Search Results for author: Weiming Zhang

Found 40 papers, 16 papers with code

Sociolectal Analysis of Pretrained Language Models

no code implementations EMNLP 2021 Sheng Zhang, Xin Zhang, Weiming Zhang, Anders Søgaard

Using data from English cloze tests, in which subjects also self-reported their gender, age, education, and race, we examine performance differences of pretrained language models across demographic groups, defined by these (protected) attributes.

Pretrained Language Models

Invertible Mask Network for Face Privacy-Preserving

no code implementations19 Apr 2022 Yang Yang, Yiyang Huang, Ming Shi, Kejiang Chen, Weiming Zhang, Nenghai Yu

Then, put the "Mask" face onto the protected face and generate the masked face, in which the masked face is indistinguishable from "Mask" face.

Shape-invariant 3D Adversarial Point Clouds

1 code implementation8 Mar 2022 Qidong Huang, Xiaoyi Dong, Dongdong Chen, Hang Zhou, Weiming Zhang, Nenghai Yu

In this paper, we propose a novel Point-Cloud Sensitivity Map to boost both the efficiency and imperceptibility of point perturbations.

Self-supervised Transformer for Deepfake Detection

no code implementations2 Mar 2022 Hanqing Zhao, Wenbo Zhou, Dongdong Chen, Weiming Zhang, Nenghai Yu

After pre-training with our method, the model will then be partially fine-tuned for deepfake detection task.

Contrastive Learning DeepFake Detection +3

Protecting Celebrities from DeepFake with Identity Consistency Transformer

1 code implementation2 Mar 2022 Xiaoyi Dong, Jianmin Bao, Dongdong Chen, Ting Zhang, Weiming Zhang, Nenghai Yu, Dong Chen, Fang Wen, Baining Guo

In this work we propose Identity Consistency Transformer, a novel face forgery detection method that focuses on high-level semantics, specifically identity information, and detecting a suspect face by finding identity inconsistency in inner and outer face regions.

Face Swapping

Tracing Text Provenance via Context-Aware Lexical Substitution

no code implementations15 Dec 2021 Xi Yang, Jie Zhang, Kejiang Chen, Weiming Zhang, Zehua Ma, Feng Wang, Nenghai Yu

Tracing text provenance can help claim the ownership of text content or identify the malicious users who distribute misleading content like machine-generated fake news.

Optical Character Recognition

HairCLIP: Design Your Hair by Text and Reference Image

1 code implementation9 Dec 2021 Tianyi Wei, Dongdong Chen, Wenbo Zhou, Jing Liao, Zhentao Tan, Lu Yuan, Weiming Zhang, Nenghai Yu

Hair editing is an interesting and challenging problem in computer vision and graphics.

Speech Pattern based Black-box Model Watermarking for Automatic Speech Recognition

no code implementations19 Oct 2021 Haozhe Chen, Weiming Zhang, Kunlin Liu, Kejiang Chen, Han Fang, Nenghai Yu

As an effective method for intellectual property (IP) protection, model watermarking technology has been applied on a wide variety of deep neural networks (DNN), including speech classification models.

Automatic Speech Recognition

MBRS : Enhancing Robustness of DNN-based Watermarking by Mini-Batch of Real and Simulated JPEG Compression

1 code implementation18 Aug 2021 Zhaoyang Jia, Han Fang, Weiming Zhang

To address such limitations, we proposed a novel end-to-end training architecture, which utilizes Mini-Batch of Real and Simulated JPEG compression (MBRS) to enhance the JPEG robustness.

Exploring Structure Consistency for Deep Model Watermarking

no code implementations5 Aug 2021 Jie Zhang, Dongdong Chen, Jing Liao, Han Fang, Zehua Ma, Weiming Zhang, Gang Hua, Nenghai Yu

However, little attention has been devoted to the protection of DNNs in image processing tasks.

Data Augmentation

Poison Ink: Robust and Invisible Backdoor Attack

no code implementations5 Aug 2021 Jie Zhang, Dongdong Chen, Jing Liao, Qidong Huang, Gang Hua, Weiming Zhang, Nenghai Yu

As the image structure can keep its semantic meaning during the data transformation, such trigger pattern is inherently robust to data transformations.

