Search Results for author:
Found 70 papers, 34 papers with code
DeepFaceLab: Integrated, flexible and extensible face-swapping framework
Deepfake defense not only requires the research of detection but also requires the efforts of generation methods.
Ranked #1 on
Face Swapping
on FaceForensics++
Ambiguity-Resistant Semi-Supervised Learning for Dense Object Detection
It employs a "divide-and-conquer" strategy and separately exploits positives for the classification and localization task, which is more robust to the assignment ambiguity.
Ranked #1 on
Semi-Supervised Object Detection
on COCO 10% labeled data
(detector metric)
CSWin Transformer: A General Vision Transformer Backbone with Cross-Shaped Windows
By further pretraining on the larger dataset ImageNet-21K, we achieve 87. 5% Top-1 accuracy on ImageNet-1K and high segmentation performance on ADE20K with 55. 7 mIoU.
Ranked #25 on
Semantic Segmentation
on ADE20K val
HairCLIP: Design Your Hair by Text and Reference Image
Hair editing is an interesting and challenging problem in computer vision and graphics.
Multi-attentional Deepfake Detection
Most of them model deepfake detection as a vanilla binary classification problem, i. e, first use a backbone network to extract a global feature and then feed it into a binary classifier (real/fake).
CLIP Itself is a Strong Fine-tuner: Achieving 85.7% and 88.0% Top-1 Accuracy with ViT-B and ViT-L on ImageNet
Recent studies have shown that CLIP has achieved remarkable success in performing zero-shot inference while its fine-tuning performance is not satisfactory.
OPERA: Alleviating Hallucination in Multi-Modal Large Language Models via Over-Trust Penalty and Retrospection-Allocation
Based on the observation, OPERA introduces a penalty term on the model logits during the beam-search decoding to mitigate the over-trust issue, along with a rollback strategy that retrospects the presence of summary tokens in the previously generated tokens, and re-allocate the token selection if necessary.
PeCo: Perceptual Codebook for BERT Pre-training of Vision Transformers
This paper explores a better prediction target for BERT pre-training of vision transformers.
E2Style: Improve the Efficiency and Effectiveness of StyleGAN Inversion
This paper studies the problem of StyleGAN inversion, which plays an essential role in enabling the pretrained StyleGAN to be used for real image editing tasks.
HairCLIPv2: Unifying Hair Editing via Proxy Feature Blending
Even though they can enable very fine-grained local control, such interaction modes are inefficient for the editing conditions that can be easily specified by language descriptions or reference images.
Bootstrapped Masked Autoencoders for Vision BERT Pretraining
The first design is motivated by the observation that using a pretrained MAE to extract the features as the BERT prediction target for masked tokens can achieve better pretraining performance.
Protecting Celebrities from DeepFake with Identity Consistency Transformer
In this work we propose Identity Consistency Transformer, a novel face forgery detection method that focuses on high-level semantics, specifically identity information, and detecting a suspect face by finding identity inconsistency in inner and outer face regions.
MBRS : Enhancing Robustness of DNN-based Watermarking by Mini-Batch of Real and Simulated JPEG Compression
To address such limitations, we proposed a novel end-to-end training architecture, which utilizes Mini-Batch of Real and Simulated JPEG compression (MBRS) to enhance the JPEG robustness.
Diversity-Aware Meta Visual Prompting
We present Diversity-Aware Meta Visual Prompting~(DAM-VP), an efficient and effective prompting method for transferring pre-trained models to downstream tasks with frozen backbone.
Model Watermarking for Image Processing Networks
In this way, when the attacker trains one surrogate model by using the input-output pairs of the target model, the hidden watermark will be learned and extracted afterward.
Deep Model Intellectual Property Protection via Deep Watermarking
By jointly training the target model and watermark embedding, the extra barrier can even be absorbed into the target model.
