The results show that (i) with Submodular Trojan algorithm, the adversary needs to embed a Trojan trigger into a very small fraction of samples to achieve high accuracy on both Trojan and clean samples, and (ii) the MM Trojan algorithm yields a trained Trojan model that evades detection with probability 1.
Empirical evaluations show that using our byte-level features in ML-based ISA identification results in an 8% higher accuracy than the state-of-the-art features based on byte-histograms and byte pattern signatures.
Through empirical evaluations, we highlight a privacy-utility tradeoff and demonstrate that the RL agent is able to learn behaviors that are aligned with that of a human user in the same environment in a privacy-preserving manner
We design two algorithms- Shaping Advice in Single-agent reinforcement learning (SAS) and Shaping Advice in Multi-agent reinforcement learning (SAM).
In this paper, we introduce Agent-Temporal Attention for Reward Redistribution in Episodic Multi-Agent Reinforcement Learning (AREL) to address these two challenges.
In this paper, we study the controlled islanding problem of a power system under disturbances introduced by a malicious adversary.
We observe that using SAM results in agents learning policies to complete tasks faster, and obtain higher rewards than: i) using sparse rewards alone; ii) a state-of-the-art reward redistribution method.
We propose an iterative approach to the synthesis of the controller by solving a modified discrete-time Riccati equation.
Our game model has imperfect information as the players do not have information about the actions of the opponent.
Computer Science and Game Theory Cryptography and Security
The output of the feedback neural network is converted to a shaping reward that is augmented to the reward provided by the environment.
In this paper, we first develop a classifier-based adaptation of the statistical test method and show that it improves the detection performance.
This paper augments the reward received by a reinforcement learning agent with potential functions in order to help the agent learn (possibly stochastic) optimal policies.
In order to conduct large scale experiments, we propose using the model accuracy on images with reversed brightness as a metric to evaluate the shape bias property.
At the end, we propose introducing randomness to video analysis algorithms as a countermeasure to our attacks.
For this, we select an image, which is different from the video content, and insert it, periodically and at a very low rate, into the video.
To this end, we evaluate CNNs on negative images, since they share the same structure and semantics as regular images and humans can classify them correctly.
Advances in Machine Learning (ML) have led to its adoption as an integral component in many applications, including banking, medical diagnosis, and driverless cars.
In this paper, we propose an attack on the Perspective toxic detection system based on the adversarial examples.
We consider the setting where a collection of time series, modeled as random processes, evolve in a causal manner, and one is interested in learning the graph governing the relationships of these processes.
This paper presents a novel approach for automatic recognition of human activities for video surveillance applications.
This paper presents a novel approach for automatic recognition of group activities for video surveillance applications.