254 matches found
Rewriting the Budget: a General Framework for Black-Box Attacks under Cost Asymmetry
Traditional decision-based black-box adversarial attacks on image classifiers aim to generate adversarial examples by slightly modifying input images while keeping the number of queries low, where each query involves sending an input to the model and observing its output. Most existing methods...
LADSG: Label-Anonymized Distillation and Similar Gradient Substitution for Label Privacy in Vertical Federated Learning
Vertical federated learning VFL has become a key paradigm for collaborative machine learning, enabling multiple parties to train models over distributed feature spaces while preserving data privacy. Despite security protocols that defend against external attacks - such as gradient masking and...
GeoClip: Geometry-Aware Clipping for Differentially Private SGD
Differentially private stochastic gradient descent DP-SGD is the most widely used method for training machine learning models with provable privacy guarantees. A key challenge in DP-SGD is setting the per-sample gradient clipping threshold, which significantly affects the trade-off between privac...
Joint-GCG: Unified Gradient-Based Poisoning Attacks on Retrieval-Augmented Generation Systems
Retrieval-Augmented Generation RAG systems enhance Large Language Models LLMs by retrieving relevant documents from external corpora before generating responses. This approach significantly expands LLM capabilities by leveraging vast, up-to-date external knowledge. However, this reliance on...
Gradient Inversion Attacks on Parameter-Efficient Fine-Tuning
Federated learning FL allows multiple data-owners to collaboratively train machine learning models by exchanging local gradients, while keeping their private data on-device. To simultaneously enhance privacy and training efficiency, recently parameter-efficient fine-tuning PEFT of large-scale...
Mitigating Disparate Impact of Differentially Private Learning through Bounded Adaptive Clipping
Differential privacy DP has become an essential framework for privacy-preserving machine learning. Existing DP learning methods, however, often have disparate impacts on model predictions, e.g., for minority groups. Gradient clipping, which is often used in DP learning, can suppress larger...
Fingerprinting Deep Learning Models Via Network Traffic Patterns in Federated Learning
Federated Learning FL is increasingly adopted as a decentralized machine learning paradigm due to its capability to preserve data privacy by training models without centralizing user data. However, FL is susceptible to indirect privacy breaches via network traffic analysis-an area not explored in...
SafeGenes: Evaluating the Adversarial Robustness of Genomic Foundation Models
Genomic Foundation Models GFMs, such as Evolutionary Scale Modeling ESM, have demonstrated significant success in variant effect prediction. However, their adversarial robustness remains largely unexplored. To address this gap, we propose SafeGenes: a framework for Secure analysis of genomic...
Shadow Defense against Gradient Inversion Attack in Federated Learning
Federated learning FL has emerged as a transformative framework for privacy-preserving distributed training, allowing clients to collaboratively train a global model without sharing their local data. This is especially crucial in sensitive fields like healthcare, where protecting patient data is...
Private Rate-Constrained Optimization with Applications to Fair Learning
Many problems in trustworthy ML can be formulated as minimization of the model error under constraints on the prediction rates of the model for suitably-chosen marginals, including most group fairness constraints demographic parity, equality of odds, etc.. In this work, we study such constrained...
CVE-2024-5327
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘ppanimatedgradientbgcolor’ parameter in all versions up to, and including, 2.7.19 due to insufficient input sanitization and output...
CVE-2024-31346
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksmarket Gradient Text Widget for Elementor allows Stored XSS.This issue affects Gradient Text Widget for Elementor: from n/a through 1.0.1...
CVE-2022-35990
TensorFlow is an open source platform for machine learning. When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2011-2619
Opera before 11.50 allows remote attackers to cause a denial of service application crash via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets CSS...
Mitigating Fine-Tuning Risks in LLMs Via Safety-Aware Probing Optimization
The significant progress of large language models LLMs has led to remarkable achievements across numerous applications. However, their ability to generate harmful content has sparked substantial safety concerns. Despite the implementation of safety alignment techniques during the pre-training...
Malware Families Discovery Via Open-Set Recognition on Android Manifest Permissions
Malware are malicious programs that are grouped into families based on their penetration technique, source code, and other characteristics. Classifying malware programs into their respective families is essential for building effective defenses against cyber threats. Machine learning models have ...
Private Statistical Estimation Via Truncation
We introduce a novel framework for differentially private DP statistical estimation via data truncation, addressing a key challenge in DP estimation when the data support is unbounded. Traditional approaches rely on problem-specific sensitivity analysis, limiting their applicability. By leveragin...
ACU: Analytic Continual Unlearning for Efficient and Exact Forgetting with Privacy Preservation
The development of artificial intelligence demands that models incrementally update knowledge by Continual Learning CL to adapt to open-world environments. To meet privacy and security requirements, Continual Unlearning CU emerges as an important problem, aiming to sequentially forget particular...
Self-Destructive Language Model
Harmful fine-tuning attacks pose a major threat to the security of large language models LLMs, allowing adversaries to compromise safety guardrails with minimal harmful data. While existing defenses attempt to reinforce LLM alignment, they fail to address models' inherent "trainability" on harmfu...
PIG: Privacy Jailbreak Attack on LLMs Via Gradient-Based Iterative In-Context Optimization
Large Language Models LLMs excel in various domains but pose inherent privacy risks. Existing methods to evaluate privacy leakage in LLMs often use memorized prefixes or simple instructions to extract data, both of which well-alignment models can easily block. Meanwhile, Jailbreak attacks bypass...