Tribhuvanesh Orekondy (PhD Student)

Personal Information

Publications

2021

Conference paper

H.-P. Wang, T. Orekondy, and M. Fritz

“InfoScrub: Towards Attribute Privacy by Targeted Obfuscation,” in Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPR 2021), Virtual Workshop, 2021.

mehr

BibTeX

@inproceedings{Wang_CVPRW2021,
TITLE = {{InfoScrub}: {T}owards Attribute Privacy by Targeted Obfuscation},
AUTHOR = {Wang, Hui-Po and Orekondy, Tribhuvanesh and Fritz, Mario},
LANGUAGE = {eng},
ISBN = {978-1-6654-4899-4},
DOI = {10.1109/CVPRW53098.2021.00366},
PUBLISHER = {IEEE},
YEAR = {2021},
MARGINALMARK = {$\bullet$},
BOOKTITLE = {Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPR 2021)},
PAGES = {3275--3283},
ADDRESS = {Virtual Workshop},
}

Endnote

%0 Conference Proceedings
%A Wang, Hui-Po
%A Orekondy, Tribhuvanesh
%A Fritz, Mario
%+ External Organizations
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
External Organizations
%T InfoScrub: Towards Attribute Privacy by Targeted Obfuscation : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0008-186C-5
%R 10.1109/CVPRW53098.2021.00366
%D 2021
%B IEEE CVPR Workshop On Fair, Data-Efficient, and Trusted Computer Vision
%Z date of event: 2021-06-25 - 2021-06-25
%C Virtual Workshop
%B Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops
%P 3275 - 3283
%I IEEE
%@ 978-1-6654-4899-4

2020

Conference paper

D. Chen, T. Orekondy, and M. Fritz

“GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators,” in Advances in Neural Information Processing Systems 33 (NeurIPS 2020), Virtual Event, 2020.

mehr

BibTeX

@inproceedings{Chen_NeurIPS20,
TITLE = {{GS-WGAN}: {A} Gradient-Sanitized Approach for Learning Differentially Private Generators},
AUTHOR = {Chen, Dingfan and Orekondy, Tribhuvanesh and Fritz, Mario},
LANGUAGE = {eng},
PUBLISHER = {Curran Associates, Inc.},
YEAR = {2020},
BOOKTITLE = {Advances in Neural Information Processing Systems 33 (NeurIPS 2020)},
EDITOR = {Larochelle, H. and Ranzato, M. and Hadsell, R. and Balcan, M. F. and Lin, H.},
PAGES = {12673--12684},
ADDRESS = {Virtual Event},
}

Endnote

%0 Conference Proceedings
%A Chen, Dingfan
%A Orekondy, Tribhuvanesh
%A Fritz, Mario
%+ External Organizations
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
%T GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0008-1866-B
%D 2020
%B 34th Conference on Neural Information Processing Systems
%Z date of event: 2020-12-06 - 2020-12-12
%C Virtual Event
%B Advances in Neural Information Processing Systems 33
%E Larochelle, H.; Ranzato, M.; Hadsell, R.; Balcan, M. F.; Lin, H.
%P 12673 - 12684
%I Curran Associates, Inc.

Conference paper

T. Orekondy, B. Schiele, and M. Fritz

“Prediction Poisoning: Towards Defenses Against DNN Model Stealing Attacks,” in International Conference on Learning Representations (ICLR 2020), Addis Ababa, Ethopia, 2020.

mehr

BibTeX

@inproceedings{orekondy20prediction,
TITLE = {Prediction Poisoning: {T}owards Defenses Against {DNN} Model Stealing Attacks},
AUTHOR = {Orekondy, Tribhuvanesh and Schiele, Bernt and Fritz, Mario},
LANGUAGE = {eng},
URL = {https://iclr.cc/virtual_2020/poster_SyevYxHtDB.html; https://iclr.cc/Conferences/2020},
PUBLISHER = {OpenReview.net},
YEAR = {2020},
BOOKTITLE = {International Conference on Learning Representations (ICLR 2020)},
ADDRESS = {Addis Ababa, Ethopia},
}

