Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
distributed_ml [2018/03/14 22:18] patra |
distributed_ml [2018/04/05 19:01] damaskin |
||
|---|---|---|---|
| Line 45: | Line 45: | ||
| [2] __[[http://www.vldb.org/pvldb/vol9/p1695-upadhyaya.pdf|Price-Optimal Querying with Data APIs]]__\\ | [2] __[[http://www.vldb.org/pvldb/vol9/p1695-upadhyaya.pdf|Price-Optimal Querying with Data APIs]]__\\ | ||
| [3] __[[http://pages.cs.wisc.edu/~paris/papers/data_pricing.pdf|Query-Based Data Pricing]]__\\ | [3] __[[http://pages.cs.wisc.edu/~paris/papers/data_pricing.pdf|Query-Based Data Pricing]]__\\ | ||
| + | |||
| + | |||
| + | ===Black-Box Attacks against Recommender Systems=== | ||
| + | A recommender system can be viewed as a black-box that users query with feedback (e.g., ratings, clicks) before getting the output list of recommendations. | ||
| + | The goal is to infer properties of the recommendation algorithm by observing the output from different queries. | ||
| + | |||
| + | Related papers:\\ | ||
| + | [1] __[[https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_tramer.pdf|Stealing Machine Learning Models via Prediction APIs]]__\\ | ||
| + | [2] __[[https://arxiv.org/pdf/1602.02697v3.pdf|Practical Black-Box Attacks against Deep Learning Systems using Adversarial Examples]]__\\ | ||
| + | |||
| **Contact:** __[[http://people.epfl.ch/georgios.damaskinos|Georgios Damaskinos]]__ | **Contact:** __[[http://people.epfl.ch/georgios.damaskinos|Georgios Damaskinos]]__ | ||