CodeApex: A Bilingual Programming Evaluation Benchmark for Large Language Models
With the emergence of Large Language Models (LLMs), there has been a significant improvement in the programming capabilities of models, attracting growing attention from researchers.
Shape-invariant 3D Adversarial Point Clouds
In this paper, we propose a novel Point-Cloud Sensitivity Map to boost both the efficiency and imperceptibility of point perturbations.
GreedyFool: Distortion-Aware Sparse Adversarial Attack
Sparse adversarial samples are a special branch of adversarial samples that can fool the target model by only perturbing a few pixels.
X-Paste: Revisiting Scalable Copy-Paste for Instance Segmentation using CLIP and StableDiffusion
We demonstrate for the first time that using a text2image model to generate images or zero-shot recognition model to filter noisily crawled images for different object categories is a feasible way to make Copy-Paste truly scalable.
Ranked #7 on
Instance Segmentation
on LVIS v1.0 val
Watermarking Text Generated by Black-Box Language Models
To allow third-parties to autonomously inject watermarks into generated text, we develop a watermarking framework for black-box language model usage scenarios.
Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network
At first, a top-n selection strategy is proposed to provide pseudo-labels for public data, and use pseudo-labels to guide the training of the cGAN.
Passport-aware Normalization for Deep Model Protection
Only when the model IP is suspected to be stolen by someone, the private passport-aware branch is added back for ownership verification.
Improving Adversarial Robustness of Masked Autoencoders via Test-time Frequency-domain Prompting
Based on our analysis, we provide a simple yet effective way to boost the adversarial robustness of MAE.
Poison Ink: Robust and Invisible Backdoor Attack
As the image structure can keep its semantic meaning during the data transformation, such trigger pattern is inherently robust to data transformations.
DUP-Net: Denoiser and Upsampler Network for 3D Adversarial Point Clouds Defense
We propose a Denoiser and UPsampler Network (DUP-Net) structure as defenses for 3D adversarial point cloud classification, where the two modules reconstruct surface smoothness by dropping or adding points.
Gaussian Shading: Provable Performance-Lossless Image Watermarking for Diffusion Models
To address this issue, we propose Gaussian Shading, a diffusion model watermarking technique that is both performance-lossless and training-free, while serving the dual purpose of copyright protection and tracing of offending content.
Control Risk for Potential Misuse of Artificial Intelligence in Science
In this study, we aim to raise awareness of the dangers of AI misuse in science, and call for responsible AI development and use in this domain.
Adversarial Examples Detection beyond Image Space
To detect both few-perturbation attacks and large-perturbation attacks, we propose a method beyond image space by a two-stream architecture, in which the image stream focuses on the pixel artifacts and the gradient stream copes with the confidence artifacts.
Data-Free Hard-Label Robustness Stealing Attack
In response to these identified gaps, we introduce a novel Data-Free Hard-Label Robustness Stealing (DFHL-RS) attack in this paper, which enables the stealing of both model accuracy and robustness by simply querying hard labels of the target model without the help of any natural data.
Self-supervised Adversarial Training
Recent work has demonstrated that neural networks are vulnerable to adversarial examples.
Deep Learning for Event-based Vision: A Comprehensive Survey and Benchmarks
Event cameras are bio-inspired sensors that capture the per-pixel intensity changes asynchronously and produce event streams encoding the time, pixel position, and polarity (sign) of the intensity changes.
Worst-Case-Aware Curriculum Learning for Zero and Few Shot Transfer
Multi-task transfer learning based on pre-trained language encoders achieves state-of-the-art performance across a range of tasks.
Enhanced Attacks on Defensively Distilled Deep Neural Networks
In this paper, we first propose the epsilon-neighborhood attack, which can fool the defensively distilled networks with 100% success rate in the white-box setting, and it is fast to generate adversarial examples with good visual quality.
