Search Results for author:
Found 22 papers, 8 papers with code
TOPIC: A Parallel Association Paradigm for Multi-Object Tracking under Complex Motions and Diverse Scenes
Existing trackers can be categorized into two association paradigms: single-feature paradigm (based on either motion or appearance feature) and serial paradigm (one feature serves as secondary while the other is primary).
FedRecover: Recovering from Poisoning Attacks in Federated Learning using Historical Information
Existing defenses focus on preventing a small number of malicious clients from poisoning the global model via robust federated learning methods and detecting malicious clients when there are a large number of them.
FLCert: Provably Secure Federated Learning against Poisoning Attacks
Our key idea is to divide the clients into groups, learn a global model for each group of clients using any existing federated learning method, and take a majority vote among the global models to classify a test input.
FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients
FLDetector aims to detect and remove the majority of the malicious clients such that a Byzantine-robust FL method can learn an accurate global model using the remaining clients.
A dataset of ant colonies motion trajectories in indoor and outdoor scenes for social cluster behavior study
Motion and interaction of social insects (such as ants) have been studied by many researchers to understand the clustering mechanism.
MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients
Specifically, we assume the attacker injects fake clients to a federated learning system and sends carefully crafted fake local model updates to the cloud server during training, such that the learnt global model has low accuracy for many indiscriminate test inputs.
FaceGuard: Proactive Deepfake Detection
A key limitation of passive detection is that it cannot detect fake faces that are generated by new deepfake generation methods.
IGrow: A Smart Agriculture Solution to Autonomous Greenhouse Control
However, the optimal control of autonomous greenhouses is challenging, requiring decision-making based on high-dimensional sensory data, and the scaling of production is limited by the scarcity of labor capable of handling this task.
Understanding the Security of Deepfake Detection
Existing studies mainly focused on improving the detection performance in non-adversarial settings, leaving security of deepfake detection in adversarial settings largely unexplored.
Provably Secure Federated Learning against Malicious Clients
We show that our ensemble federated learning with any base federated learning algorithm is provably secure against malicious clients.
FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping
Finally, the service provider computes the average of the normalized local model updates weighted by their trust scores as a global model update, which is used to update the global model.
Certified Robustness of Nearest Neighbors against Data Poisoning and Backdoor Attacks
Moreover, our evaluation results on MNIST and CIFAR10 show that the intrinsic certified robustness guarantees of kNN and rNN outperform those provided by state-of-the-art certified defenses.
Almost Tight L0-norm Certified Robustness of Top-k Predictions against Adversarial Perturbations
For instance, our method can build a classifier that achieves a certified top-3 accuracy of 69. 2\% on ImageNet when an attacker can arbitrarily perturb 5 pixels of a testing image.
Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation
Specifically, we prove the certified robustness guarantee of any GNN for both node and graph classifications against structural perturbation.
Cryptography and Security
Intrinsic Certified Robustness of Bagging against Data Poisoning Attacks
Specifically, we show that bagging with an arbitrary base learning algorithm provably predicts the same label for a testing example when the number of modified, deleted, and/or inserted training examples is bounded by a threshold.
On Certifying Robustness against Backdoor Attacks via Randomized Smoothing
Specifically, in this work, we study the feasibility and effectiveness of certifying robustness against backdoor attacks using a recent technique called randomized smoothing.
Certified Robustness of Community Detection against Adversarial Structural Perturbation via Randomized Smoothing
However, several recent studies showed that community detection is vulnerable to adversarial structural perturbation.
Certified Robustness for Top-k Predictions against Adversarial Perturbations via Randomized Smoothing
For example, our method can obtain an ImageNet classifier with a certified top-5 accuracy of 62. 8\% when the $\ell_2$-norms of the adversarial perturbations are less than 0. 5 (=127/255).
Local Model Poisoning Attacks to Byzantine-Robust Federated Learning
Our empirical results on four real-world datasets show that our attacks can substantially increase the error rates of the models learnt by the federated learning methods that were claimed to be robust against Byzantine failures of some client devices.
Data Poisoning Attacks to Local Differential Privacy Protocols
Local Differential Privacy (LDP) protocols enable an untrusted data collector to perform privacy-preserving data analytics.
Data Poisoning
Cryptography and Security
Distributed, Parallel, and Cluster Computing
IPGuard: Protecting Intellectual Property of Deep Neural Networks via Fingerprinting the Classification Boundary
Our key observation is that a DNN classifier can be uniquely represented by its classification boundary.
Mitigating Evasion Attacks to Deep Neural Networks via Region-based Classification
Our key observation is that adversarial examples are close to the classification boundary.
