Search Results for author:
Found 47 papers, 14 papers with code
Divide and Denoise: Learning from Noisy Labels in Fine-Grained Entity Typing with Cluster-Wise Loss Correction
In this work, we propose a clustering-based loss correction framework named Feature Cluster Loss Correction (FCLC), to address these two problems.
Don’t Miss the Potential Customers! Retrieving Similar Ads to Improve User Targeting
User targeting is an essential task in the modern advertising industry: given a package of ads for a particular category of products (e. g., green tea), identify the online users to whom the ad package should be targeted.
FedEntropy: Efficient Device Grouping for Federated Learning Using Maximum Entropy Judgment
Along with the popularity of Artificial Intelligence (AI) and Internet-of-Things (IoT), Federated Learning (FL) has attracted steadily increasing attentions as a promising distributed machine learning paradigm, which enables the training of a central model on for numerous decentralized devices without exposing their privacy.
A Comprehensive Survey of Few-shot Learning: Evolution, Applications, Challenges, and Opportunities
Few-shot learning (FSL) has emerged as an effective learning method and shows great potential.
Model-Contrastive Learning for Backdoor Defense
Due to the popularity of Artificial Intelligence (AI) techniques, we are witnessing an increasing number of backdoor injection attacks that are designed to maliciously threaten Deep Neural Networks (DNNs) causing misclassification.
Eliminating Backdoor Triggers for Deep Neural Networks Using Attention Relation Graph Distillation
Due to the prosperity of Artificial Intelligence (AI) techniques, more and more backdoors are designed by adversaries to attack Deep Neural Networks (DNNs). Although the state-of-the-art method Neural Attention Distillation (NAD) can effectively erase backdoor triggers from DNNs, it still suffers from non-negligible Attack Success Rate (ASR) together with lowered classification ACCuracy (ACC), since NAD focuses on backdoor defense using attention features (i. e., attention maps) of the same order.
Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings
To bridge this critical gap, we conduct the first large-scale systematic empirical study of transfer attacks against major cloud-based MLaaS platforms, taking the components of a real transfer attack into account.
Over-the-Air Federated Learning via Second-Order Optimization
To address this issue, in this paper, we instead propose a novel over-the-air second-order federated optimization algorithm to simultaneously reduce the communication rounds and enable low-latency global model aggregation.
The Variable Volatility Elasticity Model from Commodity Markets
In this paper, we propose and study a novel continuous-time model, based on the well-known constant elasticity of variance (CEV) model, to describe the asset price process.
Machine Learning Empowered Intelligent Data Center Networking: A Survey
To support the needs of ever-growing cloud-based services, the number of servers and network devices in data centers is increasing exponentially, which in turn results in high complexities and difficulties in network optimization.
Seeing is Living? Rethinking the Security of Facial Liveness Verification in the Deepfake Era
Facial Liveness Verification (FLV) is widely used for identity authentication in many security-sensitive domains and offered as Platform-as-a-Service (PaaS) by leading cloud vendors.
Towards Fast and Accurate Federated Learning with non-IID Data for Cloud-Based IoT Applications
However, since our grouping method is based on the similarity of extracted feature maps from IoT devices, it may incur additional risks of privacy exposure.
CatchBackdoor: Backdoor Testing by Critical Trojan Neural Path Identification via Differential Fuzzing
Existing DNN testing methods are mainly designed to find incorrect corner case behaviors in adversarial settings but fail to discover the backdoors crafted by strong trojan attacks.
MedAttacker: Exploring Black-Box Adversarial Attacks on Risk Prediction Models in Healthcare
Deep neural networks (DNNs) have been broadly adopted in health risk prediction to provide healthcare diagnoses and treatments.
Auto robust relative radiometric normalization via latent change noise modelling
Relative radiometric normalization(RRN) of different satellite images of the same terrain is necessary for change detection, object classification/segmentation, and map-making tasks.
Backdoor Attack through Frequency Domain
We also evaluate FTROJAN against state-of-the-art defenses as well as several adaptive defenses that are designed on the frequency domain.
Backdoor Pre-trained Models Can Transfer to All
However, a pre-trained model with backdoor can be a severe threat to the applications.
On the Security Risks of AutoML
Neural Architecture Search (NAS) represents an emerging machine learning (ML) paradigm that automatically searches for models tailored to given tasks, which greatly simplifies the development of ML systems and propels the trend of ML democratization.
UAV-Assisted Over-the-Air Computation
Over-the-air computation (AirComp) provides a promising way to support ultrafast aggregation of distributed data.
Optimize the trajectory of UAV which plays a BS in communication system
i-Algebra: Towards Interactive Interpretability of Deep Neural Networks
Providing explanations for deep neural networks (DNNs) is essential for their use in domains wherein the interpretability of decisions is a critical prerequisite.
Composite Adversarial Training for Multiple Adversarial Perturbations and Beyond
One intriguing property of deep neural networks (DNNs) is their vulnerability to adversarial perturbations.
TrojanZoo: Towards Unified, Holistic, and Practical Evaluation of Neural Backdoors
To bridge this gap, we design and implement TROJANZOO, the first open-source platform for evaluating neural backdoor attacks/defenses in a unified, holistic, and practical manner.
Visual Perception Generalization for Vision-and-Language Navigation via Meta-Learning
In the training phase, we first locate the generalization problem to the visual perception module, and then compare two meta-learning algorithms for better generalization in seen and unseen environments.
UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers
We hope that our findings can shed light on reliable fuzzing evaluation, so that we can discover promising fuzzing primitives to effectively facilitate fuzzer designs in the future.