Detection based Defense against Adversarial Examples from the Steganalysis Point of View
Moreover, secondary adversarial attacks cannot be directly performed to our method because our method is not based on a neural network but based on high-dimensional artificial features and FLD (Fisher Linear Discriminant) ensemble.
Unauthorized AI cannot Recognize Me: Reversible Adversarial Example
In this study, we propose a new methodology to control how user's data is recognized and used by AI via exploiting the properties of adversarial examples.
CAAD 2018: Powerful None-Access Black-Box Attack Based on Adversarial Transformation Network
In this paper, we propose an improvement of Adversarial Transformation Networks(ATN) to generate adversarial examples, which can fool white-box models and black-box models with a state of the art performance and won the 2rd place in the non-target task in CAAD 2018.
Emerging Applications of Reversible Data Hiding
Reversible data hiding (RDH) is one special type of information hiding, by which the host sequence as well as the embedded data can be both restored from the marked sequence without loss.
CAAD 2018: Iterative Ensemble Adversarial Attack
Deep Neural Networks (DNNs) have recently led to significant improvements in many fields.
Neural Machine Reading Comprehension: Methods and Trends
Machine reading comprehension (MRC), which requires a machine to answer questions based on a given context, has attracted increasing attention with the incorporation of various deep-learning techniques over the past few years.
Once a MAN: Towards Multi-Target Attack via Learning Multi-Target Adversarial Network Once
Recently, generation-based methods have received much attention since they directly use feed-forward networks to generate the adversarial samples, which avoid the time-consuming iterative attacking procedure in optimization-based and gradient-based methods.
Reversible Adversarial Attack based on Reversible Image Transformation
In order to prevent illegal or unauthorized access of image data such as human faces and ensure legitimate users can use authorization-protected data, reversible adversarial attack technique is rise.
LG-GAN: Label Guided Adversarial Network for Flexible Targeted Attack of Point Cloud-based Deep Networks
To overcome these shortcomings, this paper proposes a novel label guided adversarial network (LG-GAN) for real-time flexible targeted point cloud attack.
Identity-Driven DeepFake Detection
Our approach takes as input the suspect image/video as well as the target identity information (a reference image or video).
Improved Image Matting via Real-time User Clicks and Uncertainty Estimation
Image matting is a fundamental and challenging problem in computer vision and graphics.
Spatial-Phase Shallow Learning: Rethinking Face Forgery Detection in Frequency Domain
The remarkable success in face forgery techniques has received considerable attention in computer vision due to security concerns.
A Brief Survey on Deep Learning Based Data Hiding
Data hiding is the art of concealing messages with limited perceptual changes.
A Local Similarity-Preserving Framework for Nonlinear Dimensionality Reduction with Neural Networks
Real-world data usually have high dimensionality and it is important to mitigate the curse of dimensionality.
Reversible Watermarking in Deep Convolutional Neural Networks for Integrity Authentication
Specifically, we present the reversible watermarking problem of deep convolutional neural networks and utilize the pruning theory of model compression technology to construct a host sequence used for embedding watermarking information by histogram shift.
Exploring Structure Consistency for Deep Model Watermarking
However, little attention has been devoted to the protection of DNNs in image processing tasks.
Speech Pattern based Black-box Model Watermarking for Automatic Speech Recognition
As an effective method for intellectual property (IP) protection, model watermarking technology has been applied on a wide variety of deep neural networks (DNN), including speech classification models.
Automatic Speech Recognition
Automatic Speech Recognition (ASR)
+2
Sociolectal Analysis of Pretrained Language Models
Using data from English cloze tests, in which subjects also self-reported their gender, age, education, and race, we examine performance differences of pretrained language models across demographic groups, defined by these (protected) attributes.
Tracing Text Provenance via Context-Aware Lexical Substitution
Tracing text provenance can help claim the ownership of text content or identify the malicious users who distribute misleading content like machine-generated fake news.
Self-supervised Transformer for Deepfake Detection
After pre-training with our method, the model will then be partially fine-tuned for deepfake detection task.
