Prof. Dr. Mario Fritz
Faculty
CISPA Helmholtz Center for Information Security
Professor
Saarland University
Fellow
European Laboratory for Learning and Intelligent Systems (ELLIS)
We are looking for PhD students and Post-Docs! Please get in touch.
My group is working on Trustworthy Information Processing with a focus on the intersection of AI & Machine Learning with Security & Privacy.
Recent projects and initiatives related to trustworthy AI/ML, health, privacy:
- Coordinator and PI: European Lighthouse on Secure and Safe AI (ELSA)
- Coordinator and PI: PriSyn: Representative, synthetic health data with strong privacy guarantees (BMBF)
- PI: AIgency “Opportunities and Risks of generative AI in Cybersecurity” (BMBF)
- PI: PrivateAIM – sichere verteilte Auswertung medizinischer Daten (Medizin Informatik Initiative)
- Leading Scientist: Helmholtz Medical Security, Privacy, and AI Research Center (HMSP)
- Coordinator and PI: PriSyn: Representative, synthetic health data with strong privacy guarantees
- Coordinator and PI: ImageTox: Automated image-based detection of early toxicity events in zebrafish larvae
- PI: Integrated Early Warning System for Local Recognition, Prevention, and Control for Epidemic Outbreaks (LOKI)
- Partner-PI: The German Human Genome-Phenome Archive (GHGA)
- Coordinator and PI: Trustworthy Federated Data Analytics Project (TFDA)
- Coordinator and PI: Protecting Genetic Data with Synthetic Cohorts from Deep Generative Models (PRO-GENE-GEN)
- Member of working group in “Forum Gesundheit” of BMBF: “AG Nutzbarmachung digitaler Daten für KI-Entwicklungen in der Gesundheitsforschung”
Recent work on LLMs, DeepFake/misinformation detection, attribution, and responsible disclosure:
- NAACL-Findings’24: PoLLMgraph: Unraveling Hallucinations in Large Language Models via State Transition Dynamics
- NAACL-Findings’24: SimSCOOD: Systematic Analysis of Out-of-Distribution Generalization in Fine-tuned Source Code Models
- ICLR-SET’24: Can LLMs Separate Instructions From Data? And What Do We Even Mean By That?
- ICLR-LLMAgents’24: LLM-Deliberation: Evaluating LLMs with Interactive Multi-Agent Negotiation Games
- ArXiv’24: LLM Task Interference: An Initial Study on the Impact of Task-Switch in Conversational History
- SATML’24: CodeLMSec Benchmark: Systematically Evaluating and Finding Security Vulnerabilities in Black-Box Code Language Models
- ArXiv’24: Exploring Value Biases: How LLMs Deviate Towards the Ideal
- BlackHat’23 Compromising LLMs: The Advent of AI Malware
- AISec’23: Not what you’ve signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection
- Usenix’23: UnGANable: Defending Against GAN-based Face Manipulation
- Usenix’23: Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems
- CVPR’22: Open-Domain, Content-based, Multi-modal Fact-checking of Out-of-Context Images via Online Resources
- ICLR’22: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
- ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
- S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
- IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
- CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
- ICCV’19: Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints
Most recent work on ArXiv:
- LLM-Deliberation: Evaluating LLMs with Interactive Multi-Agent Negotiation Games
- More than you’ve asked for: A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models
- A Unified View of Differentially Private Deep Generative Modeling
- Data Forensics in Diffusion Models: A Systematic Analysis of Membership Privacy
- Systematically Finding Security Vulnerabilities in Black-Box Code Generation Models
- Fed-GLOSS-DP: Federated, Global Learning using Synthetic Sets with Record Level Differential Privacy
- Holistically Explainable Vision Transformers
- SimSCOOD: Systematic Analysis of Out-of-Distribution Behavior of Source Code Models
- Availability Attacks Against Neural Network Certifiers Based on Backdoors
News, talks, events:
- Keynote at AISec’23 on “Trustworthy AI and A Cybersecurity Perspective on Large Language Models”
- Panelist on “AI for Cybersecurity and Adversarial AI” at EU AI Alliance Assembly
- Invited talk at ICCV’23 workshop BRAVO: roBustness and Reliability of Autonomous Vehicles in the Open-world
- Invited talk at ICCV’23 Workshop on DeepFake Analysis and Detection
