Search Results for author:
Found 32 papers, 11 papers with code
Unlearning Backdoor Threats: Enhancing Backdoor Defense in Multimodal Contrastive Learning via Local Token Unlearning
In this paper, we explore the possibility of a less-cost defense from the perspective of model unlearning, that is, whether the model can be made to quickly \textbf{u}nlearn \textbf{b}ackdoor \textbf{t}hreats (UBT) by constructing a small set of poisoned samples.
Object Detectors in the Open Environment: Challenges, Solutions, and Outlook
This paper aims to bridge this gap by conducting a comprehensive review and analysis of object detectors in open environments.
Hide in Thicket: Generating Imperceptible and Rational Adversarial Perturbations on 3D Point Clouds
We find that concealing deformation perturbations in areas insensitive to human eyes can achieve a better trade-off between imperceptibility and adversarial strength, specifically in parts of the object surface that are complex and exhibit drastic curvature changes.
VL-Trojan: Multimodal Instruction Backdoor Attacks against Autoregressive Visual Language Models
Nevertheless, the frozen visual encoder in autoregressive VLMs imposes constraints on the learning of conventional image triggers.
Semantic Mirror Jailbreak: Genetic Algorithm Based Jailbreak Prompts Against Open-source LLMs
Large Language Models (LLMs), used in creative writing, code generation, and translation, generate text based on input sequences but are vulnerable to jailbreak attacks, where crafted prompts induce harmful outputs.
Poisoned Forgery Face: Towards Backdoor Attacks on Face Forgery Detection
However, this paper introduces a novel and previously unrecognized threat in face forgery detection scenarios caused by backdoor attack.
Less is More: Fewer Interpretable Region via Submodular Subset Selection
For incorrectly predicted samples, our method achieves gains of 81. 0% and 18. 4% compared to the HSIC-Attribution algorithm in the average highest confidence and Insertion score respectively.
Does Few-shot Learning Suffer from Backdoor Attacks?
However, in this paper, we propose the Few-shot Learning Backdoor Attack (FLBA) to show that FSL can still be vulnerable to backdoor attacks.
Pre-trained Trojan Attacks for Visual Recognition
This paper aims to raise awareness of the potential threats associated with applying PVMs in practical scenarios.
SA-Attack: Improving Adversarial Transferability of Vision-Language Pre-training Models via Self-Augmentation
Current Visual-Language Pre-training (VLP) models are vulnerable to adversarial examples.
BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning
This paper reveals the threats in this practical scenario that backdoor attacks can remain effective even after defenses and introduces the \emph{\toolns} attack, which is resistant to backdoor detection and model fine-tuning defenses.
Improving Adversarial Transferability by Stable Diffusion
Various techniques have emerged to enhance the transferability of adversarial attacks for the black-box scenario.
Face Encryption via Frequency-Restricted Identity-Agnostic Attacks
As for the weak black-box scenario feasibility, we obverse that representations of the average feature in multiple face recognition models are similar, thus we propose to utilize the average feature via the crawled dataset from the Internet as the target to guide the generation, which is also agnostic to identities of unknown face recognition systems; in nature, the low-frequency perturbations are more visually perceptible by the human vision system.
Isolation and Induction: Training Robust Deep Neural Networks against Model Stealing Attacks
However, these defenses are now suffering problems of high inference computational overheads and unfavorable trade-offs between benign accuracy and stealing robustness, which challenges the feasibility of deployed models in practice.
Privacy-Enhancing Face Obfuscation Guided by Semantic-Aware Attribution Maps
Within this module, we introduce a pixel importance estimation model based on Shapley value to obtain a pixel-level attribution map, and then each pixel on the attribution map is aggregated into semantic facial parts, which are used to quantify the importance of different facial parts.
Diversifying the High-level Features for better Adversarial Transferability
Incorporated into the input transformation-based attacks, DHF generates more transferable adversarial examples and outperforms the baselines with a clear margin when attacking several defense models, showing its generalization to various attacks and high effectiveness for boosting transferability.
