Search Results for author:
Found 34 papers, 8 papers with code
Clients Collaborate: Flexible Differentially Private Federated Learning with Guaranteed Improvement of Utility-Privacy Trade-off
This implies that our FedCEO can effectively recover the disrupted semantic information by smoothing the global semantic space for different privacy settings and continuous training processes.
Cross-silo Federated Learning with Record-level Personalized Differential Privacy
Federated learning enhanced by differential privacy has emerged as a popular approach to better safeguard the privacy of client-side data by protecting clients' contributions during the training process.
Contrastive Unlearning: A Contrastive Approach to Machine Unlearning
Machine unlearning aims to eliminate the influence of a subset of training samples (i. e., unlearning samples) from a trained model.
Prompt Valuation Based on Shapley Values
Large language models (LLMs) excel on new tasks without additional training, simply by providing natural language prompts that demonstrate how the task should be performed.
Signed Graph Neural Ordinary Differential Equation for Modeling Continuous-time Dynamics
Modeling continuous-time dynamics constitutes a foundational challenge, and uncovering inter-component correlations within complex systems holds promise for enhancing the efficacy of dynamic modeling.
Certified Minimax Unlearning with Generalization Rates and Deletion Capacity
In addition, our rates of generalization and deletion capacity match the state-of-the-art rates derived previously for standard statistical learning models.
Does Differential Privacy Prevent Backdoor Attacks in Practice?
We also explore the role of different components of DP algorithms in defending against backdoor attacks and will show that PATE is effective against these attacks due to the bagging structure of the teacher models it employs.
ERASER: Machine Unlearning in MLaaS via an Inference Serving-Aware Approach
However, despite their promising efficiency, almost all existing machine unlearning methods handle unlearning requests independently from inference requests, which unfortunately introduces a new security issue of inference service obsolescence and a privacy vulnerability of undesirable exposure for machine unlearning in MLaaS.
PoisonPrompt: Backdoor Attack on Prompt-based Large Language Models
Prompts have significantly improved the performance of pretrained Large Language Models (LLMs) on various downstream tasks recently, making them increasingly indispensable for a diverse range of LLM application scenarios.
RemovalNet: DNN Fingerprint Removal Attacks
After our DNN fingerprint removal attack, the model distance between the target and surrogate models is x100 times higher than that of the baseline attacks, (2) the RemovalNet is efficient.
FINER: Enhancing State-of-the-art Classifiers with Feature Attribution to Facilitate Security Analysis
Although feature attribution (FA) methods can be used to explain deep learning, the underlying classifier is still blind to what behavior is suspicious, and the generated explanation cannot adapt to downstream tasks, incurring poor explanation fidelity and intelligibility.
Pre-trained transformer for adversarial purification
It is frightening that deep neural networks are vulnerable and sensitive to adversarial attacks, the most common one of which for the services is evasion-based.
Wasserstein Adversarial Examples on Univariant Time Series Data
In this work, we propose adversarial examples in the Wasserstein space for time series data for the first time and utilize Wasserstein distance to bound the perturbation between normal examples and adversarial examples.
Federated Semi-Supervised Learning with Annotation Heterogeneity
Federated Semi-Supervised Learning (FSSL) aims to learn a global model from different clients in an environment with both labeled and unlabeled data.
Explaining Adversarial Robustness of Neural Networks from Clustering Effect Perspective
The experimental evaluations manifest the superiority of SAT over other state-of-the-art AT mechanisms in defending against adversarial attacks against both output and intermediate layers.
MUter: Machine Unlearning on Adversarially Trained Models
However, existing methods focus exclusively on unlearning from standard training models and do not apply to adversarial training models (ATMs) despite their popularity as effective defenses against adversarial examples.
Private Semi-supervised Knowledge Transfer for Deep Learning from Noisy Labels
PATE combines an ensemble of "teacher models" trained on sensitive data and transfers the knowledge to a "student" model through the noisy aggregation of teachers' votes for labeling unlabeled public data which the student model will be trained on.
