Search Results for author: Shouling Ji

Found 39 papers, 19 papers with code

On the Security Risks of AutoML

1 code implementation12 Oct 2021 Ren Pang, Zhaohan Xi, Shouling Ji, Xiapu Luo, Ting Wang

Neural Architecture Search (NAS) represents an emerging machine learning (ML) paradigm that automatically searches for models tailored to given tasks, which greatly simplifies the development of ML systems and propels the trend of ML democratization.

Neural Architecture Search

GGT: Graph-Guided Testing for Adversarial Sample Detection of Deep Neural Network

no code implementations9 Jul 2021 Zuohui Chen, Renxuan Wang, Jingyang Xiang, Yue Yu, Xin Xia, Shouling Ji, Qi Xuan, Xiaoniu Yang

Deep Neural Networks (DNN) are known to be vulnerable to adversarial samples, the detection of which is crucial for the wide application of these DNN models.

Constructing Contrastive samples via Summarization for Text Classification with limited annotations

1 code implementation11 Apr 2021 Yangkai Du, Tengfei Ma, Lingfei Wu, Fangli Xu, Xuhong Zhang, Shouling Ji

Unlike vision tasks, the data augmentation method for contrastive learning has not been investigated sufficiently in language tasks.

Contrastive Learning Data Augmentation +4

Fine-Grained Fashion Similarity Prediction by Attribute-Specific Embedding Learning

1 code implementation6 Apr 2021 Jianfeng Dong, Zhe Ma, Xiaofeng Mao, Xun Yang, Yuan He, Richang Hong, Shouling Ji

In this similarity paradigm, one should pay more attention to the similarity in terms of a specific design/attribute between fashion items.

EfficientTDNN: Efficient Architecture Search for Speaker Recognition in the Wild

no code implementations25 Mar 2021 Rui Wang, Zhihua Wei, Haoran Duan, Shouling Ji, Zhen Hong

Secondly, the supernet is progressively trained with multi-condition data augmentation to mitigate interference between subnets and overcome the challenge of optimizing a huge search space.

Data Augmentation Network Pruning +2

Aggregated Multi-GANs for Controlled 3D Human Motion Prediction

no code implementations17 Mar 2021 Zhenguang Liu, Kedi Lyu, Shuang Wu, Haipeng Chen, Yanbin Hao, Shouling Ji

Our method is compelling in that it enables manipulable motion prediction across activity types and allows customization of the human movement in a variety of fine-grained ways.

Human motion prediction motion prediction

Enhancing Model Robustness By Incorporating Adversarial Knowledge Into Semantic Representation

no code implementations23 Feb 2021 Jinfeng Li, Tianyu Du, Xiangyu Liu, Rong Zhang, Hui Xue, Shouling Ji

Extensive experiments on two real-world tasks show that AdvGraph exhibits better performance compared with previous work: (i) effective - it significantly strengthens the model robustness even under the adaptive attacks setting without negative impact on model performance over legitimate input; (ii) generic - its key component, i. e., the representation of connotative adversarial knowledge is task-agnostic, which can be reused in any Chinese-based NLP models without retraining; and (iii) efficient - it is a light-weight defense with sub-linear computational complexity, which can guarantee the efficiency required in practical scenarios.

Hierarchical Similarity Learning for Language-based Product Image Retrieval

1 code implementation18 Feb 2021 Zhe Ma, Fenghao Liu, Jianfeng Dong, Xiaoye Qu, Yuan He, Shouling Ji

In this paper, we focus on the cross-modal similarity measurement, and propose a novel Hierarchical Similarity Learning (HSL) network.

Image Retrieval Text Matching

Progressive Localization Networks for Language-based Moment Localization

no code implementations2 Feb 2021 Qi Zheng, Jianfeng Dong, Xiaoye Qu, Xun Yang, Shouling Ji, Xun Wang

The language-based setting of this task allows for an open set of target activities, resulting in a large variation of the temporal lengths of video moments.

Towards Speeding up Adversarial Training in Latent Spaces

no code implementations1 Feb 2021 Yaguan Qian, Qiqi Shao, Tengteng Yao, Bin Wang, Shouling Ji, Shaoning Zeng, Zhaoquan Gu, Wassim Swaileh

Adversarial training is wildly considered as one of the most effective way to defend against adversarial examples.

i-Algebra: Towards Interactive Interpretability of Deep Neural Networks

no code implementations22 Jan 2021 Xinyang Zhang, Ren Pang, Shouling Ji, Fenglong Ma, Ting Wang

Providing explanations for deep neural networks (DNNs) is essential for their use in domains wherein the interpretability of decisions is a critical prerequisite.

Multi-level Graph Matching Networks for Deep and Robust Graph Similarity Learning

no code implementations1 Jan 2021 Xiang Ling, Lingfei Wu, Saizhuo Wang, Tengfei Ma, Fangli Xu, Alex X. Liu, Chunming Wu, Shouling Ji

The proposed MGMN model consists of a node-graph matching network for effectively learning cross-level interactions between nodes of a graph and the other whole graph, and a siamese graph neural network to learn global-level interactions between two graphs.

