Search Results for author: Kui Ren

Found 33 papers, 8 papers with code

Privacy-preserving Adversarial Facial Features

no code implementations CVPR 2023 Zhibo Wang, He Wang, Shuaifan Jin, Wenwen Zhang, Jiahui Hu, Yan Wang, Peng Sun, Wei Yuan, Kaixin Liu, Kui Ren

In this paper, we propose an adversarial features-based face privacy protection (AdvFace) approach to generate privacy-preserving adversarial features, which can disrupt the mapping from adversarial features to facial images to defend against reconstruction attacks.

Face Recognition Privacy Preserving

ANetQA: A Large-scale Benchmark for Fine-grained Compositional Reasoning over Untrimmed Videos

1 code implementation CVPR 2023 Zhou Yu, Lixiang Zheng, Zhou Zhao, Fei Wu, Jianping Fan, Kui Ren, Jun Yu

A recent benchmark AGQA poses a promising paradigm to generate QA pairs automatically from pre-annotated scene graphs, enabling it to measure diverse reasoning abilities with granular control.

Question Answering Spatio-temporal Scene Graphs +1

False Claims against Model Ownership Resolution

no code implementations13 Apr 2023 Jian Liu, Rui Zhang, Sebastian Szyller, Kui Ren, N. Asokan

Our core idea is that a malicious accuser can deviate (without detection) from the specified MOR process by finding (transferable) adversarial examples that successfully serve as evidence against independent suspect models.

GLOW: Global Layout Aware Attacks on Object Detection

no code implementations27 Feb 2023 Buyu Liu, BaoJun, Jianping Fan, Xi Peng, Kui Ren, Jun Yu

More desired attacks, to this end, should be able to fool defenses with such consistency checks.

object-detection Object Detection

Adaptive State-Dependent Diffusion for Derivative-Free Optimization

no code implementations8 Feb 2023 Björn Engquist, Kui Ren, Yunan Yang

This paper develops and analyzes a stochastic derivative-free optimization strategy.

Towards Transferable Targeted Adversarial Examples

no code implementations CVPR 2023 Zhibo Wang, Hongshan Yang, Yunhe Feng, Peng Sun, Hengchang Guo, Zhifei Zhang, Kui Ren

In this paper, we propose the Transferable Targeted Adversarial Attack (TTAA), which can capture the distribution information of the target class from both label-wise and feature-wise perspectives, to generate highly transferable targeted adversarial examples.

Adversarial Attack

Purifier: Defending Data Inference Attacks via Transforming Confidence Scores

no code implementations1 Dec 2022 Ziqi Yang, Lijin Wang, Da Yang, Jie Wan, Ziming Zhao, Ee-Chien Chang, Fan Zhang, Kui Ren

Besides, our further experiments show that PURIFIER is also effective in defending adversarial model inversion attacks and attribute inference attacks.

Inference Attack Membership Inference Attack

Masked Autoencoders for Egocentric Video Understanding @ Ego4D Challenge 2022

1 code implementation18 Nov 2022 Jiachen Lei, Shuang Ma, Zhongjie Ba, Sai Vemprala, Ashish Kapoor, Kui Ren

In this report, we present our approach and empirical results of applying masked autoencoders in two egocentric video understanding tasks, namely, Object State Change Classification and PNR Temporal Localization, of Ego4D Challenge 2022.

Object State Change Classification Temporal Localization +1

FedTracker: Furnishing Ownership Verification and Traceability for Federated Learning Model

no code implementations14 Nov 2022 Shuo Shao, Wenyuan Yang, Hanlin Gu, Jian Lou, Zhan Qin, Lixin Fan, Qiang Yang, Kui Ren

Copyright protection of the Federated Learning (FL) model has become a major concern since malicious clients in FL can stealthily distribute or sell the FL model to other parties.

Continual Learning Federated Learning

Privacy-Utility Balanced Voice De-Identification Using Adversarial Examples

no code implementations10 Nov 2022 Meng Chen, Li Lu, Jiadi Yu, Yingying Chen, Zhongjie Ba, Feng Lin, Kui Ren

In this paper, we propose a voice de-identification system, which uses adversarial examples to balance the privacy and utility of voice services.

