diff options
| author | Jan Aalmoes <jan.aalmoes@inria.fr> | 2024-09-13 00:07:42 +0200 |
|---|---|---|
| committer | Jan Aalmoes <jan.aalmoes@inria.fr> | 2024-09-13 00:07:42 +0200 |
| commit | faa07a8f3337c5d191597ea9b9587cc0969d663c (patch) | |
| tree | a46440db847ce447917abecb7971d90db4a1f150 /biblio.bib | |
| parent | 7fc151d6a198d13dc9e1374522ec396d72905d3f (diff) | |
avnacé aia, remerciement notations, notes
Diffstat (limited to 'biblio.bib')
| -rw-r--r-- | biblio.bib | 1238 |
1 files changed, 1238 insertions, 0 deletions
@@ -1,3 +1,10 @@ +######################"" +#Notes +@misc{dati2024declaration, + title={Déclaration de Mme Rachida Dati, ministre de la culture, lors de l'installation de la Commission d'enrichissement de la langue française, le 27 mai 2024.} + author={Dati, Rachida}, + year={2024} +} ######################################" #Background @BOOK{lecun2019quand, @@ -1336,3 +1343,1234 @@ series = {NIPS'14} year={2017}, organization={IEEE} } + +@misc{carlini2022membership, + title={Membership Inference Attacks From First Principles}, + author={Nicholas Carlini and Steve Chien and Milad Nasr and Shuang Song and Andreas Terzis and Florian Tramer}, + year={2022}, + eprint={2112.03570}, + archivePrefix={arXiv}, + primaryClass={cs.CR} +} + +@inproceedings{salem2023sok, + title={SoK: Let the privacy games begin! A unified treatment of data inference privacy in machine learning}, + author={Salem, Ahmed and Cherubin, Giovanni and Evans, David and K{\"o}pf, Boris and Paverd, Andrew and Suri, Anshuman and Tople, Shruti and Zanella-B{\'e}guelin, Santiago}, + booktitle={Security \& Privacy}, + pages={327--345}, + year={2023}, +} +% + organization={IEEE} + + +@inproceedings{ijcai2022p766, + title = {Differential Privacy and Fairness in Decisions and Learning Tasks: A Survey}, + author = {Fioretto, Ferdinando and Tran, Cuong and Van Hentenryck, Pascal and Zhu, Keyu}, + booktitle = {International Joint Conference on + Artificial Intelligence}, + + pages = {5470--5477}, + year = {2022}, + month = {7}, + +} +%publisher = {International Joint Conferences on Artificial Intelligence Organization}, + editor = {Lud De Raedt}, +note = {Survey Track}, + doi = {10.24963/ijcai.2022/766}, + url = {https://doi.org/10.24963/ijcai.2022/766}, + + +@article{accfairtradeoff, +author = {Pinzon, Carlos and Palamidessi, Catuscia and Piantanida, Pablo and Valencia, Frank}, +year = {2023}, +month = {05}, +pages = {1-30}, +title = {On the incompatibility of accuracy and equal opportunity}, +journal = {Machine Learning}, +} +% +doi = {10.1007/s10994-023-06331-y} + +@article{rodolfa2021empirical, + title={Empirical observation of negligible fairness--accuracy trade-offs in machine learning for public policy}, + author={Rodolfa, Kit T and Lamba, Hemank and Ghani, Rayid}, + journal={Nature Machine Intelligence}, + volume={3}, + number={10}, + pages={896--904}, + year={2021}, +} +% + publisher={Nature Publishing Group UK London} + +@article{zhai2022understanding, + title={Understanding why generalized reweighting does not improve over ERM}, + author={Zhai, Runtian and Dan, Chen and Kolter, Zico and Ravikumar, Pradeep}, + booktitle={International Conference on Learning Representation}, + year={2023} +} + +@article{ +veldanda2022fairness, +title={Fairness via In-Processing in the Over-parameterized Regime: A Cautionary Tale with MinDiff Loss}, +author={Akshaj Kumar Veldanda and Ivan Brugere and Jiahao Chen and Sanghamitra Dutta and Alan Mishler and Siddharth Garg}, +journal={Transactions on Machine Learning Research}, +issn={2835-8856}, +year={2023}, + +} +%url={https://openreview.net/forum?id=f4VyYhkRvi}, +note={} + +% general +% url = {https://arxiv.org/abs/2206.10923}, +@misc{arxivmichael, + doi = {10.48550/ARXIV.2206.10923}, + author = {Maheshwari, Gaurav and Perrot, Michaël}, + title = {FairGrad: Fairness Aware Gradient Descent}, + publisher = {arXiv}, + year = {2022}, +} + + +@InProceedings{classIMb1, + title = {Class-Imbalanced Semi-Supervised Learning with Adaptive Thresholding}, + author = {Guo, Lan-Zhe and Li, Yu-Feng}, + booktitle = {International Conference on Machine Learning}, + pages = {8082--8094}, + year = {2022}, + editor = {Chaudhuri, Kamalika and Jegelka, Stefanie and Song, Le and Szepesvari, Csaba and Niu, Gang and Sabato, Sivan}, + volume = {162}, + month = {17--23 Jul}, + +} +% + pdf = {https://proceedings.mlr.press/v162/guo22e/guo22e.pdf}, + url = {https://proceedings.mlr.press/v162/guo22e.html} +series = {Proceedings of Machine Learning Research}, + publisher = {PMLR}, + +@article{classIMb2, + title={Deep learning model calibration for improving performance in class-imbalanced medical image classification tasks}, + author={Sivaramakrishnan Rajaraman and Prasanth Ganesan and Sameer K. Antani}, + journal={PLoS ONE}, + year={2021}, + volume={17}, +} +% + url={https://api.semanticscholar.org/CorpusID:238259577} + +@misc{classIMb3, + author = {Jason Brownlee}, + title = {{A} {G}entle {I}ntroduction to {T}hreshold-{M}oving for {I}mbalanced {C}lassification - {M}achine{L}earning{M}astery.com}, + year = {}, + note = {[Accessed 31-08-2023]}, +} +%issn = {0022-0000}, +%url = {https://www.sciencedirect.com/science/article/pii/S002200009791504X}, +@article{saddlepointsolve, +title = {A Decision-Theoretic Generalization of On-Line Learning and an Application to Boosting}, +journal = {Journal of Computer and System Sciences}, +volume = {55}, +number = {1}, +pages = {119-139}, +year = {1997}, +author = {Yoav Freund and Robert E Schapire} +} +% +doi = {10.1006/jcss.1997.1504}, + + +%isbn = {1595933832}, +%address = {New York, NY, USA}, +@inproceedings{curves, +author = {Davis, Jesse and Goadrich, Mark}, +title = {The Relationship between Precision-Recall and ROC Curves}, +year = {2006}, +booktitle = {International Conference on Machine Learning}, +pages = {233–240}, + +} +% +publisher = {Association for Computing Machinery}, +doi = {10.1145/1143844.1143874}, +location = {Pittsburgh, Pennsylvania, USA}, +series = {ICML '06} + +@inproceedings{cormode, +author = {Cormode, Graham}, +title = {Personal Privacy vs Population Privacy: Learning to Attack Anonymization}, +year = {2011}, +booktitle = {International Conference on Knowledge Discovery and Data Mining}, +pages = {1253–1261}, +} +%doi = {10.1145/2020408.2020598}, +%location = {San Diego, California, USA}, +series = {KDD '11} +%publisher = {Association for Computing Machinery}, + +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%issn = {0360-0300}, +%url = {https://doi.org/10.1145/3457607}, +@article{surveyfair, +author = {Mehrabi, Ninareh and Morstatter, Fred and Saxena, Nripsuta and Lerman, Kristina and Galstyan, Aram}, +title = {A Survey on Bias and Fairness in Machine Learning}, +year = {2021}, +volume = {54}, +number = {6}, +journal = {Comput. Surv.}, +month = {jul}, +articleno = {115}, +numpages = {35}, +} +% +doi = {10.1145/3457607}, + +@article{attinfSocial1, +author = {Gong, Neil Zhenqiang and Talwalkar, Ameet and Mackey, Lester and Huang, Ling and Shin, Eui Chul Richard and Stefanov, Emil and Shi, Elaine (Runting) and Song, Dawn}, +title = {Joint Link Prediction and Attribute Inference Using a Social-Attribute Network}, +year = {2014}, +volume = {5}, +number = {2}, +journal = {Trans. Intell. Syst. Technol.}, +} +% +doi = {10.1145/2594455}, +publisher = {Association for Computing Machinery}, + +%address = {New York, NY, USA}, + +%issn = {2471-2566}, +%url = {https://doi.org/10.1145/3154793}, +%numpages = {30}, +%%month = {jan}, +@article{attinfSocial2, +author = {Gong, Neil Zhenqiang and Liu, Bin}, +title = {Attribute Inference Attacks in Online Social Networks}, +year = {2018}, +volume = {21}, +number = {1}, +journal = {Trans. Priv. Secur.}, +articleno = {3}, +} +% +doi = {10.1145/3154793}, +publisher = {Association for Computing Machinery}, + +%isbn = {978-1-931971-32-4}, +%address = {Austin, TX}, +%url = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/gong}, +%publisher = {USENIX Association}, +%month = aug, +@inproceedings {attinfSocial3, +author = {Neil Zhenqiang Gong and Bin Liu}, +title = {You Are Who You Know and How You Behave: Attribute Inference Attacks via Users{\textquoteright} Social Friends and Behaviors}, +booktitle = {USENIX Security Symposium }, +year = {2016}, +pages = {979--995}, +} + + + %URL = {https://hal.inria.fr/hal-00748162}, + %ADDRESS = {San Diego, United States}, + %MONTH = Feb, +@inproceedings{attinfSocial4, + TITLE = {{You Are What You Like! Information Leakage Through Users' Interests}}, + YEAR = {2012}, + AUTHOR = {Chaabane, Abdelberi and Acs, Gergely and Kaafar, Mohamed Ali}, + BOOKTITLE = {Network and Distributed System Security Symposium}, + PAGES = {1-14}, +} + + + + +@inproceedings{attinfSocial5, + author={Elena Zheleva and Lise Getoor}, + title={To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles}, + year={2009}, + BOOKTITLE = {International Conference on World Wide Web}, + pages={531-540}, + doi={10.1145/1526709.1526781}, +} + + + +%isbn = {9781450349130}, +%publisher = {International World Wide Web Conferences Steering Committee}, +%address = {Republic and Canton of Geneva, CHE}, +%url = {https://doi.org/10.1145/3038912.3052695}, +@inproceedings{attinfSocial6, +author = {Jia, Jinyuan and Wang, Binghui and Zhang, Le and Gong, Neil Zhenqiang}, +title = {AttriInfer: Inferring User Attributes in Online Social Networks Using Markov Random Fields}, +year = {2017}, +booktitle = {International Conference on World Wide Web}, +pages = {1561–1569}, +location = {Perth, Australia}, +series = {WWW '17} +} +% +doi = {10.1145/3038912.3052695}, + + +%isbn = {9781450382878}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +@inbook{dysan, +author = {Boutet, Antoine and Frindel, Carole and Gambs, S\'{e}bastien and Jourdan, Th\'{e}o and Ngueveu, Rosin Claude}, +title = {DySan: Dynamically Sanitizing Motion Sensor Data Against Sensitive Inferences through Adversarial Networks}, +year = {2021}, +doi = {10.1145/3433210.3453095}, +booktitle = {Asia Conference on Computer and Communications Security}, +pages = {672–686}, +} +%serie = {ASIA CCS '21} + +@inproceedings{attprivacy, +author = {Zhang, Wanrong and Ohrimenko, Olga and Cummings, Rachel}, +title = {Attribute Privacy: Framework and Mechanisms}, +year = {2022}, +isbn = {9781450393522}, +booktitle = {Fairness, Accountability, and Transparency}, +pages = {757–766}, +numpages = {10}, + +} +%url = {https://doi.org/10.1145/3531146.3533139}, +doi = {10.1145/3531146.3533139}, +keywords = {Pufferfish privacy, attribute privacy, formal privacy frameworks, privacy-preserving mechanisms}, +series = {FAccT '22} +publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, + + +%differential privacy and fairness +@inproceedings{dispvuln, +author = {Mohammad Yaghini and Bogdan Kulynych and Carmela Troncoso}, +title = {Disparate Vulnerability: on the Unfairness of Privacy Attacks Against Machine Learning}, +year = {2022}, +booktitle = {Privacy Enhancing Technologies Symposium} +} + + +%isbn = {9781450391405}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +@inproceedings{GongMIAUnfair, +author = {Zhong, Da and Sun, Haipei and Xu, Jun and Gong, Neil and Wang, Wendy Hui}, +title = {Understanding Disparate Effects of Membership Inference Attacks and Their Countermeasures}, +year = {2022}, +booktitle = {Asia Conference on Computer and Communications Security}, +pages = {959–974}, +} +%location = {Nagasaki, Japan}, +series = {ASIA CCS '22} +doi = {10.1145/3488932.3501279}, + + +%sbn = {9781450311151}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%url = {https://doi.org/10.1145/2090236.2090255}, +@inproceedings{indivfairness, +author = {Dwork, Cynthia and Hardt, Moritz and Pitassi, Toniann and Reingold, Omer and Zemel, Richard}, +title = {Fairness through Awareness}, +year = {2012}, +booktitle = {Innovations in Theoretical Computer Science}, +pages = {214–226}, +} +%doi = {10.1145/2090236.2090255}, +location = {Cambridge, Massachusetts}, +series = {ITCS '12} + +@inproceedings{outIndist, +author = {Dwork, Cynthia and Kim, Michael P. and Reingold, Omer and Rothblum, Guy N. and Yona, Gal}, +title = {Outcome indistinguishability}, +year = {2021}, +booktitle = {Symposium on Theory of Computing}, +pages = {1095–1108}, +numpages = {14}, +} +%isbn = {9781450380539}, +publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, +url = {https://doi.org/10.1145/3406325.3451064}, +doi = {10.1145/3406325.3451064}, +keywords = {Prediction, Fairness, Computational Indistinguishability}, +location = {Virtual, Italy}, +series = {STOC 2021} + + + +%isbn = {9781450369367}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%url = {https://doi.org/10.1145/3351095.3372872}, +@inproceedings{dpfair, +author = {Pujol, David and McKenna, Ryan and Kuppam, Satya and Hay, Michael and Machanavajjhala, Ashwin and Miklau, Gerome}, +title = {Fair Decision Making Using Privacy-Protected Data}, +year = {2020}, +booktitle = {Fairness, Accountability, and Transparency}, +pages = {189–199}, +} +% +doi = {10.1145/3351095.3372872}, +location = {Barcelona, Spain}, +series = {FAT* '20} + +%url={https://ojs.aaai.org/index.php/AAAI/article/view/17193}, +%month={May}, +@article{fairprivatelagrangian, +title={Differentially Private and Fair Deep Learning: A Lagrangian Dual Approach}, +volume={35}, +number={11}, +journal={AAAI Conference on Artificial Intelligence}, +author={Tran, Cuong and Fioretto, Ferdinando and Van Hentenryck, Pascal}, +year={2021}, +pages={9932-9939} +} + +%editor = {Chaudhuri, Kamalika and Salakhutdinov, Ruslan}, + %series = {Proceedings of Machine Learning Research}, + %month = {09--15 Jun}, + %publisher = {PMLR}, + %pdf = {http://proceedings.mlr.press/v97/jagielski19a/jagielski19a.pdf}, + %url = {https://proceedings.mlr.press/v97/jagielski19a.html} +@InProceedings{dpfairlearn, + title = {Differentially Private Fair Learning}, + author = {Jagielski, Matthew and Kearns, Michael and Mao, Jieming and Oprea, Alina and Roth, Aaron and -Malvajerdi, Saeed Sharifi and Ullman, Jonathan}, + booktitle = {International Conference on Machine Learning}, + pages = {3000--3008}, + year = {2019}, + volume = {97}, +} + +@incollection{dpaccdisp, +title = {Differential Privacy Has Disparate Impact on Model Accuracy}, +author = {Bagdasaryan, Eugene and Poursaeed, Omid and Shmatikov, Vitaly}, +booktitle = {Advances in Neural Information Processing Systems}, +pages = {15479--15488}, +year = {2019}} + +%isbn = {978-1-939133-06-9}, +%address = {Santa Clara, CA}, +%url = {https://www.usenix.org/conference/usenixsecurity19/presentation/jayaraman}, +%publisher = {USENIX Association}, +%month = aug, +@inproceedings {dpVacc, +author = {Bargav Jayaraman and David Evans}, +title = {Evaluating Differentially Private Machine Learning in Practice}, +booktitle = {USENIX Security Symposium}, +year = {2019}, +pages = {1895--1912}, +} + +%isbn = {9781450367110}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%url = {https://doi.org/10.1145/3314183.3323847}, +@inproceedings{cummings, +author = {Cummings, Rachel and Gupta, Varun and Kimpara, Dhamma and Morgenstern, Jamie}, +title = {On the Compatibility of Privacy and Fairness}, +year = {2019}, +booktitle = {Conference on User Modeling, Adaptation and Personalization}, +pages = {309–315}, + +} +%doi = {10.1145/3314183.3323847}, +series = {UMAP'19 Adjunct} +location = {Larnaca, Cyprus}, + +@techreport{ec2019ethics, + address = {Brussels}, + author = {{High-Level Expert Group on AI}}, + institution = {European Commission}, + language = {eng}, + month = apr, + title = {Ethics guidelines for