BEGIN:VCALENDAR
VERSION:2.0
PRODID:Linklings LLC
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
X-LIC-LOCATION:America/Los_Angeles
BEGIN:DAYLIGHT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
TZNAME:PDT
DTSTART:19700308T020000
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
TZNAME:PST
DTSTART:19701101T020000
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTAMP:20260402T024508Z
LOCATION:3006\, Level 3
DTSTART;TZID=America/Los_Angeles:20250624T103000
DTEND;TZID=America/Los_Angeles:20250624T120000
UID:dac_DAC 2025_sess148@linklings.com
SUMMARY:AI Under Attack: Enhancing Privacy, Robustness, and Trust in ML Sy
 stems
DESCRIPTION:With the rapid evolution of AI technologies, ensuring robust s
 ecurity measures is crucial to mitigating risks and safeguarding sensitive
  data. This session explores cutting-edge research in AI security and priv
 acy, addressing emerging threats and novel defenses across various machine
  learning paradigms. Topics include resilient federated learning on embedd
 ed devices, concealed backdoor attacks using machine unlearning, and conti
 nual novelty detection for intrusion detection systems. The session also c
 overs secure inference of graph neural networks, privacy-preserving collab
 orative learning, and advancements in data-free knowledge distillation.\n\
 nCAE-DFKD: Bridging the Transferability Gap in Data-Free Knowledge Distill
 ation\n\nData-Free Knowledge Distillation (DFKD) enables the knowledge tra
 nsfer from the given pre-trained teacher network to the target student mod
 el without access to the real training data.\nExisting DFKD methods primar
 ily focus on improving image recognition performance on associated dataset
 s, often negle...\n\n\nZherui Zhang (Beijing University of Posts and Telec
 ommunications); Changwei Wang (Qilu University of Technology); Rongtao Xu 
 (State Key Laboratory of Multimodal Artificial Intelligence Systems, Insti
 tute of Automation); Wenhao Xu and Shibiao Xu (Beijing University of Posts
  and Telecommunications); Yu Zhang (Tongji University); Jie Zhou and Li Gu
 o (Beijing University of Posts and Telecommunications); and Cong Jiang (Hu
 azhong University of Science and Technology)\n---------------------\nResil
 ient Federated Learning on Embedded Devices with Constrained Network Conne
 ctivity\n\nFederated learning enables decentralized model training while p
 reserving data privacy. However, since the learning process overlays the p
 hysical network infrastructure, the efficiency of learning can be impacted
  by network connectivity. In this work, we conducted extensive experiments
  to empirically...\n\n\nZihan Li, Han Liu, Ao Li, Ching-hsiang Chan, Yevge
 niy Vorobeychik, and William Yeoh (Washington University, St. Louis); Wenj
 ing Lou (Virginia Polytechnic Institute and State University); and Ning Zh
 ang (Washington University, St. Louis)\n---------------------\nCND-IDS: Co
 ntinual Novelty Detection for Intrusion Detection Systems\n\nIntrusion det
 ection systems (IDS) play a crucial role in IoT and network security by mo
 nitoring system data and alerting to suspicious activities. Machine learni
 ng (ML) has emerged as a promising solution for IDS, offering highly accur
 ate intrusion detection. However, ML-IDS solutions often overlook...\n\n\n
 Sean Fuhrman (University of California, San Diego) and Onat Gungor and Taj
 ana Rosing (University of California, Santa Barbara)\n--------------------
 -\nGraph in the Vault: Protecting Edge GNN Inference with Trusted Executio
 n Environment\n\nWide deployment of machine learning models on edge device
 s has rendered the model intellectual property (IP) and data privacy vulne
 rable. We propose GNNVault, the first secure Graph Neural Network (GNN) de
 ployment strategy based on Trusted Execution Environment (TEE). \nGNNVault
  follows the design of...\n\n\nRuyi Ding, Tianhong Xu, Aidong Adam Ding, a
 nd Yunsi Fei (Northeastern University)\n---------------------\nEnsembler: 
 Protect Collaborative Inference Privacy from Model Inversion Attack via Se
 lective Ensemble\n\nDuring collaborative inference with a cloud, it is som
 etimes essential for the client to shield its sensitive information. In th
 is paper, we introduce Ensembler, an extensible framework designed to subs
 tantially increase the difficulty of conducting model inversion attacks fo
 r adversarial parties. E...\n\n\nDancheng Liu (State University of New Yor
 k) and Chenhui Xu, Jiajie Li, Amir Nassereldine, and Jinjun Xiong (Univers
 ity at Buffalo)\n---------------------\nReVeil: Unconstrained Concealed Ba
 ckdoor Attack on Deep Neural Networks using Machine Unlearning\n\nBackdoor
  attacks embed hidden functionalities in deep neural networks (DNN), trigg
 ering malicious behavior with specific inputs. Advanced defenses monitor a
 nomalous DNN inferences to detect such attacks. However, concealed backdoo
 rs evade detection by maintaining a low pre-deployment attack success ...\
 n\n\nManaar Alam, Hithem Lamri, and Michail Maniatakos (New York Universit
 y, Abu Dhabi)\n\nTopics: Security\n\nTracks: SEC1: AI/ML Security/Privacy\
 n\nSession Chairs: Adnan Siraj Rakin (Binghamton University) and Ayesha Si
 ddique (University of Maine)
END:VEVENT
END:VCALENDAR