Search Results for author:
Found 74 papers, 44 papers with code
Meta SecAlign: A Secure Foundation LLM Against Prompt Injection Attacks
We believe open-source models are needed by the AI security community, where co-development of attacks and defenses through open research drives scientific progress in mitigation against prompt injection attacks.
Machine Learning with Privacy for Protected Attributes
For example, we train diffusion models on the AFHQ dataset of animal faces and observe a drastic improvement in FID compared to DP, from 286. 7 to 101. 9 at $\epsilon=8$, assuming that the blurred version of a training image is available as a public feature.
DuetGen: Music Driven Two-Person Dance Generation via Hierarchical Masked Modeling
Subsequently, in the second stage, two generative masked transformers learn to map music signals to these dance tokens: the first producing high-level semantic tokens, and the second, conditioned on music and these semantic tokens, producing the low-level tokens.
How much do language models memorize?
We propose a new method for estimating how much a model ``knows'' about a datapoint and use it to measure the capacity of modern language models.
RoFL: Robust Fingerprinting of Language Models
We present a new method that enable model developers to perform such identification via fingerprints: statistical patterns that are unique to the developer's model and robust to common alterations of that model.
Sketch2Anim: Towards Transferring Sketch Storyboards into 3D Animation
Storyboarding is widely used for creating 3D animations.
WASP: Benchmarking Web Agent Security Against Prompt Injection Attacks
Autonomous UI agents powered by AI have tremendous potential to boost human productivity by automating routine tasks such as filing taxes and paying bills.
MotionDreamer: One-to-Many Motion Synthesis with Localized Generative Masked Transformer
In this work, we present MotionDreamer, a localized masked modeling paradigm designed to learn internal motion patterns from a given motion with arbitrary topology and duration.
SceneMI: Motion In-betweening for Modeling Human-Scene Interactions
Modeling human-scene interactions (HSI) is essential for understanding and simulating everyday human behaviors.
A Survey on Human Interaction Motion Generation
Humans inhabit a world defined by interactions -- with other humans, objects, and environments.
AgentDAM: Privacy Leakage Evaluation for Autonomous Web Agents
In this work, we propose one way to address that potential risk, by training AI agents to better satisfy the privacy principle of data minimization.
Detecting Benchmark Contamination Through Watermarking
Benchmark contamination poses a significant challenge to the reliability of Large Language Models (LLMs) evaluations, as it is difficult to assert whether a model has been trained on a test set.
AdvPrefix: An Objective for Nuanced LLM Jailbreaks
To address these limitations, we introduce AdvPrefix, a new prefix-forcing objective that enables more nuanced control over model behavior while being easy to optimize.
Unlocking Visual Secrets: Inverting Features with Diffusion Priors for Image Reconstruction
In this paper, we explore the use of diffusion models, a promising technique for image synthesis, to enhance feature inversion quality.
ControlMM: Controllable Masked Motion Generation
To further enhance control precision, we introduce inference-time logit editing, which manipulates the predicted conditional motion distribution so that the generated motion, sampled from the adjusted distribution, closely adheres to the input control signals.
InterMask: 3D Human Interaction Generation via Collaborative Masked Modelling
In this work, we introduce InterMask, a novel framework for generating human interactions using collaborative masked modeling in discrete space.
Ranked #1 on
Motion Synthesis
on Inter-X
RegionGrasp: A Novel Task for Contact Region Controllable Hand Grasp Generation
This motivates us to consider a novel task of \textit{Region Controllable Hand Grasp Generation (RegionGrasp)}, as follows: given as input a 3D object, together with its specific surface area selected as the intended contact region, to generate a diverse set of plausible hand grasps of the object, where the thumb finger tip touches the object surface on the contact region.
SecAlign: Defending Against Prompt Injection with Preference Optimization
We then perform preference optimization on this dataset to teach the LLM to prefer the secure output over the insecure one.
GSD: View-Guided Gaussian Splatting Diffusion for 3D Reconstruction
We present GSD, a diffusion model approach based on Gaussian Splatting (GS) representation for 3D object reconstruction from a single view.
An Introduction to Vision-Language Modeling
Then, we present and discuss approaches to evaluate VLMs.
AdvPrompter: Fast Adaptive Adversarial Prompting for LLMs
We also show that training on adversarial suffixes generated by AdvPrompter is a promising strategy for improving the robustness of LLMs to jailbreaking attacks.
Guarantees of confidentiality via Hammersley-Chapman-Robbins bounds
The HCR bounds appear to be insufficient on their own to guarantee confidentiality of the inputs to inference with standard deep neural nets, "ResNet-18" and "Swin-T," pre-trained on the data set, "ImageNet-1000," which contains 1000 classes.