Graph Classification Graph Matching +1

Visually Imperceptible Adversarial Patch Attacks on Digital Images

no code implementations2 Dec 2020 Yaguan Qian, Jiamin Wang, Bin Wang, Shaoning Zeng, Zhaoquan Gu, Shouling Ji, Wassim Swaileh

With this soft mask, we develop a new loss function with inverse temperature to search for optimal perturbations in CFR.

Exploiting Heterogeneous Graph Neural Networks with Latent Worker/Task Correlation Information for Label Aggregation in Crowdsourcing

no code implementations25 Oct 2020 Hanlu Wu, Tengfei Ma, Lingfei Wu, Shouling Ji

Besides, we exploit the unknown latent interaction between the same type of nodes (workers or tasks) by adding a homogeneous attention layer in the graph neural networks.

Deep Graph Matching and Searching for Semantic Code Retrieval

no code implementations24 Oct 2020 Xiang Ling, Lingfei Wu, Saizhuo Wang, Gaoning Pan, Tengfei Ma, Fangli Xu, Alex X. Liu, Chunming Wu, Shouling Ji

To this end, we first represent both natural language query texts and programming language code snippets with the unified graph-structured data, and then use the proposed graph matching and searching model to retrieve the best matching code snippet.

Graph Matching

UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers

1 code implementation5 Oct 2020 Yuwei Li, Shouling Ji, Yuan Chen, Sizhuang Liang, Wei-Han Lee, Yueyao Chen, Chenyang Lyu, Chunming Wu, Raheem Beyah, Peng Cheng, Kangjie Lu, Ting Wang

We hope that our findings can shed light on reliable fuzzing evaluation, so that we can discover promising fuzzing primitives to effectively facilitate fuzzer designs in the future.

Cryptography and Security

Unsupervised Reference-Free Summary Quality Evaluation via Contrastive Learning

1 code implementation EMNLP 2020 Hanlu Wu, Tengfei Ma, Lingfei Wu, Tariro Manyumwa, Shouling Ji

Experiments on Newsroom and CNN/Daily Mail demonstrate that our new evaluation method outperforms other metrics even without reference summaries.

Contrastive Learning Document Summarization

Trojaning Language Models for Fun and Profit

1 code implementation1 Aug 2020 Xinyang Zhang, Zheng Zhang, Shouling Ji, Ting Wang

Recent years have witnessed the emergence of a new paradigm of building natural language processing (NLP) systems: general-purpose, pre-trained language models (LMs) are composed with simple downstream models and fine-tuned for a variety of NLP tasks.

Question Answering Toxic Comment Classification

Multilevel Graph Matching Networks for Deep Graph Similarity Learning

1 code implementation8 Jul 2020 Xiang Ling, Lingfei Wu, Saizhuo Wang, Tengfei Ma, Fangli Xu, Alex X. Liu, Chunming Wu, Shouling Ji

In particular, the proposed MGMN consists of a node-graph matching network for effectively learning cross-level interactions between each node of one graph and the other whole graph, and a siamese graph neural network to learn global-level interactions between two input graphs.

Graph Classification Graph Matching +2

Graph Backdoor

1 code implementation21 Jun 2020 Zhaohan Xi, Ren Pang, Shouling Ji, Ting Wang

One intriguing property of deep neural networks (DNNs) is their inherent vulnerability to backdoor attacks -- a trojan model responds to trigger-embedded inputs in a highly predictable manner while functioning normally otherwise.

General Classification Graph Classification +1

AdvMind: Inferring Adversary Intent of Black-Box Attacks

1 code implementation16 Jun 2020 Ren Pang, Xinyang Zhang, Shouling Ji, Xiapu Luo, Ting Wang

Deep neural networks (DNNs) are inherently susceptible to adversarial attacks even under black-box settings, in which the adversary only has query access to the target models.

Efficient Global String Kernel with Random Features: Beyond Counting Substructures

no code implementations25 Nov 2019 Lingfei Wu, Ian En-Hsu Yen, Siyu Huo, Liang Zhao, Kun Xu, Liang Ma, Shouling Ji, Charu Aggarwal

In this paper, we present a new class of global string kernels that aims to (i) discover global properties hidden in the strings through global alignments, (ii) maintain positive-definiteness of the kernel, without introducing a diagonal dominant kernel matrix, and (iii) have a training cost linear with respect to not only the length of the string but also the number of training string samples.

A Tale of Evil Twins: Adversarial Inputs versus Poisoned Models

1 code implementation5 Nov 2019 Ren Pang, Hua Shen, Xinyang Zhang, Shouling Ji, Yevgeniy Vorobeychik, Xiapu Luo, Alex Liu, Ting Wang

Specifically, (i) we develop a new attack model that jointly optimizes adversarial inputs and poisoned models; (ii) with both analytical and empirical evidence, we reveal that there exist intriguing "mutual reinforcement" effects between the two attack vectors -- leveraging one vector significantly amplifies the effectiveness of the other; (iii) we demonstrate that such effects enable a large design spectrum for the adversary to enhance the existing attacks that exploit both vectors (e. g., backdoor attacks), such as maximizing the attack evasiveness with respect to various detection methods; (iv) finally, we discuss potential countermeasures against such optimized attacks and their technical challenges, pointing to several promising research directions.

