Google Scholar 
Semantic Scholar

My group is working on Trustworthy Information Processing with a focus on the intersection of AI & Machine Learning with Security & Privacy.

Recent projects and initiatives related to health, privacy, AI:

• Leading Scientist
  Helmholtz Medical Security, Privacy, and AI Research Center (HMSP)
• Coordinator and PI
  Trustworthy Federated Data Analytics Project (TFDA)
• Coordinator and PI
  Protecting Genetic Data with Synthetic Cohorts from Deep Generative Models (PRO-GENE-GEN)
• Partner-PI
  The German Human Genome-Phenome Archive (GHGA)
• Member of working group in “Forum Gesundheit” of BMBF
  “AG Nutzbarmachung digitaler Daten für KI-Entwicklungen in der Gesundheitsforschung”

Recent work on DeepFake detecting, attribution, watermarking and responsible disclosure:

• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• ICCV’19: Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints

Recent publications:

• IJCV’21: Semantic Bottlenecks: Quantifying and Improving Inspectability of Deep Representations
• CCS-W’21: Differential Privacy Defenses and Sampling Attacks for Membership Inference
• CCS-W’21: “What’s in the box?!”: Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models
• PKDD-W’21: IReEn: Reverse-Engineering of Black-Box Functions via Iterative Neural Program Synthesis
• PKDD-W’21: SampleFix: Learning to Generate Functionally Diverse Fixes
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• ICCV’21: Dual Contrastive Loss and Attention for GANs
• EXCLI’21: Privacy Considerations for Sharing Genomics Data
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• CVPR’21: Convolutional Dynamic Alignment Networks for Interpretable Classifications
• CVPR’21: Euro-PVI: Pedestrian Vehicle Interactions in Dense Urban Centers
• CVPR-W’21: MLCapsule: Guarded Offline Deployment of Machine Learning as a Service
• CVPR-W’21: InfoScrub: Towards Attribute Privacy by Targeted Obfuscation
• WACV’21: Future Moment Assessment for Action Query

• NeurIPS’20: GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators
• NeurIPS-W’20: SampleFix: Learning to Correct Programs by Sampling Diverse Fixes
• NeurIPS-W’20: IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis
• NeurIPS-W’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• CCS’20: VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
• CCS’20: GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs
• S&P’20: Automatically Detecting Bystanders in Photos to Reduce Privacy Risks
• USENIX Security’20: Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning
• ICLR’20: Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks
• CVPR’20: Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing
• CVPR’20: Normalizing Flows with Multi-scale Autoregressive Priors
• ECCV’20: Towards Automated Testing and Robustification by Semantic Adversarial Data Generation
• ECCV’20: Inclusive GAN: Improving Data and Minority Coverage in Generative Models
• ECCV’20: Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation
• ECCV-W’20: Body Shape Privacy in Images: Understanding Privacy and Preventing Automatic Shape Extraction
• ECCV-W’20: Synthetic Convolutional Features for Improved Semantic Segmentation
• NEUCOM’20: Deep gaze pooling: Inferring and visually decoding search intents from human gaze fixations
• GCPR’20: Semantic Bottlenecks: Quantifying & Improving Inspectability of Deep Representations
• GCPR’20: Long-Tailed Recognition Using Class-Balanced Experts
• GCPR’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• TPAMI’20: Person Recognition in Personal Photo Collections
• Explainable AI Book: Towards reverse-engineering black-box neural networks

Most recent work on ArXiv:

• ArXiv’21: Backdoor Attacks on Network Certification via Data Poisoning
• ArXiv’21: ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models
• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ArXiv’20: CosSGD: Nonlinear Quantization for Communication-efficient Federated Learning

News, talks, events:

