About me

I am an incoming Assistant Professor at Linköping University (Sweden) and WASP AI/MLX Fellow. Prior to that, I worked as a security researcher at Nokia Bell Labs (Core Research) in Finland. My research is focused on trustworthy machine learning (ML). Trustworthy ML aims to ensure that ML-based services are robust, fair, transparent in their decisions, and accountable while ensuring the security of its building blocks and the privacy of the ML model, data, and users. I work on security, privacy, and governance aspects of trustworthy ML.

I obtained my PhD in Computer Science from Aalto University, where I worked on security and privacy of ML pipeline under the supervision of Prof. N. Asokan.

Open Positions: I am currently looking for highly motivated PhD students and postdoctoral researchers. If you are interested in working on one of the topics below, or trustworthy ML in general, please email me a short paragraph outlining what you'd like to work on and why you are interested in this role, and attach your CV. Include the word "WASP" to the subject.

What i'm doing

  • tml icon

    Threat modeling, adversarial robustness of AI/ML models, model theft and model extraction via distillation

  • tml icon

    Ownership verification protocols that safeguard against intellectual property violations pertaining to datasets and models

  • tml icon

    Data privacy, access control, complience with privacy regulations, and governance in ML pipelines

  • tml icon

    Trustworthy machine learning in real-time applications

You can contact me at: busega[at]acm[dot]org

You can download my CV here.

The template is vCard, and images are generated with DALL-E.

Daniel lewis
quote icon

Daniel lewis

Publications/Talks

Selected Publications

  1. FLARE: Fingerprinting Deep Reinforcement Learning Agents using Universal Adversarial Masks

    2023

    ACSAC'23, Annual Computer Security Applications Conference
    Buse Gul Atli, N. Asokan

    Paper ArXiv Code Slides

  2. Securing Machine Learning: Streamlining Attacks and Defenses Under Realistic Adversary Models

    2022

    Doctoral Thesis, Aalto University, Buse Gul Atli

    Electronic Thesis

  3. Vision, Challenges & Opportunities

    2022

    Private AI Collaborative Research Institute, Vision paper

    Paper

  4. Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses

    2022

    ESORICS'22, European Symposium on Research in Computer Security
    Buse Gul Atli, Shelly Wang, Samuel Marchal, N. Asokan

    Paper ArXiv Code Slides

  5. On the Effectiveness of Dataset Watermarking in Adversarial Settings

    2022

    CODASPY-IWSPA'22, ACM International Workshop on Security and Privacy Analytics
    Buse Gul Atli, N. Asokan

    Paper ArXiv Please email for the code Slides

  6. WAFFLE: Watermarking in Federated Learning

    2021

    SRDS'21, International Symposium on Reliable Distributed Systems
    Buse G. A. Tekgul, Yuxi Xia, Samuel Marchal, N. Asokan

    Paper ArXiv Code Slides

  7. DAWN: Dynamic Adversarial Watermarking of Neural Networks

    2021

    ACMMM'21, 29th ACM Conference on Multimedia
    Sebastian Szyller, Buse G. A. Tekgul, Samuel Marchal, N Asokan

    Paper ArXiv Code Slides

  8. Extraction of Complex DNN Models: Real Threat or Boogeyman?

    2020

    AAAI-EDSMLS'20, International Workshop on Engineering Dependable and Secure Machine Learning Systems
    Buse G. A. Tekgul, Sebastian Szyller, Mika Juuti, Samuel Marchal, N. Asokan

    Paper ArXiv Please email for the code Slides

  9. Making Targeted Black-box Evasion Attacks Effective and Efficient

    2019

    AISec'19, ACM Workshop on Artificial Intelligence and Security
    Buse G. A. Tekgul, Sebastian Szyller, Mika Juuti, Samuel Marchal, N. Asokan

    Paper ArXiv Please email for the code Slides

  10. An Intelligent Defense and Filtration Platform for Network Traffic

    2018

    IFIP-WWIC'2018, International Conference on Wired/Wireless Internet Communications
    Mehrnoosh Monshizadeh, Vikramajeet Khatri, Buse Atli, Raimo Kantola

    Paper

Talks

  1. Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies:Attacks and Defenses

    2020

    TU Delft Cyber Security Seminar, Virtual.

  2. Extraction of Complex DNN Models: Real Threat or Boogeyman

    2020

    CASA Cluster of Excellence for Cyber Security, Virtual.

Teaching

  1. CS-E4001 - Research Seminar on Security and Privacy of Machine Learning

    Spring 2021

    Co-organizer, Aalto University

  2. CS-E4000 - Seminar in Computer Science D

    Spring 2021

    Tutor, Aalto University

  3. CS-E4310 - Mobile Systems Security

    Spring 2020

    Course Assistant, Aalto University

  4. CS-E4001 - Research Seminar on Security and Privacy of Machine Learning

    Fall 2019

    Co-organizer, Aalto University

  5. CS-E4000 - Seminar in Computer Science: Internet, Data and Things

    Spring/Fall 2019

    Tutor, Aalto University

Blog