Publications

ColorFool: Semantic Adversarial Colorization

Published in IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2020

Paper, Code.

Recommended citation: Ali Shahin Shamsabadi, Ricardo Sanchez-Matilla, Andrea Cavallaro. "ColorFool: Semantic Adversarial Colorization." IEEE Conference on Computer Vision and Pattern Recognition (CVPR), May 14-19, 2020, Seattle, Washington, US.

EdgeFool: An Adversarial Image Enhancement Filter

Published in IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2020

Paper, Code.

Recommended citation: Ali Shahin Shamsabadi, Changjae Oh, Andrea Cavallaro. "EdgeFool: An Adversarial Image Enhancement Filter." IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), May 4-8, 2020, Barcelona, Spain.

PrivEdge: From Local to Distributed Private Training and Prediction

Published in IEEE Transactions on Information Forensics and Security (TIFS), 2020

Paper, Code.

Recommended citation: Ali Shahin Shamsabadi, Adria Gascon, Hamed Haddadi, Andrea Cavallaro. "PrivEdge: From Local to Distributed Private Training and Prediction." IEEE Transactions on Information Forensics and Security (TIFS), April, 2020.

QUOTIENT: Two-Party Secure Neural Network Training and Prediction

Published in ACM Conference on Computer and Communications Security (CCS), 2019

Recently, there has been a wealth of effort devoted to the design of secure protocols for machine learning tasks. Much of this is aimed at enabling secure prediction from highly-accurate Deep Neural Networks (DNNs). However, as DNNs are trained on data, a key question is how such models can be also trained securely. The few prior works on secure DNN training have focused either on designing custom protocols for existing training algorithms, or on developing tailored training algorithms and then applying generic secure protocols. In this work, we investigate the advantages of designing training algorithms alongside a novel secure protocol, incorporating optimizations on both fronts. We present QUOTIENT, a new method for discretized training of DNNs, along with a customized secure two-party protocol for it. QUOTIENT incorporates key components of state-of-the-art DNN training such as layer normalization and adaptive gradient methods, and improves upon the state-of-the-art in DNN training in two-party computation. Compared to prior work, we obtain an improvement of 50X in WAN time and 6% in absolute accuracy.

Recommended citation: Nitin Agrawal*, Ali Shahin Shamsabadi*, Matt J. Kusner, Adrià Gascón. "QUOTIENT: Two-Party Secure Neural Network Training and Prediction." ACM Conference on Computer and Communications Security (CCS), November 11-15, 2019, London, UK.
(*=authors contributing equally)

SCENE PRIVACY PROTECTION

Published in IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2019

Paper, Code.

Recommended citation: Chau Yi Li*, Ali Shahin Shamsabadi*, Ricardo Sanchez-Matilla*, Riccardo Mazzon, Andrea Cavallaro. "SCENE PRIVACY PROTECTION." IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), May 12-17, 2019, Brighton, UK.
(*=authors contributing equally)

Providing Occupancy as a Service with Databox

Published in ACM International Workshop on Smart Cities and Fog Computing (CitiFog), 2018

Occupancy modelling for efficient energy management of indoor spaces has gained significant recent attention. Unfortunately, many such models rely on copying sensor data to the cloud for third-party services to process, creating risks of privacy breach. Such matters have become particularly pertinent for companies handling data of EU citizens due to provisions of the General Data Protection Regulation (GDPR). In this paper we present an implementation of Occupancy-as-a-Service (OaaS) at the edge, inverting the usual model: rather than ship data to the cloud to be processed, we retain data where it is generated and compute on it locally. This effectively avoids many risks associated with moving personal data to the cloud, and increases the agency of data subjects in managing their personal data. We describe the Databox architecture, its core components, and the OaaS functionality. As well as improving the privacy of the occupants, our approach allows us to offer occupancy data to other applications running on Databox, at a granularity that is not constrained by network usage, storage or processing restrictions imposed by third-party services, but is under data subject control.

Recommended citation: Poonam Yadav, John Moore, Qi Li, Richard Mortier, Anthony Brown, Andy Crabtree, Chris Greenhalgh, Derek McAuley, Yousef Amar, Ali Shahin Shamsabadi, Hamed Haddadi. "Providing Occupancy as a Service with Databox." The 1st ACM International Workshop on Smart Cities and Fog Computing (CitiFog), November 4, 2018, Shenzhen, China. https://haddadi.github.io/papers/citifog18-final7.pdf

Distributed One-Class Learning

Published in IEEE International Conference on Image Processing (ICIP), 2018

We propose a cloud-based filter trained to block third parties from uploading privacy-sensitive images of others to online social media. The proposed filter uses Distributed One-Class Learning, which decomposes the cloud-based filter into multiple one-class classifiers. Each one-class classifier captures the properties of a class of privacy-sensitive images with an autoencoder. The multi-class filter is then reconstructed by combining the parameters of the one-class autoencoders. The training takes place on edge devices (e.g. smartphones) and therefore users do not need to upload their private and/or sensi- tive images to the cloud. A major advantage of the proposed filter over existing distributed learning approaches is that users cannot access, even indirectly, the parameters of other users. Moreover, the filter can cope with the imbalanced and complex distribution of the image content and the independent probability of addition of new users. We evaluate the performance of the proposed distributed filter using the exemplar task of blocking a user from sharing privacy-sensitive images of other users. In particular, we validate the behavior of the proposed multi-class filter with non-privacy-sensitive images, the accuracy when the number of classes increases, and the robustness to attacks when an adversary user has access to privacy-sensitive images of other users.

Recommended citation: Ali Shahin Shamsabadi, Hamed Haddadi, Andrea Cavallaro. "Distributed One-Class Learning." 25th IEEE International Conference on Image Processing (ICIP), October 7-10, 2018, Athens, Greece.

Private and Scalable Personal Data Analytics using Hybrid Edge-Cloud Deep Learning

Published in IEEE Computer, Special Issue on Mobile and Embedded Deep Learning, 2018

This paper is about Privacy-Preserving in Deep Learning.

Recommended citation: Seyed Ali Osia, Ali Shahin Shamsabadi, Ali Taheri, Hamid R. Rabiee, Hamed Haddadi. "Private and Scalable Personal Data Analytics using Hybrid Edge-Cloud Deep Learning." IEEE Computer, Special Issue on Mobile and Embedded Deep Learning, May 2018. https://ieeexplore.ieee.org/abstract/document/8364651/

Deep Private-Feature Extraction

Published in IEEE Transactions on Knowledge and Data Engineering, 2018

This paper is information-theoretic deep learning model to trade privacy vs. accuracy.

Recommended citation: Seyed Ali Osia, Ali Taheri, Ali Shahin Shamsabadi, Kleomenis Katevas, Hamed Haddadi, Hamid R. Rabiee. (Feb 2018). "Deep Private-Feature Extraction." IEEE Transactions on Knowledge and Data Engineering. https://arxiv.org/pdf/1802.03151.pdf

A New Algorithm for Training Sparse Autoencoders

Published in European Signal Processing Conference (EUSIPCO), 2017

This paper is about sparse representation learning by using autoencoders.

Recommended citation: Ali Shahin Shamsabadi, Massoud Babaie-Zadeh, Seyyede Zohreh Seyyedsalehi, Hamid R Rabiee, Christian Jutten. (August 2017). "A New Algorithm for Training Sparse Autoencoders." 25th European Signal Processing Conference (EUSIPCO) 1. 1(2). http://www.eurasip.org/Proceedings/Eusipco/Eusipco2017/papers/1570347253.pdf