• Recent program committees: ICML’21, NeurIPS’22, S&P’22, EuroS&P’22, CVPR’22 (AC)
• Runner-up Inria/CNIL Privacy Protection Prize 2020
  S&P’20 paper: “Automatically Detecting Bystanders in Photos to Reduce Privacy Risks”
• Co-Organizers of ICLR’21 Workshop on “Synthetic Data Generation – Quality, Privacy, Bias”
• Co-Organizers of CVPR’21 Workshop on “QuoVadis: Interdisciplinary, Socio-Technical Workshop on the Future of Computer Vision and Pattern Recognition (QuoVadis-CVPR)”
• Co-Organizers of CVPR’21 Workshop on “Causality in Vision”
• Founding member of Saarbrücken Artificial Intelligence & Machine Learning (SAM) unit of the European Laboratory of Learning and Intelligent Systems (ELLIS)
• Lecturer at Digital CISPA Summer School 2020
• Co-Organizer of Third International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at ECCV 2020
• Co-Organizer: 4. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’20
• Keynote at Workshop Machine Learning for Cybersecurity, ECMLPKDD’19
• Talk at Cyber Defense Campus (CYD) Conference on Artificial Intelligence in Defence and Security
• Co-Organizer of Second International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at CVPR 2019
• Co-Organizer: 3. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’19
• Leading scientist at new Helmholtz Medical Security and Privacy Research Center
• Member of ACM Technical Policy Committee Europe
• Mateusz Malinowski received the DAGM MVTec dissertation award as well as the Dr.-Eduard-Martin award for his PhD
• Associate Editor for IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI)

