Search Results for author:
Found 40 papers, 5 papers with code
MIMIR: Masked Image Modeling for Mutual Information-based Adversarial Robustness
However, these methods still follow the design of traditional supervised adversarial training, limiting the potential of adversarial training on ViTs.
Dr. Jekyll and Mr. Hyde: Two Faces of LLMs
This work shows that by using adversarial personas, one can overcome safety mechanisms set out by ChatGPT and Bard.
A New Angle: On Evolving Rotation Symmetric Boolean Functions
Rotation symmetric Boolean functions represent an interesting class of Boolean functions as they are relatively rare compared to general Boolean functions.
Look into the Mirror: Evolving Self-Dual Bent Boolean Functions
This paper provides a detailed experimentation with evolutionary algorithms with the goal of evolving (anti-)self-dual bent Boolean functions.
Tabdoor: Backdoor Vulnerabilities in Transformer-based Neural Networks for Tabular Data
Our findings highlight the urgency to address such vulnerabilities and provide insights into potential countermeasures for securing DNN models against backdoors on tabular data.
Momentum Gradient-based Untargeted Attack on Hypergraph Neural Networks
We use a momentum gradient mechanism to choose the attack node features in the feature selection module.
Invisible Threats: Backdoor Attack in OCR Systems
Optical Character Recognition (OCR) is a widely used tool to extract text from scanned documents.
BlindSage: Label Inference Attacks against Node-level Vertical Federated Graph Neural Networks
In this work, we are the first (to the best of our knowledge) to investigate label inference attacks on VFL using a zero-background knowledge strategy.
Turning Privacy-preserving Mechanisms against Federated Learning
Recently, researchers have successfully employed Graph Neural Networks (GNNs) to build enhanced recommender systems due to their capability to learn patterns from the interaction between involved entities.
Rethinking the Trigger-injecting Position in Graph Backdoor Attack
There is no work analyzing and explaining the backdoor attack performance when injecting triggers into the most important or least important area in the sample, which we refer to as trigger-injecting strategies MIAS and LIAS, respectively.
On Feasibility of Server-side Backdoor Attacks on Split Learning
Recent studies demonstrate that collaborative learning models, specifically federated learning, are vulnerable to security and privacy attacks such as model inference and backdoor attacks.
Sneaky Spikes: Uncovering Stealthy Backdoor Attacks in Spiking Neural Networks with Neuromorphic Data
Deep neural networks (DNNs) have demonstrated remarkable performance across various tasks, including image and speech recognition.
Ranked #1 on
Image Classification
on DVS128 Gesture
Digging Deeper: Operator Analysis for Optimizing Nonlinearity of Boolean Functions
By observing the range of possible changes an operator can provide, as well as relative probabilities of specific transitions in the objective space, one can use this information to design a more effective combination of genetic operators.
IB-RAR: Information Bottleneck as Regularizer for Adversarial Robustness
In this paper, we propose a novel method, IB-RAR, which uses Information Bottleneck (IB) to strengthen adversarial robustness for both adversarial training and non-adversarial-trained methods.
SoK: A Systematic Evaluation of Backdoor Trigger Characteristics in Image Classification
Nevertheless, it is vulnerable to backdoor attacks that modify the training set to embed a secret functionality in the trained model.
Universal Soldier: Using Universal Adversarial Perturbations for Detecting Backdoor Attacks
This paper proposes a backdoor detection method by utilizing a special type of adversarial attack, universal adversarial perturbation (UAP), and its similarities with a backdoor trigger.
On the Evolution of Boomerang Uniformity in Cryptographic S-boxes
One example of such a property is called boomerang uniformity, which helps to be resilient against boomerang attacks.
Evolutionary Strategies for the Design of Binary Linear Codes
The design of binary error-correcting codes is a challenging optimization problem with several applications in telecommunications and storage, which has also been addressed with metaheuristic techniques and evolutionary algorithms.
Going In Style: Audio Backdoors Through Stylistic Transformations
This work explores stylistic triggers for backdoor attacks in the audio domain: dynamic transformations of malicious samples through guitar effects.
