Unintended Interactions among ML Risks and Defenses

Background

Machine learning models are susceptible to a wide range of risks to security, privacy, and fairness. Several defenses have been proposed to mitigate these risks. However, defending against a specific risk can result in an unintended increase (or decrease) in susceptibility to other risks. Similarly when defenses against multiple risks are applied to a machine learning model, there could be conflicting interactions among among them. This blog article provides additional context for this work.

Conference/journal paper publications

• Vasisht Duddu, Sebastian Szyller, N. Asokan: SoK: Unintended Interactions among Machine Learning Defenses and Risks. IEEE S&P 2024. arXiv preprint arXiv:2312.04542. (Distinguished paper award)
• Sebastian Szyller, N. Asokan: Conflicting Interactions Among Protection Mechanisms for Machine Learning Models. AAAI 2023. arXiv preprint arXiv:2207.01991
• Vasisht Duddu, Rui Zhang, N. Asokan: Combining Machine Learning Defenses without Conflicts.. Transactions on Machine Learning Research (TMLR). arXiv preprint arXiv:2411.09776.

Software Library

• Amulet: A Library for Evaluating interactions among Machine Learning Risks and Defeneses Code

Posters

• SoK: Unintended Interactions among Machine Learning Defenses and Risks. pdf

Talks

• SoK: Unintended Interactions among Machine Learning Defenses and Risks. pdf talk
• Conflicting Interactions Among Protection Mechanisms for Machine Learning Models. pdf

Source code

• GitHub source code for Amulet
• GitHub source code for SoK
• GitHub source code for Conflicting Interactions