Cryptography and Security
Trojaning Language Models for Fun and Profit
Recent years have witnessed the emergence of a new paradigm of building natural language processing (NLP) systems: general-purpose, pre-trained language models (LMs) are composed with simple downstream models and fine-tuned for a variety of NLP tasks.
Graph Backdoor
One intriguing property of deep neural networks (DNNs) is their inherent vulnerability to backdoor attacks -- a trojan model responds to trigger-embedded inputs in a highly predictable manner while functioning normally otherwise.
AdvMind: Inferring Adversary Intent of Black-Box Attacks
Deep neural networks (DNNs) are inherently susceptible to adversarial attacks even under black-box settings, in which the adversary only has query access to the target models.
PoisHygiene: Detecting and Mitigating Poisoning Attacks in Neural Networks
Being able to detect and mitigate poisoning attacks, typically categorized into backdoor and adversarial poisoning (AP), is critical in enabling safe adoption of DNNs in many application domains.
Portably parallel construction of a CI wave function from a matrix-product state using the Charm++ framework
In this work, we present an efficient procedure for constructing CI expansions from MPS using the Charm++ parallel programming framework, upon which automatic load balancing and object migration facilities can be employed.
Computational Physics Strongly Correlated Electrons
A Tale of Evil Twins: Adversarial Inputs versus Poisoned Models
Specifically, (i) we develop a new attack model that jointly optimizes adversarial inputs and poisoned models; (ii) with both analytical and empirical evidence, we reveal that there exist intriguing "mutual reinforcement" effects between the two attack vectors -- leveraging one vector significantly amplifies the effectiveness of the other; (iii) we demonstrate that such effects enable a large design spectrum for the adversary to enhance the existing attacks that exploit both vectors (e. g., backdoor attacks), such as maximizing the attack evasiveness with respect to various detection methods; (iv) finally, we discuss potential countermeasures against such optimized attacks and their technical challenges, pointing to several promising research directions.
Provable Defenses against Spatially Transformed Adversarial Inputs: Impossibility and Possibility Results
On the possibility side, we show that it is still feasible to construct adversarial training methods to significantly improve the resilience of networks against adversarial inputs over empirical datasets.
SirenAttack: Generating Adversarial Audio for End-to-End Acoustic Systems
Despite their immense popularity, deep learning-based acoustic systems are inherently vulnerable to adversarial attacks, wherein maliciously crafted audios trigger target systems to misbehave.
Cryptography and Security
TextBugger: Generating Adversarial Text Against Real-world Applications
Deep Learning-based Text Understanding (DLTU) is the backbone technique behind various applications, including question answering, machine translation, and text classification.
Interpretable Deep Learning under Fire
The improved interpretability is believed to offer a sense of security by involving human in the decision-making process.
Model-Reuse Attacks on Deep Learning Systems
By empirically studying four deep learning systems (including both individual and ensemble systems) used in skin cancer screening, speech recognition, face verification, and autonomous steering, we show that such attacks are (i) effective - the host systems misbehave on the targeted inputs as desired by the adversary with high probability, (ii) evasive - the malicious models function indistinguishably from their benign counterparts on non-targeted inputs, (iii) elastic - the malicious models remain effective regardless of various system design choices and tuning strategies, and (iv) easy - the adversary needs little prior knowledge about the data used for system tuning or inference.
Cryptography and Security
EagleEye: Attack-Agnostic Defense against Adversarial Inputs (Technical Report)
Deep neural networks (DNNs) are inherently vulnerable to adversarial inputs: such maliciously crafted samples trigger DNNs to misbehave, leading to detrimental consequences for DNN-powered systems.
Differentially Private Releasing via Deep Generative Model (Technical Report)
Privacy-preserving releasing of complex data (e. g., image, text, audio) represents a long-standing challenge for the data mining research community.
Where Classification Fails, Interpretation Rises
We believe that this work opens a new direction for designing adversarial input detection methods.
Modular Learning Component Attacks: Today's Reality, Tomorrow's Challenge
Many of today's machine learning (ML) systems are not built from scratch, but are compositions of an array of {\em modular learning components} (MLCs).
Dense 3D Facial Reconstruction from a Single Depth Image in Unconstrained Environment
With the increasing demands of applications in virtual reality such as 3D films, virtual Human-Machine Interactions and virtual agents, the analysis of 3D human face analysis is considered to be more and more important as a fundamental step for those virtual reality tasks.
DIMM-SC: A Dirichlet mixture model for clustering droplet-based single cell transcriptomic data
More importantly, as a model-based approach, DIMM-SC is able to quantify the clustering uncertainty for each single cell, facilitating rigorous statistical inference and biological interpretations, which are typically unavailable from existing clustering methods.
Context-Aware Online Learning for Course Recommendation of MOOC Big Data
In this respect, the key challenge is how to realize personalized course recommendation as well as to reduce the computing and storage costs for the tremendous course data.
Neural Mechanism of Language
Firstly, we briefly introduce this model in this paper, and then we explain the neural mechanism of language and reasoning with it.
A Quantitative Neural Coding Model of Sensory Memory
The coding mechanism of sensory memory on the neuron scale is one of the most important questions in neuroscience.
A Unified Quantitative Model of Vision and Audition
This is complementary to existing theories and has provided better explanations for sound localization.
Automatic Extraction of Protein Interaction in Literature
Protein-protein interaction extraction is the key precondition of the construction of protein knowledge network, and it is very important for the research in the biomedicine.
