Search Results for author:
Found 22 papers, 5 papers with code
THEMIS: Towards Practical Intellectual Property Protection for Post-Deployment On-Device Deep Learning Models
On-device deep learning (DL) has rapidly gained adoption in mobile apps, offering the benefits of offline model inference and user privacy preservation over cloud-based approaches.
FedMobile: Enabling Knowledge Contribution-aware Multi-modal Federated Learning with Incomplete Modalities
The Web of Things (WoT) enhances interoperability across web-based and ubiquitous computing platforms while complementing existing IoT standards.
GRID: Protecting Training Graph from Link Stealing Attacks on GNN Models
Our crafted noises can ensure 1) the noisy prediction vectors of any two adjacent nodes have their similarity level like that of two non-adjacent nodes and 2) the model prediction is unchanged to ensure zero utility loss.
Arondight: Red Teaming Large Vision Language Models with Auto-generated Multi-modal Jailbreak Prompts
Our framework features an automated multi-modal jailbreak attack, wherein visual jailbreak prompts are produced by a red team VLM, and textual prompts are generated by a red team LLM guided by a reinforcement learning agent.
BadSampler: Harnessing the Power of Catastrophic Forgetting to Poison Byzantine-robust Federated Learning
To fill this gap, we first formally define generalization error and establish its connection to catastrophic forgetting, paving the way for the development of a clean-label data poisoning attack named BadSampler.
Security and Privacy of 6G Federated Learning-enabled Dynamic Spectrum Sharing
In this context, federated learning (FL)-enabled spectrum sensing technology has garnered wide attention, allowing for the construction of an aggregated ML model without disclosing the private spectrum sensing information of wireless user devices.
NAP^2: A Benchmark for Naturalness and Privacy-Preserving Text Rewriting by Learning from Human
Increasing concerns about privacy leakage issues in academia and industry arise when employing NLP models from third-party providers to process sensitive texts.
Dynamic Graph Unlearning: A General and Efficient Post-Processing Method via Gradient Transformation
Dynamic graph neural networks (DGNNs) have emerged and been widely deployed in various web applications (e. g., Reddit) to serve users (e. g., personalized content delivery) due to their remarkable ability to learn from complex and dynamic user interaction data.
GraphGuard: Detecting and Counteracting Training Data Misuse in Graph Neural Networks
These limitations call for an effective and comprehensive solution that detects and mitigates data misuse without requiring exact training data while respecting the proprietary nature of such data.
RAI4IoE: Responsible AI for Enabling the Internet of Energy
This paper plans to develop an Equitable and Responsible AI framework with enabling techniques and algorithms for the Internet of Energy (IoE), in short, RAI4IoE.
Training-free Lexical Backdoor Attacks on Language Models
In this work, we propose Training-Free Lexical Backdoor Attack (TFLexAttack) as the first training-free backdoor attack on language models.
Unraveling Privacy Risks of Individual Fairness in Graph Neural Networks
In this paper, we pioneer the exploration of the interaction between the privacy risks of edge leakage and the individual fairness of a GNN.
Trustworthy Graph Neural Networks: Aspects, Methods and Trends
Graph neural networks (GNNs) have emerged as a series of competent graph learning methods for diverse real-world scenarios, ranging from daily applications like recommendation systems and question answering to cutting-edge technologies such as drug discovery in life sciences and n-body simulation in astrophysics.
The Right to be Forgotten in Federated Learning: An Efficient Realization with Rapid Retraining
Existing machine unlearning techniques focus on centralized training, where access to all holders' training data is a must for the server to conduct the unlearning process.
Projective Ranking-based GNN Evasion Attacks
By projecting the strategy, our method dramatically minimizes the cost of learning a new attack strategy when the attack budget changes.
Aggregation Service for Federated Learning: An Efficient, Secure, and More Resilient Realization
In this paper, we present a system design which offers efficient protection of individual model updates throughout the learning procedure, allowing clients to only provide obscured model updates while a cloud server can still perform the aggregation.
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications
We present and implement two types of attacks, i. e., training-based attacks and threshold-based attacks from different adversarial capabilities.
Poisoning Semi-supervised Federated Learning via Unlabeled Data: Attacks and Defenses
Extensive case studies have shown that our attacks are effective on different datasets and common semi-supervised learning methods.
Model Extraction Attacks on Graph Neural Networks: Taxonomy and Realization
Machine learning models are shown to face a severe threat from Model Extraction Attacks, where a well-trained private model owned by a service provider can be stolen by an attacker pretending as a client.
Federated Learning for 6G Communications: Challenges, Methods, and Future Directions
As the 5G communication networks are being widely deployed worldwide, both industry and academia have started to move beyond 5G and explore 6G communications.
Enabling Efficient Privacy-Assured Outlier Detection over Encrypted Incremental Datasets
It realises several cryptographic modules via efficient and interchangeable protocols to support the above cryptographic operations and composes them in the overall protocol to enable outlier detection over encrypted datasets.
Defeating Misclassification Attacks Against Transfer Learning
To avoid the bloated ensemble size during inference, we propose a two-phase defence, in which inference from the Student model is firstly performed to narrow down the candidate differentiators to be assembled, and later only a small, fixed number of them can be chosen to validate clean or reject adversarial inputs effectively.