De-identification Speaker Identification

Data-Driven Joint Inversions for PDE Models

no code implementations17 Oct 2022 Kui Ren, Lu Zhang

The task of simultaneously reconstructing multiple physical coefficients in partial differential equations from observed data is ubiquitous in applications.

OpBoost: A Vertical Federated Tree Boosting Framework Based on Order-Preserving Desensitization

1 code implementation4 Oct 2022 Xiaochen Li, Yuke Hu, Weiran Liu, Hanwen Feng, Li Peng, Yuan Hong, Kui Ren, Zhan Qin

Although the solution based on Local Differential Privacy (LDP) addresses the above problems, it leads to the low accuracy of the trained model.

Federated Learning Privacy Preserving

Task-aware Similarity Learning for Event-triggered Time Series

no code implementations17 Jul 2022 Shaoyu Dou, Kai Yang, Yang Jiao, Chengbo Qiu, Kui Ren

The proposed framework aspires to offer a stepping stone that gives rise to a systematic approach to model and learn similarities among a multitude of event-triggered time series.

Anomaly Detection Time Series Analysis

Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training

no code implementations5 Jun 2022 Guodong Cao, Zhibo Wang, Xiaowei Dong, Zhifei Zhang, Hengchang Guo, Zhan Qin, Kui Ren

However, most existing works are still trapped in the dilemma between higher accuracy and stronger robustness since they tend to fit a model towards robust features (not easily tampered with by adversaries) while ignoring those non-robust but highly predictive features.

Knowledge Distillation

An Algebraically Converging Stochastic Gradient Descent Algorithm for Global Optimization

no code implementations12 Apr 2022 Björn Engquist, Kui Ren, Yunan Yang

With this, we prove the global convergence of the algorithm with an algebraic rate both in probability and in the parameter space.

Fairness-aware Adversarial Perturbation Towards Bias Mitigation for Deployed Deep Models

no code implementations CVPR 2022 Zhibo Wang, Xiaowei Dong, Henry Xue, Zhifei Zhang, Weifeng Chiu, Tao Wei, Kui Ren

Prioritizing fairness is of central importance in artificial intelligence (AI) systems, especially for those societal applications, e. g., hiring systems should recommend applicants equally from different demographic groups, and risk assessment systems must eliminate racism in criminal justice.


Backdoor Defense via Decoupling the Training Process

2 code implementations ICLR 2022 Kunzhe Huang, Yiming Li, Baoyuan Wu, Zhan Qin, Kui Ren

Recent studies have revealed that deep neural networks (DNNs) are vulnerable to backdoor attacks, where attackers embed hidden backdoors in the DNN model by poisoning a few training samples.

backdoor defense Self-Supervised Learning

A Generalized Weighted Optimization Method for Computational Learning and Inversion

no code implementations ICLR 2022 Björn Engquist, Kui Ren, Yunan Yang

The generalization capacity of various machine learning models exhibits different phenomena in the under- and over-parameterized regimes.


"Adversarial Examples" for Proof-of-Learning

1 code implementation21 Aug 2021 Rui Zhang, Jian Liu, Yuan Ding, Zhibo Wu, Qingbiao Wang, Kui Ren

Jia et al. claimed that an adversary merely knowing the final model and training dataset cannot efficiently find a set of intermediate models with correct data points.

Feature Importance-aware Transferable Adversarial Attacks

1 code implementation ICCV 2021 Zhibo Wang, Hengchang Guo, Zhifei Zhang, Wenxin Liu, Zhan Qin, Kui Ren

More specifically, we obtain feature importance by introducing the aggregate gradient, which averages the gradients with respect to feature maps of the source model, computed on a batch of random transforms of the original clean image.

Feature Importance

A range characterization of the single-quadrant ADRT

no code implementations11 Oct 2020 Weilin Li, Kui Ren, Donsub Rim

The range characterization is obtained by first showing that the ADRT is a bijection between images supported on infinite half-strips, then identifying the linear subspaces that stay finitely supported under the inversion formula.

Injecting Reliable Radio Frequency Fingerprints Using Metasurface for The Internet of Things

no code implementations12 Jun 2020 Sekhar Rajendran, Zhi Sun, Feng Lin, Kui Ren

Our proposed solution, Metasurface RF-Fingerprinting Injection (MeRFFI), is to inject a carefully-designed radio frequency fingerprint into the wireless physical layer that can increase the security of a stationary IoT device with minimal overhead.