Show all

2020
Journal Articles
	Seong Joon Oh; Rodrigo Benenson; Mario Fritz; Bernt Schiele Person Recognition in Personal Photo Collections Journal Article IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 2020. Links | BibTeX | Tags: 2020 @article{oh20tpami, title = { Person Recognition in Personal Photo Collections }, author = {Seong Joon Oh and Rodrigo Benenson and Mario Fritz and Bernt Schiele}, url = {https://ieeexplore.ieee.org/document/8519337?source=authoralert}, year = {2020}, date = {2020-01-01}, journal = {IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI)}, keywords = {2020}, pubstate = {published}, tppubtype = {article} } Close https://ieeexplore.ieee.org/document/8519337?source=authoralert Close
	Hosnieh Sattar; Mario Fritz; Andreas Bulling Deep Gaze Pooling: Inferring and Visually Decoding Search Intents From Human Gaze Fixations Journal Article Neurocomputing, 387 , pp. 369–382, 2020. Links | BibTeX | Tags: 2020 @article{sattar20_neurocomp, title = {Deep Gaze Pooling: Inferring and Visually Decoding Search Intents From Human Gaze Fixations}, author = {Hosnieh Sattar and Mario Fritz and Andreas Bulling}, url = {https://www.perceptualui.org/publications/sattar20_neurocomp.pdf}, doi = {10.1016/j.neucom.2020.01.028}, year = {2020}, date = {2020-01-01}, journal = {Neurocomputing}, volume = {387}, pages = {369–382}, keywords = {2020}, pubstate = {published}, tppubtype = {article} } Close https://www.perceptualui.org/publications/sattar20_neurocomp.pdf doi:10.1016/j.neucom.2020.01.028 Close
Inproceedings
	Dingfan Chen; Tribhuvanesh Orekondy; Mario Fritz GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators Inproceedings Neural Information Processing Systems (NeurIPS), 2020. Links | BibTeX | Tags: 2020 @inproceedings{neurips20chen, title = {GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators}, author = {Dingfan Chen and Tribhuvanesh Orekondy and Mario Fritz}, url = {https://arxiv.org/abs/2006.08265 https://arxiv.org/pdf/2006.08265.pdf}, year = {2020}, date = {2020-12-06}, booktitle = {Neural Information Processing Systems (NeurIPS)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/2006.08265 https://arxiv.org/pdf/2006.08265.pdf Close
	Dingfan Chen; Ning Yu; Yang Zhang; Mario Fritz GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs Inproceedings ACM Conference on Computer and Communications Security (CCS) , 2020. Links | BibTeX | Tags: 2020 @inproceedings{chen20ccs, title = {GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs}, author = {Dingfan Chen and Ning Yu and Yang Zhang and Mario Fritz}, url = {https://arxiv.org/abs/1909.03935 https://arxiv.org/pdf/1909.03935.pdf}, year = {2020}, date = {2020-11-09}, booktitle = {ACM Conference on Computer and Communications Security (CCS) }, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/1909.03935 https://arxiv.org/pdf/1909.03935.pdf Close
	Sahar Abdelnabi; Katharina Krombholz; Mario Fritz VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity Inproceedings ACM Conference on Computer and Communications Security (CCS) , 2020. Links | BibTeX | Tags: 2020 @inproceedings{abdelnabi20ccs, title = {VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity}, author = {Sahar Abdelnabi and Katharina Krombholz and Mario Fritz}, url = {https://arxiv.org/abs/1909.00300 https://arxiv.org/pdf/1909.00300.pdf}, year = {2020}, date = {2020-11-09}, booktitle = {ACM Conference on Computer and Communications Security (CCS) }, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/1909.00300 https://arxiv.org/pdf/1909.00300.pdf Close
	Apratim Bhattacharyya; Christoph-Nikolas Straehle; Mario Fritz; Bernt Schiele Haar Wavelet based Block Autoregressive Flows for Trajectories Inproceedings German Conference on Pattern Recognition (GCPR), 2020. Links | BibTeX | Tags: 2020 @inproceedings{gcpr20bhattacharyya, title = {Haar Wavelet based Block Autoregressive Flows for Trajectories}, author = {Apratim Bhattacharyya and Christoph-Nikolas Straehle and Mario Fritz and Bernt Schiele}, url = {https://unitc-my.sharepoint.com/personal/iigaf01_cloud_uni-tuebingen_de/Documents/gcpr_vmv_vcbm/gcpr/preprints/Apratim_Bhattacharyy_gcpr_0067_v01.pdf?originalPath=aHR0cHM6Ly91bml0Yy1teS5zaGFyZXBvaW50LmNvbS86YjovZy9wZXJzb25hbC9paWdhZjAxX2Nsb3VkX3VuaS10dWViaW5nZW5fZGUvRVpsOHdqUWRjdXhBa2VpTEo3NmNET3dCd2FQZjZpY2xUSTUxNkJ6VjdmbUV1dz9ydGltZT03YzZyZUgxbzJFZw https://arxiv.org/abs/2009.09878 https://arxiv.org/pdf/2009.09878.pdf}, year = {2020}, date = {2020-09-30}, booktitle = {German Conference on Pattern Recognition (GCPR)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://unitc-my.sharepoint.com/personal/iigaf01_cloud_uni-tuebingen_de/Document[...] https://arxiv.org/abs/2009.09878 https://arxiv.org/pdf/2009.09878.pdf Close
