Search Results for author:
Found 25 papers, 10 papers with code
AIR: Threats of Adversarial Attacks on Deep Learning-Based Information Recovery
It can also be found that the DeepReceiver is vulnerable to adversarial perturbations even with very low power and limited PAPR.
CertPri: Certifiable Prioritization for Deep Neural Networks via Movement Cost in Feature Space
Therefore, it is crucial to identify the misbehavior of DNN-based software and improve DNNs' quality.
AdvCheck: Characterizing Adversarial Examples via Local Gradient Checking
To address the issues, we introduce the concept of local gradient, and reveal that adversarial examples have a quite larger bound of local gradient than the benign ones.
Edge Deep Learning Model Protection via Neuron Authorization
With the development of deep learning processors and accelerators, deep learning models have been widely deployed on edge devices as part of the Internet of Things.
FedRight: An Effective Model Copyright Protection for Federated Learning
For the first time, we formalize the problem of copyright protection for FL, and propose FedRight to protect model copyright based on model fingerprints, i. e., extracting model features by generating adversarial examples as model fingerprints.
Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs
Most of the proposed studies launch the backdoor attack using a trigger that either is the randomly generated subgraph (e. g., erd\H{o}s-r\'enyi backdoor) for less computational burden, or the gradient-based generative subgraph (e. g., graph trojaning attack) to enable a more effective attack.
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection
Consequently, the link prediction model trained on the backdoored dataset will predict the link with trigger to the target state.
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-modal Fake News Detection
The proliferation of fake news and its serious negative social influence push fake news detection methods to become necessary tools for web managers.
Rethinking the Defense Against Free-rider Attack From the Perspective of Model Weight Evolving Frequency
To address these challenges, we reconsider the defense from a novel perspective, i. e., model weight evolving frequency. Empirically, we gain a novel insight that during the FL's training, the model weight evolving frequency of free-riders and that of benign clients are significantly different.
GAIL-PT: A Generic Intelligent Penetration Testing Framework with Generative Adversarial Imitation Learning
Addressing the challenges, for the first time, we introduce expert knowledge to guide the agent to make better decisions in RL-based PT and propose a Generative Adversarial Imitation Learning-based generic intelligent Penetration testing framework, denoted as GAIL-PT, to solve the problems of higher labor costs due to the involvement of security experts and high-dimensional discrete action space.
Excitement Surfeited Turns to Errors: Deep Learning Testing Framework Based on Excitable Neurons
By maximizing the number of excitable neurons concerning various wrong behaviors of models, DeepSensor can generate testing examples that effectively trigger more errors due to adversarial inputs, polluted data and incomplete training.
NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification
To overcome the challenges, we propose NeuronFair, a new DNN fairness testing framework that differs from previous work in several key aspects: (1) interpretable - it quantitatively interprets DNNs' fairness violations for the biased decision; (2) effective - it uses the interpretation results to guide the generation of more diverse instances in less time; (3) generic - it can handle both structured and unstructured data.
NIP: Neuron-level Inverse Perturbation Against Adversarial Attacks
From the perspective of image feature space, some of them cannot reach satisfying results due to the shift of features.
Graph-Fraudster: Adversarial Attacks on Graph Neural Network Based Vertical Federated Learning
This is the first study of adversarial attacks on GVFL.
Dyn-Backdoor: Backdoor Attack on Dynamic Link Prediction
Backdoor attacks induce the DLP methods to make wrong prediction by the malicious training data, i. e., generating a subgraph sequence as the trigger and embedding it to the training data.
Salient Feature Extractor for Adversarial Defense on Deep Neural Networks
Motivated by the observation that adversarial examples are due to the non-robust feature learned from the original dataset by models, we propose the concepts of salient feature(SF) and trivial feature(TF).
DeepPoison: Feature Transfer Based Stealthy Poisoning Attack
As existing episodes mainly focused on attack success rate with patch-based samples, defense algorithms can easily detect these poisoning samples.
ROBY: Evaluating the Robustness of a Deep Model by its Decision Boundaries
This work proposes a generic evaluation metric ROBY, a novel attack-independent robustness measure based on the model's decision boundaries.
MGA: Momentum Gradient Attack on Network
The adversarial attack methods based on gradient information can adequately find the perturbations, that is, the combinations of rewired links, thereby reducing the effectiveness of the deep learning model based graph embedding algorithms, but it is also easy to fall into a local optimum.
Social and Information Networks
POBA-GA: Perturbation Optimized Black-Box Adversarial Attacks via Genetic Algorithm
In this paper, comprehensive evaluation metrics are brought up for different adversarial attack methods.
N2VSCDNNR: A Local Recommender System Based on Node2vec and Rich Information Network
In particular, we use a bipartite network to construct the user-item network, and represent the interactions among users (or items) by the corresponding one-mode projection network.
GC-LSTM: Graph Convolution Embedded LSTM for Dynamic Link Prediction
To the best of our knowledge, it is the first time that GCN embedded LSTM is put forward for link prediction of dynamic networks.
Social and Information Networks Physics and Society
FineFool: Fine Object Contour Attack via Attention
Inspired by the correlations between adversarial perturbations and object contour, slighter perturbations is produced via focusing on object contour features, which is more imperceptible and difficult to be defended, especially network add-on defense methods with the trade-off between perturbations filtering and contour feature loss.
Link Prediction Adversarial Attack
Deep neural network has shown remarkable performance in solving computer vision and some graph evolved tasks, such as node classification and link prediction.
Physics and Society Social and Information Networks
Fast Gradient Attack on Network Embedding
Network embedding maps a network into a low-dimensional Euclidean space, and thus facilitate many network analysis tasks, such as node classification, link prediction and community detection etc, by utilizing machine learning methods.
Physics and Society Social and Information Networks