Endnote

%0 Conference Proceedings
%A Orekondy, Tribhuvanesh
%A Schiele, Bernt
%A Fritz, Mario
%+ Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
External Organizations
%T Prediction Poisoning: Towards Defenses Against DNN Model Stealing Attacks : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0003-EC93-D
%U https://iclr.cc/virtual_2020/poster_SyevYxHtDB.html
%D 2020
%B 8th International Conference on Learning Representations
%Z date of event: 2020-04-26 - 2020-04-30
%C Addis Ababa, Ethopia
%B International Conference on Learning Representations
%I OpenReview.net


%U https://openreview.net/pdf?id=SyevYxHtDB

Thesis

D2IMPR-CS

T. Orekondy

“Understanding and Controlling Leakage in Machine Learning,” Universität des Saarlandes, Saarbrücken, 2020.

mehr

BibTeX

@phdthesis{Orekondy_PhD2020,
TITLE = {Understanding and Controlling Leakage in Machine Learning},
AUTHOR = {Orekondy, Tribhuvanesh},
LANGUAGE = {eng},
URL = {urn:nbn:de:bsz:291--ds-335519},
DOI = {10.22028/D291-33551},
SCHOOL = {Universit{\"a}t des Saarlandes},
ADDRESS = {Saarbr{\"u}cken},
YEAR = {2020},
DATE = {2020},
}

Endnote

%0 Thesis
%A Orekondy, Tribhuvanesh
%Y Schiele, Bernt
%A referee: Fritz, Mario
%A referee: Frahm, Jan-Michael
%+ Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
International Max Planck Research School, MPI for Informatics, Max Planck Society
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
External Organizations
External Organizations
%T Understanding and Controlling Leakage in Machine Learning : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0008-4ACC-0
%R 10.22028/D291-33551
%U urn:nbn:de:bsz:291--ds-335519
%F OTHER: hdl:20.500.11880/30989
%I Universit&#228;t des Saarlandes
%C Saarbr&#252;cken
%D 2020
%V phd
%9 phd
%U https://publikationen.sulb.uni-saarland.de/handle/20.500.11880/30989

2019

Conference paper

T. Orekondy, B. Schiele, and M. Fritz

“Knockoff Nets: Stealing Functionality of Black-Box Models,” in IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2019), Long Beach, CA, USA, 2019.

mehr

BibTeX

@inproceedings{orekondy18knockoff,
TITLE = {Knockoff Nets: {S}tealing Functionality of Black-Box Models},
AUTHOR = {Orekondy, Tribhuvanesh and Schiele, Bernt and Fritz, Mario},
LANGUAGE = {eng},
ISBN = {978-1-7281-3293-8},
DOI = {10.1109/CVPR.2019.00509},
PUBLISHER = {IEEE},
YEAR = {2019},
BOOKTITLE = {IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2019)},
PAGES = {4949 --4958},
ADDRESS = {Long Beach, CA, USA},
}

Endnote

%0 Conference Proceedings
%A Orekondy, Tribhuvanesh
%A Schiele, Bernt
%A Fritz, Mario
%+ Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
External Organizations
%T Knockoff Nets: Stealing Functionality of Black-Box Models : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0002-AA57-D
%R 10.1109/CVPR.2019.00509
%D 2019
%B 32nd IEEE Conference on Computer Vision and Pattern Recognition
%Z date of event: 2019-06-16 - 2019-06-20
%C Long Beach, CA, USA
%B IEEE/CVF Conference on Computer Vision and Pattern Recognition 
%P 4949  - 4958
%I IEEE
%@ 978-1-7281-3293-8

Conference paper

T. Orekondy, S. J. Oh, Y. Zhang, B. Schiele, and M. Fritz

“Gradient-Leaks: Understanding Deanonymization in Federated Learning,” in The 2nd International Workshop on Federated Learning for Data Privacy and Confidentiality (FL-NeurIPS 2019), Vancouver, Canada, 2019.

mehr

BibTeX

@inproceedings{orekondy19gradient,
TITLE = {Gradient-Leaks: {U}nderstanding Deanonymization in Federated Learning},
AUTHOR = {Orekondy, Tribhuvanesh and Oh, Seong Joon and Zhang, Yang and Schiele, Bernt and Fritz, Mario},
LANGUAGE = {eng},
URL = {https://arxiv.org/abs/1805.05838; http://federated-learning.org/fl-neurips-2019/},
PUBLISHER = {federated-learning.org},
YEAR = {2019},
BOOKTITLE = {The 2nd International Workshop on Federated Learning for Data Privacy and Confidentiality (FL-NeurIPS 2019)},
ADDRESS = {Vancouver, Canada},
}

