Jairo Giraldo (University of Utah), Alvaro Cardenas (UC Santa Cruz), Murat Kantarcioglu (UT Dallas), Jonathan Katz (George Mason University)

Differential Privacy has emerged in the last decade as a powerful tool to protect sensitive information. Similarly, the last decade has seen a growing interest in adversarial classification, where an attacker knows a classifier is trying to detect anomalies and the adversary attempts to design examples meant to mislead this classification.

Differential privacy and adversarial classification have been studied separately in the past. In this paper, we study the problem of how a strategic attacker can leverage differential privacy to inject false data in a system, and then we propose countermeasures against these novel attacks. We show the impact of our attacks and defenses in a real-world traffic estimation system and in a smart metering system.

View More Papers

ConTExT: A Generic Approach for Mitigating Spectre

Michael Schwarz (Graz University of Technology), Moritz Lipp (Graz University of Technology), Claudio Canella (Graz University of Technology), Robert Schilling (Graz University of Technology and Know-Center GmbH), Florian Kargl (Graz University of Technology), Daniel Gruss (Graz University of Technology)

Read More

Let's Revoke: Scalable Global Certificate Revocation

Trevor Smith (Brigham Young University), Luke Dickenson (Brigham Young University), Kent Seamons (Brigham Young University)

Read More

EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive...

Marcel Kneib (Robert Bosch GmbH), Oleg Schell (Bosch Engineering GmbH), Christopher Huth (Robert Bosch GmbH)

Read More

Broken Metre: Attacking Resource Metering in EVM

Daniel Perez (Imperial College London), Benjamin Livshits (Imperial College London, UCL Centre for Blockchain Technologies, and Brave Software)

Read More