Search Results for author:
Found 43 papers, 36 papers with code
LoraHub: Efficient Cross-Task Generalization via Dynamic LoRA Composition
Low-rank adaptations (LoRA) are often employed to fine-tune large language models (LLMs) for new tasks.
AdAM: Few-Shot Image Generation via Adaptation-Aware Kernel Modulation
However, a major limitation of existing methods is that their knowledge preserving criteria consider only source domain/task and fail to consider target domain/adaptation in selecting source knowledge, casting doubt on their suitability for setups of different proximity between source and target domain.
A Closer Look at the Adversarial Robustness of Deep Equilibrium Models
Deep equilibrium models (DEQs) refrain from the traditional layer-stacking paradigm and turn to find the fixed point of a single layer.
Improving Adversarial Robustness of DEQs with Explicit Regulations Along the Neural Dynamics
To this end, we interpret DEQs through the lens of neural dynamics and find that AT under-regulates intermediate states.
Efficient Diffusion Policies for Offline Reinforcement Learning
2) It is incompatible with maximum likelihood-based RL algorithms (e. g., policy gradient methods) as the likelihood of diffusion models is intractable.
On Evaluating Adversarial Robustness of Large Vision-Language Models
Large vision-language models (VLMs) such as GPT-4 have achieved unprecedented performance in response generation, especially with visual inputs, enabling more creative and adaptable interaction than large language models such as ChatGPT.
Nonparametric Generative Modeling with Conditional Sliced-Wasserstein Flows
Sliced-Wasserstein Flow (SWF) is a promising approach to nonparametric generative modeling but has not been widely adopted due to its suboptimal generative quality and lack of conditional modeling capabilities.
Exploring Incompatible Knowledge Transfer in Few-shot Image Generation
To this end, we propose knowledge truncation to mitigate this issue in FSIG, which is a complementary operation to knowledge preservation and is implemented by a lightweight pruning-based method.
CoSDA: Continual Source-Free Domain Adaptation
Recently, SFDA has gained popularity due to the need to protect the data privacy of the source domain, but it suffers from catastrophic forgetting on the source domain due to the lack of data.
A Recipe for Watermarking Diffusion Models
In this regard, watermarking has been a proven solution for copyright protection and content monitoring, but it is underexplored in the DMs literature.
On Calibrating Diffusion Probabilistic Models
In this work, we observe that the stochastic reverse process of data scores is a martingale, from which concentration bounds and the optional stopping theorem for data scores can be derived.
Bag of Tricks for Training Data Extraction from Language Models
With the advance of language models, privacy protection is receiving more attention.
Better Diffusion Models Further Improve Adversarial Training
Under the $\ell_\infty$-norm threat model with $\epsilon=8/255$, our models achieve $70. 69\%$ and $42. 67\%$ robust accuracy on CIFAR-10 and CIFAR-100, respectively, i. e. improving upon previous state-of-the-art models by $+4. 58\%$ and $+8. 03\%$.
Does Federated Learning Really Need Backpropagation?
BAFFLE is 1) memory-efficient and easily fits uploading bandwidth; 2) compatible with inference-only hardware optimization and model quantization or pruning; and 3) well-suited to trusted execution environments, because the clients in BAFFLE only execute forward propagation and return a set of scalars to the server.
$O(N^2)$ Universal Antisymmetry in Fermionic Neural Networks
In this paper, we substitute the Slater determinant with a pairwise antisymmetry construction, which is easy to implement and can reduce the computational cost to $O(N^2)$.
A Roadmap for Big Model
With the rapid development of deep learning, training Big Models (BMs) for multiple downstream tasks becomes a popular paradigm.
Query-Efficient Black-box Adversarial Attacks Guided by a Transfer-based Prior
However, the existing methods inevitably suffer from low attack success rates or poor query efficiency since it is difficult to estimate the gradient in a high-dimensional input space with limited information.
Controllable Evaluation and Generation of Physical Adversarial Patch on Face Recognition
It is therefore imperative to develop a framework that can enable a comprehensive evaluation of the vulnerability of face recognition in the physical world.
Robustness and Accuracy Could Be Reconcilable by (Proper) Definition
The trade-off between robustness and accuracy has been widely studied in the adversarial literature.
Unrestricted Adversarial Attacks on ImageNet Competition
Many works have investigated the adversarial attacks or defenses under the settings where a bounded and imperceptible perturbation can be added to the input.