- Invited talk at ICCV’23 Workshop on Out Of Distribution Generalization in Computer Vision
- Lecturer at ELLIS Summer School on Large-Scale AI for Research and Industry
- Talk at Deutscher EDV Gerichtstag
- Talk at AI, Neuroscience and Hardware: From Neural to Artificial Systems and Back Again
- Scientific Advisory Board: Bosch AIShield
- Steering Board: Helmholtz.AI
- Recent program committees: ICML’21, NeurIPS’21, S&P’22, EuroS&P’22, CVPR’22 (AC); CCS’22
- Runner-up Inria/CNIL Privacy Protection Prize 2020
S&P’20 paper: “Automatically Detecting Bystanders in Photos to Reduce Privacy Risks” - Co-Organizers of ICLR’21 Workshop on “Synthetic Data Generation – Quality, Privacy, Bias”
- Co-Organizers of CVPR’21 Workshop on “QuoVadis: Interdisciplinary, Socio-Technical Workshop on the Future of Computer Vision and Pattern Recognition (QuoVadis-CVPR)”
- Co-Organizers of CVPR’21 Workshop on “Causality in Vision”
- Founding member of Saarbrücken Artificial Intelligence & Machine Learning (SAM) unit of the European Laboratory of Learning and Intelligent Systems (ELLIS)
- Lecturer at Digital CISPA Summer School 2020
- Co-Organizer of Third International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at ECCV 2020
- Co-Organizer: 4. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’20
- Keynote at Workshop Machine Learning for Cybersecurity, ECMLPKDD’19
- Talk at Cyber Defense Campus (CYD) Conference on Artificial Intelligence in Defence and Security
- Co-Organizer of Second International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at CVPR 2019
- Co-Organizer: 3. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’19
- Leading scientist at new Helmholtz Medical Security and Privacy Research Center
- Member of ACM Technical Policy Committee Europe
- Mateusz Malinowski received the DAGM MVTec dissertation award as well as the Dr.-Eduard-Martin award for his PhD
- Associate Editor for IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI)
2015
Journal Articles
Learning to detect visual grasp affordance Journal Article
In: IEEE Transactions on Automation Science and Engineering (TASE), 2015.
Proceedings Articles
Ask Your Neurons: A Neural-based Approach to Answering Questions about Images Proceedings Article
In: IEEE International Conference on Computer Vision (ICCV), 2015, (oral).
See the Difference: Direct Pre-Image Reconstruction and Pose Estimation by Differentiating HOG Proceedings Article
In: IEEE International Conference on Computer Vision (ICCV), 2015.
Person Recognition in Personal Photo Collections Proceedings Article
In: IEEE International Conference on Computer Vision (ICCV), 2015.
Teaching Robots the Use of Human Tools from Demonstration with Non-Dexterous End-Effectors Proceedings Article
In: IEEE RAS International Conference on Humanoid Robots (HUMANOIDS), 2015, (to appear).
Appearance-based gaze estimation in the wild Proceedings Article
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2015.
Prediction of search targets from fixations in open-world settings Proceedings Article
In: IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2015.
Hard to Cheat: A Turing Test based on Answering Questions about Images Proceedings Article
In: AAAI Workshop Beyond The Turing Test, 2015.
Masters Theses
Contextual Media Retrieval Using Natural Language Queries Masters Thesis
Saarland University, 2015.
Miscellaneous
Bridging the Gap Between Synthetic and Real Data Miscellaneous
Machine Learning with Interdependent and Non-identically Distributed Data (Dagstuhl Seminar 15152), 2015, (to appear).
Technical Reports
Deep Reflectance Maps Technical Report
arXiv:1511.04384 [cs.CV], 2015.
Person Recognition in Personal Photo Collections Technical Report
arXiv:1509.03502 [cs.CV], 2015.
Appearance-based gaze estimation in the wild Technical Report
arXiv:1504.02863, 2015.
Prediction of search targets from fixations in open-world settings Technical Report
arXiv:1502.05137 [cs.CV], 2015.
Ask Your Neurons: A Neural-based Approach to Answering Questions about Images Technical Report
arXiv:1505.01121, 2015.
See the Difference: Direct Pre-Image Reconstruction and Pose Estimation by Differentiating HOG Technical Report
arXiv:1505.00663 [cs.CV], 2015.
GazeDPM: Early Integration of Gaze Information in Deformable Part Models Technical Report
arXiv:1505.05753 [cs.CV], 2015.