Towards Understanding the Adversarial Vulnerability of Skeleton-based Action Recognition

no code implementations14 May 2020 Tianhang Zheng, Sheng Liu, Changyou Chen, Junsong Yuan, Baochun Li, Kui Ren

We first formulate generation of adversarial skeleton actions as a constrained optimization problem by representing or approximating the physiological and physical constraints with mathematical formulations.

Action Recognition Skeleton Based Action Recognition

Learn to Forget: Machine Unlearning via Neuron Masking

no code implementations24 Mar 2020 Yang Liu, Zhuo Ma, Ximeng Liu, Jian Liu, Zhongyuan Jiang, Jianfeng Ma, Philip Yu, Kui Ren

To this end, machine unlearning becomes a popular research topic, which allows users to eliminate memorization of their private data from a trained machine learning model. In this paper, we propose the first uniform metric called for-getting rate to measure the effectiveness of a machine unlearning method.

BIG-bench Machine Learning Federated Learning +1

The quadratic Wasserstein metric for inverse data matching

no code implementations15 Nov 2019 Bjorn Engquist, Kui Ren, Yunan Yang

This work characterizes, analytically and numerically, two major effects of the quadratic Wasserstein ($W_2$) distance as the measure of data discrepancy in computational solutions of inverse problems.

Data Poisoning Attack against Knowledge Graph Embedding

no code implementations26 Apr 2019 Hengtong Zhang, Tianhang Zheng, Jing Gao, Chenglin Miao, Lu Su, Yaliang Li, Kui Ren

Knowledge graph embedding (KGE) is a technique for learning continuous embeddings for entities and relations in the knowledge graph. Due to its benefit to a variety of downstream tasks such as knowledge graph completion, question answering and recommendation, KGE has gained significant attention recently.

Data Poisoning Knowledge Graph Completion +2

PointCloud Saliency Maps

3 code implementations ICCV 2019 Tianhang Zheng, Changyou Chen, Junsong Yuan, Bo Li, Kui Ren

Our motivation for constructing a saliency map is by point dropping, which is a non-differentiable operator.

Is PGD-Adversarial Training Necessary? Alternative Training via a Soft-Quantization Network with Noisy-Natural Samples Only

no code implementations10 Oct 2018 Tianhang Zheng, Changyou Chen, Kui Ren

In this paper, we give a negative answer by proposing a training paradigm that is comparable to PGD adversarial training on several standard datasets, while only using noisy-natural samples.

Adversarial Attack Quantization

Towards Differentially Private Truth Discovery for Crowd Sensing Systems

no code implementations10 Oct 2018 Yaliang Li, Houping Xiao, Zhan Qin, Chenglin Miao, Lu Su, Jing Gao, Kui Ren, Bolin Ding

To better utilize sensory data, the problem of truth discovery, whose goal is to estimate user quality and infer reliable aggregated results through quality-aware data aggregation, has emerged as a hot topic.

Privacy Preserving

WiPIN: Operation-free Passive Person Identification Using Wi-Fi Signals

no code implementations6 Oct 2018 Fei Wang, Jinsong Han, Feng Lin, Kui Ren

Wi-Fi signals-based person identification attracts increasing attention in the booming Internet-of-Things era mainly due to its pervasiveness and passiveness.

Person Identification

Distributionally Adversarial Attack

4 code implementations16 Aug 2018 Tianhang Zheng, Changyou Chen, Kui Ren

Recent work on adversarial attack has shown that Projected Gradient Descent (PGD) Adversary is a universal first-order adversary, and the classifier adversarially trained by PGD is robust against a wide range of first-order attacks.

Adversarial Attack

Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection

no code implementations10 Aug 2018 Xiao Chen, Chaoran Li, Derui Wang, Sheng Wen, Jun Zhang, Surya Nepal, Yang Xiang, Kui Ren

In contrast to existing works, the adversarial examples crafted by our method can also deceive recent machine learning based detectors that rely on semantic features such as control-flow-graph.

Cryptography and Security

Cannot find the paper you are looking for? You can Submit a new open access paper.