I'm interested in ownership, confidentiality and privacy in machine learning systems. I've been working on projects related to model extraction attacks and defenses, ownership verification, membership inference, differential privacy, federated learning, and model evasion. Check out my Google Scholar page for more info.

List of publications

SoK: Unintended Interactions Among Machine Learning Defenses and Risks
Vasisht Duddu, Sebastian Szyller and N. Asokan
IEEE S&P 2024 (Distinguished Paper Award)
/ arXiv:2312.04542
/ +code
LLM Self Defense: by Self Examination, LLMs Know They Are Being Tricked
Mansi Phute, Alec Helbling, Matthew Hull, ShengYun Peng, Sebastian Szyller, Cory Cornelius and Duen Horng Chau
ICLR 2024, Tiny Papers
/ arXiv:2308.07308
False Claims Against Model Ownership Resolution
Rui Zhang, Jian Liu, Sebastian Szyller, Kui Ren and N. Asokan
USENIX 2024
/ arXiv:2304.06607
/ +code
On the Robustness of Dataset Inference
Sebastian Szyller, Rui Zhang, Jian Liu and N. Asokan
TMLR 2023
/ arXiv:2210.13631
Conflicting Interactions Among Protection Mechanisms for Machine Learning Models
Sebastian Szyller and N. Asokan
AAAI 2023 (Spotlight)
/ arXiv:2207.01991
/ +code
SHAPr: an Efficient and Versatile Membership Privacy Risk Metric for Machine Learning
Vasisht Duddu, Sebastian Szyller and N. Asokan
Technical Report
/ arXiv:2112.02230
Good Artists Copy, Great Artists Steal: Model Extraction Attacks Against Image Translation Models
Sebastian Szyller, Vasisht Duddu, Tommi Gröndahl and N. Asokan
Technical Report
/ arXiv:2104.12623
DAWN: Dynamic Adversarial Watermarking of Neural Networks
Sebastian Szyller, Buse Atli, Samuel Marchal and N. Asokan
ACM MM 2021
/ arXiv:1906.00830
/ +code
Extraction of Complex DNN Models: Real Threat or Boogeyman?
Buse Atli, Sebastian Szyller, Mika Juuti, Samuel Marchal and N. Asokan
AAAI 2020, EDSMLS
/ arXiv:1910.05429
Detecting Organized eCommerce Fraud Using Scalable Categorical Clustering
Samuel Marchal and Sebastian Szyller
ACSAC 2019
/ arXiv:1910.04514
/ +code
PRADA: Protecting Against DNN Model Stealing Attacks
Mika Juuti, Sebastian Szyller, Samuel Marchal and N. Asokan
IEEE EuroS&P 2019
/ arXiv:1805.02628v5
/ +code

Dissertations

Ownership and Confidentiality in Machine Learning
Doctor of Science (Finnish AI Society Best Dissertation Award & Aalto University Best Dissertation Award)
Aalto University, School of Science
Supervisor: N. Asokan
Adversary Detection in Online Machine Learning Systems
Master of Science
Aalto University, School of Science
Supervisor: N. Asokan
Decryption of Feistel Network Based Algorithms Using Machine Learning
Bachelor of Science, Eng.
Lodz University of Technology, International Faculty of Engineering
Supervisor: Laurent Babout