Endnote

%0 Conference Proceedings
%A Orekondy, Tribhuvanesh
%A Oh, Seong Joon
%A Zhang, Yang
%A Schiele, Bernt
%A Fritz, Mario
%+ Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
External Organizations
Computer Vision and Machine Learning, MPI for Informatics, Max Planck Society
External Organizations
%T Gradient-Leaks: Understanding Deanonymization in Federated Learning : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0005-8E47-C
%U https://arxiv.org/abs/1805.05838
%D 2019
%B The 2nd International Workshop on Federated Learning for Data Privacy and Confidentiality
%Z date of event: 2019-12-13 - 2019-12-13
%C Vancouver, Canada
%B The 2nd International Workshop on Federated Learning for Data Privacy and Confidentiality
%I federated-learning.org

2018

Conference paper

T. Orekondy, M. Fritz, and B. Schiele

“Connecting Pixels to Privacy and Utility: Automatic Redaction of Private Information in Images,” in IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2018), Salt Lake City, UT, USA, 2018.

mehr

BibTeX

@inproceedings{orekondy17connect,
TITLE = {Connecting Pixels to Privacy and Utility: {A}utomatic Redaction of Private Information in Images},
AUTHOR = {Orekondy, Tribhuvanesh and Fritz, Mario and Schiele, Bernt},
LANGUAGE = {eng},
ISBN = {978-1-5386-6420-9},
DOI = {10.1109/CVPR.2018.00883},
PUBLISHER = {IEEE},
YEAR = {2018},
BOOKTITLE = {IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2018)},
PAGES = {8466--8475},
ADDRESS = {Salt Lake City, UT, USA},
}

Endnote

%0 Conference Proceedings
%A Orekondy, Tribhuvanesh
%A Fritz, Mario
%A Schiele, Bernt
%+ Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
%T Connecting Pixels to Privacy and Utility: Automatic Redaction of Private
  Information in Images : 
%G eng
%U http://hdl.handle.net/11858/00-001M-0000-002E-7D65-4
%R 10.1109/CVPR.2018.00883
%D 2018
%B 31st IEEE Conference on Computer Vision and Pattern Recognition
%Z date of event: 2018-06-18 - 2018-06-22
%C Salt Lake City, UT, USA
%B IEEE/CVF Conference on Computer Vision and Pattern Recognition
%P 8466 - 8475
%I IEEE
%@ 978-1-5386-6420-9

Paper

T. Orekondy, S. J. Oh, B. Schiele, and M. Fritz

“Understanding and Controlling User Linkability in Decentralized Learning,” 2018. [Online]. Available: http://arxiv.org/abs/1805.05838.

mehr

Abstract

Machine Learning techniques are widely used by online services (e.g. Google,

Apple) in order to analyze and make predictions on user data. As many of the

provided services are user-centric (e.g. personal photo collections, speech

recognition, personal assistance), user data generated on personal devices is

key to provide the service. In order to protect the data and the privacy of the

user, federated learning techniques have been proposed where the data never

leaves the user's device and "only" model updates are communicated back to the

server. In our work, we propose a new threat model that is not concerned with

learning about the content - but rather is concerned with the linkability of

users during such decentralized learning scenarios.

We show that model updates are characteristic for users and therefore lend

themselves to linkability attacks. We show identification and matching of users

across devices in closed and open world scenarios. In our experiments, we find

our attacks to be highly effective, achieving 20x-175x chance-level

performance.

In order to mitigate the risks of linkability attacks, we study various

strategies. As adding random noise does not offer convincing operation points,

we propose strategies based on using calibrated domain-specific data; we find

these strategies offers substantial protection against linkability threats with

little effect to utility.

