{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T12:19:44Z","timestamp":1742991584946,"version":"3.40.3"},"publisher-location":"Cham","reference-count":105,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031708923"},{"type":"electronic","value":"9783031708930"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70893-0_10","type":"book-chapter","created":{"date-parts":[[2024,8,29]],"date-time":"2024-08-29T11:02:54Z","timestamp":1724929374000},"page":"128-146","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Quantifying the\u00a0Trade-Offs Between Dimensions of\u00a0Trustworthy AI - An Empirical Study on\u00a0Fairness, Explainability, Privacy, and\u00a0Robustness"],"prefix":"10.1007","author":[{"given":"Nils","family":"Kemmerzell","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Annika","family":"Schreiner","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,8,30]]},"reference":[{"key":"10_CR1","doi-asserted-by":"publisher","unstructured":"Abadi, M., et al.: Deep learning with differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 308\u2013318. Association for Computing Machinery, New York (2016). https:\/\/doi.org\/10.1145\/2976749.2978318","DOI":"10.1145\/2976749.2978318"},{"key":"10_CR2","doi-asserted-by":"publisher","first-page":"52138","DOI":"10.1109\/ACCESS.2018.2870052","volume":"6","author":"A Adadi","year":"2018","unstructured":"Adadi, A., Berrada, M.: Peeking inside the black-box: a survey on explainable artificial intelligence (XAI). IEEE Access 6, 52138\u201352160 (2018). https:\/\/doi.org\/10.1109\/ACCESS.2018.2870052","journal-title":"IEEE Access"},{"issue":"2","key":"10_CR3","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MSEC.2018.2888775","volume":"17","author":"M Al-Rubaie","year":"2019","unstructured":"Al-Rubaie, M., Chang, J.M.: Privacy-preserving machine learning: threats and solutions. IEEE Secur. Priv. 17(2), 49\u201358 (2019). https:\/\/doi.org\/10.1109\/MSEC.2018.2888775","journal-title":"IEEE Secur. Priv."},{"key":"10_CR4","unstructured":"Anil, C., Lucas, J., Grosse, R.: Sorting out Lipschitz function approximation. In: Chaudhuri, K., Salakhutdinov, R. (eds.) Proceedings of the 36th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a097, pp. 291\u2013301. PMLR (2019)"},{"key":"10_CR5","unstructured":"Arpit, D., et al.: A closer look at memorization in deep networks. In: Precup, D., Teh, Y.W. (eds.) Proceedings of the 34th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a070, pp. 233\u2013242. PMLR (2017). https:\/\/proceedings.mlr.press\/v70\/arpit17a.html"},{"key":"10_CR6","unstructured":"Bagdasaryan, E., Poursaeed, O., Shmatikov, V.: Differential privacy has disparate impact on model accuracy. In: Wallach, H., Larochelle, H., Beygelzimer, A., d\u2019Alch\u00e9-Buc, F., Fox, E., Garnett, R. (eds.) Advances in Neural Information Processing Systems, vol.\u00a032. Curran Associates, Inc (2019)"},{"key":"10_CR7","doi-asserted-by":"publisher","unstructured":"Balagopalan, A., Zhang, H., Hamidieh, K., Hartvigsen, T., Rudzicz, F., Ghassemi, M.: The road to explainability is paved with bias: measuring the fairness of explanations (2022). https:\/\/doi.org\/10.1145\/3531146.3533179","DOI":"10.1145\/3531146.3533179"},{"key":"10_CR8","doi-asserted-by":"publisher","unstructured":"Barredo Arrieta, A., et al.: Explainable artificial intelligence (XAI): concepts, taxonomies, opportunities and challenges toward responsible AI. Inf. Fusion 58, 82\u2013115 (2020). https:\/\/doi.org\/10.1016\/j.inffus.2019.12.012, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S1566253519308103","DOI":"10.1016\/j.inffus.2019.12.012"},{"key":"10_CR9","doi-asserted-by":"publisher","unstructured":"Berk, R., Heidari, H., Jabbari, S., Kearns, M., Roth, A.: Fairness in criminal justice risk assessments: the state of the art. Sociol. Methods Res. 50(1), 3\u201344 (2021) https:\/\/doi.org\/10.1177\/0049124118782533, https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/0049124118782533","DOI":"10.1177\/0049124118782533"},{"key":"10_CR10","doi-asserted-by":"publisher","unstructured":"Bhatt, U., et al.: Explainable machine learning in deployment. In: Hildebrandt, M. (ed.) Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency, pp. 648\u2013657. ACM Digital Library, Association for Computing Machinery, New York (2020). https:\/\/doi.org\/10.1145\/3351095.3375624","DOI":"10.1145\/3351095.3375624"},{"key":"10_CR11","unstructured":"Brendel, W., Rauber, J., K\u00fcmmerer, M., Ustyuzhaninov, I., Bethge, M.: Accurate, reliable and fast robustness evaluation. In: Wallach, H., Larochelle, H., Beygelzimer, A., d\u2019Alch\u00e9-Buc, F., Fox, E., Garnett, R. (eds.) Advances in Neural Information Processing Systems, vol.\u00a032. Curran Associates, Inc (2019)"},{"key":"10_CR12","unstructured":"Buolamwini, J., Gebru, T.: Gender shades: intersectional accuracy disparities in commercial gender classification. In: Conference on Fairness, Accountability and Transparency, pp. 77\u201391 (2018)"},{"key":"10_CR13","doi-asserted-by":"publisher","unstructured":"Carlini, N., Wagner, D.: Towards evaluating the robustness of neural networks. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 39\u201357. IEEE (2017). https:\/\/doi.org\/10.1109\/SP.2017.49","DOI":"10.1109\/SP.2017.49"},{"key":"10_CR14","doi-asserted-by":"publisher","unstructured":"Carvalho, D.V., Pereira, E.M., Cardoso, J.S.: Machine learning interpretability: a survey on methods and metrics. Electronics 8(8), 832 (2019). https:\/\/doi.org\/10.3390\/electronics8080832, https:\/\/www.mdpi.com\/2079-9292\/8\/8\/832","DOI":"10.3390\/electronics8080832"},{"key":"10_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-031-49008-8_5","volume-title":"Progress in Artificial Intelligence","author":"T Carvalho","year":"2023","unstructured":"Carvalho, T., Moniz, N., Antunes, L.: A three-way knot: privacy, fairness, and predictive performance dynamics. In: Moniz, N., Vale, Z., Cascalho, J., Silva, C., Sebasti\u00e3o, R. (eds.) EPIA 2023. LNCS, vol. 14115, pp. 55\u201366. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-49008-8_5"},{"key":"10_CR16","doi-asserted-by":"publisher","unstructured":"Caton, S., Haas, C.: Fairness in machine learning: a survey. arXiv (2020). https:\/\/doi.org\/10.48550\/arXiv.2010.04053","DOI":"10.48550\/arXiv.2010.04053"},{"key":"10_CR17","unstructured":"Chalasani, P., Chen, J., Chowdhury, A.R., Wu, X., Jha, S.: Concise explanations of neural networks using adversarial training. In: Daume III, H., Singh, A. (eds.) Proceedings of the 37th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a0119, pp. 1383\u20131391. PMLR (2020). https:\/\/proceedings.mlr.press\/v119\/chalasani20a.html"},{"key":"10_CR18","unstructured":"Chang, H., Nguyen, T.D., Murakonda, S.K., Kazemi, E., Shokri, R.: On adversarial bias and the robustness of fair machine learning. arXiv:2006.08669 (2020)"},{"key":"10_CR19","doi-asserted-by":"publisher","unstructured":"Chang, H., Shokri, R.: On the privacy risks of algorithmic fairness. In: 2021 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 292\u2013303 (2021). https:\/\/doi.org\/10.1109\/EuroSP51992.2021.00028","DOI":"10.1109\/EuroSP51992.2021.00028"},{"key":"10_CR20","unstructured":"Chen, J., Wu, X., Rastogi, V., Liang, Y., Jha, S.: Robust attribution regularization. In: Wallach, H., Larochelle, H., Beygelzimer, A., d\u2019Alch\u00e9-Buc, F., Fox, E., Garnett, R. (eds.) Advances in Neural Information Processing Systems, vol.\u00a032. Curran Associates, Inc. (2019)"},{"key":"10_CR21","unstructured":"Chen, Y., Raab, R., Wang, J., Liu, Y.: Fairness transferability subject to bounded distribution shift. In: Koyejo, S., Mohamed, S., Agarwal, A., Belgrave, D., Cho, K., Oh, A. (eds.) Advances in Neural Information Processing Systems, vol. 35, pp. 11266\u201311278. Curran Associates, Inc. (2022)"},{"key":"10_CR22","doi-asserted-by":"publisher","unstructured":"Cooper, A.F., Abrams, E., NA, N.A.: Emergent unfairness in algorithmic fairness-accuracy trade-off research. In: Proceedings of the 2021 AAAI\/ACM Conference on AI, Ethics, and Society. ACM, New York (2021). https:\/\/doi.org\/10.1145\/3461702.3462519","DOI":"10.1145\/3461702.3462519"},{"key":"10_CR23","unstructured":"de\u00a0Cristofaro, E.: An overview of privacy in machine learning. arXiv:2005.08679 (2020)"},{"key":"10_CR24","doi-asserted-by":"publisher","unstructured":"Cummings, R., Gupta, V., Kimpara, D., Morgenstern, J.: On the compatibility of privacy and fairness. In: Adjunct Publication of the 27th Conference on User Modeling, Adaptation and Personalization, UMAP 2019 Adjunct, pp. 309\u2013315. Association for Computing Machinery, New York (2019). https:\/\/doi.org\/10.1145\/3314183.3323847","DOI":"10.1145\/3314183.3323847"},{"key":"10_CR25","doi-asserted-by":"publisher","unstructured":"Dai, J., Upadhyay, S., Aivodji, U., Bach, S.H., Lakkaraju, H.: Fairness via explanation quality: evaluating disparities in the quality of post hoc explanations. In: Proceedings of the 2022 AAAI\/ACM Conference on AI, Ethics, and Society, AIES 2022, pp. 203\u2013214. Association for Computing Machinery, New York (2022). https:\/\/doi.org\/10.1145\/3514094.3534159","DOI":"10.1145\/3514094.3534159"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Dwork, C.: Differential privacy: a survey of results. In: International conference on theory and Applications of Models of Computation, pp. 1\u201319 (2008)","DOI":"10.1007\/978-3-540-79228-4_1"},{"key":"10_CR27","unstructured":"Dwork, C., Immorlica, N., Kalai, A.T., Leiserson, M.: Decoupled classifiers for group-fair and efficient machine learning. In: Conference on Fairness, Accountability and Transparency, pp. 119\u2013133 (2018). https:\/\/proceedings.mlr.press\/v81\/dwork18a.html"},{"key":"10_CR28","unstructured":"European Commission: Laying down harmonised rules on artificial intelligence and amending certain union legislative acts: Artificial intelligence act"},{"key":"10_CR29","doi-asserted-by":"publisher","unstructured":"Fioretto, F., Tran, C., van Hentenryck, P., Zhu, K.: Differential privacy and fairness in decisions and learning tasks: a survey. In: Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence. International Joint Conferences on Artificial Intelligence Organization (2022). https:\/\/doi.org\/10.24963\/ijcai.2022\/766","DOI":"10.24963\/ijcai.2022\/766"},{"issue":"6","key":"10_CR30","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1038\/s42256-019-0055-y","volume":"1","author":"L Floridi","year":"2019","unstructured":"Floridi, L.: Establishing the rules for building trustworthy AI. Nat. Mach. Intell. 1(6), 261\u2013262 (2019). https:\/\/doi.org\/10.1038\/s42256-019-0055-y","journal-title":"Nat. Mach. Intell."},{"key":"10_CR31","unstructured":"Fukuchi, A., Yabe, Y., Sode, M.: FairTorch: PyTorch implementation of parity loss as constraints function to realize the fairness of machine learning (17012023). https:\/\/github.com\/wbawakate\/fairtorch"},{"key":"10_CR32","doi-asserted-by":"publisher","unstructured":"Ghorbani, A., Abid, A., Zou, J.: Interpretation of neural networks is fragile. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 33, no. 01, pp. 3681\u20133688 (2019). https:\/\/doi.org\/10.1609\/aaai.v33i01.33013681","DOI":"10.1609\/aaai.v33i01.33013681"},{"key":"10_CR33","doi-asserted-by":"publisher","unstructured":"Gittens, A., Yener, B., Yung, M.: An adversarial perspective on accuracy, robustness, fairness, and privacy: multilateral-tradeoffs in trustworthy ml. IEEE Access 1 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3218715","DOI":"10.1109\/ACCESS.2022.3218715"},{"key":"10_CR34","doi-asserted-by":"publisher","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples (2014). https:\/\/doi.org\/10.48550\/arXiv.1412.6572","DOI":"10.48550\/arXiv.1412.6572"},{"key":"10_CR35","doi-asserted-by":"publisher","unstructured":"Guo, J., et al.: Isolation and induction: training robust deep neural networks against model stealing attacks. In: Proceedings of the 31st ACM International Conference on Multimedia, MM 2023, pp. 4178\u20134189. Association for Computing Machinery, New York (2023). https:\/\/doi.org\/10.1145\/3581783.3612092","DOI":"10.1145\/3581783.3612092"},{"key":"10_CR36","unstructured":"Hardt, M., Price, E., Srebro, N.: Equality of opportunity in supervised learning. In: Lee, D., Sugiyama, M., Luxburg, U., Guyon, I., Garnett, R. (eds.) Advances in Neural Information Processing Systems, vol. 29. Curran Associates, Inc. (2016)"},{"key":"10_CR37","unstructured":"Harrison, S., Boxiao, P.: Mitigating bias in facial recognition with FairGAN (2020)"},{"key":"10_CR38","unstructured":"He, X., Li, Z., Xu, W., Cornelius, C., Zhang, Y.: Membership-doctor: comprehensive assessment of membership inference against machine learning models (2022)"},{"key":"10_CR39","unstructured":"Hedstr\u00f6m, A., et al.: Quantus: an explainable AI toolkit for responsible evaluation of neural network explanations. arXiv:2202.06861 (2022)"},{"key":"10_CR40","unstructured":"Hendrycks, D., Dietterich, T.: Benchmarking neural network robustness to common corruptions and perturbations (2019). http:\/\/arxiv.org\/pdf\/1903.12261v1"},{"key":"10_CR41","unstructured":"High-Level Expert Group on Artificial Intelligence: Ethics guidelines for trustworthy AI: set up by the European Commission (2019)"},{"issue":"11s","key":"10_CR42","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3523273","volume":"54","author":"H Hu","year":"2022","unstructured":"Hu, H., Salcic, Z., Sun, L., Dobbie, G., Yu, P.S., Zhang, X.: Membership inference attacks on machine learning: a survey. ACM Comput. Surv. 54(11s), 1\u201337 (2022). https:\/\/doi.org\/10.1145\/3523273","journal-title":"ACM Comput. Surv."},{"key":"10_CR43","unstructured":"Ji, J., et\u00a0al.: AI alignment: a comprehensive survey. arXiv preprint arXiv:2310.19852 (2023)"},{"issue":"10","key":"10_CR44","doi-asserted-by":"publisher","first-page":"2552","DOI":"10.1109\/tpami.2019.2919284","volume":"42","author":"L Jiang","year":"2020","unstructured":"Jiang, L., Zhang, J., Deng, B.: Robust RGB-D face recognition using attribute-aware loss. IEEE Trans. Pattern Anal. Mach. Intell. 42(10), 2552\u20132566 (2020). https:\/\/doi.org\/10.1109\/tpami.2019.2919284","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"10_CR45","doi-asserted-by":"publisher","unstructured":"Joo, S., Jeong, S., Heo, J., Weller, A., Moon, T.: Towards more robust interpretation via local gradient alignment. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 37, no. 7, pp. 8168\u20138176 (2023). https:\/\/doi.org\/10.1609\/aaai.v37i7.25986, https:\/\/ojs.aaai.org\/index.php\/AAAI\/article\/view\/25986","DOI":"10.1609\/aaai.v37i7.25986"},{"key":"10_CR46","doi-asserted-by":"publisher","unstructured":"Kariyappa, S., Qureshi, M.K.: Defending against model stealing attacks with adaptive misinformation. In: 2020 IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR). IEEE (2020). https:\/\/doi.org\/10.1109\/cvpr42600.2020.00085","DOI":"10.1109\/cvpr42600.2020.00085"},{"key":"10_CR47","doi-asserted-by":"crossref","unstructured":"Karkkainen, K., Joo, J.: Fairface: face attribute dataset for balanced race, gender, and age for bias measurement and mitigation. In: Proceedings of the IEEE\/CVF Winter Conference on Applications of Computer Vision, pp. 1548\u20131558 (2021)","DOI":"10.1109\/WACV48630.2021.00159"},{"key":"10_CR48","doi-asserted-by":"publisher","unstructured":"Kaur, D., Uslu, S., Rittichier, K.J., Durresi, A.: Trustworthy artificial intelligence: a review. ACM Comput. Surv. 55(2) (2022). https:\/\/doi.org\/10.1145\/3491209","DOI":"10.1145\/3491209"},{"key":"10_CR49","unstructured":"Kaya, Y., Dumitras, T.: When does data augmentation help with membership inference attacks? In: Meila, M., Zhang, T. (eds.) Proceedings of the 38th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a0139, pp. 5345\u20135355. PMLR (2021)"},{"key":"10_CR50","doi-asserted-by":"publisher","unstructured":"Lecuyer, M., Atlidakis, V., Geambasu, R., Hsu, D., Jana, S.: Certified robustness to adversarial examples with differential privacy. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 656\u2013672 (2019). https:\/\/doi.org\/10.1109\/SP.2019.00044","DOI":"10.1109\/SP.2019.00044"},{"key":"10_CR51","doi-asserted-by":"publisher","unstructured":"Li, B., Qi, P., Liu, B., Di, S., Liu, J., Pei, J., Yi, J., Zhou, B.: Trustworthy AI: from principles to practices. ACM Comput. Surv. 55(9) (2023). https:\/\/doi.org\/10.1145\/3555803","DOI":"10.1145\/3555803"},{"issue":"2","key":"10_CR52","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3436755","volume":"54","author":"B Liu","year":"2021","unstructured":"Liu, B., Ding, M., Shaham, S., Rahayu, W., Farokhi, F., Lin, Z.: When machine learning meets privacy: a survey and outlook. ACM Comput. Surv. (CSUR) 54(2), 1\u201336 (2021). https:\/\/doi.org\/10.1145\/3436755","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"10_CR53","doi-asserted-by":"publisher","unstructured":"Liu, H., et al.: Trustworthy AI: a computational perspective. ACM Trans. Intell. Syst. Technol. 14(1) (2022). https:\/\/doi.org\/10.1145\/3546872","DOI":"10.1145\/3546872"},{"key":"10_CR54","unstructured":"Liu, Y., et al.: ML-doctor: Holistic risk assessment of inference attacks against machine learning models. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 4525\u20134542. USENIX Association, Boston (2022)"},{"key":"10_CR55","unstructured":"Liu, Z., et al: An empirical study on distribution shift robustness from the perspective of pre-training and data augmentation (2022)"},{"key":"10_CR56","doi-asserted-by":"crossref","unstructured":"Liu, Z., Luo, P., Wang, X., Tang, X.: Deep learning face attributes in the wild. In: Proceedings of the IEEE International Conference on Computer Vision (2015)","DOI":"10.1109\/ICCV.2015.425"},{"key":"10_CR57","unstructured":"Lopes, R.G., Yin, D., Poole, B., Gilmer, J., Cubuk, E.D.: Improving robustness without sacrificing accuracy with patch gaussian augmentation (2019). arXiv:1906.02611"},{"key":"10_CR58","doi-asserted-by":"publisher","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks (2017). https:\/\/doi.org\/10.48550\/arXiv.1706.06083","DOI":"10.48550\/arXiv.1706.06083"},{"issue":"6","key":"10_CR59","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3457607","volume":"54","author":"N Mehrabi","year":"2021","unstructured":"Mehrabi, N., Morstatter, F., Saxena, N., Lerman, K., Galstyan, A.: A survey on bias and fairness in machine learning. ACM Comput. Surv. 54(6), 1\u201335 (2021). https:\/\/doi.org\/10.1145\/3457607","journal-title":"ACM Comput. Surv."},{"key":"10_CR60","unstructured":"Menon, A.K., Williamson, R.C.: The cost of fairness in binary classification. In: Conference on Fairness, Accountability and Transparency, pp. 107\u2013118 (2018). https:\/\/proceedings.mlr.press\/v81\/menon18a.html"},{"key":"10_CR61","unstructured":"Mireshghallah, F., Taram, M., Vepakomma, P., Singh, A., Raskar, R., Esmaeilzadeh, H.: Privacy in deep learning: a survey. CoRR abs\/2004.12254 (2020)"},{"key":"10_CR62","unstructured":"Naidu, R., Priyanshu, A., Kumar, A., Kotti, S., Wang, H., Mireshghallah, F.: When differential privacy meets interpretability: a case study (2021)"},{"issue":"1","key":"10_CR63","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/s42979-020-00390-x","volume":"2","author":"A Noack","year":"2021","unstructured":"Noack, A., Ahern, I., Dou, D., Li, B.: An empirical study on the relation between network interpretability and adversarial robustness. SN Comput. Sci. 2(1), 32 (2021). https:\/\/doi.org\/10.1007\/s42979-020-00390-x","journal-title":"SN Comput. Sci."},{"key":"10_CR64","unstructured":"Papernot, N., Abadi, M., Erlingsson, \u00da., Goodfellow, I., Talwar, K.: Semi-supervised knowledge transfer for deep learning from private training data (2017)"},{"key":"10_CR65","doi-asserted-by":"publisher","unstructured":"Petti, S., Flaxman, A.: Differential privacy in the 2020 us census: what will it do? Quantifying the accuracy\/privacy tradeoff. Gates Open Res. 3, 1722 (2019). https:\/\/doi.org\/10.12688\/gatesopenres.13089.2","DOI":"10.12688\/gatesopenres.13089.2"},{"key":"10_CR66","unstructured":"Pinot, R., Yger, F., Gouy-Pailler, C., Atif, J.: A unified view on differential privacy and robustness to adversarial examples (2019)"},{"key":"10_CR67","doi-asserted-by":"publisher","first-page":"6086","DOI":"10.1038\/s41598-024-56706-x","volume":"14","author":"O Rainio","year":"2024","unstructured":"Rainio, O., Teuho, J., Kl\u00e9n, R.: Evaluation metrics and statistical tests for machine learning. Sci. Rep. 14, 6086 (2024). https:\/\/doi.org\/10.1038\/s41598-024-56706-x","journal-title":"Sci. Rep."