Search Results for author:
Found 23 papers, 11 papers with code
Shielding Collaborative Learning: Mitigating Poisoning Attacks through Client-Side Detection
Collaborative learning allows multiple clients to train a joint model without sharing their data with each other.
Optimizing Privacy-Preserving Outsourced Convolutional Neural Network Predictions
This paper proposes a new scheme for privacy-preserving neural network prediction in the outsourced setting, i. e., the server cannot learn the query, (intermediate) results, and the model.
Challenges and Approaches for Mitigating Byzantine Attacks in Federated Learning
Then we propose a new byzantine attack method called weight attack to defeat those defense schemes, and conduct experiments to demonstrate its threat.
Protecting Facial Privacy: Generating Adversarial Identity Masks via Style-robust Makeup Transfer
While deep face recognition (FR) systems have shown amazing performance in identification and verification, they also arouse privacy concerns for their excessive surveillance on users, especially for public face images widely spread on social networks.
Towards Efficient Data-Centric Robust Machine Learning with Noise-based Augmentation
The data-centric machine learning aims to find effective ways to build appropriate datasets which can improve the performance of AI models.
Attention Distraction: Watermark Removal Through Continual Learning with Selective Forgetting
Fine-tuning attacks are effective in removing the embedded watermarks in deep learning models.
Towards Privacy-Preserving Neural Architecture Search
Machine learning promotes the continuous development of signal processing in various fields, including network traffic monitoring, EEG classification, face identification, and many more.
Evaluating Membership Inference Through Adversarial Robustness
The usage of deep learning is being escalated in many applications.
BadHash: Invisible Backdoor Attacks against Deep Hashing with Clean Label
In this paper, we propose BadHash, the first generative-based imperceptible backdoor attack against deep hashing, which can effectively generate invisible and input-specific poisoned images with clean label.
PointCA: Evaluating the Robustness of 3D Point Cloud Completion Models Against Adversarial Examples
In addition, existing attack approaches towards point cloud classifiers cannot be applied to the completion models due to different output forms and attack purposes.
Feature Extraction Matters More: Universal Deepfake Disruption through Attacking Ensemble Feature Extractors
Adversarial example is a rising way of protecting facial privacy security from deepfake modification.
Detecting Backdoors During the Inference Stage Based on Corruption Robustness Consistency
Deep neural networks are proven to be vulnerable to backdoor attacks.
Masked Language Model Based Textual Adversarial Example Detection
To explore how to use the masked language model in adversarial detection, we propose a novel textual adversarial example detection method, namely Masked Language Model-based Detection (MLMD), which can produce clearly distinguishable signals between normal examples and adversarial examples by exploring the changes in manifolds induced by the masked language model.
Denial-of-Service or Fine-Grained Control: Towards Flexible Model Poisoning Attacks on Federated Learning
Federated learning (FL) is vulnerable to poisoning attacks, where adversaries corrupt the global aggregation results and cause denial-of-service (DoS).
Why Does Little Robustness Help? Understanding and Improving Adversarial Transferability from Surrogate Training
Building on these insights, we explore the impacts of data augmentation and gradient regularization on transferability and identify that the trade-off generally exists in the various training mechanisms, thus building a comprehensive blueprint for the regulation mechanism behind transferability.
Downstream-agnostic Adversarial Examples
AdvEncoder aims to construct a universal adversarial perturbation or patch for a set of natural images that can fool all the downstream tasks inheriting the victim pre-trained encoder.
Benchmarking and Analyzing Robust Point Cloud Recognition: Bag of Tricks for Defending Adversarial Examples
In this paper, we first establish a comprehensive, and rigorous point cloud adversarial robustness benchmark to evaluate adversarial robustness, which can provide a detailed understanding of the effects of the defense and attack methods.
AdvCLIP: Downstream-agnostic Adversarial Examples in Multimodal Contrastive Learning
In this work, we propose AdvCLIP, the first attack framework for generating downstream-agnostic adversarial examples based on cross-modal pre-trained encoders.
Corrupting Convolution-based Unlearnable Datasets with Pixel-based Image Transformations
Through validation experiments that commendably support our hypothesis, we further design a random matrix to boost both $\Theta_{imi}$ and $\Theta_{imc}$, achieving a notable degree of defense effect.
MISA: Unveiling the Vulnerabilities in Split Federated Learning
This attack unveils the vulnerabilities in SFL, challenging the conventional belief that SFL is robust against poisoning attacks.
Revisiting Gradient Pruning: A Dual Realization for Defending against Gradient Attacks
To mitigate the weaknesses of existing solutions, we propose a novel defense method, Dual Gradient Pruning (DGP), based on gradient pruning, which can improve communication efficiency while preserving the utility and privacy of CL.
Securely Fine-tuning Pre-trained Encoders Against Adversarial Examples
In response to these challenges, we propose Genetic Evolution-Nurtured Adversarial Fine-tuning (Gen-AF), a two-stage adversarial fine-tuning approach aimed at enhancing the robustness of downstream models.
Detector Collapse: Backdooring Object Detection to Catastrophic Overload or Blindness
This paper is dedicated to bridging this gap by introducing Detector Collapse} (DC), a brand-new backdoor attack paradigm tailored for object detection.
