Search Results for author:
Found 45 papers, 17 papers with code
A Somewhat Robust Image Watermark against Diffusion-based Editing Models
In response, we develop a novel technique, RIW (Robust Invisible Watermarking), to embed invisible watermarks leveraging adversarial example techniques.
Preserving Node-level Privacy in Graph Neural Networks
In this study, we propose a solution that specifically addresses the issue of node-level privacy.
Meticulously Selecting 1% of the Dataset for Pre-training! Generating Differentially Private Images Data with Semantics Query
Then, this function assists in querying the semantic distribution of the sensitive dataset, facilitating the selection of data from the public dataset with analogous semantics for pre-training.
Last One Standing: A Comparative Analysis of Security and Privacy of Soft Prompt Tuning, LoRA, and In-Context Learning
Large Language Models (LLMs) are powerful tools for natural language processing, enabling novel applications and user experiences.
The Robust Semantic Segmentation UNCV2023 Challenge Results
This paper outlines the winning solutions employed in addressing the MUAD uncertainty quantification challenge held at ICCV 2023.
The Marginal Value of Momentum for Small Learning Rate SGD
Momentum is known to accelerate the convergence of gradient descent in strongly convex settings without stochastic gradient noise.
Pareto-Secure Machine Learning (PSML): Fingerprinting and Securing Inference Serving Systems
Second, we counter the proposed attack with a noise-based defense mechanism that thwarts fingerprinting by adding noise to the specified performance metrics.
Differentially Private Wireless Federated Learning Using Orthogonal Sequences
A new FL convergence bound is derived which, combined with the privacy guarantees, allows for a smooth tradeoff between the achieved convergence rate and differential privacy levels.
Interpreting GNN-based IDS Detections Using Provenance Graph Structural Features
PROVEXPLAINER allowed simple DT models to achieve 95% fidelity to the GNN on program classification tasks with general graph structural features, and 99% fidelity on malware detection tasks with a task-specific feature package tailored for direct interpretation.
Cooperative Multi-Agent Reinforcement Learning: Asynchronous Communication and Linear Function Approximation
We study multi-agent reinforcement learning in the setting of episodic Markov decision processes, where multiple agents cooperate via communication through a central server.
Neural Lumped Parameter Differential Equations with Application in Friction-Stir Processing
Lumped parameter methods aim to simplify the evolution of spatially-extended or continuous physical systems to that of a "lumped" element representative of the physical scales of the modeled system.
Practical Differentially Private and Byzantine-resilient Federated Learning
In contrast, we leverage the random noise to construct an aggregation that effectively rejects many existing Byzantine attacks.
FACE-AUDITOR: Data Auditing in Facial Recognition Systems
Few-shot-based facial recognition systems have gained increasing attention due to their scalability and ability to work with a few face images during the model deployment phase.
Finding Regularized Competitive Equilibria of Heterogeneous Agent Macroeconomic Models with Reinforcement Learning
We study a heterogeneous agent macroeconomic model with an infinite number of households and firms competing in a labor market.
A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots
Given the simplicity and effectiveness of the attack method, our study indicates scientific plots indeed constitute a valid side channel for model information stealing attacks.
BAFFLE: Backdoor Attack in Offline Reinforcement Learning
In this paper, we propose Baffle (Backdoor Attack for Offline Reinforcement Learning), an approach that automatically implants backdoors to RL agents by poisoning the offline RL dataset, and evaluate how different offline RL algorithms react to this attack.
Federated Boosted Decision Trees with Differential Privacy
There is great demand for scalable, secure, and efficient privacy-preserving machine learning models that can be trained over distributed data.
Differentially Private Vertical Federated Clustering
To enable model learning while protecting the privacy of the data subjects, we need vertical federated learning (VFL) techniques, where the data parties share only information for training the model, instead of the private data.
Just Rotate it: Deploying Backdoor Attacks via Rotation Transformation
Our attack can be easily deployed in the real world since it only requires rotating the object, as we show in both image classification and object detection applications.
Implicit Bias of Gradient Descent on Reparametrized Models: On Equivalence to Mirror Descent
Conversely, continuous mirror descent with any Legendre function can be viewed as gradient flow with a related commuting parametrization.
A Simple and Provably Efficient Algorithm for Asynchronous Federated Contextual Linear Bandits
To the best of our knowledge, this is the first provably efficient algorithm that allows fully asynchronous communication for federated contextual linear bandits, while achieving the same regret guarantee as in the single-agent setting.
Memorization in NLP Fine-tuning Methods
Large language models are shown to present privacy risks through memorization of training data, and several recent works have studied such risks for the pre-training phase.
Learn to Match with No Regret: Reinforcement Learning in Markov Matching Markets
We study a Markov matching market involving a planner and a set of strategic agents on the two sides of the market.
