Search Results for author:
Found 8 papers, 0 papers with code
Semantic Mirror Jailbreak: Genetic Algorithm Based Jailbreak Prompts Against Open-source LLMs
Large Language Models (LLMs), used in creative writing, code generation, and translation, generate text based on input sequences but are vulnerable to jailbreak attacks, where crafted prompts induce harmful outputs.
Domain Bridge: Generative model-based domain forensic for black-box models
In forensic investigations of machine learning models, techniques that determine a model's data domain play an essential role, with prior work relying on large-scale corpora like ImageNet to approximate the target model's domain.
Adaptive Attractors: A Defense Strategy against ML Adversarial Collusion Attacks
This induces different adversarial regions in different copies, making adversarial samples generated on one copy not replicable on others.
Finding Meaningful Distributions of ML Black-boxes under Forensic Investigation
Our goal is to select a set of samples from the corpus for the given model.
Tracing the Origin of Adversarial Attack for Forensic Investigation and Deterrence
In this paper, we take the role of investigators who want to trace the attack and identify the source, that is, the particular model which the adversarial examples are generated from.
Mitigating Adversarial Attacks by Distributing Different Copies to Different Users
We point out that by distributing different copies of the model to different buyers, we can mitigate the attack such that adversarial samples found on one copy would not work on another copy.
Confusing and Detecting ML Adversarial Attacks with Injected Attractors
Many machine learning adversarial attacks find adversarial samples of a victim model ${\mathcal M}$ by following the gradient of some attack objective functions, either explicitly or implicitly.
Flipped-Adversarial AutoEncoders
We propose a flipped-Adversarial AutoEncoder (FAAE) that simultaneously trains a generative model G that maps an arbitrary latent code distribution to a data distribution and an encoder E that embodies an "inverse mapping" that encodes a data sample into a latent code vector.