	Saurabh Sharma; Ning Yu; Mario Fritz; Bernt Schiele Long-Tailed Recognition Using Class-Balanced Experts Inproceedings German Conference on Pattern Recognition (GCPR), 2020. Links | BibTeX | Tags: 2020 @inproceedings{gcpr20sharma, title = {Long-Tailed Recognition Using Class-Balanced Experts}, author = {Saurabh Sharma and Ning Yu and Mario Fritz and Bernt Schiele}, url = {https://arxiv.org/abs/2004.03706 https://arxiv.org/pdf/2004.03706.pdf}, year = {2020}, date = {2020-09-29}, booktitle = {German Conference on Pattern Recognition (GCPR)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/2004.03706 https://arxiv.org/pdf/2004.03706.pdf Close
	Max Losch; Mario Fritz; Bernt Schiele Semantic Bottlenecks: Quantifying & Improving Inspectability of Deep Representations Inproceedings German Conference on Patter Recognition (GCPR), 2020. Links | BibTeX | Tags: 2020 @inproceedings{gcpr20losch, title = {Semantic Bottlenecks: Quantifying & Improving Inspectability of Deep Representations}, author = {Max Losch and Mario Fritz and Bernt Schiele}, url = {https://unitc-my.sharepoint.com/personal/iigaf01_cloud_uni-tuebingen_de/Documents/gcpr_vmv_vcbm/gcpr/preprints/gcpr_0028_v01.pdf?originalPath=aHR0cHM6Ly91bml0Yy1teS5zaGFyZXBvaW50LmNvbS86YjovZy9wZXJzb25hbC9paWdhZjAxX2Nsb3VkX3VuaS10dWViaW5nZW5fZGUvRVhYM0ZsVEczS2RGaDZ3aDc4T1FBQWNCSGE5VmJwNWFFeDFZUURiSmZER21rdz9ydGltZT1WR052OUgxbzJFZw}, year = {2020}, date = {2020-09-29}, booktitle = {German Conference on Patter Recognition (GCPR)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://unitc-my.sharepoint.com/personal/iigaf01_cloud_uni-tuebingen_de/Document[...] Close
	Rakshith Shetty; Mario Fritz; Bernt Schiele Towards Automated Testing and Robustification by Semantic Adversarial Data Generation Inproceedings European Conference on Computer Vision (ECCV), 2020. Links | BibTeX | Tags: 2020 @inproceedings{shetty20eccv, title = {Towards Automated Testing and Robustification by Semantic Adversarial Data Generation}, author = {Rakshith Shetty and Mario Fritz and Bernt Schiele}, url = {https://www.ecva.net/papers/eccv_2020/papers_ECCV/papers/123470477.pdf}, year = {2020}, date = {2020-08-23}, booktitle = {European Conference on Computer Vision (ECCV)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://www.ecva.net/papers/eccv_2020/papers_ECCV/papers/123470477.pdf Close
	Ning Yu; Ke Li; Peng Zhou; Jitendra Malik; Larry S. Davis; Mario Fritz Inclusive GAN: Improving Data and Minority Coverage in Generative Models Inproceedings European Conference on Computer Vision (ECCV), 2020. Links | BibTeX | Tags: 2020 @inproceedings{yu20eccv, title = {Inclusive GAN: Improving Data and Minority Coverage in Generative Models}, author = {Ning Yu and Ke Li and Peng Zhou and Jitendra Malik and Larry S. Davis and Mario Fritz}, url = {https://arxiv.org/abs/2004.03355 https://arxiv.org/pdf/2004.03355.pdf}, year = {2020}, date = {2020-08-23}, booktitle = {European Conference on Computer Vision (ECCV)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/2004.03355 https://arxiv.org/pdf/2004.03355.pdf Close
	Yang He; Shadi Rahimian; Bernt Schiele; Mario Fritz Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation Inproceedings European Conference on Computer Vision (ECCV), 2020. Links | BibTeX | Tags: 2020 @inproceedings{he20eccv, title = {Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation}, author = {Yang He and Shadi Rahimian and Bernt Schiele and Mario Fritz}, url = {https://github.com/SSAW14/segmentation_membership_inference https://arxiv.org/abs/1912.09685 https://arxiv.org/pdf/1912.09685.pdf}, year = {2020}, date = {2020-08-23}, booktitle = {European Conference on Computer Vision (ECCV)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://github.com/SSAW14/segmentation_membership_inference https://arxiv.org/abs/1912.09685 https://arxiv.org/pdf/1912.09685.pdf Close