Backdoor Attack Data Poisoning

CSWin Transformer: A General Vision Transformer Backbone with Cross-Shaped Windows

4 code implementations1 Jul 2021 Xiaoyi Dong, Jianmin Bao, Dongdong Chen, Weiming Zhang, Nenghai Yu, Lu Yuan, Dong Chen, Baining Guo

By further pretraining on the larger dataset ImageNet-21K, we achieve 87. 5% Top-1 accuracy on ImageNet-1K and high segmentation performance on ADE20K with 55. 7 mIoU.

Image Classification Semantic Segmentation

E2Style: Improve the Efficiency and Effectiveness of StyleGAN Inversion

2 code implementations15 Apr 2021 Tianyi Wei, Dongdong Chen, Wenbo Zhou, Jing Liao, Weiming Zhang, Lu Yuan, Gang Hua, Nenghai Yu

This paper studies the problem of StyleGAN inversion, which plays an essential role in enabling the pretrained StyleGAN to be used for real image editing tasks.

Face Parsing

Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication

no code implementations9 Apr 2021 Xiquan Guan, Huamin Feng, Weiming Zhang, Hang Zhou, Jie Zhang, Nenghai Yu

Specifically, we present the reversible watermarking problem of deep convolutional neural networks and utilize the pruning theory of model compression technology to construct a host sequence used for embedding watermarking information by histogram shift.

Model Compression

Deep Model Intellectual Property Protection via Deep Watermarking

1 code implementation8 Mar 2021 Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Huamin Feng, Gang Hua, Nenghai Yu

By jointly training the target model and watermark embedding, the extra barrier can even be absorbed into the target model.

Multi-attentional Deepfake Detection

no code implementations CVPR 2021 Hanqing Zhao, Wenbo Zhou, Dongdong Chen, Tianyi Wei, Weiming Zhang, Nenghai Yu

Most of them model deepfake detection as a vanilla binary classification problem, i. e, first use a backbone network to extract a global feature and then feed it into a binary classifier (real/fake).

Data Augmentation DeepFake Detection +1

Adversarial Examples Detection beyond Image Space

1 code implementation23 Feb 2021 Kejiang Chen, Yuefeng Chen, Hang Zhou, Chuan Qin, Xiaofeng Mao, Weiming Zhang, Nenghai Yu

To detect both few-perturbation attacks and large-perturbation attacks, we propose a method beyond image space by a two-stream architecture, in which the image stream focuses on the pixel artifacts and the gradient stream copes with the confidence artifacts.

Identity-Driven DeepFake Detection

no code implementations7 Dec 2020 Xiaoyi Dong, Jianmin Bao, Dongdong Chen, Weiming Zhang, Nenghai Yu, Dong Chen, Fang Wen, Baining Guo

Our approach takes as input the suspect image/video as well as the target identity information (a reference image or video).

DeepFake Detection Face Swapping

LG-GAN: Label Guided Adversarial Network for Flexible Targeted Attack of Point Cloud-based Deep Networks

no code implementations1 Nov 2020 Hang Zhou, Dongdong Chen, Jing Liao, Weiming Zhang, Kejiang Chen, Xiaoyi Dong, Kunlin Liu, Gang Hua, Nenghai Yu

To overcome these shortcomings, this paper proposes a novel label guided adversarial network (LG-GAN) for real-time flexible targeted point cloud attack.

Passport-aware Normalization for Deep Model Protection

1 code implementation NeurIPS 2020 Jie Zhang, Dongdong Chen, Jing Liao, Weiming Zhang, Gang Hua, Nenghai Yu

Only when the model IP is suspected to be stolen by someone, the private passport-aware branch is added back for ownership verification.

Model Compression

GreedyFool: Distortion-Aware Sparse Adversarial Attack

1 code implementation NeurIPS 2020 Xiaoyi Dong, Dongdong Chen, Jianmin Bao, Chuan Qin, Lu Yuan, Weiming Zhang, Nenghai Yu, Dong Chen

Sparse adversarial samples are a special branch of adversarial samples that can fool the target model by only perturbing a few pixels.

Adversarial Attack

Worst-Case-Aware Curriculum Learning for Zero and Few Shot Transfer

1 code implementation23 Sep 2020 Sheng Zhang, Xin Zhang, Weiming Zhang, Anders Søgaard

Multi-task transfer learning based on pre-trained language encoders achieves state-of-the-art performance across a range of tasks.

Transfer Learning

Model Watermarking for Image Processing Networks

1 code implementation25 Feb 2020 Jie Zhang, Dong-Dong Chen, Jing Liao, Han Fang, Weiming Zhang, Wenbo Zhou, HAO CUI, Nenghai Yu

In this way, when the attacker trains one surrogate model by using the input-output pairs of the target model, the hidden watermark will be learned and extracted afterward.

