Search Results for author:
Found 12 papers, 2 papers with code
No-Skim: Towards Efficiency Robustness Evaluation on Skimming-based Language Models
To reduce the computation cost and the energy consumption in large language models (LLM), skimming-based acceleration dynamically drops unimportant tokens of the input sequence progressively along layers of the LLM while preserving the tokens of semantic importance.
BELT: Old-School Backdoor Attacks can Evade the State-of-the-Art Defense with Backdoor Exclusivity Lifting
Deep neural networks (DNNs) are susceptible to backdoor attacks, where malicious functionality is embedded to allow attackers to trigger incorrect classifications.
JADE: A Linguistics-based Safety Evaluation Platform for Large Language Models
In this paper, we present JADE, a targeted linguistic fuzzing platform which strengthens the linguistic complexity of seed questions to simultaneously and consistently break a wide range of widely-used LLMs categorized in three groups: eight open-sourced Chinese, six commercial Chinese and four commercial English LLMs.
MIRA: Cracking Black-box Watermarking on Deep Neural Networks via Model Inversion-based Removal Attacks
In this paper, we propose a novel Model Inversion-based Removal Attack (\textsc{Mira}), which is watermark-agnostic and effective against most of mainstream black-box DNN watermarking schemes.
Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural Obfuscation
Copyright protection for deep neural networks (DNNs) is an urgent need for AI corporations.
Exorcising ''Wraith'': Protecting LiDAR-based Object Detector in Automated Driving System from Appearing Attacks
In this paper, we propose a novel plug-and-play defensive module which works by side of a trained LiDAR-based object detector to eliminate forged obstacles where a major proportion of local parts have low objectness, i. e., to what degree it belongs to a real object.
A Certifiable Security Patch for Object Tracking in Self-Driving Systems via Historical Deviation Modeling
To address this design flaw, we propose a simple yet effective security patch for KF-based MOT, the core of which is an adaptive strategy to balance the focus of KF on observations and predictions according to the anomaly index of the observation-prediction deviation, and has certified effectiveness against a generalized hijacking attack model.
Matryoshka: Stealing Functionality of Private ML Data by Hiding Models in Model
In this paper, we present a novel insider attack called Matryoshka, which employs an irrelevant scheduled-to-publish DNN model as a carrier model for covert transmission of multiple secret models which memorize the functionality of private ML data stored in local data centers.
Cracking White-box DNN Watermarks via Invariant Neuron Transforms
On $9$ state-of-the-art white-box watermarking schemes and a broad set of industry-level DNN architectures, our attack for the first time reduces the embedded identity message in the protected models to be almost random.
Exploring the Security Boundary of Data Reconstruction via Neuron Exclusivity Analysis
Among existing privacy attacks on the gradient of neural networks, \emph{data reconstruction attack}, which reverse engineers the training batch from the gradient, poses a severe threat on the private training data.
How Sequence-to-Sequence Models Perceive Language Styles?
Style is ubiquitous in our daily language uses, while what is language style to learning machines?
Theoretical Analysis of Image-to-Image Translation with Adversarial Learning
Recently, a unified model for image-to-image translation tasks within adversarial learning framework has aroused widespread research interests in computer vision practitioners.