	Ahmed Salem; Apratim Bhattacharyya; Michael Backes; Mario Fritz; Yang Zhang Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning Inproceedings USENIX Security Symposium (USENIX Security 20), 2020. Links | BibTeX | Tags: 2020 @inproceedings{salem20usenix, title = {Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning}, author = {Ahmed Salem and Apratim Bhattacharyya and Michael Backes and Mario Fritz and Yang Zhang}, url = {preliminary version: https://arxiv.org/abs/1904.01067 https://arxiv.org/pdf/1904.01067.pdf}, year = {2020}, date = {2020-08-12}, booktitle = {USENIX Security Symposium (USENIX Security 20)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close preliminary version: https://arxiv.org/abs/1904.01067 https://arxiv.org/pdf/1904.01067.pdf Close
	Vedika Agarwal; Rakshith Shetty; Mario Fritz Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing Inproceedings IEEE Conference on Computer Vision and Pattern Recognition, 2020. Links | BibTeX | Tags: 2020 @inproceedings{agarwal20cvpr, title = {Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing}, author = {Vedika Agarwal and Rakshith Shetty and Mario Fritz }, url = {preliminary version: https://arxiv.org/abs/1912.07538 https://arxiv.org/pdf/1912.07538.pdf https://rakshithshetty.github.io/CausalVQA/}, year = {2020}, date = {2020-06-15}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close preliminary version: https://arxiv.org/abs/1912.07538 https://arxiv.org/pdf/1912.07538.pdf https://rakshithshetty.github.io/CausalVQA/ Close
	Apratim Bhattacharyya; Shweta Mahajan; Mario Fritz; Bernt Schiele; Stefan Roth Normalizing Flows with Multi-scale Autoregressive Priors Inproceedings IEEE Conference on Computer Vision and Pattern Recognition, 2020. Links | BibTeX | Tags: 2020 @inproceedings{apratim20cvpr, title = {Normalizing Flows with Multi-scale Autoregressive Priors}, author = {Apratim Bhattacharyya and Shweta Mahajan and Mario Fritz and Bernt Schiele and Stefan Roth}, url = {https://arxiv.org/abs/2004.03891 https://arxiv.org/pdf/2004.03891.pdf https://github.com/visinf/mar-scf}, year = {2020}, date = {2020-06-14}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://arxiv.org/abs/2004.03891 https://arxiv.org/pdf/2004.03891.pdf https://github.com/visinf/mar-scf Close
	Rakibul Hasan; David Crandall; Mario Fritz; Apu Kapadia Automatically Detecting Bystanders in Photos to Reduce Privacy Risks Inproceedings IEEE Symposium on Security and Privacy (S&P), 2020. Links | BibTeX | Tags: 2020 @inproceedings{hasan20sp, title = {Automatically Detecting Bystanders in Photos to Reduce Privacy Risks}, author = {Rakibul Hasan and David Crandall and Mario Fritz and Apu Kapadia}, url = {https://homes.luddy.indiana.edu/kapadia/papers/hasan-oakland-20-preprint.pdf https://www.youtube.com/watch?v=TDupeMj0bXg https://www.youtube.com/watch?v=uwKM_S8RpTQ }, year = {2020}, date = {2020-05-18}, booktitle = {IEEE Symposium on Security and Privacy (S&P)}, keywords = {2020}, pubstate = {published}, tppubtype = {inproceedings} } Close https://homes.luddy.indiana.edu/kapadia/papers/hasan-oakland-20-preprint.pdf https://www.youtube.com/watch?v=TDupeMj0bXg https://www.youtube.com/watch?v=uwKM_S8RpTQ Close
Technical Reports
	Yang He; Maximilian Zenk; Mario Fritz CosSGD: Nonlinear Quantization for Communication-efficient Federated Learning Technical Report arXiv:2012.08241 , 2020. Links | BibTeX | Tags: 2020 @techreport{yang20arxiv, title = {CosSGD: Nonlinear Quantization for Communication-efficient Federated Learning}, author = {Yang He and Maximilian Zenk and Mario Fritz}, url = {https://arxiv.org/abs/2012.08241 https://arxiv.org/pdf/2012.08241.pdf}, year = {2020}, date = {2020-12-15}, type = {arXiv:2012.08241 }, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2012.08241 https://arxiv.org/pdf/2012.08241.pdf Close
	Ning Yu; Vladislav Skripniuk; Dingfan Chen; Larry Davis; Mario Fritz Responsible Disclosure of Generative Models Using Scalable Fingerprinting Technical Report arXiv:2012.08726 , 2020. Links | BibTeX | Tags: 2020 @techreport{yu20arxiv, title = {Responsible Disclosure of Generative Models Using Scalable Fingerprinting}, author = {Ning Yu and Vladislav Skripniuk and Dingfan Chen and Larry Davis and Mario Fritz}, url = {https://arxiv.org/abs/2012.08726 https://arxiv.org/pdf/2012.08726.pdf}, year = {2020}, date = {2020-12-15}, type = {arXiv:2012.08726 }, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2012.08726 https://arxiv.org/pdf/2012.08726.pdf Close
