Search Results for author:
Found 35 papers, 25 papers with code
Boosting Adversarial Training via Fisher-Rao Norm-based Regularization
Then we generalize a complexity-related variable, which is sensitive to the changes in model width and the trade-off factors in adversarial training.
Towards Fairness-Aware Adversarial Learning
As a generalization of conventional AT, we re-define the problem of adversarial training as a min-max-max framework, to ensure both robustness and fairness of the trained model.
ProTIP: Probabilistic Robustness Verification on Text-to-Image Diffusion Models against Stochastic Perturbation
Text-to-Image (T2I) Diffusion Models (DMs) have shown impressive abilities in generating high-quality images based on simple text descriptions.
Building Guardrails for Large Language Models
As Large Language Models (LLMs) become more integrated into our daily lives, it is crucial to identify and mitigate their risks, especially when the risks can have profound impacts on human users and societies.
ReRoGCRL: Representation-based Robustness in Goal-Conditioned Reinforcement Learning
Then, to mitigate the vulnerability of existing GCRL algorithms, we introduce Adversarial Representation Tactics, which combines Semi-Contrastive Adversarial Augmentation with Sensitivity-Aware Regularizer to improve the adversarial robustness of the underlying RL agent against various types of perturbations.
Reward Certification for Policy Smoothed Reinforcement Learning
Reinforcement Learning (RL) has achieved remarkable success in safety-critical areas, but it can be weakened by adversarial attacks.
A Survey of Safety and Trustworthiness of Large Language Models through the Lens of Verification and Validation
Large Language Models (LLMs) have exploded a new heatwave of AI for their ability to engage end-users in human-level conversations with detailed and articulate answers across many knowledge domains.
Model-Agnostic Reachability Analysis on Deep Neural Networks
Verification plays an essential role in the formal analysis of safety-critical systems.
RePreM: Representation Pre-training with Masked Model for Reinforcement Learning
Inspired by the recent success of sequence modeling in RL and the use of masked language model for pre-training, we propose a masked model for pre-training in RL, RePreM (Representation Pre-training with Masked Model), which trains the encoder combined with transformer blocks to predict the masked states or actions in a trajectory.
Towards Verifying the Geometric Robustness of Large-scale Neural Networks
Deep neural networks (DNNs) are known to be vulnerable to adversarial geometric transformation.
Reachability Analysis of Neural Network Control Systems
We then reveal the working principles of applying Lipschitzian optimisation on NNCS verification and illustrate it by verifying an adaptive cruise control model.
Mortality Prediction with Adaptive Feature Importance Recalibration for Peritoneal Dialysis Patients: a deep-learning-based study on a real-world longitudinal follow-up dataset
Here, our objective is to develop a deep learning model for a real-time, individualized, and interpretable mortality prediction model - AICare.
Certified Policy Smoothing for Cooperative Multi-Agent Reinforcement Learning
The experimental results show that our method produces meaningful guaranteed robustness for all models and environments.
Multi-agent Reinforcement Learning
reinforcement-learning
+1
Adversarial Detection: Attacking Object Detection in Real Time
Intelligent robots rely on object detection models to perceive the environment.
Understanding Adversarial Robustness of Vision Transformers via Cauchy Problem
Recent research on the robustness of deep learning has shown that Vision Transformers (ViTs) surpass the Convolutional Neural Networks (CNNs) under some perturbations, e. g., natural corruption, adversarial attacks, etc.
DIMBA: Discretely Masked Black-Box Attack in Single Object Tracking
In this paper, we propose a novel adversarial attack method to generate noises for single object tracking under black-box settings, where perturbations are merely added on initial frames of tracking sequences, which is difficult to be noticed from the perspective of a whole video clip.
3DVerifier: Efficient Robustness Verification for 3D Point Cloud Models
Thus, we propose an efficient verification framework, 3DVerifier, to tackle both challenges by adopting a linear relaxation function to bound the multiplication layer and combining forward and backward propagation to compute the certified bounds of the outputs of the point cloud models.
