Max Noppel

Email
Telephone +49 721 608-46190
Room 163
Address Karlsruhe Institute of Technology
Institute of Information Security and Dependability
Am Fasanengarten 5, Geb. 50.34
76131 Karlsruhe, Germany
Max Noppel

About me

I am a doctoral researcher in the group of Christian Wressnegger. After my B.Sc. in Computer Science and three years as a Software Engineer and Software Architect for embedded multiprocessor devices, I decided to head back to university. In 2020, I graduated to M.Sc. in Computer Science at the Karlsruhe Institute of Technology (KIT). My studies were concentrated on IT Security, Cryptography, Anonymity and Privacy, and Algorithm Engineering.

As a doctoral researcher, I now focus on the vulnerabilities of eXplainable Artificial Intelligence (XAI) in adversarial environments. XAI methods augment the predictions of an ML model by an additional output, the explanation. This increase in the amount of outputs potentizes the number of possible adversarial goals. An adversary may fool the prediction, the explanation, or both simultaneously. With the term 'fooling,' we capture diverse incentives, e.g., showing a target explanation or injecting a backdoor. I research these attacks with varying threat models, explanation methods, model architectures, and application domains. My research highlights the necessity of robustness guarantees for XAI, which I hope to be able to provide at some point.

Please also consider my personal webpage for further information.

Publications

2024

Generalized Adversarial Code-Suggestions: Exploiting Contexts of LLM-based Code-Completion.
Karl Rubel, Maximilian Noppel and Christian Wressnegger.
Technical report, arXiv:2410.10526, October 2024.

Model-Manipulation Attacks Against Black-Box Explanations.
Achyut Hegde, Maximilian Noppel and Christian Wressnegger.
Proc. of 40th Annual Computer Security Applications Conference (ACSAC), to appear December 2024.

A Brief Systematization of Explanation-Aware Attacks.
Maximilian Noppel and Christian Wressnegger.
Proc. of 47th German Conference on Artificial Intelligence (KI), September 2024.

SoK: Explainable Machine Learning in Adversarial Environments.
Maximilian Noppel and Christian Wressnegger.
Proc. of 45th IEEE Symposium on Security and Privacy (S&P), May 2024.

2023

Poster: Fooling XAI with Explanation-Aware Backdoors.
Maximilian Noppel and Christian Wressnegger.
Proc. of 30th ACM Conference on Computer and Communications Security (CCS), November 2023.

Explanation-Aware Backdoors in a Nutshell.
Maximilian Noppel and Christian Wressnegger.
Proc. of 46th German Conference on Artificial Intelligence (KI), September 2023.

Disguising Attacks with Explanation-Aware Backdoors.
Maximilian Noppel, Lukas Peter and Christian Wressnegger.
Proc. of 44th IEEE Symposium on Security and Privacy (S&P), May 2023.

2022

Backdooring Explainable Machine Learning.
Maximilian Noppel, Lukas Peter and Christian Wressnegger.
Technical report, arXiv:2204.09498, April 2022.

2021

LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems.
Niclas Kühnapfel, Stefan Preußler, Maximilian Noppel, Thomas Schneider, Konrad Rieck and Christian Wressnegger.
Proc. of 37th Annual Computer Security Applications Conference (ACSAC), December 2021.

Plausible Deniability for Anonymous Communication.
Christiane Kuhn*, Maximilian Noppel*, Christian Wressnegger and Thorsten Strufe.
Proc. of 21st Workshop on Privacy in the Electronic Society (WPES), November 2021.

2019

GI Elections with POLYAS: a Road to End-to-End Verifiable Elections.
Bernhard Beckert, Achim Brelle, Rüdiger Grimm, Nicolas Huber, Michael Kirsten, Ralf Küsters, Jörn Müller-Quade, Maximilian Noppel, Kai Reinhard, Jonas Schwab, Rebecca Schwerdt, Tomasz Truderung, Melanie Volkamer, and Cornelia Winter.
E-Vote-ID, October 2019.

Chairs

Committee Memberships

Convention of the Scientific Staff and Council for Devision II

As a member of the Convention of the Scientific Staff (German: "Mitarbeiterkonvent") and as a member of the Council for Devision II (German: "Bereichsrat für Bereich II") I am happy to receive your emails regarding any suggestions for the future development of the KIT.

Teaching

Courses

  • Practical Course: Application Security in winter and summer from 2020/21 until now
  • Seminar: Explainable Machine Learning in winter from 2020/21 until 2022/23
  • Seminar: Hot Topics in Explainable Machine Learning in summer 2023
  • Seminar: Hot Topics in Security of Machine Learning in winter 2023/24
  • Seminar: Vulnerability Discovery in summer 2021 and 2022
  • Seminar: Public Key Cryptography in winter 2021/22
  • Practical Research Seminar: Explainable Machine Learning in summer 2022

Guest Lectures

  • Lecture: Machine Learning for Security in winter 2021/22
  • Lecture: Security of Machine Learning in summer 2022, summer 2023
  • Workshop: Business Planning in Cybersecurity for Founders in summer 2022, winter 2022/23

Selected Theses

  • Master Thesis: Vulnerability Discovery in Solidity Code by Christopher Michelbach (2021)
  • Master Thesis: Backdooring Authorship Attribution by Stefan Strang (2022)
  • Master Thesis: Explanation-Aware Backdoors for Transformers by Lukas Peter (2023)

Non-Academic Publications

2023

Explanation-Aware Backdoors: Umgehen von erklärungsbasierten Erkennungsmethoden für Hintertüren.
Maximilian Noppel.
KASTEL StartupSecurty Community Congress - Poster Session, May 2023.

Sparetime

In my spare time I founded the hackerspace vspace.one e.V. in 2016 and several other clubs, e.g. to promote local musicians. I love open source software and open hardware projects in general. This includes little arduino projects but also my homebrew relay cpu project. In addition, I'm working on mechanical projects, using CNC mills or 3D printers, or I organize events like CodeGolfings, LightningTalks, Hackathons, Hackerjeopardyparties, or Cryptoparties. I am also an active ham radio operator with the call sign DC0MX. You can find me in the university ham radio group DF0UK. If you are interested in sports, you can find me as a trainer in the underwaterrugby team of the SSC Karlsruhe as well as the KIT university team.