	Hui-Po Wang; Ning Yu; Mario Fritz Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs Technical Report arXiv:2011.14107 , 2020. Links | BibTeX | Tags: 2020 @techreport{po20arxiv, title = {Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs}, author = {Hui-Po Wang and Ning Yu and Mario Fritz}, url = {https://arxiv.org/abs/2011.14107 https://arxiv.org/pdf/2011.14107.pdf}, year = {2020}, date = {2020-11-28}, type = {arXiv:2011.14107 }, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2011.14107 https://arxiv.org/pdf/2011.14107.pdf Close
	Sahar Abdelnabi; Mario Fritz Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding Technical Report arXiv:2009.03015 [cs.CR], 2020. Links | BibTeX | Tags: 2020 @techreport{abdelnabi20arxiv, title = {Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding}, author = {Sahar Abdelnabi and Mario Fritz}, url = {https://arxiv.org/abs/2009.03015 https://arxiv.org/pdf/2009.03015.pdf}, year = {2020}, date = {2020-09-07}, type = {arXiv:2009.03015 [cs.CR]}, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2009.03015 https://arxiv.org/pdf/2009.03015.pdf Close
	Vladislav Skripniuk; Ning Yu; Sahar Abdelnabi; Mario Fritz Black-Box Watermarking for Generative Adversarial Networks Technical Report arXiv:2007.08457, 2020. Links | BibTeX | Tags: 2020 @techreport{arxiv20skripniuk, title = {Black-Box Watermarking for Generative Adversarial Networks}, author = {Vladislav Skripniuk and Ning Yu and Sahar Abdelnabi and Mario Fritz}, url = {https://arxiv.org/abs/2007.08457 https://arxiv.org/pdf/2007.08457.pdf}, year = {2020}, date = {2020-07-17}, type = {arXiv:2007.08457}, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2007.08457 https://arxiv.org/pdf/2007.08457.pdf Close
	Hossein Hajipour; Mateusz Malinowski; Mario Fritz IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis Technical Report arXiv:2006.10720, 2020. Links | BibTeX | Tags: 2020 @techreport{hajipour20arxiv, title = {IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis}, author = {Hossein Hajipour and Mateusz Malinowski and Mario Fritz}, url = {https://arxiv.org/abs/2006.10720 https://arxiv.org/pdf/2006.10720.pdf}, year = {2020}, date = {2020-06-18}, type = {arXiv:2006.10720}, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2006.10720 https://arxiv.org/pdf/2006.10720.pdf Close
	Dingfan Chen; Tribhuvanesh Orekondy; Mario Fritz GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators Technical Report arXiv:2006.08265 , 2020. Links | BibTeX | Tags: 2020 @techreport{chen20arxiv, title = {GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators}, author = {Dingfan Chen and Tribhuvanesh Orekondy and Mario Fritz}, url = {https://arxiv.org/abs/2006.08265 https://arxiv.org/pdf/2006.08265.pdf}, year = {2020}, date = {2020-06-16}, type = {arXiv:2006.08265 }, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2006.08265 https://arxiv.org/pdf/2006.08265.pdf Close
	Ning Yu; Ke Li; Peng Zhou; Jitendra Malik; Larry Davis; Mario Fritz Inclusive GAN: Improving Data and Minority Coverage in Generative Models Technical Report 2020. Links | BibTeX | Tags: 2020 @techreport{ning20arxiv, title = { Inclusive GAN: Improving Data and Minority Coverage in Generative Models }, author = {Ning Yu and Ke Li and Peng Zhou and Jitendra Malik and Larry Davis and Mario Fritz}, url = {https://arxiv.org/abs/2004.03355 https://arxiv.org/pdf/2004.03355.pdf}, year = {2020}, date = {2020-04-07}, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2004.03355 https://arxiv.org/pdf/2004.03355.pdf Close
	Saurabh Sharma; Ning Yu; Mario Fritz; Bernt Schiele Long-Tailed Recognition Using Class-Balanced Experts Technical Report arXiv:2004.03706 , 2020. Links | BibTeX | Tags: 2020 @techreport{sharma20arxiv, title = {Long-Tailed Recognition Using Class-Balanced Experts}, author = {Saurabh Sharma and Ning Yu and Mario Fritz and Bernt Schiele}, url = {https://arxiv.org/abs/2004.03706 https://arxiv.org/pdf/2004.03706.pdf}, year = {2020}, date = {2020-04-07}, type = {arXiv:2004.03706 }, keywords = {2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/2004.03706 https://arxiv.org/pdf/2004.03706.pdf Close
Workshops
	Hossein Hajipour; Apratim Bhattacharyya; Mario Fritz SampleFix: Learning to Correct Programs by Sampling Diverse Fixes Workshop NeurIPS Workshop on Computer-Assisted Programming, 2020. Links | BibTeX | Tags: 2019, 2020 @workshop{hajipour20neuripscap, title = {SampleFix: Learning to Correct Programs by Sampling Diverse Fixes}, author = {Hossein Hajipour and Apratim Bhattacharyya and Mario Fritz}, url = {https://arxiv.org/abs/1906.10502 https://arxiv.org/pdf/1906.10502.pdf}, year = {2020}, date = {2020-12-06}, booktitle = {NeurIPS Workshop on Computer-Assisted Programming}, keywords = {2019, 2020}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/1906.10502 https://arxiv.org/pdf/1906.10502.pdf Close