Adversarial Attacks on ML Defense Models Competition
Due to the vulnerability of deep neural networks (DNNs) to adversarial examples, a large number of defense techniques have been proposed to alleviate this problem in recent years.
Model-Agnostic Meta-Attack: Towards Reliable Evaluation of Adversarial Robustness
The vulnerability of deep neural networks to adversarial examples has motivated an increasing number of defense strategies for promoting model robustness.
Boosting Transferability of Targeted Adversarial Examples via Hierarchical Generative Networks
Transfer-based adversarial attacks can evaluate model robustness in the black-box setting.
Accumulative Poisoning Attacks on Real-time Data
Collecting training data from untrusted sources exposes machine learning services to poisoning adversaries, who maliciously manipulate training data to degrade the model accuracy.
Exploring Memorization in Adversarial Training
In this paper, we explore the memorization effect in adversarial training (AT) for promoting a deeper understanding of model capacity, convergence, generalization, and especially robust overfitting of the adversarially trained models.
Two Coupled Rejection Metrics Can Tell Adversarial Examples Apart
Along with this routine, we find that confidence and a rectified confidence (R-Con) can form two coupled rejection metrics, which could provably distinguish wrongly classified inputs from correctly classified ones.
Black-box Detection of Backdoor Attacks with Limited Information and Data
Although deep neural networks (DNNs) have made rapid progress in recent years, they are vulnerable in adversarial environments.
Bag of Tricks for Adversarial Training
Adversarial training (AT) is one of the most effective strategies for promoting model robustness.
Efficient Learning of Generative Models via Finite-Difference Score Matching
Several machine learning applications involve the optimization of higher-order derivatives (e. g., gradients of gradients) during training, which can be expensive in respect to memory and computation even with automatic differentiation.
Towards Face Encryption by Generating Adversarial Identity Masks
As billions of personal data being shared through social media and network, the data privacy and security have drawn an increasing attention.
Boosting Adversarial Training with Hypersphere Embedding
Adversarial training (AT) is one of the most effective defenses against adversarial attacks for deep learning models.
Adversarial Distributional Training for Robust Deep Learning
Adversarial training (AT) is among the most effective techniques to improve model robustness by augmenting training data with adversarial examples.
Benchmarking Adversarial Robustness
Deep neural networks are vulnerable to adversarial examples, which becomes one of the most important research problems in the development of deep learning.
Mixup Inference: Better Exploiting Mixup to Defend Adversarial Attacks
Our experiments on CIFAR-10 and CIFAR-100 demonstrate that MI can further improve the adversarial robustness for the models trained by mixup and its variants.
Improving Black-box Adversarial Attacks with a Transfer-based Prior
We consider the black-box adversarial setting, where the adversary has to generate adversarial perturbations without access to the target models to compute gradients.
Rethinking Softmax Cross-Entropy Loss for Adversarial Robustness
Previous work shows that adversarially robust generalization requires larger sample complexity, and the same dataset, e. g., CIFAR-10, which enables good standard accuracy may not suffice to train robust models.
Evading Defenses to Transferable Adversarial Examples by Translation-Invariant Attacks
In this paper, we propose a translation-invariant attack method to generate more transferable adversarial examples against the defense models.
Improving Adversarial Robustness via Promoting Ensemble Diversity
Though deep neural networks have achieved significant progress on various tasks, often enhanced by model ensemble, existing high-performance models can be vulnerable to adversarial attacks.
Adversarial Attacks and Defences Competition
To accelerate research on adversarial examples and robustness of machine learning classifiers, Google Brain organized a NIPS 2017 competition that encouraged researchers to develop new methods to generate adversarial examples as well as to develop new ways to defend against them.
Max-Mahalanobis Linear Discriminant Analysis Networks
In this paper, we show that a properly designed classifier can improve robustness to adversarial attacks and lead to better prediction results.
Defense against Adversarial Attacks Using High-Level Representation Guided Denoiser
First, with HGD as a defense, the target model is more robust to either white-box or black-box adversarial attacks.
Boosting Adversarial Attacks with Momentum
To further improve the success rates for black-box attacks, we apply momentum iterative algorithms to an ensemble of models, and show that the adversarially trained models with a strong defense ability are also vulnerable to our black-box attacks.
Towards Robust Detection of Adversarial Examples
Although the recent progress is substantial, deep learning methods can be vulnerable to the maliciously generated adversarial examples.
