritz Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints Inproceedings International Conference on Computer Vision (ICCV), 2019. Links | BibTeX | Tags: 2019 @inproceedings{yu19iccv, title = {Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints}, author = {Ning Yu and Larry Davis and Mario Fritz}, url = {//arxiv.org/abs/1811.08180 //arxiv.org/pdf/1811.08180.pdf }, year = {2019}, date = {2019-10-30}, booktitle = {International Conference on Computer Vision (ICCV)}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close //arxiv.org/abs/1811.08180 //arxiv.org/pdf/1811.08180.pdf Close
	Maxim Maximov; Tobias Ritschel; Laura Leal-Taixe; Mario Fritz Deep Appearance Maps Inproceedings International Conference on Computer Vision (ICCV), 2019. Links | BibTeX | Tags: 2019 @inproceedings{maximov19iccv, title = {Deep Appearance Maps}, author = {Maxim Maximov and Tobias Ritschel and Laura Leal-Taixe and Mario Fritz}, url = {//arxiv.org/abs/1804.00863 //arxiv.org/pdf/1804.00863.pdf}, year = {2019}, date = {2019-10-29}, booktitle = {International Conference on Computer Vision (ICCV)}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close //arxiv.org/abs/1804.00863 //arxiv.org/pdf/1804.00863.pdf Close
	Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz Knockoff Nets: Stealing Functionality of Black-Box Models Inproceedings IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2019. Links | BibTeX | Tags: 2019 @inproceedings{orekondy19cvpr, title = {Knockoff Nets: Stealing Functionality of Black-Box Models }, author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz}, url = {preliminary version: https://arxiv.org/abs/1812.02766 https://arxiv.org/pdf/1812.02766}, year = {2019}, date = {2019-06-18}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close preliminary version: https://arxiv.org/abs/1812.02766 https://arxiv.org/pdf/1812.02766 Close
	Rakshith Shetty; Bernt Schiele; Mario Fritz Not Using the Car to See the Sidewalk: Quantifying and Controlling the Effects of Context in Classification and Segmentation Inproceedings IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2019. Links | BibTeX | Tags: 2019 @inproceedings{shetty19cvpr, title = {Not Using the Car to See the Sidewalk: Quantifying and Controlling the Effects of Context in Classification and Segmentation}, author = {Rakshith Shetty and Bernt Schiele and Mario Fritz}, url = {preliminary version: https://arxiv.org/abs/1812.06707 https://arxiv.org/pdf/1812.06707.pdf}, year = {2019}, date = {2019-06-17}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close preliminary version: https://arxiv.org/abs/1812.06707 https://arxiv.org/pdf/1812.06707.pdf Close
	Qiuhong Ke; Mario Fritz; Bernt Schiele Time-Conditioned Action Anticipation in One Shot Inproceedings IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2019. BibTeX | Tags: 2019 @inproceedings{ke19cvpr, title = {Time-Conditioned Action Anticipation in One Shot}, author = {Qiuhong Ke and Mario Fritz and Bernt Schiele}, year = {2019}, date = {2019-06-16}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close
	Apratim Bhattacharyya; Mario Fritz; Bernt Schiele Bayesian Prediction of Future Street Scenes using Synthetic Likelihoods Inproceedings International Conference on Representation Learning (ICLR), 2019. Links | BibTeX | Tags: 2019 @inproceedings{apratim19iclr, title = {Bayesian Prediction of Future Street Scenes using Synthetic Likelihoods}, author = {Apratim Bhattacharyya and Mario Fritz and Bernt Schiele}, url = {https://arxiv.org/abs/1810.00746 https://arxiv.org/pdf/1810.00746.pdf}, year = {2019}, date = {2019-05-06}, booktitle = {International Conference on Representation Learning (ICLR)}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/1810.00746 https://arxiv.org/pdf/1810.00746.pdf Close