trustworthy AI}, + type = {Report}, + year = {2019} +} +% + url = {https://ec.europa.eu/digital-single-market/en/news/ethics-guidelines-trustworthy-ai}, + +@inproceedings{nist, + title={A Taxonomy and Terminology of Adversarial Machine Learning}, + author={Elham Tabassi and Kevin J. Burns and M. Hadjimichael and Andres Molina-Markham and Julian Sexton}, + year={2019}, + booktitle = {NIST Interagency/Internal Report} +} +% + url = {https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8269-draft.pdf}, + +@inproceedings{dpia, +title={Art. 35 {GDPR} Data protection impact assessment}, +url={https://gdpr-info.eu/art-35-gdpr/}, +author={European Union Law}, +year={2018}, +booktitle={General Data Protection Regulation (GDPR)} } + +@article{ico, +title={{AI} auditing and impact assessment: according to the UK information commissioner’s office}, +journal={AI and Ethics}, +author={Kazim, Emre and Denny, Danielle Mendes Thame and Koshiyama, Adriano}, +year={2021}, +month={Feb} } +%ISSN={2730-5953, 2730-5961}, url={http://link.springer.com/10.1007/s43681-021-00039-2}, DOI={10.1007/s43681-021-00039-2}, + +@inproceedings{whitehouse, +title={Guidance for Regulation of Artificial Intelligence Applications}, +author={White House}, +year = {2020}, +booktitle={Memorandum For The Heads Of Executive Departments And Agencies} } +%url={https://www.whitehouse.gov/wp-content/uploads/2020/11/M-21-06.pdf}, +%metrics + +@INPROCEEDINGS{memprivNattpriv, + author={Zhao, Benjamin Zi Hao and Agrawal, Aviral and Coburn, Catisha and Asghar, Hassan Jameel and Bhaskar, Raghav and Kaafar, Mohamed Ali and Webb, Darren and Dickinson, Peter}, + booktitle={European Security \& Privacy}, + title={On the (In)Feasibility of Attribute Inference Attacks on Machine Learning Models}, + year={2021}, + pages={232-251}, + doi={10.1109/EuroSP51992.2021.00025} +} + +@article{duddu2023sok, + title={SoK: Unintended Interactions among Machine Learning Defenses and Risks}, + author={Duddu, Vasisht and Szyller, Sebastian and Asokan, N}, + journal={arXiv preprint arXiv:2312.04542}, + year={2023} +} + + +@inproceedings{suri2023dissecting, + title={Dissecting distribution inference}, + author={Suri, Anshuman and Lu, Yifu and Chen, Yanjin and Evans, David}, + booktitle={Conference on Secure and Trustworthy Machine Learning}, + pages={150--164}, + year={2023}, +} +% + organization={IEEE} + + +@article{de2020overview, + title={An overview of privacy in machine learning}, + author={De Cristofaro, Emiliano}, + journal={arXiv preprint arXiv:2005.08679}, + year={2020} +} + + +@article{pate2021fairness, + title={A Fairness Analysis on Private Aggregation of Teacher Ensembles}, + author={Tran, Cuong and Dinh, My H and Beiter, Kyle and Fioretto, Ferdinando}, + journal={arXiv preprint arXiv:2109.08630}, + year={2021} +} + +@article{fioretto2022differential, + title={Differential Privacy and Fairness in Decisions and Learning Tasks: A Survey}, + author={Fioretto, Ferdinando and Tran, Cuong and Van Hentenryck, Pascal and Zhu, Keyu}, + journal={arXiv preprint arXiv:2202.08187}, + year={2022} +} + + +% attribute inference attacks in ML +%publisher = "Institute of Electrical and Electronics Engineers (IEEE)", +%address = "United States", +@inproceedings{zhao2021infeasibility, +title = "On the (in)feasibility of attribute inference attacks on machine learning models", +author = "Zhao, {Benjamin Zi Hao} and Aviral Agrawal and Catisha Coburn and Asghar, {Hassan Jameel} and Raghav Bhaskar and Kaafar, {Mohamed Ali} and Darren Webb and Peter Dickinson", +year = "2021", +pages = "232--251", +booktitle = "European Security \& Privacy", +} +% +doi = "10.1109/EuroSP51992.2021.00025", +serie = {EuroS&P '2021}, + +%isbn = {978-1-939133-31-1}, +%address = {Boston, MA}, +%url = {https://www.usenix.org/conference/usenixsecurity22/presentation/mehnaz}, +%publisher = {USENIX Association}, +%month = aug, +@inproceedings{MehnazAttInf, +author = {Shagufta Mehnaz and Sayanton V. Dibbo and Ehsanul Kabir and Ninghui Li and Elisa Bertino}, +title = {Are Your Sensitive Attributes Private? Novel Model Inversion Attribute Inference Attacks on Classification Models}, +booktitle = {USENIX Security Symposium}, +year = {2022}, +pages = {4579--4596}, +} + +%isbn = {9781450338325}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%%url = {https://doi.org/10.1145/2810103.2813677}, +@inproceedings{fredrikson1, +author = {Fredrikson, Matt and Jha, Somesh and Ristenpart, Thomas}, +title = {Model Inversion Attacks That Exploit Confidence Information and Basic Countermeasures}, +year = {2015}, +booktitle = {Conference on Computer and Communications Security}, +pages = {1322–1333}, + +} +% +doi = {10.1145/2810103.2813677}, +location = {Denver, Colorado, USA}, +series = {CCS '15} + + +%isbn = {9781931971157}, +@inproceedings{fredrikson2, +author = {Fredrikson, Matthew and Lantz, Eric and Jha, Somesh and Lin, Simon and Page, David and Ristenpart, Thomas}, +title = {Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing}, +year = {2014}, +booktitle = {USENIX Conference on Security Symposium}, +pages = {17–32}, +} +% +location = {San Diego, CA}, +series = {SEC'14} + +@inproceedings{Song2020Overlearning, +title={Overlearning