},{"key":"10_CR68","unstructured":"Rebuffi, S.A., Gowal, S., Calian, D.A., Stimberg, F., Wiles, O., Mann, T.A.: Data augmentation can improve robustness. In: Ranzato, M., Beygelzimer, A., Dauphin, Y., Liang, P.S., Wortman Vaughan, J. (eds.) Advances in Neural Information Processing Systems. vol.\u00a034, pp. 29935\u201329948. Curran Associates, Inc. (2021)"},{"key":"10_CR69","unstructured":"Rice, L., Wong, E., Kolter, Z.: Overfitting in adversarially robust deep learning. In: Daume III, H., Singh, A. (eds.) Proceedings of the 37th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a0119, pp. 8093\u20138104. PMLR (2020)"},{"key":"10_CR70","unstructured":"Rigaki, M., Garcia, S.: A survey of privacy attacks in machine learning. arXiv:2007.07646 (2020)"},{"key":"10_CR71","doi-asserted-by":"publisher","unstructured":"Robinson, J.P., Livitz, G., Henon, Y., Qin, C., Fu, Y., Timoner, S.: Face recognition: too bias, or not too bias? In: 2020 IEEE\/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). IEEE (2020). https:\/\/doi.org\/10.1109\/cvprw50498.2020.00008","DOI":"10.1109\/cvprw50498.2020.00008"},{"key":"10_CR72","unstructured":"Roh, Y., Lee, K., Whang, S., Suh, C.: Fr-train: A mutual information-based approach to fair and robust training. In: Daume III, H., Singh, A. (eds.) Proceedings of the 37th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a0119, pp. 8147\u20138157. PMLR (2020)"},{"key":"10_CR73","doi-asserted-by":"publisher","unstructured":"Ross, A., Doshi-Velez, F.: Improving the adversarial robustness and interpretability of deep neural networks by regularizing their input gradients. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 32, no. 1 (2018). https:\/\/doi.org\/10.1609\/aaai.v32i1.11504","DOI":"10.1609\/aaai.v32i1.11504"},{"key":"10_CR74","unstructured":"Sabato, S., Yom-Tov, E.: Bounding the fairness and accuracy of classifiers from population statistics. In: International Conference on Machine Learning, pp. 8316\u20138325 (2020)"},{"key":"10_CR75","unstructured":"Saifullah, S., Mercier, D., Lucieri, A., Dengel, A., Ahmed, S.: Privacy meets explainability: a comprehensive impact benchmark (2022)"},{"key":"10_CR76","unstructured":"Schreiner, A., Kemmerzell, N.: Towards a quantitative evaluation framework for trustworthy AI in facial analysis. In: Bui, T.X. (ed.) 57th Hawaii International Conference on System Sciences, HICSS 2024, Hilton Hawaiian Village Waikiki Beach Resort, Hawaii, USA, 3\u20136 January 2024, pp. 7821\u20137830. ScholarSpace (2024). https:\/\/hdl.handle.net\/10125\/107326"},{"key":"10_CR77","doi-asserted-by":"publisher","unstructured":"Schrouff, J., et al.: Maintaining fairness across distribution shift: do we have viable solutions for real-world applications? (2022). https:\/\/doi.org\/10.48550\/arXiv.2202.01034","DOI":"10.48550\/arXiv.2202.01034"},{"key":"10_CR78","doi-asserted-by":"publisher","unstructured":"Sharma, S., Henderson, J., Ghosh, J.: CERTIFAI: a common framework to provide explanations and analyse the fairness and robustness of black-box models (2020). https:\/\/doi.org\/10.1145\/3375627.3375812","DOI":"10.1145\/3375627.3375812"},{"key":"10_CR79","doi-asserted-by":"crossref","unstructured":"Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE symposium on security and privacy (SP), pp. 3\u201318 (2017)","DOI":"10.1109\/SP.2017.41"},{"issue":"1","key":"10_CR80","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1186\/s40537-019-0197-0","volume":"6","author":"C Shorten","year":"2019","unstructured":"Shorten, C., Khoshgoftaar, T.M.: A survey on image data augmentation for deep learning. J. Big Data 6(1), 60 (2019). https:\/\/doi.org\/10.1186\/s40537-019-0197-0","journal-title":"J. Big Data"},{"key":"10_CR81","unstructured":"Sixt, L., Granz, M., Landgraf, T.: When explanations lie: why many modified BP attributions fail (2019). arXiv:1912.09818"},{"issue":"5","key":"10_CR82","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1109\/MSEC.2022.3178187","volume":"20","author":"M Strobel","year":"2022","unstructured":"Strobel, M., Shokri, R.: Data privacy and trustworthy machine learning. IEEE Secur. Priv. 20(5), 44\u201349 (2022). https:\/\/doi.org\/10.1109\/MSEC.2022.3178187","journal-title":"IEEE Secur. Priv."