Search Results for author:
Found 48 papers, 24 papers with code
R1-Zero's "Aha Moment" in Visual Reasoning on a 2B Non-SFT Model
However, attempts to extend this success to multimodal reasoning often failed to reproduce these key characteristics.
LaRA: Benchmarking Retrieval-Augmented Generation and Long-Context LLMs - No Silver Bullet for LC or RAG Routing
However, the advancements in context window size for LLMs offer an alternative approach, raising the question of whether RAG remains necessary for effectively handling external knowledge.
Improving Your Model Ranking on Chatbot Arena by Vote Rigging
We first introduce a straightforward target-only rigging strategy that focuses on new battles involving $m_{t}$, identifying it via watermarking or a binary classifier, and exclusively voting for $m_{t}$ wins.
Uncovering, Explaining, and Mitigating the Superficial Safety of Backdoor Defense
We find that current safety purification methods are vulnerable to the rapid re-learning of backdoor behavior, even when further fine-tuning of purified models is performed using a very small number of poisoned samples.
Defense Against Syntactic Textual Backdoor Attacks with Token Substitution
Textual backdoor attacks present a substantial security risk to Large Language Models (LLM).
One Prompt is not Enough: Automated Construction of a Mixture-of-Expert Prompts
Large Language Models (LLMs) exhibit strong generalization capabilities to novel tasks when prompted with language instructions and in-context demos.
MOSSBench: Is Your Multimodal Language Model Oversensitive to Safe Queries?
While these models are designed to respond queries under safety mechanism, they sometimes reject harmless queries in the presence of certain visual stimuli, disregarding the benign nature of their contexts.
Understanding the Impact of Negative Prompts: When and How Do They Take Effect?
The concept of negative prompts, emerging from conditional generation models like Stable Diffusion, allows users to specify what to exclude from the generated images.%, demonstrating significant practical efficacy.
The Crystal Ball Hypothesis in diffusion models: Anticipating object positions from initial noise
We identify these patches by analyzing the dispersion of object bounding boxes across generated images, leading to the development of a posterior analysis technique.
Invisible Backdoor Attacks on Diffusion Models
In recent years, diffusion models have achieved remarkable success in the realm of high-quality image generation, garnering increased attention.
Input Snapshots Fusion for Scalable Discrete Dynamic Graph Nerual Networks
Additionally, for link prediction tasks on discrete dynamic graphs, the requirement of substantial GPU memory to store embeddings of all nodes hinders the scalability of existing models.
DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers
DrAttack includes three key components: (a) `Decomposition' of the original prompt into sub-prompts, (b) `Reconstruction' of these sub-prompts implicitly by in-context learning with semantically similar but harmless reassembling demo, and (c) a `Synonym Search' of sub-prompts, aiming to find sub-prompts' synonyms that maintain the original intent while jailbreaking LLMs.
Sparse MeZO: Less Parameters for Better Performance in Zeroth-Order LLM Fine-Tuning
While fine-tuning large language models (LLMs) for specific tasks often yields impressive results, it comes at the cost of memory inefficiency due to back-propagation in gradient-based training.
MuLan: Multimodal-LLM Agent for Progressive and Interactive Multi-Object Diffusion
Existing text-to-image models still struggle to generate images of multiple objects, especially in handling their spatial positions, relative sizes, overlapping, and attribute bindings.
Dataset Distillation via Adversarial Prediction Matching
This ensures the memory efficiency of our method and provides a flexible tradeoff between time and memory budgets, allowing us to distil ImageNet-1K using a minimum of only 6. 5GB of GPU memory.
Towards Stable Backdoor Purification through Feature Shift Tuning
Our analysis shows that with the low poisoning rate, the entanglement between backdoor and clean features undermines the effect of tuning-based defenses.
Attacking by Aligning: Clean-Label Backdoor Attacks on Object Detection
Deep neural networks (DNNs) have shown unprecedented success in object detection tasks.
Backdoor Learning on Sequence to Sequence Models
Backdoor learning has become an emerging research area towards building a trustworthy machine learning system.
PTP: Boosting Stability and Performance of Prompt Tuning with Perturbation-Based Regularizer
To address this critical problem, we first investigate and find that the loss landscape of vanilla prompt tuning is precipitous when it is visualized, where a slight change of input data can cause a big fluctuation in the loss landscape.
Revisiting Personalized Federated Learning: Robustness Against Backdoor Attacks
We conduct the first study of backdoor attacks in the pFL framework, testing 4 widely used backdoor attacks against 6 pFL methods on benchmark datasets FEMNIST and CIFAR-10, a total of 600 experiments.
Boosting Accuracy and Robustness of Student Models via Adaptive Adversarial Distillation
Thus, recent studies concern about adversarial distillation (AD) that aims to inherit not only prediction accuracy but also adversarial robustness of a robust teacher model under the paradigm of robust optimization.
MSDT: Masked Language Model Scoring Defense in Text Domain
Such easily-downloaded language models from various websites empowered the public users as well as some major institutions to give a momentum to their real-life application.