Reveals Sensitive Attributes}, +author={Congzheng Song and Vitaly Shmatikov}, +booktitle={International Conference on Learning Representations}, +year={2020} +} + + +%isbn = {9781450384544}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%url = {https://doi.org/10.1145/3460120.3484533}, +@inproceedings{malekzadeh2021honestbutcurious, +author = {Malekzadeh, Mohammad and Borovykh, Anastasia and G\"{u}nd\"{u}z, Deniz}, +title = {Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers' Outputs}, +year = {2021}, +booktitle = {Conference on Computer and Communications Security}, +pages = {825–844}, +} +%location = {Virtual Event, Republic of Korea}, +series = {CCS '21} +doi = {10.1145/3460120.3484533}, + +@article{jayaraman2022attribute, + title={Are Attribute Inference Attacks Just Imputation?}, + author={Jayaraman, Bargav and Evans, David}, + journal={arXiv preprint arXiv:2209.01292}, + year={2022} +} + + +@inproceedings{yeom, + author={Yeom, Samuel and Giacomelli, Irene and Fredrikson, Matt and Jha, Somesh}, + booktitle={Computer Security Foundations Symposium}, + title={Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting}, + year={2018}, + pages={268-282}, +} +% + doi={10.1109/CSF.2018.00027} + +@inproceedings{Mahajan2020DoesLS, + title={Does Learning Stable Features Provide Privacy Benefits for Machine Learning Models?}, + author={Divyat Mahajan, Shruti Tople, Amit Sharma}, + booktitle = {NeurIPS PPML Workshop}, + year={2020} +} + +@inproceedings{Malekzadeh_2021, + + year = 2021, month = {nov}, + author = {Mohammad Malekzadeh and Anastasia Borovykh and Deniz Gündüz}, + title = {Honest-but-Curious Nets: Sensitive Attributes of Private Inputs Can Be Secretly Coded into the Classifiers{\textquotesingle} Outputs}, + booktitle = {Conference on Computer and Communications Security}} +% + publisher = {{ACM}}, +doi = {10.1145/3460120.3484533}, + url = {https://doi.org/10.1145%2F3460120.3484533}, + + +@INPROCEEDINGS{meminf, + author={Shokri, Reza and Stronati, Marco and Song, Congzheng and Shmatikov, Vitaly}, + booktitle={Security \& Privacy}, + title={Membership Inference Attacks Against Machine Learning Models}, + year={2017}, + pages={3-18},} +% + doi={10.1109/SP.2017.41} + +@article{chang2021privacy, + title={On the Privacy Risks of Algorithmic Fairness}, + author={Hongyang Chang and R. Shokri}, + journal={European Security \& Privacy}, + year={2021}, + pages={292-303} +} + +@article{duddu2022inferring, + title={Inferring Sensitive Attributes from Model Explanations}, + author={Duddu, Vasisht and Boutet, Antoine}, + journal={arXiv preprint arXiv:2208.09967}, + year={2022} +} + +%editor = {H. Larochelle and M. Ranzato and R. Hadsell and M. F. Balcan and H. Lin}, + %publisher = {Curran Associates, Inc.}, + %url = {https://proceedings.neurips.cc/paper/2020/file/6b8b8e3bd6ad94b985c1b1f1b7a94cb2-Paper.pdf}, +@inproceedings{NEURIPS2020_6b8b8e3b, + author = {Zhao, Han and Chi, Jianfeng and Tian, Yuan and Gordon, Geoffrey J}, + booktitle = {Advances in Neural Information Processing Systems}, + pages = {9485--9496}, + title = {Trade-offs and Guarantees of Adversarial Representation Learning for Information Obfuscation}, + volume = {33}, + year = {2020} +} + + + +@ARTICLE{8515092, +author={S. A. {Osia} and A. {Taheri} and A. S. {Shamsabadi} and K. {Katevas} and H. {Haddadi} and H. R. {Rabiee}}, +journal={Transactions on Knowledge and Data Engineering}, +title={Deep Private-Feature Extraction}, +year={2020}, +volume={32}, +number={1}, +pages={54-66}, +} + + + +%eprint = {1707.00075} +@article{advfair, + author = {Alex Beutel and Jilin Chen and Zhe Zhao and Ed H. Chi}, + title = {Data Decisions and Theoretical Implications when Adversarially Learning Fair Representations}, + year = {2017}, + publisher = {arXiv}, + doi = {10.48550/ARXIV.1707.00075}, +} + +%property inference attack + +@article{propinf, + title={Dataset-Level Attribute Leakage in Collaborative Learning}, + author={Zhang, Wanrong and Tople, Shruti and Ohrimenko, Olga}, + journal={arXiv:2006.07267}, + year={2020} +} + +%month = sep, +@article{propinf2, +author = {Ateniese, Giuseppe and Mancini, Luigi V. and Spognardi, Angelo and Villani, Antonio and Vitali, Domenico and Felici, Giovanni}, +title = {Hacking Smart Machines with Smarter Ones: How to Extract Meaningful Data from Machine Learning Classifiers}, +year = {2015}, +volume = {10}, +number = {3}, +journal = {Int. J. Secur. Netw.