	Hossein Hajipour; Mateusz Malinowski; Mario Fritz IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis Workshop NeurIPS Workshop on Computer-Assisted Programming, 2020. Links | BibTeX | Tags: 2020 @workshop{neuripscap20hajipour, title = {IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis}, author = {Hossein Hajipour and Mateusz Malinowski and Mario Fritz}, url = {https://arxiv.org/abs/2006.10720 https://arxiv.org/pdf/2006.10720.pdf}, year = {2020}, date = {2020-12-06}, booktitle = {NeurIPS Workshop on Computer-Assisted Programming}, keywords = {2020}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/2006.10720 https://arxiv.org/pdf/2006.10720.pdf Close
	Apratim Bhattacharyya; Christoph-Nikolas Straehle; Mario Fritz; Bernt Schiele Haar Wavelet based Block Autoregressive Flows for Trajectories Workshop NeurIPS Workshop on Machine Learning for Autonomous Driving, 2020. Links | BibTeX | Tags: 2020 @workshop{neuripsml4ad20apratim, title = {Haar Wavelet based Block Autoregressive Flows for Trajectories}, author = {Apratim Bhattacharyya and Christoph-Nikolas Straehle and Mario Fritz and Bernt Schiele}, url = {https://arxiv.org/abs/2009.09878 https://arxiv.org/pdf/2009.09878.pdf}, year = {2020}, date = {2020-12-06}, booktitle = {NeurIPS Workshop on Machine Learning for Autonomous Driving}, keywords = {2020}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/2009.09878 https://arxiv.org/pdf/2009.09878.pdf Close
	Hosnieh Sattar; Katharina Krombholz; Gerard Pons-Moll; Mario Fritz Body Shape Privacy in Images: Understanding Privacy and Preventing Automatic Shape Extraction Workshop Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security CVCOPS (ECCV-W), 2020. Links | BibTeX | Tags: 2020 @workshop{cvcops20sattar, title = {Body Shape Privacy in Images: Understanding Privacy and Preventing Automatic Shape Extraction}, author = {Hosnieh Sattar and Katharina Krombholz and Gerard Pons-Moll and Mario Fritz }, url = {https://arxiv.org/abs/1905.11503 https://arxiv.org/pdf/1905.11503.pdf}, year = {2020}, date = {2020-08-28}, booktitle = {Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security CVCOPS (ECCV-W)}, keywords = {2020}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/1905.11503 https://arxiv.org/pdf/1905.11503.pdf Close
	Yang He; Bernt Schiele; Mario Fritz Synthetic Convolutional Features for Improved Semantic Segmentation Workshop Workshop on Assistive Computer Vision and Robotics at European Conference on Computer Vision (ECCV-W), 2020. Links | BibTeX | Tags: 2020 @workshop{eccvw20he, title = {Synthetic Convolutional Features for Improved Semantic Segmentation}, author = {Yang He and Bernt Schiele and Mario Fritz}, url = {https://arxiv.org/abs/2009.08849 https://arxiv.org/pdf/2009.08849.pdf}, year = {2020}, date = {2020-08-28}, booktitle = {Workshop on Assistive Computer Vision and Robotics at European Conference on Computer Vision (ECCV-W)}, keywords = {2020}, pubstate = {published}, tppubtype = {workshop} } Close https://arxiv.org/abs/2009.08849 https://arxiv.org/pdf/2009.08849.pdf Close
2019
Technical Reports
	Yang He; Shadi Rahimian; Bernt Schiele; Mario Fritz Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation Technical Report arXiv:1912.09685, 2019. Links | BibTeX | Tags: 2019, 2020 @techreport{he19arxiv, title = {Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation}, author = {Yang He and Shadi Rahimian and Bernt Schiele and Mario Fritz}, url = {https://arxiv.org/abs/1912.09685 https://arxiv.org/pdf/1912.09685.pdf}, year = {2019}, date = {2019-12-19}, type = {arXiv:1912.09685}, keywords = {2019, 2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1912.09685 https://arxiv.org/pdf/1912.09685.pdf Close
	Vedika Agarwal; Rakshith Shetty; Mario Fritz Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing Technical Report 2019. Links | BibTeX | Tags: 2019, 2020 @techreport{agarwal19arxiv, title = {Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing}, author = {Vedika Agarwal and Rakshith Shetty and Mario Fritz }, url = {https://arxiv.org/abs/1912.07538 https://arxiv.org/pdf/1912.07538.pdf}, year = {2019}, date = {2019-12-16}, keywords = {2019, 2020}, pubstate = {published}, tppubtype = {techreport} } Close https://arxiv.org/abs/1912.07538 https://arxiv.org/pdf/1912.07538.pdf Close