DP-RDM: Adapting Diffusion Models to Private Domains Without Fine-Tuning
Text-to-image diffusion models have been shown to suffer from sample-level memorization, possibly reproducing near-perfect replica of images that they are trained on, which may be undesirable.
Privacy Amplification for the Gaussian Mechanism via Bounded Support
Data-dependent privacy accounting frameworks such as per-instance differential privacy (pDP) and Fisher information loss (FIL) confer fine-grained privacy guarantees for individuals in a fixed training dataset.
Differentially Private Representation Learning via Image Captioning
In this work, we show that effective DP representation learning can be done via image captioning and scaling up to internet-scale multimodal datasets.
Déjà Vu Memorization in Vision-Language Models
Vision-Language Models (VLMs) have emerged as the state-of-the-art representation learning solution, with myriads of downstream applications such as image classification, retrieval and generation.
Generative Human Motion Stylization in Latent Space
Building upon this, we present a novel generative model that produces diverse stylization results of a single motion (latent) code.
MotionMix: Weakly-Supervised Diffusion for Controllable Motion Generation
Specifically, we separate the denoising objectives of a diffusion model into two stages: obtaining conditional rough motion approximations in the initial $T-T^*$ steps by learning the noisy annotated motions, followed by the unconditional refinement of these preliminary motions during the last $T^*$ steps using unannotated motions.
MoMask: Generative Masked Modeling of 3D Human Motions
For the base-layer motion tokens, a Masked Transformer is designated to predict randomly masked motion tokens conditioned on text input at training stage.
Ranked #5 on
Motion Synthesis
on HumanML3D
Large-Scale Public Data Improves Differentially Private Image Generation Quality
In this work, we look at how to use generic large-scale public data to improve the quality of differentially private image generation in Generative Adversarial Networks (GANs), and provide an improved method that uses public data effectively.
ViP: A Differentially Private Foundation Model for Computer Vision
In this work, we propose as a mitigation measure a recipe to train foundation vision models with differential privacy (DP) guarantee.
"Private Prediction Strikes Back!'' Private Kernelized Nearest Neighbors with Individual Renyi Filter
Most existing approaches of differentially private (DP) machine learning focus on private training.
Information Flow Control in Machine Learning through Modular Model Architecture
This lack of control for information flow from training data to model output is a major obstacle in training models on sensitive data when access control only allows individual users to access a subset of data.
Do SSL Models Have Déjà Vu? A Case of Unintended Memorization in Self-supervised Learning
Self-supervised learning (SSL) algorithms can produce useful image representations by learning to associate different parts of natural images with one another.
TM2D: Bimodality Driven 3D Dance Generation via Music-Text Integration
We propose a novel task for generating 3D dance movements that simultaneously incorporate both text and music modalities.
Ranked #3 on
Motion Synthesis
on AIST++
Privacy-Aware Compression for Federated Learning Through Numerical Mechanism Design
In private federated learning (FL), a server aggregates differentially private updates from a large number of clients in order to train a machine learning model.
Analyzing Privacy Leakage in Machine Learning via Multiple Hypothesis Testing: A Lesson From Fano
Differential privacy (DP) is by far the most widely accepted framework for mitigating privacy risks in machine learning.
Learning to Invert: Simple Adaptive Attacks for Gradient Inversion in Federated Learning
Gradient inversion attack enables recovery of training samples from model gradients in federated learning (FL), and constitutes a serious threat to data privacy.
Measuring and Controlling Split Layer Privacy Leakage Using Fisher Information
Split learning and inference propose to run training/inference of a large model that is split across client devices and the cloud.
Cocktail Party Attack: Breaking Aggregation-Based Privacy in Federated Learning using Independent Component Analysis
Federated learning (FL) aims to perform privacy-preserving machine learning on distributed data held by multiple data owners.
TM2T: Stochastic and Tokenized Modeling for the Reciprocal Generation of 3D Human Motions and Texts
Our approach is flexible, could be used for both text2motion and motion2text tasks.
Ranked #3 on
Motion Captioning
on HumanML3D
Promoting Saliency From Depth: Deep Unsupervised RGB-D Saliency Detection
The laborious and time-consuming manual annotation has become a real bottleneck in various practical scenarios.
Origins of Low-dimensional Adversarial Perturbations
Finally, we show that if a decision-region is compact, then it admits a universal adversarial perturbation with $L_2$ norm which is $\sqrt{d}$ times smaller than the typical $L_2$ norm of a data point.
Privacy-Aware Compression for Federated Data Analysis
Federated data analytics is a framework for distributed data analysis where a server compiles noisy responses from a group of distributed low-bandwidth user devices to estimate aggregate statistics.
Does Label Differential Privacy Prevent Label Inference Attacks?
Label differential privacy (label-DP) is a popular framework for training private ML models on datasets with public features and sensitive private labels.
