Search Results for author:
Found 11 papers, 7 papers with code
DC-SGD: Differentially Private SGD with Dynamic Clipping through Gradient Norm Distribution Estimation
In this paper, we propose Dynamic Clipping DP-SGD (DC-SGD), a framework that leverages differentially private histograms to estimate gradient norm distributions and dynamically adjust the clipping threshold C. Our framework includes two novel mechanisms: DC-SGD-P and DC-SGD-E. DC-SGD-P adjusts the clipping threshold based on a percentile of gradient norms, while DC-SGD-E minimizes the expected squared error of gradients to optimize C. These dynamic adjustments significantly reduce the burden of hyperparameter tuning C. The extensive experiments on various deep learning tasks, including image classification and natural language processing, show that our proposed dynamic algorithms achieve up to 9 times acceleration on hyperparameter tuning than DP-SGD.
Dialogue Injection Attack: Jailbreaking LLMs through Context Manipulation
Our experiments show that DIA achieves state-of-the-art attack success rates on recent LLMs, including Llama-3. 1 and GPT-4o.
R.R.: Unveiling LLM Training Privacy through Recollection and Ranking
In the second stage, we design a new criterion to score each PII candidate and rank them.
Be Cautious When Merging Unfamiliar LLMs: A Phishing Model Capable of Stealing Privacy
Specifically, we propose PhiMM, a privacy attack approach that trains a phishing model capable of stealing privacy using a crafted privacy phishing instruction dataset.
An Inversion-based Measure of Memorization for Diffusion Models
The past few years have witnessed substantial advances in image generation powered by diffusion models.
Exploring ChatGPT's Capabilities on Vulnerability Management
Prior works show that ChatGPT has the capabilities of processing foundational code analysis tasks, such as abstract syntax tree generation, which indicates the potential of using ChatGPT to comprehend code syntax and static behaviors.
LMSanitator: Defending Prompt-Tuning Against Task-Agnostic Backdoors
Instead of directly inverting the triggers, LMSanitator aims to invert the predefined attack vectors (pretrained models' output when the input is embedded with triggers) of the task-agnostic backdoors, which achieves much better convergence performance and backdoor detection accuracy.
DPMLBench: Holistic Evaluation of Differentially Private Machine Learning
We also explore some improvements that can maintain model utility and defend against MIAs more effectively.
Diff-ID: An Explainable Identity Difference Quantification Framework for DeepFake Detection
We then visualize the identity loss between the test and the reference image from the image differences of the aligned pairs, and design a custom metric to quantify the identity loss.
Watch Out for the Confusing Faces: Detecting Face Swapping with the Probability Distribution of Face Identification Models
We reflect this nature with the confusion of a face identification model and measure the confusion with the maximum value of the output probability distribution.
A Robust Scheme for 3D Point Cloud Copy Detection
In this paper, we focus on a fundamental and practical research problem: judging whether a point cloud is plagiarized or copied to another point cloud in the presence of several manipulations (e. g., similarity transformation, smoothing).