Learning Stochastic Shortest Path with Linear Function Approximation
To the best of our knowledge, this is the first algorithm with a sublinear regret guarantee for learning linear mixture SSP.
What Happens after SGD Reaches Zero Loss? --A Mathematical Framework
Understanding the implicit bias of Stochastic Gradient Descent (SGD) is one of the key challenges in deep learning, especially for overparametrized models, where the local minimizers of the loss function $L$ can form a manifold.
Towards General Robustness to Bad Training Data
In this paper, we focus on the problem of identifying bad training data when the underlying cause is unknown in advance.
Zero-Round Active Learning
Our algorithm does not rely on any feedback from annotators in the target domain and hence, can be used to perform zero-round active learning or warm-start existing multi-round active learning strategies.
Improving Cooperative Game Theory-based Data Valuation via Data Utility Learning
The Shapley value (SV) and Least core (LC) are classic methods in cooperative game theory for cost/profit sharing problems.
Variance-Aware Off-Policy Evaluation with Linear Function Approximation
We study the off-policy evaluation (OPE) problem in reinforcement learning with linear function approximation, which aims to estimate the value function of a target policy based on the offline data collected by a behavior policy.
A Unified Framework for Task-Driven Data Quality Management
High-quality data is critical to train performant Machine Learning (ML) models, highlighting the importance of Data Quality Management (DQM).
Differential Privacy for Text Analytics via Natural Text Sanitization
The sanitized texts also contribute to our sanitization-aware pretraining and fine-tuning, enabling privacy-preserving natural language processing over the BERT language model with promising utility.
One-Round Active Learning
In this work, we initiate the study of one-round active learning, which aims to select a subset of unlabeled data points that achieve the highest model performance after being labeled with only the information from initially labeled data points.
Graph Unlearning
In this paper, we propose GraphEraser, a novel machine unlearning framework tailored to graph data.
DPlis: Boosting Utility of Differentially Private Deep Learning via Randomized Smoothing
Deep learning techniques have achieved remarkable performance in wide-ranging tasks.
Provably Efficient Reinforcement Learning with Linear Function Approximation Under Adaptivity Constraints
In specific, for the batch learning model, our proposed LSVI-UCB-Batch algorithm achieves an $\tilde O(\sqrt{d^3H^3T} + dHT/B)$ regret, where $d$ is the dimension of the feature mapping, $H$ is the episode length, $T$ is the number of interactions and $B$ is the number of batches.
PURE: A Framework for Analyzing Proximity-based Contact Tracing Protocols
Many proximity-based tracing (PCT) protocols have been proposed and deployed to combat the spreading of COVID-19.
Computers and Society C.3; H.4; J.3; J.7; K.4; K.6.5
A Principled Approach to Data Valuation for Federated Learning
The federated SV preserves the desirable properties of the canonical SV while it can be calculated without incurring extra communication cost and is also able to capture the effect of participation order on data value.
Improving Robustness to Model Inversion Attacks via Mutual Information Regularization
This paper studies defense mechanisms against model inversion (MI) attacks -- a type of privacy attacks aimed at inferring information about the training data distribution given the access to a target machine learning model.
Continuous Release of Data Streams under both Centralized and Local Differential Privacy
To our knowledge, this is the first LDP algorithm for publishing streaming data.
When Machine Unlearning Jeopardizes Privacy
More importantly, we show that our attack in multiple cases outperforms the classical membership inference attack on the original ML model, which indicates that machine unlearning can have counterproductive effects on privacy.
Estimating Numerical Distributions under Local Differential Privacy
When collecting information, local differential privacy (LDP) relieves the concern of privacy leakage from users' perspective, as user's private information is randomized before sent to the aggregator.
RIGA: Covert and Robust White-Box Watermarking of Deep Neural Networks
White-box watermarking algorithms have the advantage that they do not impact the accuracy of the watermarked model.
Improving Utility and Security of the Shuffler-based Differential Privacy
When collecting information, local differential privacy (LDP) alleviates privacy concerns of users because their private information is randomized before being sent it to the central aggregator.
Locally Differentially Private Frequency Estimation with Consistency
In this paper, we show that adding post-processing steps to FO protocols by exploiting the knowledge that all individual frequencies should be non-negative and they sum up to one can lead to significantly better accuracy for a wide range of tasks, including frequencies of individual values, frequencies of the most frequent values, and frequencies of subsets of values.
Continuous and Discrete-time Accelerated Stochastic Mirror Descent for Strongly Convex Functions
We provide a second-order stochastic differential equation (SDE), which characterizes the continuous-time dynamics of accelerated stochastic mirror descent (ASMD) for strongly convex functions.