DPAR: Decoupled Graph Neural Networks with Node-Level Differential Privacy
The key idea is to decouple the feature projection and message passing via a DP PageRank algorithm which learns the structure information and uses the top-$K$ neighbors determined by the PageRank for feature aggregation.
MULTIPAR: Supervised Irregular Tensor Factorization with Multi-task Learning
By supervising the tensor factorization with downstream prediction tasks and leveraging information from multiple related predictive tasks, MULTIPAR can yield not only more meaningful phenotypes but also better predictive performance for downstream tasks.
Backdoor Attacks on Crowd Counting
In this paper, we propose two novel Density Manipulation Backdoor Attacks (DMBA$^{-}$ and DMBA$^{+}$) to attack the model to produce arbitrarily large or small density estimations.
Vertical Federated Principal Component Analysis and Its Kernel Extension on Feature-wise Distributed Data
Despite enormous research interest and rapid application of federated learning (FL) to various areas, existing studies mostly focus on supervised federated learning under the horizontally partitioned local dataset setting.
SNEAK: Synonymous Sentences-Aware Adversarial Attack on Natural Language Video Localization
Natural language video localization (NLVL) is an important task in the vision-language understanding area, which calls for an in-depth understanding of not only computer vision and natural language side alone, but more importantly the interplay between both sides.
Two Birds, One Stone: Achieving both Differential Privacy and Certified Robustness for Pre-trained Classifiers via Input Perturbation
To solve this challenge, a reconstruction network is built before the public pre-trained classifiers to offer certified robustness and defend against adversarial examples through input perturbation.
Communication Efficient Generalized Tensor Factorization for Decentralized Healthcare Networks
Tensor factorization has been proved as an efficient unsupervised learning approach for health data analysis, especially for computational phenotyping, where the high-dimensional Electronic Health Records (EHRs) with patients' history of medical procedures, medications, diagnosis, lab tests, etc., are converted to meaningful and interpretable medical concepts.
Temporal Network Embedding via Tensor Factorization
Representation learning on static graph-structured data has shown a significant impact on many real-world applications.
SemiFed: Semi-supervised Federated Learning with Consistency and Pseudo-Labeling
Federated learning enables multiple clients, such as mobile phones and organizations, to collaboratively learn a shared model for prediction while protecting local data privacy.
Integer-arithmetic-only Certified Robustness for Quantized Neural Networks
Adversarial data examples have drawn significant attention from the machine learning and security communities.
RobustFed: A Truth Inference Approach for Robust Federated Learning
Federated learning is a prominent framework that enables clients (e. g., mobile devices or organizations) to train a collaboratively global model under a central server's orchestration while keeping local training datasets' privacy.
Certified Robustness to Word Substitution Attack with Differential Privacy
The robustness and security of natural language processing (NLP) models are significantly important in real-world applications.
An Optimized H.266/VVC Software Decoder On Mobile Platform
As the successor of H. 265/HEVC, the new versatile video coding standard (H. 266/VVC) can provide up to 50% bitrate saving with the same subjective quality, at the cost of increased decoding complexity.
Just Noticeable Difference for Deep Machine Vision
Experimental results on image classification demonstrate that we successfully find the JND for deep machine vision.
Privacy-Preserving Tensor Factorization for Collaborative Health Data Analysis
We propose DPFact, a privacy-preserving collaborative tensor factorization method for computational phenotyping using EHR.
Sturm: Sparse Tubal-Regularized Multilinear Regression for fMRI
While functional magnetic resonance imaging (fMRI) is important for healthcare/neuroscience applications, it is challenging to classify or interpret due to its multi-dimensional structure, high dimensionality, and small number of samples available.
Multidefender Security Games
Unlike most prior analysis, we focus on the situations in which each defender must protect multiple targets, so that even a single defender's best response decision is, in general, highly non-trivial.
