Intern
Secure Software Systems Group

Torsten Krauß

Chair of Software Engineering (Informatik II)
Department of Computer Science
University of Würzburg


Am Hubland, 97074, Würzburg, Germany 
Informatikgebäude, 1.OG, Room A117


E-Mail: torsten.krauss@uni-wuerzburg.de
Phone: +49 931 31-81983

Occupation

Since Oct 2021
 
PhD student in the Secure Software Systems Group at the Chair of Computer Science II - Software-Engineering, University of Würzburg

Research interests

  • AI for Security and Security for AI
  • Security in Large Scale Machine Learning
  • Trageted and Untargeted Poisoning Attacks on Machine Learning
  • Federated Learning Security
  • Dataset Cleaning
  • Model Prediction Trust Scoring
  • Covert Channels in Machine Learning Systems
  • Machine Learning Model Watermarking for IP Protection

Projects

Teaching

WS 24/25

  • Introduction to IT Security

SS 24

  • Security of Software Systems
  • Seminar IT Security

SS 23

  • Security of Software Systems
  • Seminar IT Security

WS 22/23

  • Introduction to IT Security

SS 22

  • Seminar IT Security

WS 21/22

  • Introduction to IT Security
  • Seminar IT Security

Publications

2024[ to top ]
  • DNNShield: Embedding Identifiers for Deep Neural Network Ownership Verification. Stang, Jasper; Krauß, Torsten; Dmitrienko, Alexandra; in ArXiv | arXiv:2403.06581 (2024).
  • Cloud-Based Machine Learning Models as Covert Communication Channels. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 19th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2024) (2024).
  • CrowdGuard: Federated Backdoor Detection in Federated Learning. Rieger, Phillip; Krauß, Torsten; Miettinen, Markus; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning. Krauß, Torsten; König, Jan; Dmitrienko, Alexandra; Kanzow, Christian; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • ClearStamp: A Human-Visible and Robust Model-Ownership Proof based on Transposed Model Training. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 33rd USENIX Security Symposium (USENIX Security 2024) (2024).
  • Verify your Labels! Trustworthy Predictions and Datasets via Confidence Scores. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 33rd USENIX Security Symposium (USENIX Security 2024) (2024).
2023[ to top ]
  • ClearMark: Intuitive and Robust Model Watermarking via Transposed Model Training. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in ArXiv | arXiv:2310.16453v1 (2023).
  • MESAS: Poisoning Defense for Federated Learning Resilient against Adaptive Attackers. Torsten, Krauß; Alexandra, Dmitrienko; in ACM Conference on Computer and Communications Security (CCS) (2023).
  • Security of NVMe Offloaded Data in Large-Scale Machine Learning. Krauß, Torsten; Götz, Raphael; Dmitrienko, Alexandra; in European Symposium on Research in Computer Security (ESORICS) (2023).
  • Avoid Adversarial Adaption in Federated Learning by Multi-Metric Investigations. Krauß, Torsten; Dmitrienko, Alexandra; in ArXiv | arXiv.2306.03600 (2023).
2022[ to top ]
  • Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. Rieger, Phillip; Krauß, Torsten; Miettinen, Markus; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:2210.07714 (2022).