5 matches found
A Surveillance Evasion Game with Continuous Sensor Redeployment Via Bilevel Optimization
Uncrewed Aerial Systems UASs have become a growing threat to the security of critical infrastructure, exploiting spatiotemporal gaps in sensor perimeters to infiltrate restricted airspace undetected. We formulate this interaction as a two-player zero-sum differential game between an adversarial U...
Adversarial Co-Evolution of Malware and Detection Models: A Bilevel Optimization Perspective
Machine learning-based malware detectors are increasingly vulnerable to adversarial examples. Traditional defenses, such as one-shot adversarial training, often fail against adaptive attackers who use reinforcement learning to bypass detection. This paper proposes a robust defense framework based...
Injection, Attack and Erasure: Revocable Backdoor Attacks Via Machine Unlearning
Backdoor attacks pose a persistent security risk to deep neural networks DNNs due to their stealth and durability. While recent research has explored leveraging model unlearning mechanisms to enhance backdoor concealment, existing attack strategies still leave persistent traces that may be detect...
Breaking the Gaussian Barrier: Residual-PAC Privacy for Automatic Privatization
The Probably Approximately Correct PAC Privacy framework 1 provides a powerful instance-based methodology for certifying privacy in complex data-driven systems. However, existing PAC Privacy algorithms rely on a Gaussian mutual information upper bound. We show that this is in general too...
MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models
Model extraction attacks aim to replicate the functionality of a black-box model through query access, threatening the intellectual property IP of machine-learning-as-a-service MLaaS providers. Defending against such attacks is challenging, as it must balance efficiency, robustness, and utility...