}, +pages = {137–150} +} + + +%isbn = {9781450356930}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%url = {https://doi.org/10.1145/3243734.3243834}, +@inproceedings{propinf3, +author = {Ganju, Karan and Wang, Qi and Yang, Wei and Gunter, Carl A. and Borisov, Nikita}, +title = {Property Inference Attacks on Fully Connected Neural Networks Using Permutation Invariant Representations}, +year = {2018}, +booktitle = {Conference on Computer and Communications Security}, +pages = {619–633}, + +} +%location = {Toronto, Canada}, +series = {CCS '18} +doi = {10.1145/3243734.3243834}, + + +@article{propinf4, + title={Formalizing and Estimating Distribution Inference Risks}, + author={Suri, Anshuman and Evans, David}, + journal={Privacy Enhancing Technologies}, + year={2022} +} + +@inproceedings{fedinference, +author={L. {Melis} and C. {Song} and E. {De Cristofaro} and V. {Shmatikov}}, +booktitle={Security \& Privacy}, +title={Exploiting Unintended Feature Leakage in Collaborative Learning}, +year={2019}, +pages={691-706} +} + +@INPROCEEDINGS {ferryExploit, +author = {J. Ferry and U. Aivodji and S. Gambs and M. Huguet and M. Siala}, +booktitle = {Conference on Secure and Trustworthy Machine Learning}, +title = {Exploiting Fairness to Enhance Sensitive Attributes Reconstruction}, +year = {2023}, +volume = {}, +issn = {}, +pages = {18-41}, +month = {feb} +} +%keywords = {training;measurement;learning systems;privacy;pipelines;training data;machine learning}, +doi = {10.1109/SaTML54575.2023.00012}, +url = {https://doi.ieeecomputersociety.org/10.1109/SaTML54575.2023.00012}, +publisher = {IEEE Computer Society}, +address = {Los Alamitos, CA, USA}, + + + +% defences against attribute inference attacks + +@inproceedings{10.5555/3042817.3042973, +author = {Zemel, Richard and Wu, Yu and Swersky, Kevin and Pitassi, Toniann and Dwork, Cynthia}, +title = {Learning Fair Representations}, +year = {2013}, +booktitle = {International Conference on Machine Learning}, +} +%serie = {ICML '13}, + +%month = jan, +@article{10.5555/3122009.3208010, +author = {Hamm, Jihun}, +title = {Minimax Filter: Learning to Preserve Privacy from Inference Attacks}, +year = {2017}, +volume = {18}, +number = {1}, +journal = {J. Mach. Learn. Res.}, +pages = {4704–4734} +} + +@inproceedings{10.5555/3327546.3327583, +author = {Moyer, Daniel and Gao, Shuyang and Brekelmans, Rob and Steeg, Greg Ver and Galstyan, Aram}, +title = {Invariant Representations without Adversarial Training}, +year = {2018}, +booktitle = {Advances in Neural Information Processing Systems} +} + +@inproceedings{10.5555/3294771.3294827, +author = {Xie, Qizhe and Dai, Zihang and Du, Yulun and Hovy, Eduard and Neubig, Graham}, +title = {Controllable Invariance through Adversarial Feature Learning}, +year = {2017}, +booktitle = {Advances in Neural Information Processing Systems} +} + +@InProceedings{pmlr-v80-madras18a, + title = {Learning Adversarially Fair and Transferable Representations}, + author = {Madras, David and Creager, Elliot and Pitassi, Toniann and Zemel, Richard}, + pages = {3384--3393}, + year = {2018}, + volume = {80}, + booktitle = {Proceedings of Machine Learning Research}, +} + +@inproceedings{censoringadv, +title = "Censoring Representations with an Adversary", +author = "Harrison Edwards and Amos Storkey", +year = "2016", +booktitle = {International Conference on Learning Representations} +} +@inproceedings{NIPS2017_48ab2f9b, + author = {Louppe, Gilles and Kagan, Michael and Cranmer, Kyle}, + booktitle = {Advances in Neural Information Processing Systems}, + editor = {I. Guyon and U. Von Luxburg and S. Bengio and H. Wallach and R. Fergus and S. Vishwanathan and R. Garnett}, + pages = {}, + publisher = {Curran Associates, Inc.}, + title = {Learning to Pivot with Adversarial Networks}, + volume = {30}, + year = {2017} +} +%url = {https://proceedings.neurips.cc/paper_files/paper/2017/file/48ab2f9b45957ab574cf005eb8a76760-Paper.pdf}, + +%isbn = {9781450360128}, +%publisher = {Association for Computing Machinery}, +%address = {New York, NY, USA}, +%url = {https://doi.org/10.1145/3278721.3278779}, +@inproceedings{debiase, +author = {Zhang, Brian Hu and Lemoine, Blake and Mitchell, Margaret}, +title = {Mitigating Unwanted Biases with Adversarial Learning}, +year = {2018}, +booktitle = {Conference on AI, Ethics, and Society}, +pages = {335–340}, +} +% location = {New Orleans, LA, USA}, +series = {AIES '18} +doi = {10.1145/3278721.3278779}, + + %month = {10}, +%pages = {}, +@article{preprocessing, +author = {Kamiran, Faisal and Calders, Toon}, +year = {2011}, +title = {Data Pre-Processing Techniques for Classification without Discrimination}, +volume = {33}, +journal = {Knowledge and Information Systems}, +} +%doi = {10.1007/s10115-011-0463-8} + +%series = {Proceedings of Machine Learning Research}, + %month = {10--15 Jul}, + %publisher = {PMLR}, + %pdf = {http://proceedings.mlr.press/v80/agarwal18a/agarwal18a.pdf}, + %url = {https://proceedings.mlr.press/v80/agarwal18a.html}, +@InProceedings{reductions, + title = {A Reductions Approach to Fair Classification}, + author = {Agarwal, Alekh and Beygelzimer, Alina and Dudik, Miroslav and Langford, John and Wallach, Hanna}, + booktitle = {International Conference on Machine Learning}, + pages = {60--69}, + year = {2018}, + volume = {80}, +} + +@article{kifer2014pufferfish, +author = {Kifer, Daniel and Machanavajjhala, Ashwin}, +title = {Pufferfish: A framework for mathematical privacy definitions}, +year = {2014}, +issue_date = {January 2014}, +volume = {39}, +number = {1}, +issn = {0362-5915}, +journal = {Trans. Database Syst.}, +month = {jan}, +articleno = {3}, +numpages = {36}, +keywords = {Privacy, differential privacy} +} +%url = {https://doi.org/10.1145/2514689}, +doi = {10.1145/2514689}, +publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, + +@inproceedings{song2017pufferfish, + title={Pufferfish privacy mechanisms for correlated data}, + author={Song, Shuang and Wang, Yizhen and Chaudhuri, Kamalika}, + booktitle={International Conference on Management of Data}, + pages={1291--1306}, + year={2017} +} + +@article{grinsztajn2022tree, + title={Why do tree-based models still outperform deep learning on typical tabular data?