Image (CCS 2015) Face/Off: Preventing Privacy Leakage From Photos in Social Networks
Location/Trace Privacy (CCS 2015) Where's Wally? Precise User Discovery Attacks in Location Proximity Services (2016 S&P) Synthesizing Plausible Privacy-Preserving Location Traces (2018 TDSC) Releasing correlated trajectories: towards high utility and optimal differential privacy (2019 TDSC) VTDP: privately sanitizing fine-grained vehicle trajectory data with boosted utility (2019 USENIX Security) On (the lack of) location privacy in crowdsourcing applications (2017 WWW) Trajectory Recovery From Ash: User Privacy Is NOT Preserved in Aggregated Mobility Data
Deep Learning (CCS 2015) Privacy-Preserving Deep Learning (CCS 2016) Deep Learning with Differential Privacy (2016 S&P) Distillation as a defense to adversarial perturbations against deep neural networks (2017 S&P) Towards Evaluating the Robustness of Neural Networks (2019 S&P) Comprehensive Privacy Analysis of Deep Learning (2019 S&P) DeepSec: A Uniform Platform for Security Analysis of Deep Learning Models (2019 S&P) Differentially Private Model Publishing For Deep Learning (2015 KDD) Differentially Private High-Dimensional Data Publishing via Sampling-Based Inference (2018 KDD) Not Just Privacy: Improving Performance of Private Deep Learning in Mobile Cloud
Differential Privacy (CCS 2016) Deep Learning with Differential Privacy (CCS 2016) A EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation (CCS 2018) Utility-Aware Synthesis of Differentially Private and Attack-Resilient Location Traces (2018 S&P) Locally Differentially Private Frequent Itemset Mining (2019 S&P) Certified Robustness to Adversarial Examples with Differential Privacy (2019 S&P) PrivKV: Key-Value Data Collection with Local Differential Privacy (2019 USENIX Security) Evaluating differentially private machine learning in practice
Recommendation (CCS 2016) A EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation (2014 TDSC) A trust-based privacy-preserving friend recommendation scheme for online social network
Data Publishing (2018 TDSC) Disclose more and risk less: privacy preserving online social network data sharing (2019 TDSC) Sensitive label privacy preservation with anonymization for data publishing (2018 USENIX Security) AttriGuard: a priactical defense against attribute inference attacks via adversarial machine learning (2016 NDSS) The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads
Membership Privacy (2017 S&P) Membership Inference Attacks against Machine Learning Models (CCS 2018) Machine Learning with Membership Privacy using Adversarial Regularization (2019 NDSS) ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models.
Adversary Machine Learning (CCS 2019) Attacking Graph-based Classification via Manipulating the Graph Structure (CCS 2019) MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples (CCS 2019) Privacy Risks of Securing Machine Learning Models against Adversarial Examples (2019 S&P) Certified Robustness to Adversarial Examples with Differential Privacy (2018 USENIX Security) AttriGuard: a priactical defense against attribute inference attacks via adversarial machine learning
Secure Machine Learning (2017 S&P) SecureML: A System for Scalable Privacy-Preserving Machine Learning (2018 S&P) Stealing Hyperparameters in Machine Learning (2019 S&P) Helen: Maliciously Secure Coopetitive Learning for Linear Models (2017 KDD) Privacy-Preserving Distributed Multi-Task Learning with Asynchronous Updates (2018 KDD) Concentrated Differentially Private Gradient Descent with Adaptive per-Iteration Privacy Budget
Metrics (2020 TDSC) General confidentiality and utility metrics for privacy-preserving data publishing based on permutation model (2020 TDSC) Using metrics suites to improve the measurement of privacy in graphs
Inference attacks (2016 USENIX Security) You are who you know and how you behave: attribute inference attacks via users' social friends and behaviors
Poisoning/Evasion attacks (2018 S&P) Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning (2018 USENIX Security) When does machine learning FAIL? Generalized transferability for evasion and poisoning attacks (2019 USENIX Security) Why do adversarial attacks transfer? explaining transferability of evasion and poisoning attacks (2019 USENIX Security) Improving robustness of ML classifiers against realizable evasion attacks using conserved features
Backdoor attacks (2019 S&P) Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks
Graph (2015 USENIX Security) SecGraph: a uniform and open-source evaluation system for graph data anonymization and de-anonymization
(CCS 2015) Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures (CCS 2017) walk2friends: Inferring Social Links from Mobility Profiles (CCS 2017) Machine Learning Models that Remember Too Much (2015 KDD) Scalable Blocking for Privacy Preserving Record Linkage (2016 KDD) Privacy-preserving Class Ratio Estimation (2018 KDD) An Efficient Two-Layer Mechanism for Privacy-Preserving Truth Discovery (2018 KDD) Unlocking the Value of Privacy: Trading Aggregate Statistics over Private Correlated Data (2019 KDD) PrivPy: General and Scalable Privacy-Preserving Data Mining (2019 KDD) SurfCon: Synonym Discovery on Privacy-Aware Clinical Data (2019 KDD) TrajGuard: A Comprehensive Trajectory Copyright Protection Scheme (2016 USENIX Security) Stealing Machine Learning Models via Prediction APIs (2018 USENIX Security) With great training comes great vulnerability: practical attacks against transfer learning (2019 NDSS) Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services (2019 NDSS) Please Forget Where I Was Last Summer: The Privacy Risks of Public Location (Meta)Data (2016 NDSS) LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships (2016 NDSS) The Price of Free: Privacy Leakage in Personalized Mobile In‐App Ads (2015 WWW) A Practical Framework for Privacy-Preserving Data Analytics (2017 WWW) How Public Is My Private Life?: Privacy in Online Dating (2018 WWW) Incognito: A Method for Obfuscating Web Data (2018 WWW) Tagvisor: A Privacy Advisor for Sharing Hashtags (2019 WWW) No More than What I Post: Preventing Linkage Attacks on Check-in Services