},{"key":"10_CR83","unstructured":"Sundararajan, M., Taly, A., Yan, Q.: Axiomatic attribution for deep networks. In: International Conference on Machine Learning, pp. 3319\u20133328 (2017). https:\/\/proceedings.mlr.press\/v70\/sundararajan17a.html"},{"key":"10_CR84","unstructured":"Taori, R., Dave, A., Shankar, V., Carlini, N., Recht, B., Schmidt, L.: Measuring robustness to natural distribution shifts in image classification. In: Larochelle, H., Ranzato, M., Hadsell, R., Balcan, M.F., Lin, H. (eds.) Advances in Neural Information Processing Systems, vol.\u00a033, pp. 18583\u201318599. Curran Associates, Inc. (2020)"},{"key":"10_CR85","doi-asserted-by":"crossref","unstructured":"T\u011btkov\u00e1, L., Hansen, L.K.: Robustness of visual explanations to common data augmentation methods. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR) Workshops, pp. 3714\u20133719 (2023)","DOI":"10.1109\/CVPRW59228.2023.00381"},{"issue":"2","key":"10_CR86","doi-asserted-by":"publisher","first-page":"447","DOI":"10.1007\/s12525-020-00441-4","volume":"31","author":"S Thiebes","year":"2021","unstructured":"Thiebes, S., Lins, S., Sunyaev, A.: Trustworthy artificial intelligence. Electron. Mark. 31(2), 447\u2013464 (2021). https:\/\/doi.org\/10.1007\/s12525-020-00441-4","journal-title":"Electron. Mark."},{"key":"10_CR87","unstructured":"Tram\u00e8r, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction APIs. In: 25th USENIX Security Symposium (USENIX Security 2016), pp. 601\u2013618 (2016)"},{"key":"10_CR88","unstructured":"Tran, C., Dinh, M., Fioretto, F.: Differentially private empirical risk minimization under the fairness lens. In: Ranzato, M., Beygelzimer, A., Dauphin, Y., Liang, P.S., Wortman Vaughan, J. (eds.) Advances in Neural Information Processing Systems, vol.\u00a034, pp. 27555\u201327565. Curran Associates, Inc. (2021)"},{"key":"10_CR89","unstructured":"Tran, D., et al.: Plex: towards reliability using pretrained large model extensions. arXiv:2207.07411 (2022)"},{"key":"10_CR90","unstructured":"Tursynbek, N., Petiushko, A., Oseledets, I.: Robustness threats of differential privacy (2021)"},{"key":"10_CR91","doi-asserted-by":"publisher","unstructured":"Verma, S., Rubin, J.: Fairness definitions explained. In: Brun, Y. (ed.) Proceedings of the International Workshop on Software Fairness. ACM Conferences, pp.\u00a01\u20137. ACM, New York (2018). https:\/\/doi.org\/10.1145\/3194770.3194776, https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3194770.3194776","DOI":"10.1145\/3194770.3194776"},{"key":"10_CR92","doi-asserted-by":"crossref","unstructured":"Wang, Z., et al.: Towards fairness in visual recognition: effective strategies for bias mitigation. In: Mortensen, E., Masson-Forsythe, M. (eds.) 2020 IEEE\/CVF Conference on Computer Vision and Pattern Recognition, pp. 8916\u20138925. IEEE, Piscataway (2020)","DOI":"10.1109\/CVPR42600.2020.00894"},{"key":"10_CR93","doi-asserted-by":"crossref","unstructured":"Wang, Z., et al.: Fairness-aware adversarial perturbation towards bias mitigation for deployed deep models. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pp. 10379\u201310388 (2022)","DOI":"10.1109\/CVPR52688.2022.01013"},{"key":"10_CR94","unstructured":"Wick, M., Panda, S., Tristan, J.B.: Unlocking fairness: a trade-off revisited (2019)"},{"key":"10_CR95","unstructured":"Wiles, O., et al.: A fine-grained analysis on distribution shift. arXiv:2110.11328 (2021)"},{"key":"10_CR96","unstructured":"Won, S., Bae, S.H., Kim, S.T.: Analyzing effects of mixed sample data augmentation on model interpretability (2023)"},{"key":"10_CR97","doi-asserted-by":"publisher","unstructured":"Wu, W., Protopapas, P., Yang, Z., Michalatos, P.: Gender classification and bias mitigation in facial images. In: 12th ACM Conference on Web Science. ACM, New York (2020). https:\/\/doi.org\/10.1145\/3394231.3397900","DOI":"10.1145\/3394231.3397900"},{"key":"10_CR98","unstructured":"Xu, H., Liu, X., Li, Y., Jain, A., Tang, J.: To be robust or to be fair: Towards fairness in adversarial training. In: Meila, M., Zhang, T. (eds.) Proceedings of the 38th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol. 139, pp. 11492\u201311501. PMLR (2021)"},{"key":"10_CR99","unstructured":"Yao, H., Wang, Y., Li, S., Zhang, L., Liang, W., Zou, J., Finn, C.: Improving out-of-distribution robustness via selective augmentation. In: Chaudhuri, K., Jegelka, S., Song, L., Szepesvari, C., Niu, G., Sabato, S. (eds.) Proceedings of the 39th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol.\u00a0162, pp. 25407\u201325437. PMLR (2022)"},{"key":"10_CR100","unstructured":"Yeh, C.K., Hsieh, C.Y., Suggala, A., Inouye, D.I., Ravikumar, P.K.: On the (in) fidelity and sensitivity of explanations. In: Advances in Neural Information Processing Systems, vol. 32 (2019)"},{"key":"10_CR101","doi-asserted-by":"publisher","unstructured":"Yeom, S., Giacomelli, I., Fredrikson, M., Jha, S.: Privacy risk in machine learning: analyzing the connection to overfitting. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), pp. 268\u2013282 (2018). https:\/\/doi.org\/10.1109\/CSF.2018.00027","DOI":"10.1109\/CSF.2018.00027"},{"key":"10_CR102","doi-asserted-by":"publisher","unstructured":"Yu, D., Zhang, H., Chen, W., Yin, J., Liu, T.Y.: How does data augmentation affect privacy in machine learning? In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 35, no. 12, pp. 10746\u201310753 (2021). https:\/\/doi.org\/10.1609\/aaai.v35i12.17284","DOI":"10.1609\/aaai.v35i12.17284"},{"key":"10_CR103","doi-asserted-by":"publisher","unstructured":"Zhang, Y., Sang, J.: Towards accuracy-fairness paradox: adversarial example-based data augmentation for visual debiasing. In: Proceedings of the 28th ACM International Conference on Multimedia, MM 2020, pp. 4346\u20134354. Association for Computing Machinery, New York (2020). https:\/\/doi.org\/10.1145\/3394171.3413772","DOI":"10.1145\/3394171.3413772"},{"key":"10_CR104","doi-asserted-by":"crossref","unstructured":"Zhang, Z., Song, Y., Qi, H.: Age progression\/regression by conditional adversarial autoencoder. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR) (2017)","DOI":"10.1109\/CVPR.2017.463"},{"key":"10_CR105","doi-asserted-by":"publisher","unstructured":"Zhong, Z., Zheng, L., Kang, G., Li, S., Yang, Y.: Random erasing data augmentation. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 34, no. 07, pp. 13001\u201313008 (2020). https:\/\/doi.org\/10.1609\/aaai.v34i07.7000, https:\/\/ojs.aaai.org\/index.php\/AAAI\/article\/view\/7000","DOI":"10.1609\/aaai.v34i07.7000"}],"container-title":["Lecture Notes in Computer Science","KI 2024: Advances in Artificial Intelligence"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70893-0_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,29]],"date-time":"2024-08-29T11:05:13Z","timestamp":1724929513000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70893-0_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031708923","9783031708930"],"references-count":105,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70893-0_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"30 August 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"KI","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"German Conference on Artificial Intelligence (K\u00fcnstliche Intelligenz)","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"W\u00fcrzburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"47","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ki2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.informatik.uni-wuerzburg.de\/ki24\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}