Efficient Non-Parametric Optimizer Search for Diverse Tasks
Efficient and automated design of optimizers plays a crucial role in full-stack AutoML systems.
FedDM: Iterative Distribution Matching for Communication-Efficient Federated Learning
Federated learning~(FL) has recently attracted increasing attention from academia and industry, with the ultimate goal of achieving collaborative training under privacy and communication constraints.
A Review of Adversarial Attack and Defense for Classification Methods
Despite the efficiency and scalability of machine learning systems, recent studies have demonstrated that many classification methods, especially deep neural networks (DNNs), are vulnerable to adversarial examples; i. e., examples that are carefully crafted to fool a well-trained classification model while being indistinguishable from natural data to human.
RANK-NOSH: Efficient Predictor-Based Architecture Search via Non-Uniform Successive Halving
Predictor-based algorithms have achieved remarkable performance in the Neural Architecture Search (NAS) tasks.
Rethinking Architecture Selection in Differentiable NAS
Differentiable Neural Architecture Search is one of the most popular Neural Architecture Search (NAS) methods for its search efficiency and simplicity, accomplished by jointly optimizing the model weight and architecture parameters in a weight-sharing supernet via gradient-based algorithms.
Concurrent Adversarial Learning for Large-Batch Training
Current methods usually use extensive data augmentation to increase the batch size, but we found the performance gain with data augmentation decreases as batch size increases, and data augmentation will become insufficient after certain point.
Adversarial Masking: Towards Understanding Robustness Trade-off for Generalization
By incorporating different feature maps after the masking, we can distill better features to help model generalization.
Self-Progressing Robust Training
Enhancing model robustness under new and even adversarial environments is a crucial milestone toward building trustworthy machine learning systems.
Voting based ensemble improves robustness of defensive models
Several previous attempts tackled this problem by ensembling the soft-label prediction and have been proved vulnerable based on the latest attack methods.
Evaluating and Enhancing the Robustness of Neural Network-based Dependency Parsing Models with Adversarial Examples
Despite achieving prominent performance on many important tasks, it has been reported that neural networks are vulnerable to adversarial examples.
DrNAS: Dirichlet Neural Architecture Search
This paper proposes a novel differentiable architecture search method by formulating it into a distribution learning problem.
CAT: Customized Adversarial Training for Improved Robustness
Adversarial training has become one of the most effective methods for improving robustness of neural networks.
Enhancing Certifiable Robustness via a Deep Model Ensemble
We propose an algorithm to enhance certified robustness of a deep model ensemble by optimally weighting each base model.
SPROUT: Self-Progressing Robust Training
Enhancing model robustness under new and even adversarial environments is a crucial milestone toward building trustworthy and reliable machine learning systems.
Sign-OPT: A Query-Efficient Hard-label Adversarial Attack
We study the most practical problem setup for evaluating adversarial robustness of a machine learning system with limited access: the hard-label black-box attack setting for generating adversarial examples, where limited model queries are allowed and only the decision is provided to a queried data input.
On the Robustness of Self-Attentive Models
This work examines the robustness of self-attentive neural networks against adversarial input perturbations.
Evaluating and Enhancing the Robustness of Dialogue Systems: A Case Study on a Negotiation Agent
Moreover, we show that with the adversarial training, we are able to improve the robustness of negotiation agents by 1. 5 points on average against all our attacks.
Query-Efficient Hard-label Black-box Attack: An Optimization-based Approach
We study the problem of attacking machine learning models in the hard-label black-box setting, where no model information is revealed except that the attacker can make queries to probe the corresponding hard-label decisions.
Learning from Group Comparisons: Exploiting Higher Order Interactions
We study the problem of learning from group comparisons, with applications in predicting outcomes of sports and online games.
Attack Graph Convolutional Networks by Adding Fake Nodes
In this paper, we propose a new type of "fake node attacks" to attack GCNs by adding malicious fake nodes.
Query-Efficient Hard-label Black-box Attack:An Optimization-based Approach
We study the problem of attacking a machine learning model in the hard-label black-box setting, where no model information is revealed except that the attacker can make queries to probe the corresponding hard-label decisions.
Extreme Learning to Rank via Low Rank Assumption
We consider the setting where we wish to perform ranking for hundreds of thousands of users which is common in recommender systems and web search ranking.
Stochastic Zeroth-order Optimization via Variance Reduction method
However, due to the variance in the search direction, the convergence rates and query complexities of existing methods suffer from a factor of $d$, where $d$ is the problem dimension.
Seq2Sick: Evaluating the Robustness of Sequence-to-Sequence Models with Adversarial Examples
In this paper, we study the much more challenging problem of crafting adversarial examples for sequence-to-sequence (seq2seq) models, whose inputs are discrete text strings and outputs have an almost infinite number of possibilities.
Towards Robust Neural Networks via Random Self-ensemble
In this paper, we propose a new defense algorithm called Random Self-Ensemble (RSE) by combining two important concepts: {\bf randomness} and {\bf ensemble}.