X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection
In this paper, we take the first step toward the study of adversarial attacks targeted at X-ray prohibited item detection, and reveal the serious threats posed by such attacks in this safety-critical scenario.
Optimal Inter-area Oscillation Damping Control: A Transfer Deep Reinforcement Learning Approach with Switching Control Strategy
Wide-area damping control for inter-area oscillation (IAO) is critical to modern power systems.
Exploring the Relationship Between Architectural Design and Adversarially Robust Generalization
In particular, we comprehensively evaluated 20 most representative adversarially trained architectures on ImageNette and CIFAR-10 datasets towards multiple l_p-norm adversarial attacks.
Learning to Optimize Permutation Flow Shop Scheduling via Graph-based Imitation Learning
Compared to the state-of-the-art reinforcement learning method, our model's network parameters are reduced to only 37\% of theirs, and the solution gap of our model towards the expert solutions decreases from 6. 8\% to 1. 3\% on average.
SimpleDG: Simple Domain Generalization Baseline without Bells and Whistles
We present a simple domain generalization baseline, which wins second place in both the common context generalization track and the hybrid context generalization track respectively in NICO CHALLENGE 2022.
Exploring the Relationship between Architecture and Adversarially Robust Generalization
Inparticular, we comprehensively evaluated 20 most representative adversarially trained architectures on ImageNette and CIFAR-10 datasets towards multiple `p-norm adversarial attacks.
Exploring Inconsistent Knowledge Distillation for Object Detection with Data Augmentation
Specifically, we propose a sample-specific data augmentation to transfer the teacher model's ability in capturing distinct frequency components and suggest an adversarial feature augmentation to extract the teacher model's perceptions of non-robust features in the data.
A Large-scale Multiple-objective Method for Black-box Attack against Object Detection
Recent studies have shown that detectors based on deep models are vulnerable to adversarial examples, even in the black-box scenario where the attacker cannot access the model information.
Improving Robust Fairness via Balance Adversarial Training
Adversarial training (AT) methods are effective against adversarial attacks, yet they introduce severe disparity of accuracy and robustness between different classes, known as the robust fairness problem.
Universal Backdoor Attacks Detection via Adaptive Adversarial Probe
Most detection methods are designed to verify whether a model is infected with presumed types of backdoor attacks, yet the adversary is likely to generate diverse backdoor attacks in practice that are unforeseen to defenders, which challenge current detection strategies.
Edge YOLO: Real-Time Intelligent Object Detection System Based on Edge-Cloud Cooperation in Autonomous Vehicles
Driven by the ever-increasing requirements of autonomous vehicles, such as traffic monitoring and driving assistant, deep learning-based object detection (DL-OD) has been increasingly attractive in intelligent transportation systems.
Fast Transient Stability Prediction Using Grid-informed Temporal and Topological Embedding Deep Neural Network
Transient stability prediction is critically essential to the fast online assessment and maintaining the stable operation in power systems.
Parallel Rectangle Flip Attack: A Query-based Black-box Attack against Object Detection
Extensive experiments demonstrate that our method can effectively and efficiently attack various popular object detectors, including anchor-based and anchor-free, and generate transferable adversarial examples.
Generate More Imperceptible Adversarial Examples for Object Detection
The existing attack methods have the following problems: 1) the training generator takes a long time and is difficult to extend to a large dataset; 2) the excessive destruction of the image features does not improve the black-box attack effect(the generated adversarial examples have poor transferability) and brings about visible perturbations.
Efficient Adversarial Attacks for Visual Object Tracking
In this paper, we analyze the weakness of object trackers based on the Siamese network and then extend adversarial examples to visual object tracking.
Transferable Adversarial Attacks for Image and Video Object Detection
Adversarial examples have been demonstrated to threaten many computer vision tasks including object detection.