BibTeX

@online{orekondy18understand,
TITLE = {Understanding and Controlling User Linkability in Decentralized Learning},
AUTHOR = {Orekondy, Tribhuvanesh and Oh, Seong Joon and Schiele, Bernt and Fritz, Mario},
LANGUAGE = {eng},
URL = {http://arxiv.org/abs/1805.05838},
EPRINT = {1805.05838},
EPRINTTYPE = {arXiv},
YEAR = {2018},
ABSTRACT = {Machine Learning techniques are widely used by online services (e.g. Google, Apple) in order to analyze and make predictions on user data. As many of the provided services are user-centric (e.g. personal photo collections, speech recognition, personal assistance), user data generated on personal devices is key to provide the service. In order to protect the data and the privacy of the user, federated learning techniques have been proposed where the data never leaves the user's device and "only" model updates are communicated back to the server. In our work, we propose a new threat model that is not concerned with learning about the content -- but rather is concerned with the linkability of users during such decentralized learning scenarios. We show that model updates are characteristic for users and therefore lend themselves to linkability attacks. We show identification and matching of users across devices in closed and open world scenarios. In our experiments, we find our attacks to be highly effective, achieving 20x-175x chance-level performance. In order to mitigate the risks of linkability attacks, we study various strategies. As adding random noise does not offer convincing operation points, we propose strategies based on using calibrated domain-specific data; we find these strategies offers substantial protection against linkability threats with little effect to utility.},
}

Endnote

%0 Report
%A Orekondy, Tribhuvanesh
%A Oh, Seong Joon
%A Schiele, Bernt
%A Fritz, Mario
%+ Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
%T Understanding and Controlling User Linkability in Decentralized Learning : 
%G eng
%U http://hdl.handle.net/21.11116/0000-0001-4BEC-2
%U http://arxiv.org/abs/1805.05838
%D 2018
%X   Machine Learning techniques are widely used by online services (e.g. Google,
Apple) in order to analyze and make predictions on user data. As many of the
provided services are user-centric (e.g. personal photo collections, speech
recognition, personal assistance), user data generated on personal devices is
key to provide the service. In order to protect the data and the privacy of the
user, federated learning techniques have been proposed where the data never
leaves the user's device and "only" model updates are communicated back to the
server. In our work, we propose a new threat model that is not concerned with
learning about the content - but rather is concerned with the linkability of
users during such decentralized learning scenarios.
  We show that model updates are characteristic for users and therefore lend
themselves to linkability attacks. We show identification and matching of users
across devices in closed and open world scenarios. In our experiments, we find
our attacks to be highly effective, achieving 20x-175x chance-level
performance.
  In order to mitigate the risks of linkability attacks, we study various
strategies. As adding random noise does not offer convincing operation points,
we propose strategies based on using calibrated domain-specific data; we find
these strategies offers substantial protection against linkability threats with
little effect to utility.

%K Computer Science, Cryptography and Security, cs.CR,Computer Science, Artificial Intelligence, cs.AI,Computer Science, Computer Vision and Pattern Recognition, cs.CV,Computer Science, Learning, cs.LG,Statistics, Machine Learning, stat.ML

2017

Conference paper

T. Orekondy, B. Schiele, and M. Fritz

“Towards a Visual Privacy Advisor: Understanding and Predicting Privacy Risks in Images,” in IEEE International Conference on Computer Vision (ICCV 2017), Venice, Italy, 2017.

mehr

BibTeX

@inproceedings{orekondy17iccv,
TITLE = {Towards a Visual Privacy Advisor: Understanding and Predicting Privacy Risks in Images},
AUTHOR = {Orekondy, Tribhuvanesh and Schiele, Bernt and Fritz, Mario},
LANGUAGE = {eng},
ISBN = {978-1-5386-1032-9},
DOI = {10.1109/ICCV.2017.398},
PUBLISHER = {IEEE},
YEAR = {2017},
DATE = {2017},
BOOKTITLE = {IEEE International Conference on Computer Vision (ICCV 2017)},
PAGES = {3706--3715},
ADDRESS = {Venice, Italy},
}

Endnote

%0 Conference Proceedings
%A Orekondy, Tribhuvanesh
%A Schiele, Bernt
%A Fritz, Mario
%+ Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
Computer Vision and Multimodal Computing, MPI for Informatics, Max Planck Society
%T Towards a Visual Privacy Advisor: Understanding and Predicting Privacy Risks in Images : 
%G eng
%U http://hdl.handle.net/11858/00-001M-0000-002C-E65F-8
%R 10.1109/ICCV.2017.398
%D 2017
%B International Conference on Computer Vision
%Z date of event: 2017-10-22 - 2017-10-29
%C Venice, Italy
%B IEEE International Conference on Computer Vision
%P 3706 - 3715
%I IEEE
%@ 978-1-5386-1032-9