}, + author={Grinsztajn, L{\'e}o and Oyallon, Edouard and Varoquaux, Ga{\"e}l}, + journal={Advances in neural information processing systems}, + volume={35}, + pages={507--520}, + year={2022} +} + + + +@inproceedings {attriguard, +author = {Jinyuan Jia and Neil Zhenqiang Gong}, +title = {AttriGuard: A Practical Defense Against Attribute Inference Attacks via Adversarial Machine Learning}, +booktitle = {USENIX Security}, +year = {2018}, +pages = {513--529}, +} + + +% fairness metrics + +@article{fairmetric, +author = {Muhammad Bilal Zafar and Isabel Valera and Manuel Gomez-Rodriguez and Krishna P. Gummadi}, +title = {Fairness Constraints: A Flexible Approach for Fair Classification}, +journal = {Journal of Machine Learning Research}, +year = {2019}, +volume = {20}, +number = {75}, +pages = {1-42} +} + +@inproceedings{fairmetric2, +author = {Hardt, Moritz and Price, Eric and Srebro, Nathan}, +title = {Equality of Opportunity in Supervised Learning}, +year = {2016}, +booktitle = {Advances in Neural Information Processing Systems}, +pages = {3323–3331} +} + +@article{fairjustice, +author = {Alikhademi, Kiana and Drobina, Emma and Prioleau, Diandra and Richardson, Brianna and Purves, Duncan and Gilbert, Juan E.}, +title = {A Review of Predictive Policing from the Perspective of Fairness}, +year = {2022}, +issue_date = {Mar 2022}, +publisher = {Kluwer Academic Publishers}, +address = {USA}, +volume = {30}, +number = {1}, +issn = {0924-8463}, +journal = {Artif. Intell. Law}, +month = {mar}, +pages = {1–17}, +numpages = {17}, +keywords = {Predictive policing, Algorithmic fairness, Fairness, AI in criminal justice} +} +%url = {https://doi.org/10.1007/s10506-021-09286-4}, +doi = {10.1007/s10506-021-09286-4}, + +@article{folk, + title={Retiring Adult: New Datasets for Fair Machine Learning}, + author={Ding, Frances and Hardt, Moritz and Miller, John and Schmidt, Ludwig}, + journal={Advances in Neural Information Processing Systems}, + volume={34}, + year={2021} +} + +@inproceedings{ + SDV, + title={The Synthetic data vault}, + author={Patki, Neha and Wedge, Roy and Veeramachaneni, Kalyan}, + booktitle={International Conference on Data Science and Advanced Analytics}, + year={2016}, + pages={399-410}, + month={Oct} +} +% + doi={10.1109/DSAA.2016.49}, + +%misc{dpbad, +% + + author = {Dwork, Cynthia and Hardt, Moritz and Pitassi, Toniann and Reingold, Omer and Zemel, Rich}, + + title = {Fairness Through Awareness}, + + eprint={1104.3913}, + archivePrefix={arXiv}, + year = {2011}, + primaryClass={cs.CY} + + +} +%keywords = {Computational Complexity (cs.CC), Computers and Society (cs.CY), FOS: Computer and information sciences, FOS: Computer and information sciences}, +%doi = {10.48550/ARXIV.1104.3913}, + url = {https://arxiv.org/abs/1104.3913}, +copyright = {arXiv.org perpetual, non-exclusive license} + +@INPROCEEDINGS{fairlog, + + author={Radovanović, Sandro and Petrović, Andrija and Delibašić, Boris and Suknović, Milija}, + + booktitle={International Conference on INnovations in Intelligent SysTems and Applications}, + + title={Enforcing fairness in logistic regression algorithm}, + + year={2020}, + + volume={}, + + number={}, + + pages={1-7}, +} +%doi={10.1109/INISTA49547.2020.9194676} + + +@misc{fairreg, + title={Fair Regression: Quantitative Definitions and Reduction-based Algorithms}, + author={Alekh Agarwal and Miroslav Dudík and Zhiwei Steven Wu}, + year={2019}, + eprint={1905.12843}, + archivePrefix={arXiv}, + primaryClass={cs.LG} +} + + + +@InProceedings{fairaudit1, + title = {Blind Justice: Fairness with Encrypted Sensitive Attributes}, + author = {Kilbertus, Niki and Gascon, Adria and Kusner, Matt and Veale, Michael and Gummadi, Krishna and Weller, Adrian}, + booktitle = {International Conference on Machine Learning}, + pages = {2630--2639}, + year = {2018}, + editor = {Dy, Jennifer and Krause, Andreas}, + volume = {80}, + + month = {10--15 Jul}, + publisher = {PMLR}, + +} +%series = {Proceedings of Machine Learning Research}, +pdf = {http://proceedings.mlr.press/v80/kilbertus18a/kilbertus18a.pdf}, + url = {https://proceedings.mlr.press/v80/kilbertus18a.html}, + + + +@inproceedings{fairaudit2, +author = {Park, Saerom and Kim, Seongmin and Lim, Yeon-sup}, +title = {Fairness Audit of Machine Learning Models with Confidential Computing}, +year = {2022}, +isbn = {9781450390965}, +booktitle = {Web Conference 2022}, +pages = {3488–3499}, +numpages = {12}, +keywords = {Confidential computing, Algorithmic audit, Security and privacy, Fairness}, +} +%publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, +url = {https://doi.org/10.1145/3485447.3512244}, +doi = {10.1145/3485447.3512244}, +location = {Virtual Event, Lyon, France}, +series = {WWW '22} + +@inproceedings{fairaudit3, +author = {Segal, Shahar and Adi, Yossi and Pinkas, Benny and Baum, Carsten and Ganesh, Chaya and Keshet, Joseph}, +title = {Fairness in the Eyes of the Data: Certifying Machine-Learning