PRoA: A Probabilistic Robustness Assessment against Functional Perturbations
Our experiments demonstrate the effectiveness and flexibility of PRoA in terms of evaluating the probabilistic robustness against a broad range of functional perturbations, and PRoA can scale well to various large-scale deep neural networks compared to existing state-of-the-art baselines.
Sparse Adversarial Video Attacks with Spatial Transformations
In recent years, a significant amount of research efforts concentrated on adversarial attacks on images, while adversarial video attacks have seldom been explored.
Adversarial Robustness of Deep Learning: Theory, Algorithms, and Applications
This tutorial aims to introduce the fundamentals of adversarial robustness of deep learning, presenting a well-structured review of up-to-date techniques to assess the vulnerability of various types of deep learning models to adversarial examples.
Adversarial Driving: Attacking End-to-End Autonomous Driving
As research in deep neural networks advances, deep convolutional networks become promising for autonomous driving tasks.
Dynamic Efficient Adversarial Training Guided by Gradient Magnitude
Therefore, based on the magnitude of the gradient, we propose a general acceleration strategy, M+ acceleration, which enables an automatic and highly effective method of adjusting the training procedure.
Fooling Object Detectors: Adversarial Attacks by Half-Neighbor Masks
Although there are a great number of adversarial attacks on deep learning based classifiers, how to attack object detection systems has been rarely studied.
Generalizing Universal Adversarial Attacks Beyond Additive Perturbations
Extensive experiments are conducted on CIFAR-10 and ImageNet datasets with six deep neural network models including GoogleLeNet, VGG16/19, ResNet101/152, and DenseNet121.
Interpretable Machine Learning for COVID-19: An Empirical Study on Severity Prediction Task
The black-box nature of machine learning models hinders the deployment of some high-accuracy models in medical diagnosis.
Towards the Quantification of Safety Risks in Deep Neural Networks
In this paper, we define safety risks by requesting the alignment of the network's decision with human perception.
CovidCare: Transferring Knowledge from Existing EMR to Emerging Epidemic for Interpretable Prognosis
Due to the characteristics of COVID-19, the epidemic develops rapidly and overwhelms health service systems worldwide.
AdaCare: Explainable Clinical Health Status Representation Learning via Scale-Adaptive Feature Extraction and Recalibration
It also models the correlation between clinical features to enhance the ones which strongly indicate the health status and thus can maintain a state-of-the-art performance in terms of prediction accuracy while providing qualitative interpretability.
ConCare: Personalized Clinical Feature Embedding via Capturing the Healthcare Context
Predicting the patient's clinical outcome from the historical electronic medical records (EMR) is a fundamental research problem in medical informatics.
Coverage Guided Testing for Recurrent Neural Networks
The test metrics and test case generation algorithm are implemented into a tool TestRNN, which is then evaluated on a set of LSTM benchmarks.
A Survey of Safety and Trustworthiness of Deep Neural Networks: Verification, Testing, Adversarial Attack and Defence, and Interpretability
In the past few years, significant progress has been made on deep neural networks (DNNs) in achieving human-level performance on several long-standing tasks.
A Game-Based Approximate Verification of Deep Neural Networks with Provable Guarantees
In this paper, we study two variants of pointwise robustness, the maximum safe radius problem, which for a given input sample computes the minimum distance to an adversarial example, and the feature robustness problem, which aims to quantify the robustness of individual features to adversarial perturbations.
Reachability Analysis of Deep Neural Networks with Provable Guarantees
Verifying correctness of deep neural networks (DNNs) is challenging.
Concolic Testing for Deep Neural Networks
Concolic testing combines program execution and symbolic analysis to explore the execution paths of a software program.
Global Robustness Evaluation of Deep Neural Networks with Provable Guarantees for the $L_0$ Norm
In this paper we focus on the $L_0$ norm and aim to compute, for a trained DNN and an input, the maximal radius of a safe norm ball around the input within which there are no adversarial examples.