	Ahmed Salem; Yang Zhang; Mathias Humbert; Mario Fritz; Michael Backes ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models Inproceedings Annual Network and Distributed System Security Symposium (NDSS), 2019, (to appear). Links | BibTeX | Tags: 2019 @inproceedings{ndss19salem, title = {ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models}, author = {Ahmed Salem and Yang Zhang and Mathias Humbert and Mario Fritz and Michael Backes}, url = {preliminary: https://arxiv.org/abs/1806.01246 https://arxiv.org/pdf/1806.01246.pdf }, year = {2019}, date = {2019-02-24}, booktitle = {Annual Network and Distributed System Security Symposium (NDSS)}, note = {to appear}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close preliminary: https://arxiv.org/abs/1806.01246 https://arxiv.org/pdf/1806.01246.pdf Close
	Hosnieh Sattar; Gerard Pons-Moll; Mario Fritz Fashion is Taking Shape: Understanding Clothing Preference Based on Body Shape From Online Sources Inproceedings IEEE Winter Conference on Applications of Computer Vision (WACV), 2019, (to appear). Links | BibTeX | Tags: 2019 @inproceedings{sattar19wacv, title = {Fashion is Taking Shape: Understanding Clothing Preference Based on Body Shape From Online Sources }, author = {Hosnieh Sattar and Gerard Pons-Moll and Mario Fritz}, url = {preliminary: //arxiv.org/abs/1807.03235 //arxiv.org/pdf/1807.03235.pdf}, year = {2019}, date = {2019-01-08}, booktitle = {IEEE Winter Conference on Applications of Computer Vision (WACV)}, note = {to appear}, keywords = {2019}, pubstate = {published}, tppubtype = {inproceedings} } Close preliminary: //arxiv.org/abs/1807.03235 //arxiv.org/pdf/1807.03235.pdf Close
Technical Reports
	Yang He; Shadi Rahimian; Bernt Schiele; Mario Fritz Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation Technical Report arXiv:1912.09685, 2019. Links | BibTeX | Tags: 2019, 2020 @techreport{he19arxiv, title = {Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation}, author = {Yang He and Shadi Rahimian and Bernt Schiele and Mario Fritz}, url = {https://arxiv.org/abs/1912.09685 https://arxiv.org/pdf/1912.09685.pdf}, year = {2019}, date = {2019-12-19}, type = {arXiv:1912.09685}, keywords = {2019, 2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1912.09685 https://arxiv.org/pdf/1912.09685.pdf Close
	Vedika Agarwal; Rakshith Shetty; Mario Fritz Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing Technical Report 2019. Links | BibTeX | Tags: 2019, 2020 @techreport{agarwal19arxiv, title = {Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing}, author = {Vedika Agarwal and Rakshith Shetty and Mario Fritz }, url = {https://arxiv.org/abs/1912.07538 https://arxiv.org/pdf/1912.07538.pdf}, year = {2019}, date = {2019-12-16}, keywords = {2019, 2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1912.07538 https://arxiv.org/pdf/1912.07538.pdf Close
	Apratim Bhattacharyya; Mario Fritz; Bernt Schiele "Best-of-Many-Samples" Distribution Matching Technical Report arXiv:1909.12598, 2019. Links | BibTeX | Tags: 2019 @techreport{bhattacharyya19arxivb, title = {"Best-of-Many-Samples" Distribution Matching}, author = {Apratim Bhattacharyya and Mario Fritz and Bernt Schiele}, url = {//arxiv.org/abs/1909.12598 //arxiv.org/pdf/1909.12598.pdf}, year = {2019}, date = {2019-09-27}, type = {arXiv:1909.12598}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close //arxiv.org/abs/1909.12598 //arxiv.org/pdf/1909.12598.pdf Close
	Dingfan Chen; Ning Yu; Yang Zhang; Mario Fritz GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs Technical Report arXiv:1909.03935, 2019. Links | BibTeX | Tags: 2019 @techreport{chen19arxiv, title = {GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs}, author = {Dingfan Chen and Ning Yu and Yang Zhang and Mario Fritz}, url = {https://arxiv.org/abs/1909.03935 https://arxiv.org/pdf/1909.03935.pdf}, year = {2019}, date = {2019-09-09}, type = {arXiv:1909.03935}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1909.03935 https://arxiv.org/pdf/1909.03935.pdf Close