Models}, +year = {2021}, +booktitle = {Conference on AI, Ethics, and Society}, +pages = {926–935}, +numpages = {10}, +keywords = {machine-learning, cryptography, privacy, fairness}, +} +%publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, +url = {https://doi.org/10.1145/3461702.3462554}, +doi = {10.1145/3461702.3462554}, +location = {Virtual Event, USA}, +series = {AIES '21} +isbn = {9781450384735}, + +@article{yadav2024fairproof, + title={FairProof: Confidential and Certifiable Fairness for Neural Networks}, + author={Yadav, Chhavi and Chowdhury, Amrita Roy and Boneh, Dan and Chaudhuri, Kamalika}, + journal={arXiv preprint arXiv:2402.12572}, + year={2024} +} + +@inproceedings{khedr2023certifair, + title={Certifair: A framework for certified global fairness of neural networks}, + author={Khedr, Haitham and Shoukry, Yasser}, + booktitle={AAAI Conference on Artificial Intelligence}, + volume={37}, + number={7}, + pages={8237--8245}, + year={2023} +} + +@article{urban20, +author = {Urban, Caterina and Christakis, Maria and W\"{u}stholz, Valentin and Zhang, Fuyuan}, +title = {Perfectly parallel fairness certification of neural networks}, +year = {2020}, +issue_date = {November 2020}, +volume = {4}, +number = {OOPSLA}, +journal = {Program. Lang.}, +month = {nov}, +articleno = {185}, +numpages = {30}, +keywords = {Static Analysis, Neural Networks, Fairness, Abstract Interpretation} +} +%publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, + +@inproceedings{ +chugg2023auditing, +title={Auditing Fairness by Betting}, +author={Ben Chugg and Santiago Cortes-Gomez and Bryan Wilder and Aaditya Ramdas}, +booktitle={Conference on Neural Information Processing Systems}, +year={2023}, +} +% +url={https://openreview.net/forum?id=EEVpt3dJQj} + +@inproceedings{yan2022active, + title={Active fairness auditing}, + author={Yan, Tom and Zhang, Chicheng}, + booktitle={International Conference on Machine Learning}, + pages={24929--24962}, + year={2022}, + organization={PMLR} +} + +@article{de2024fairness, + title={Fairness Auditing with Multi-Agent Collaboration}, + author={de Vos, Martijn and Dhasade, Akash and Bourr{\'e}e, Jade Garcia and Kermarrec, Anne-Marie and Merrer, Erwan Le and Rottembourg, Benoit and Tredan, Gilles}, + journal={arXiv preprint arXiv:2402.08522}, + year={2024} +} + +@inproceedings{ghosh2022algorithmic, + title={Algorithmic fairness verification with graphical models}, + author={Ghosh, Bishwamittra and Basu, Debabrota and Meel, Kuldeep S}, + booktitle={AAAI Conference on Artificial Intelligence}, + volume={36}, + number={9}, + pages={9539--9548}, + year={2022} +} + +@inproceedings{ghosh2023biased, + title={“How Biased are Your Features?”: Computing Fairness Influence Functions with Global Sensitivity Analysis}, + author={Ghosh, Bishwamittra and Basu, Debabrota and Meel, Kuldeep S}, + booktitle={Fairness, Accountability, and Transparency}, + pages={138--148}, + year={2023} +} + +@article{FairSquare, +author = {Albarghouthi, Aws and D'Antoni, Loris and Drews, Samuel and Nori, Aditya V.}, +title = {FairSquare: probabilistic verification of program fairness}, +year = {2017}, +issue_date = {October 2017}, +volume = {1}, +number = {OOPSLA}, +journal = {Program. Lang.}, +month = {oct}, +articleno = {80}, +numpages = {30}, +keywords = {Algorithmic Fairness, Probabilistic Inference, Probabilistic Programming} +} +%publisher = {Association for Computing Machinery}, +address = {New York, NY, USA}, +url = {https://doi.org/10.1145/3133904}, +doi = {10.1145/3133904}, + +@article{saleiro2018aequitas, + title={Aequitas: A bias and fairness audit toolkit}, + author={Saleiro, Pedro and Kuester, Benedict and Hinkson, Loren and London, Jesse and Stevens, Abby and Anisfeld, Ari and Rodolfa, Kit T and Ghani, Rayid}, + journal={arXiv preprint arXiv:1811.05577}, + year={2018} +} + +@article{bastani2019probabilistic, + title={Probabilistic verification of fairness properties via concentration}, + author={Bastani, Osbert and Zhang, Xin and Solar-Lezama, Armando}, + journal={Programming Languages}, + volume={3}, + number={OOPSLA}, + pages={1--27}, + year={2019}, +} +% + publisher={ACM New York, NY, USA} + +@article{adler2018auditing, + title={Auditing black-box models for indirect influence}, + author={Adler, Philip and Falk, Casey and Friedler, Sorelle A and Nix, Tionney and Rybeck, Gabriel and Scheidegger, Carlos and Smith, Brandon and Venkatasubramanian, Suresh}, + journal={Knowledge and Information Systems}, + volume={54}, + pages={95--122}, + year={2018}, +} +% publisher={Springer} + +@inproceedings{black2020fliptest, + title={Fliptest: fairness testing via optimal transport}, + author={Black, Emily and Yeom, Samuel and Fredrikson, Matt}, + booktitle={Fairness, Accountability, and Transparency}, + pages={111--121}, + year={2020} +} + +@article{Justicia, +title={Justicia: A Stochastic SAT Approach to Formally Verify Fairness}, +volume={35}, +number={9}, journal={Conference on Artificial Intelligence}, author={Ghosh, Bishwamittra and Basu, Debabrota and Meel, Kuldeep S.}, year={2021}, month={May}, pages={7554-7563} } +%url={https://ojs.aaai.org/index.php/AAAI/article/view/16925}, DOI={10.1609/aaai.v35i9.16925}, |