Invertible Mask Network for Face Privacy-Preserving
Then, put the "Mask" face onto the protected face and generate the masked face, in which the masked face is indistinguishable from "Mask" face.
MaskCLIP: Masked Self-Distillation Advances Contrastive Language-Image Pretraining
Second, masked self-distillation is also consistent with vision-language contrastive from the perspective of training objective as both utilize the visual encoder for feature aligning, and thus is able to learn local semantics getting indirect supervision from the language.
PointCAT: Contrastive Adversarial Training for Robust Point Cloud Recognition
Notwithstanding the prominent performance achieved in various applications, point cloud recognition models have often suffered from natural corruptions and adversarial perturbations.
Ada3Diff: Defending against 3D Adversarial Point Clouds via Adaptive Diffusion
Deep 3D point cloud models are sensitive to adversarial attacks, which poses threats to safety-critical applications such as autonomous driving.
VQNet 2.0: A New Generation Machine Learning Framework that Unifies Classical and Quantum
Therefore, based on VQNet 1. 0, we further propose VQNet 2. 0, a new generation of unified classical and quantum machine learning framework that supports hybrid optimization.
LLM Paternity Test: Generated Text Detection with LLM Genetic Inheritance
Large language models (LLMs) can generate texts that carry the risk of various misuses, including plagiarism, planting fake reviews on e-commerce platforms, or creating inflammatory false tweets.
Test-Time Adaptation for Nighttime Color-Thermal Semantic Segmentation
we propose the first test-time adaptation (TTA) framework, dubbed Night-TTA, to address the problems for nighttime RGBT semantic segmentation without access to the source (daytime) data during adaptation.
Segue: Side-information Guided Generative Unlearnable Examples for Facial Privacy Protection in Real World
To address these concerns, researchers are actively exploring the concept of ``unlearnable examples", by adding imperceptible perturbation to data in the model training stage, which aims to prevent the model from learning discriminate features of the target face.
Improving Adversarial Transferability by Stable Diffusion
Various techniques have emerged to enhance the transferability of adversarial attacks for the black-box scenario.
Adapting Large Language Models for Education: Foundational Capabilities, Potentials, and Challenges
Online education platforms, leveraging the internet to distribute education resources, seek to provide convenient education but often fall short in real-time communication with students.
Model X-ray:Detect Backdoored Models via Decision Boundary
To address it, in this paper, we begin by presenting an intriguing observation: the decision boundary of the backdoored model exhibits a greater degree of closeness than that of the clean model.
Towards Generalist Prompting for Large Language Models by Mental Models
MeMo distills the cores of various prompting methods into individual mental models and allows LLMs to autonomously select the most suitable mental models for the problem, achieving or being near to the state-of-the-art results on diverse tasks such as STEM, logical reasoning, and commonsense reasoning in zero-shot settings.
GoodSAM: Bridging Domain and Capacity Gaps via Segment Anything Model for Distortion-aware Panoramic Semantic Segmentation
To this end, we propose a novel framework, called GoodSAM, that introduces a teacher assistant (TA) to provide semantic information, integrated with SAM to generate ensemble logits to achieve knowledge transfer.
Provably Secure Disambiguating Neural Linguistic Steganography
SyncPool does not change the size of the candidate pool or the distribution of tokens and thus is applicable to provably secure language steganography methods.
Unsupervised Visible-Infrared ReID via Pseudo-label Correction and Modality-level Alignment
Specifically, to address the first challenge, we propose a pseudo-label correction strategy that utilizes a Beta Mixture Model to predict the probability of mis-clustering based network's memory effect and rectifies the correspondence by adding a perceptual term to contrastive learning.
©Plug-in Authorization for Human Content Copyright Protection in Text-to-Image Model
To mitigate this, we propose the \copyright Plug-in Authorization framework, introducing three operations: addition, extraction, and combination.