	Sahar Abdelnabi; Katharina Krombholz; Mario Fritz WhiteNet: Phishing Website Detection by Visual Whitelists Technical Report arXiv:1909.00300, 2019. Links | BibTeX | Tags: 2019 @techreport{abdelnabi19arxiv, title = {WhiteNet: Phishing Website Detection by Visual Whitelists}, author = {Sahar Abdelnabi and Katharina Krombholz and Mario Fritz}, url = {https://arxiv.org/abs/1909.00300 https://arxiv.org/pdf/1909.00300.pdf}, year = {2019}, date = {2019-09-01}, type = {arXiv:1909.00300}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1909.00300 https://arxiv.org/pdf/1909.00300.pdf Close
	Apratim Bhattacharyya; Michael Hanselmann; Mario Fritz; Bernt Schiele; Christoph-Nikolas Straehle Conditional Flow Variational Autoencoders for Structured Sequence Prediction Technical Report arXiv:1908.09008, 2019. Links | BibTeX | Tags: 2019 @techreport{bhattacharyya19arxiv, title = {Conditional Flow Variational Autoencoders for Structured Sequence Prediction}, author = {Apratim Bhattacharyya and Michael Hanselmann and Mario Fritz and Bernt Schiele and Christoph-Nikolas Straehle}, url = {https://arxiv.org/abs/1908.09008 https://arxiv.org/pdf/1908.09008.pdf}, year = {2019}, date = {2019-08-24}, type = {arXiv:1908.09008}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1908.09008 https://arxiv.org/pdf/1908.09008.pdf Close
	Max Losch; Mario Fritz; Bernt Schiele Interpretability Beyond Classification Output: Semantic Bottleneck Networks Technical Report arXiv:1907.10882 , 2019. Links | BibTeX | Tags: 2019 @techreport{losch19arxiv, title = {Interpretability Beyond Classification Output: Semantic Bottleneck Networks}, author = {Max Losch and Mario Fritz and Bernt Schiele}, url = {//arxiv.org/abs/1907.10882 //arxiv.org/pdf/1907.10882.pdf}, year = {2019}, date = {2019-07-25}, type = {arXiv:1907.10882 }, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close //arxiv.org/abs/1907.10882 //arxiv.org/pdf/1907.10882.pdf Close
	Tribhuvanesh Orekondy; Bernt Schiele; Mario Fritz Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks Technical Report 2019. Links | BibTeX | Tags: 2019 @techreport{orekondy19arxiv, title = {Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks}, author = {Tribhuvanesh Orekondy and Bernt Schiele and Mario Fritz}, url = {https://arxiv.org/abs/1906.10908 https://arxiv.org/pdf/1906.10908.pdf}, year = {2019}, date = {2019-06-26}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1906.10908 https://arxiv.org/pdf/1906.10908.pdf Close
	Hossein Hajipour; Apratim Bhattacharyya; Mario Fritz SampleFix: Learning to Correct Programs by Sampling Diverse Fixes Technical Report arXiv:1906.10502, 2019. Links | BibTeX | Tags: 2019 @techreport{hajipour19arxiv, title = {SampleFix: Learning to Correct Programs by Sampling Diverse Fixes}, author = {Hossein Hajipour and Apratim Bhattacharyya and Mario Fritz}, url = {//arxiv.org/abs/1906.10502 //arxiv.org/pdf/1906.10502.pdf}, year = {2019}, date = {2019-06-24}, type = {arXiv:1906.10502}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close //arxiv.org/abs/1906.10502 //arxiv.org/pdf/1906.10502.pdf Close
	Hosnieh Sattar; Katharina Krombholz; Gerard Pons-Moll; Mario Fritz Shape Evasion: Preventing Body Shape Inference of Multi-Stage Approaches Technical Report arXiv:1905.11503 , 2019. Links | BibTeX | Tags: 2019 @techreport{sattar19arxiv, title = {Shape Evasion: Preventing Body Shape Inference of Multi-Stage Approaches}, author = {Hosnieh Sattar and Katharina Krombholz and Gerard Pons-Moll and Mario Fritz}, url = {//arxiv.org/abs/1905.11503 //arxiv.org/pdf/1905.11503.pdf}, year = {2019}, date = {2019-05-30}, type = {arXiv:1905.11503 }, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close //arxiv.org/abs/1905.11503 //arxiv.org/pdf/1905.11503.pdf Close