Bounding Training Data Reconstruction in Private (Deep) Learning
Differential privacy is widely accepted as the de facto method for preventing data leakage in ML, and conventional wisdom suggests that it offers strong protection against privacy attacks.
Submix: Practical Private Prediction for Large-Scale Language Models
Recent data-extraction attacks have exposed that language models can memorize some training samples verbatim.
Generating Diverse and Natural 3D Human Motions From Text
Automated generation of 3D human motions from text is a challenging problem.
Ranked #3 on
Motion Synthesis
on Inter-X
ReAct: Out-of-distribution Detection With Rectified Activations
Out-of-distribution (OOD) detection has received much attention lately due to its practical importance in enhancing the safe deployment of neural networks.
Ranked #14 on
Out-of-Distribution Detection
on ImageNet-1k vs SUN
On the Importance of Difficulty Calibration in Membership Inference Attacks
The vulnerability of machine learning models to membership inference attacks has received much attention in recent years.
Action2video: Generating Videos of Human 3D Actions
Action2motion stochastically generates plausible 3D pose sequences of a prescribed action category, which are processed and rendered by motion2video to form 2D videos.
BulletTrain: Accelerating Robust Neural Network Training via Boundary Example Mining
Neural network robustness has become a central topic in machine learning in recent years.
EventHPE: Event-based 3D Human Pose and Shape Estimation
Event camera is an emerging imaging sensor for capturing dynamics of moving objects as events, which motivates our work in estimating 3D human pose and shape from the event signals.
Human Pose and Shape Estimation from Single Polarization Images
This paper focuses on a new problem of estimating human pose and shape from single polarization images.
Online Adaptation to Label Distribution Shift
Machine learning models often encounter distribution shifts when deployed in the real world.
Byzantine-Robust and Privacy-Preserving Framework for FedML
This learning setting presents, among others, two unique challenges: how to protect privacy of the clients' data during training, and how to ensure integrity of the trained model.
Gradient-based Adversarial Attacks against Text Transformers
We propose the first general-purpose gradient-based attack against transformer models.
Fixes That Fail: Self-Defeating Improvements in Machine-Learning Systems
Machine-learning systems such as self-driving cars or virtual assistants are composed of a large number of machine-learning models that recognize image content, transcribe speech, analyze natural language, infer preferences, rank options, etc.
Measuring Data Leakage in Machine-Learning Models with Fisher Information
This information leaks either through the model itself or through predictions made by the model.
Making Paper Reviewing Robust to Bid Manipulation Attacks
We develop a novel approach for paper bidding and assignment that is much more robust against such attacks.
Action2Motion: Conditioned Generation of 3D Human Motions
Action recognition is a relatively established task, where givenan input sequence of human motion, the goal is to predict its ac-tion category.
Polarization Human Shape and Pose Dataset
Polarization images are known to be able to capture polarized reflected lights that preserve rich geometric cues of an object, which has motivated its recent applications in reconstructing detailed surface normal of the objects of interest.
On Hiding Neural Networks Inside Neural Networks
Modern neural networks often contain significantly more parameters than the size of their training data.
Secure multiparty computations in floating-point arithmetic
Secure multiparty computations enable the distribution of so-called shares of sensitive data to multiple parties such that the multiple parties can effectively process the data while being unable to glean much information about the data (at least not without collusion among all parties to put back together all the shares).
TrojanNet: Exposing the Danger of Trojan Horse Attack on Neural Networks
The complexity of large-scale neural networks can lead to poor understanding of their internal details.
Breaking the Glass Ceiling for Embedding-Based Classifiers for Large Output Spaces
In extreme classification settings, embedding-based neural network models are currently not competitive with sparse linear and tree-based methods in terms of accuracy.
Certified Data Removal from Machine Learning Models
Good data stewardship requires removal of data at the request of the data's owner.
A New Defense Against Adversarial Images: Turning a Weakness into a Strength
Natural images are virtually surrounded by low-density misclassified regions that can be efficiently discovered by gradient-guided search --- enabling the generation of adversarial images.
Simple Black-box Adversarial Attacks
We propose an intriguingly simple method for the construction of adversarial images in the black-box setting.
Low Frequency Adversarial Perturbation
In this paper we propose to restrict the search for adversarial images to a low frequency domain.
An empirical study on evaluation metrics of generative adversarial networks
Evaluating generative adversarial networks (GANs) is inherently challenging.
Countering Adversarial Images using Input Transformations
This paper investigates strategies that defend against adversarial-example attacks on image-classification systems by transforming the inputs before feeding them to the system.
On Calibration of Modern Neural Networks
Confidence calibration -- the problem of predicting probability estimates representative of the true correctness likelihood -- is important for classification models in many applications.
Supervised Word Mover's Distance
Accurately measuring the similarity between text documents lies at the core of many real world applications of machine learning.