Provable Defenses against Spatially Transformed Adversarial Inputs: Impossibility and Possibility Results

no code implementations ICLR 2019 Xinyang Zhang, Yifan Huang, Chanh Nguyen, Shouling Ji, Ting Wang

On the possibility side, we show that it is still feasible to construct adversarial training methods to significantly improve the resilience of networks against adversarial inputs over empirical datasets.

SirenAttack: Generating Adversarial Audio for End-to-End Acoustic Systems

no code implementations23 Jan 2019 Tianyu Du, Shouling Ji, Jinfeng Li, Qinchen Gu, Ting Wang, Raheem Beyah

Despite their immense popularity, deep learning-based acoustic systems are inherently vulnerable to adversarial attacks, wherein maliciously crafted audios trigger target systems to misbehave.

Cryptography and Security

A Truthful FPTAS Mechanism for Emergency Demand Response in Colocation Data Centers

1 code implementation10 Jan 2019 Jian-hai Chen, Deshi Ye, Shouling Ji, Qinming He, Yang Xiang, Zhenguang Liu

Next, we prove that our mechanism is an FPTAS, i. e., it can be approximated within $1 + \epsilon$ for any given $\epsilon > 0$, while the running time of our mechanism is polynomial in $n$ and $1/\epsilon$, where $n$ is the number of tenants in the datacenter.

Computer Science and Game Theory

V-Fuzz: Vulnerability-Oriented Evolutionary Fuzzing

no code implementations4 Jan 2019 Yuwei Li, Shouling Ji, Chenyang Lv, Yu-An Chen, Jian-hai Chen, Qinchen Gu, Chunming Wu

Given a binary program to V-Fuzz, the vulnerability prediction model will give a prior estimation on which parts of the software are more likely to be vulnerable.

Cryptography and Security

Adversarial Examples Versus Cloud-based Detectors: A Black-box Empirical Study

no code implementations4 Jan 2019 Xurong Li, Shouling Ji, Meng Han, Juntao Ji, Zhenyu Ren, Yushan Liu, Chunming Wu

Through the comprehensive evaluations on five major cloud platforms: AWS, Azure, Google Cloud, Baidu Cloud, and Alibaba Cloud, we demonstrate that our image processing based attacks can reach a success rate of approximately 100%, and the semantic segmentation based attacks have a success rate over 90% among different detection services, such as violence, politician, and pornography detection.

General Classification Image Classification +2

TextBugger: Generating Adversarial Text Against Real-world Applications

1 code implementation13 Dec 2018 Jinfeng Li, Shouling Ji, Tianyu Du, Bo Li, Ting Wang

Deep Learning-based Text Understanding (DLTU) is the backbone technique behind various applications, including question answering, machine translation, and text classification.

Adversarial Text Machine Translation +5

Interpretable Deep Learning under Fire

no code implementations3 Dec 2018 Xinyang Zhang, Ningfei Wang, Hua Shen, Shouling Ji, Xiapu Luo, Ting Wang

The improved interpretability is believed to offer a sense of security by involving human in the decision-making process.

Decision Making

Model-Reuse Attacks on Deep Learning Systems

no code implementations2 Dec 2018 Yujie Ji, Xinyang Zhang, Shouling Ji, Xiapu Luo, Ting Wang

By empirically studying four deep learning systems (including both individual and ensemble systems) used in skin cancer screening, speech recognition, face verification, and autonomous steering, we show that such attacks are (i) effective - the host systems misbehave on the targeted inputs as desired by the adversary with high probability, (ii) evasive - the malicious models function indistinguishably from their benign counterparts on non-targeted inputs, (iii) elastic - the malicious models remain effective regardless of various system design choices and tuning strategies, and (iv) easy - the adversary needs little prior knowledge about the data used for system tuning or inference.

Cryptography and Security

SmartSeed: Smart Seed Generation for Efficient Fuzzing

no code implementations7 Jul 2018 Chenyang Lyu, Shouling Ji, Yuwei Li, Junfeng Zhou, Jian-hai Chen, Jing Chen

In total, our system discovers more than twice unique crashes and 5, 040 extra unique paths than the existing best seed selection strategy for the evaluated 12 applications.

Cryptography and Security

Differentially Private Releasing via Deep Generative Model (Technical Report)

2 code implementations5 Jan 2018 Xinyang Zhang, Shouling Ji, Ting Wang

Privacy-preserving releasing of complex data (e. g., image, text, audio) represents a long-standing challenge for the data mining research community.

Cannot find the paper you are looking for? You can Submit a new open access paper.