Self-supervised Adversarial Training

1 code implementation15 Nov 2019 Kejiang Chen, Hang Zhou, Yuefeng Chen, Xiaofeng Mao, Yuhong Li, Yuan He, Hui Xue, Weiming Zhang, Nenghai Yu

Recent work has demonstrated that neural networks are vulnerable to adversarial examples.

Self-Supervised Learning

Reversible Adversarial Attack based on Reversible Image Transformation

no code implementations6 Nov 2019 Zhaoxia Yin, Hua Wang, Li Chen, Jie Wang, Weiming Zhang

In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise.

Adversarial Attack Image Restoration

Once a MAN: Towards Multi-Target Attack via Learning Multi-Target Adversarial Network Once

no code implementations ICCV 2019 Jiangfan Han, Xiaoyi Dong, Ruimao Zhang, Dong-Dong Chen, Weiming Zhang, Nenghai Yu, Ping Luo, Xiaogang Wang

Recently, generation-based methods have received much attention since they directly use feed-forward networks to generate the adversarial samples, which avoid the time-consuming iterative attacking procedure in optimization-based and gradient-based methods.

Classification General Classification

Neural Machine Reading Comprehension: Methods and Trends

no code implementations2 Jul 2019 Shanshan Liu, Xin Zhang, Sheng Zhang, Hui Wang, Weiming Zhang

Machine reading comprehension (MRC), which requires a machine to answer questions based on a given context, has attracted increasing attention with the incorporation of various deep-learning techniques over the past few years.

Machine Reading Comprehension

DUP-Net: Denoiser and Upsampler Network for 3D Adversarial Point Clouds Defense

1 code implementation ICCV 2019 Hang Zhou, Kejiang Chen, Weiming Zhang, Han Fang, Wenbo Zhou, Nenghai Yu

We propose a Denoiser and UPsampler Network (DUP-Net) structure as defenses for 3D adversarial point cloud classification, where the two modules reconstruct surface smoothness by dropping or adding points.

Denoising Point Cloud Classification

CAAD 2018: Iterative Ensemble Adversarial Attack

no code implementations7 Nov 2018 Jiayang Liu, Weiming Zhang, Nenghai Yu

Deep Neural Networks (DNNs) have recently led to significant improvements in many fields.

Adversarial Attack

Emerging Applications of Reversible Data Hiding

no code implementations7 Nov 2018 Dongdong Hou, Weiming Zhang, Jiayang Liu, Siyan Zhou, Dong-Dong Chen, Nenghai Yu

Reversible data hiding (RDH) is one special type of information hiding, by which the host sequence as well as the embedded data can be both restored from the marked sequence without loss.

CAAD 2018: Powerful None-Access Black-Box Attack Based on Adversarial Transformation Network

no code implementations3 Nov 2018 Xiaoyi Dong, Weiming Zhang, Nenghai Yu

In this paper, we propose an improvement of Adversarial Transformation Networks(ATN) to generate adversarial examples, which can fool white-box models and black-box models with a state of the art performance and won the 2rd place in the non-target task in CAAD 2018.

Unauthorized AI cannot Recognize Me: Reversible Adversarial Example

no code implementations1 Nov 2018 Jiayang Liu, Weiming Zhang, Kazuto Fukuchi, Youhei Akimoto, Jun Sakuma

In this study, we propose a new methodology to control how user's data is recognized and used by AI via exploiting the properties of adversarial examples.

Adversarial Attack General Classification +2

Detection based Defense against Adversarial Examples from the Steganalysis Point of View

no code implementations CVPR 2019 Jiayang Liu, Weiming Zhang, Yiwei Zhang, Dongdong Hou, Yujia Liu, Hongyue Zha, Nenghai Yu

Moreover, secondary adversarial attacks cannot be directly performed to our method because our method is not based on a neural network but based on high-dimensional artificial features and FLD (Fisher Linear Discriminant) ensemble.

Enhanced Attacks on Defensively Distilled Deep Neural Networks

no code implementations16 Nov 2017 Yujia Liu, Weiming Zhang, Shaohua Li, Nenghai Yu

In this paper, we first propose the epsilon-neighborhood attack, which can fool the defensively distilled networks with 100% success rate in the white-box setting, and it is fast to generate adversarial examples with good visual quality.

Face Recognition General Classification +2

Cannot find the paper you are looking for? You can Submit a new open access paper.