Search Results for author:
Found 28 papers, 6 papers with code
Practical Poisoning Attacks on Neural Networks
Importantly, we show that the effectiveness of BlackCard can be intuitively guaranteed by a set of analytical reasoning and observations, through exploiting an essential characteristic of gradient-descent optimization which is pervasively adopted in DNN models.
CertDW: Towards Certified Dataset Ownership Verification via Conformal Prediction
If the number of PP values smaller than WR exceeds a threshold, the suspicious model is regarded as having been trained on the protected dataset.
CoTGuard: Using Chain-of-Thought Triggering for Copyright Protection in Multi-Agent LLM Systems
As large language models (LLMs) evolve into autonomous agents capable of collaborative reasoning and task execution, multi-agent LLM systems have emerged as a powerful paradigm for solving complex problems.
Modality-Balancing Preference Optimization of Large Multimodal Models by Adversarial Negative Mining
Meanwhile, Group Relative Policy Optimization (GRPO), a recent method using online-generated data and verified rewards to improve reasoning capabilities, remains largely underexplored in LMM alignment.
Web Intellectual Property at Risk: Preventing Unauthorized Real-Time Retrieval by Large Language Models
The protection of cyber Intellectual Property (IP) such as web content is an increasingly critical concern.
Asymmetric Conflict and Synergy in Post-training for LLM-based Multilingual Machine Translation
The emergence of Large Language Models (LLMs) has advanced the multilingual machine translation (MMT), yet the Curse of Multilinguality (CoM) remains a major challenge.
Improved Unbiased Watermark for Large Language Models
As artificial intelligence surpasses human capabilities in text generation, the necessity to authenticate the origins of AI-generated content has become paramount.
Towards Copyright Protection for Knowledge Bases of Retrieval-augmented Language Models via Reasoning
Large language models (LLMs) are increasingly integrated into real-world personalized applications through retrieval-augmented generation (RAG) mechanisms to supplement their responses with domain-specific knowledge.
SleeperMark: Towards Robust Watermark against Fine-Tuning Text-to-image Diffusion Models
Recent advances in large-scale text-to-image (T2I) diffusion models have enabled a variety of downstream applications, including style customization, subject-driven personalization, and conditional generation.
Backdoor in Seconds: Unlocking Vulnerabilities in Large Pre-trained Models via Model Editing
Through empirical studies on the capability for performing backdoor attack in large pre-trained models ($\textit{e. g.,}$ ViT), we find the following unique challenges of attacking large pre-trained models: 1) the inability to manipulate or even access large training datasets, and 2) the substantial computational resources required for training or fine-tuning these models.
De-mark: Watermark Removal in Large Language Models
Watermarking techniques offer a promising way to identify machine-generated content via embedding covert information into the contents generated from language models (LMs).
A Watermark for Order-Agnostic Language Models
Correspondingly, we propose a statistical pattern-based detection algorithm that recovers the key sequence during detection and conducts statistical tests based on the count of high-frequency patterns.
Distortion-free Watermarks are not Truly Distortion-free under Watermark Key Collisions
Experimental results support that the beta-watermark can effectively reduce the distribution bias under key collisions.
Few-Shot Class Incremental Learning with Attention-Aware Self-Adaptive Prompt
Few-Shot Class-Incremental Learning (FSCIL) models aim to incrementally learn new classes with scarce samples while preserving knowledge of old ones.
class-incremental learning
Few-Shot Class-Incremental Learning
+1
Your Vision-Language Model Itself Is a Strong Filter: Towards High-Quality Instruction Tuning with Data Selection
In the first stage, we devise a scoring network to evaluate the difficulty of training instructions, which is co-trained with the VLM.
Federated Continual Novel Class Learning
In a privacy-focused era, Federated Learning (FL) has emerged as a promising machine learning technique.
Towards Sample-specific Backdoor Attack with Clean Labels via Attribute Trigger
We argue that the intensity constraint of existing SSBAs is mostly because their trigger patterns are `content-irrelevant' and therefore act as `noises' for both humans and DNNs.
A Resilient and Accessible Distribution-Preserving Watermark for Large Language Models
Watermarking techniques offer a promising way to identify machine-generated content via embedding covert information into the contents generated from language models.
MASTERKEY: Practical Backdoor Attack Against Speaker Verification Systems
In this work, we propose a backdoor attack MASTERKEY, to compromise the SV models.
PolicyCleanse: Backdoor Detection and Mitigation for Competitive Reinforcement Learning
To ensure the security of RL agents against malicious backdoors, in this work, we propose the problem of Backdoor Detection in multi-agent RL systems, with the objective of detecting Trojan agents as well as the corresponding potential trigger actions, and further trying to mitigate their bad impact.
PolicyCleanse: Backdoor Detection and Mitigation in Reinforcement Learning
To ensure the security of RL agents against malicious backdoors, in this work, we propose the problem of Backdoor Detection in a multi-agent competitive reinforcement learning system, with the objective of detecting Trojan agents as well as the corresponding potential trigger actions, and further trying to mitigate their Trojan behavior.
AEVA: Black-box Backdoor Detection Using Adversarial Extreme Value Analysis
We approach this problem from the optimization perspective and show that the objective of backdoor detection is bounded by an adversarial objective.
Adv-Makeup: A New Imperceptible and Transferable Attack on Face Recognition
Deep neural networks, particularly face recognition models, have been shown to be vulnerable to both digital and physical adversarial examples.
Neural Mean Discrepancy for Efficient Out-of-Distribution Detection
Based upon this observation, we propose a novel metric called Neural Mean Discrepancy (NMD), which compares neural means of the input examples and training data.
PredCoin: Defense against Query-based Hard-label Attack
PredCoin poisons the gradient estimation step, an essential component of most QBHL attacks.
CT Image Segmentation for Inflamed and Fibrotic Lungs Using a Multi-Resolution Convolutional Neural Network
Regional lobar analysis was performed using hierarchical clustering to identify radiographic subtypes of COVID-19.
PoisHygiene: Detecting and Mitigating Poisoning Attacks in Neural Networks
Being able to detect and mitigate poisoning attacks, typically categorized into backdoor and adversarial poisoning (AP), is critical in enabling safe adoption of DNNs in many application domains.
PhysGAN: Generating Physical-World-Resilient Adversarial Examples for Autonomous Driving
We compare PhysGAN with a set of state-of-the-art baseline methods including several of our self-designed ones, which further demonstrate the robustness and efficacy of our approach.