On the Vulnerability of Data Points under Multiple Membership Inference Attacks and Target Models
Membership Inference Attacks (MIAs) infer whether a data point is in the training data of a machine learning model.
MUDGUARD: Taming Malicious Majorities in Federated Learning using Privacy-Preserving Byzantine-Robust Clustering
It is therefore currently impossible to ensure Byzantine robustness and confidentiality of updates without assuming a semi-honest majority.
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks
Even in those scenarios, our label-only MIA achieves a better attack performance in most cases.
Dynamic Backdoors with Global Average Pooling
It was recently shown that countermeasures in image classification, like Neural Cleanse and ABS, could be bypassed with dynamic triggers that are effective regardless of their pattern and location.
Evolving Constructions for Balanced, Highly Nonlinear Boolean Functions
Finding balanced, highly nonlinear Boolean functions is a difficult problem where it is not known what nonlinearity values are possible to be reached in general.
Modeling Strong Physically Unclonable Functions with Metaheuristics
While there is no reason to doubt the performance of CMA-ES, the lack of comparison with different metaheuristics and results for the challenge-response pair-based attack leaves open questions if there are better-suited metaheuristics for the problem.
Evolutionary Construction of Perfectly Balanced Boolean Functions
Finding Boolean functions suitable for cryptographic primitives is a complex combinatorial optimization problem, since they must satisfy several properties to resist cryptanalytic attacks, and the space is very large, which grows super exponentially with the number of input variables.
More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks
To further explore the properties of two backdoor attacks in Federated GNNs, we evaluate the attack performance for a different number of clients, trigger sizes, poisoning intensities, and trigger densities.
On the Difficulty of Evolving Permutation Codes
Combinatorial designs provide an interesting source of optimization problems.
Watermarking Graph Neural Networks based on Backdoor Attacks
The experiments show that our framework can verify the ownership of GNN models with a very high probability (up to $99\%$) for both tasks.
Hand Me Your PIN! Inferring ATM PINs of Users Typing with a Covered Hand
We consider the setting where the attacker can access an ATM PIN pad of the same brand/model as the target one.
Building the Building Blocks: From Simplification to Winning Trees in Genetic Programming
The winning trees can be used to initialize the population for the new GP run and result in improved convergence and fitness, provided some conditions on the size of solutions and winning trees are fulfilled.
Can You Hear It? Backdoor Attacks via Ultrasonic Triggers
This work explores backdoor attacks for automatic speech recognition systems where we inject inaudible triggers.
Automatic Speech Recognition
Automatic Speech Recognition (ASR)
+2
Evolutionary Algorithms for Designing Reversible Cellular Automata
Reversible Cellular Automata (RCA) are a particular kind of shift-invariant transformations characterized by a dynamics composed only of disjoint cycles.
On the Genotype Compression and Expansion for Evolutionary Algorithms in the Continuous Domain
This paper investigates the influence of genotype size on evolutionary algorithms' performance.
Explainability-based Backdoor Attacks Against Graph Neural Networks
Backdoor attacks represent a serious threat to neural network models.
ReproducedPapers.org: Openly teaching and structuring machine learning reproducibility
We present ReproducedPapers. org: an open online repository for teaching and structuring machine learning reproducibility.
Fitness Landscape Analysis of Dimensionally-Aware Genetic Programming Featuring Feynman Equations
Genetic programming is an often-used technique for symbolic regression: finding symbolic expressions that match data from an unknown function.
CoInGP: Convolutional Inpainting with Genetic Programming
In the second experiment, we train a GP convolutional predictor on two degraded images, removing around 20% of their pixels.
Towards an evolutionary-based approach for natural language processing
Tasks related to Natural Language Processing (NLP) have recently been the focus of a large research endeavor by the machine learning community.
A characterisation of S-box fitness landscapes in cryptography
Substitution Boxes (S-boxes) are nonlinear objects often used in the design of cryptographic algorithms.