	Wenbin Li; Ales Leonardis; Jeannette Bohg; Mario Fritz Learning Manipulation under Physics Constraints with Visual Perception Technical Report 2019. Links | BibTeX | Tags: 2019 @techreport{li19arxiv, title = {Learning Manipulation under Physics Constraints with Visual Perception}, author = {Wenbin Li and Ales Leonardis and Jeannette Bohg and Mario Fritz}, url = {//arxiv.org/abs/1904.09860 //arxiv.org/pdf/1904.09860.pdf }, year = {2019}, date = {2019-04-19}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close //arxiv.org/abs/1904.09860 //arxiv.org/pdf/1904.09860.pdf Close
	Ahmed Salem; Apratim Bhattacharyya; Michael Backes; Mario Fritz; Yang Zhang Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning Technical Report 2019. Links | BibTeX | Tags: 2019 @techreport{salem19arxiv, title = {Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning}, author = {Ahmed Salem and Apratim Bhattacharyya and Michael Backes and Mario Fritz and Yang Zhang}, url = {//arxiv.org/abs/1904.01067 //arxiv.org/pdf/1904.01067.pdf}, year = {2019}, date = {2019-04-03}, journal = {arXiv:1904.01067}, keywords = {2019}, pubstate = {published}, tppubtype = {techreport} } Close //arxiv.org/abs/1904.01067 //arxiv.org/pdf/1904.01067.pdf Close
Workshops
	Shadi Rahimian; Tribhuvanesh Orekondy; Mario Fritz Differential Privacy Defenses and Sampling Attacks for Membership Inference Workshop NeurIPS Workshop on Privacy in Machine Learning (PRIML), 2019. Links | BibTeX | Tags: 2019 @workshop{Rahimian19priml, title = {Differential Privacy Defenses and Sampling Attacks for Membership Inference}, author = {Shadi Rahimian and Tribhuvanesh Orekondy and Mario Fritz}, url = {https://priml-workshop.github.io/priml2019/papers/PriML2019_paper_47.pdf}, year = {2019}, date = {2019-12-14}, booktitle = {NeurIPS Workshop on Privacy in Machine Learning (PRIML)}, keywords = {2019}, pubstate = {published}, tppubtype = {workshop} } Close https://priml-workshop.github.io/priml2019/papers/PriML2019_paper_47.pdf Close
	Ahmed Salem; Apratim Bhattacharyya; Michael Backes; Mario Fritz; Yang Zhang Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning Workshop Hot Topics in Privacy Enhancing Technologies (HotPETs), 2019. Links | BibTeX | Tags: 2019 @workshop{salem19hotpet, title = {Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning}, author = {Ahmed Salem and Apratim Bhattacharyya and Michael Backes and Mario Fritz and Yang Zhang}, url = {https://arxiv.org/abs/1904.01067 https://arxiv.org/pdf/1904.01067.pdf}, year = {2019}, date = {2019-07-19}, booktitle = {Hot Topics in Privacy Enhancing Technologies (HotPETs)}, keywords = {2019}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/1904.01067 https://arxiv.org/pdf/1904.01067.pdf Close
	Rakibul Hasan; David Crandall; Mario Fritz; Apu Kapadia Understanding and Recognizing Bystanders in Images for Privacy Protection Workshop Privacy, Usability, and Transparency (PUT) @ PETs, 2019. Links | BibTeX | Tags: 2019 @workshop{hasan19put, title = {Understanding and Recognizing Bystanders in Images for Privacy Protection}, author = {Rakibul Hasan and David Crandall and Mario Fritz and Apu Kapadia}, url = {https://petsymposium.org/2019/files/workshop/abstracts/PUT_2019_paper_15.pdf}, year = {2019}, date = {2019-07-15}, booktitle = {Privacy, Usability, and Transparency (PUT) @ PETs}, keywords = {2019}, pubstate = {published}, tppubtype = {workshop} } Close https://petsymposium.org/2019/files/workshop/abstracts/PUT_2019_paper_15.pdf Close