Search Results for author:
Found 20 papers, 2 papers with code
AdapterFL: Adaptive Heterogeneous Federated Learning for Resource-constrained Mobile Computing Systems
On the one hand, to achieve model training in all the diverse clients, mobile computing systems can only use small low-performance models for collaborative learning.
Protect Federated Learning Against Backdoor Attacks via Data-Free Trigger Generation
By using these trigger images, our approach eliminates poisoned models to ensure the updated global model is benign.
Towards Better Fairness-Utility Trade-off: A Comprehensive Measurement-Based Reinforcement Learning Framework
The results demonstrate that CFU can improve the classifier on multiple fairness metrics without sacrificing its utility.
On the Robustness of Segment Anything
Second, we extend representative adversarial attacks against SAM and study the influence of different prompts on robustness.
Architecture-agnostic Iterative Black-box Certified Defense against Adversarial Patches
The adversarial patch attack aims to fool image classifiers within a bounded, contiguous region of arbitrary changes, posing a real threat to computer vision systems (e. g., autonomous driving, content moderation, biometric authentication, medical imaging) in the physical world.
Zero-Day Backdoor Attack against Text-to-Image Diffusion Models via Personalization
Although recent personalization methods have democratized high-resolution image synthesis by enabling swift concept acquisition with minimal examples and lightweight computation, they also present an exploitable avenue for high accessible backdoor attacks.
FedMR: Federated Learning via Model Recombination
Although Federated Learning (FL) enables global model training across clients without compromising their raw data, existing Federated Averaging (FedAvg)-based methods suffer from the problem of low inference performance, especially for unevenly distributed data among clients.
Evading DeepFake Detectors via Adversarial Statistical Consistency
Second, we find that the statistical differences between natural and DeepFake images are positively associated with the distribution shifting between the two kinds of images, and we propose to use a distribution-aware loss to guide the optimization of different degradations.
GitFL: Adaptive Asynchronous Federated Learning using Version Control
Unlike traditional FL, the cloud server of GitFL maintains a master model (i. e., the global model) together with a set of branch models indicating the trained local models committed by selected devices, where the master model is updated based on both all the pushed branch models and their version information, and only the branch models after the pull operation are dispatched to devices.
FedCross: Towards Accurate Federated Learning via Multi-Model Cross Aggregation
Due to the remarkable performance in preserving data privacy for decentralized data scenarios, Federated Learning (FL) has been considered as a promising distributed machine learning paradigm to deal with data silos problems.
Masked Faces with Faced Masks
Modern face recognition systems (FRS) still fall short when the subjects are wearing facial masks, a common theme in the age of respiratory pandemics.
ALA: Naturalness-aware Adversarial Lightness Attack
To obtain adversarial examples with a high attack success rate, we propose unconstrained enhancement in terms of the light and shade relationship in images.
Natural & Adversarial Bokeh Rendering via Circle-of-Confusion Predictive Network
Bokeh effect is a natural shallow depth-of-field phenomenon that blurs the out-of-focus part in photography.
AdvFilter: Predictive Perturbation-aware Filtering against Adversarial Attack via Multi-domain Learning
To this end, we first comprehensively investigate two kinds of pixel denoising methods for adversarial robustness enhancement (i. e., existing additive-based and unexplored filtering-based methods) under the loss functions of image-level and semantic-level, respectively, showing that pixel-wise filtering can obtain much higher image quality (e. g., higher PSNR) as well as higher robustness (e. g., higher accuracy on adversarial examples) than existing pixel-wise additive-based method.
Countering Malicious DeepFakes: Survey, Battleground, and Horizon
To fill this gap, in this paper, we provide a comprehensive overview and detailed analysis of the research work on the topic of DeepFake generation, DeepFake detection as well as evasion of DeepFake detection, with more than 318 research papers carefully surveyed.
Dodging DeepFake Detection via Implicit Spatial-Domain Notch Filtering
We first demonstrate that frequency-domain notch filtering, although famously shown to be effective in removing periodic noise in the spatial domain, is infeasible for our task at hand due to the manual designs required for the notch filters.
FakePolisher: Making DeepFakes More Detection-Evasive by Shallow Reconstruction
At this moment, GAN-based image generation methods are still imperfect, whose upsampling design has limitations in leaving some certain artifact patterns in the synthesized image.
FakeLocator: Robust Localization of GAN-Based Face Manipulations
In this work, we investigate the architecture of existing GAN-based face manipulation methods and observe that the imperfection of upsampling methods therewithin could be served as an important asset for GAN-synthesized fake image detection and forgery localization.
Amora: Black-box Adversarial Morphing Attack
In this paper, we investigate and introduce a new type of adversarial attack to evade FR systems by manipulating facial content, called \textbf{\underline{a}dversarial \underline{mor}phing \underline{a}ttack} (a. k. a.
FakeSpotter: A Simple yet Robust Baseline for Spotting AI-Synthesized Fake Faces
In recent years, generative adversarial networks (GANs) and its variants have achieved unprecedented success in image synthesis.
