Search Results for author:
Found 36 papers, 19 papers with code
Understanding Programs by Exploiting (Fuzzing) Test Cases
The effectiveness of the proposed method is verified on two program understanding tasks including code clone detection and code classification, and it outperforms current state-of-the-arts by large margins.
Improving Adversarial Transferability via Intermediate-level Perturbation Decay
In particular, the proposed method, named intermediate-level perturbation decay (ILPD), encourages the intermediate-level perturbation to be in an effective adversarial direction and to possess a great magnitude simultaneously.
CFA: Class-wise Calibrated Fair Adversarial Training
Adversarial training has been widely acknowledged as the most effective method to improve the adversarial robustness against adversarial examples for Deep Neural Networks (DNNs).
Making Substitute Models More Bayesian Can Enhance Transferability of Adversarial Examples
In this paper, by contrast, we opt for the diversity in substitute models and advocate to attack a Bayesian model for achieving desirable transferability.
Texts as Images in Prompt Tuning for Multi-Label Image Recognition
Nonetheless, visual data (e. g., images) is by default prerequisite for learning prompts in existing methods.
When Adversarial Training Meets Vision Transformers: Recipes from Training to Architecture
We find, when randomly masking gradients from some attention blocks or masking perturbations on some patches during adversarial training, the adversarial robustness of ViTs can be remarkably improved, which may potentially open up a line of work to explore the architectural information inside the newly designed models like ViTs.
Squeeze Training for Adversarial Robustness
The vulnerability of deep neural networks (DNNs) to adversarial examples has attracted great attention in the machine learning community.
An Intermediate-level Attack Framework on The Basis of Linear Regression
This paper substantially extends our work published at ECCV, in which an intermediate-level attack was proposed to improve the transferability of some baseline adversarial examples.
On Steering Multi-Annotations per Sample for Multi-Task Learning
Despite the remarkable progress, the challenge of optimally learning different tasks simultaneously remains to be explored.
A Theoretical View of Linear Backpropagation and Its Convergence
This paper serves as a complement and somewhat an extension to Guo et al.'s paper, by providing theoretical analyses on LinBP in neural-network-involved learning tasks including adversarial attack and model training.
Linear Backpropagation Leads to Faster Convergence
In this paper, we study the very recent method called ``linear backpropagation'' (LinBP), which modifies the standard backpropagation and can improve the transferability in black-box adversarial attack.
Membership Inference Attack in Face of Data Transformations
We demonstrated the effectiveness of our attacks by extensive evaluations on multiple common data transformations and comparison with other state-of-the-art attacks.
Robust and Fully-Dynamic Coreset for Continuous-and-Bounded Learning (With Outliers) Problems
In this paper, we propose a novel robust coreset method for the {\em continuous-and-bounded learning} problems (with outliers) which includes a broad range of popular optimization objectives in machine learning, {\em e. g.,} logistic regression and $ k $-means clustering.
Deepfake Forensics via An Adversarial Game
In this paper, we advocate adversarial training for improving the generalization ability to both unseen facial forgeries and unseen image/video qualities.
Recent Advances in Large Margin Learning
This paper serves as a survey of recent advances in large margin training and its theoretical foundations, mostly for (nonlinear) deep neural networks (DNNs) that are probably the most prominent machine learning models for large-scale data in the community over the past decade.
Learned ISTA with Error-based Thresholding for Adaptive Sparse Coding
The learned iterative shrinkage thresholding algorithm (LISTA) introduces deep unfolding models with learnable thresholds in the shrinkage function for sparse coding.
Policy-Driven Attack: Learning to Query for Hard-label Black-box Adversarial Examples
To craft black-box adversarial examples, adversaries need to query the victim model and take proper advantage of its feedback.
Backpropagating Linearly Improves Transferability of Adversarial Examples
The vulnerability of deep neural networks (DNNs) to adversarial examples has drawn great attention from the community.
Practical No-box Adversarial Attacks against DNNs
We propose three mechanisms for training with a very small dataset (on the order of tens of examples) and find that prototypical reconstruction is the most effective.
LID 2020: The Learning from Imperfect Data Challenge Results
The purpose of the Learning from Imperfect Data (LID) workshop is to inspire and facilitate the research in developing novel approaches that would harness the imperfect data and improve the data-efficiency during training.
Yet Another Intermediate-Level Attack
The transferability of adversarial examples across deep neural network (DNN) models is the crux of a spectrum of black-box attacks.
On Connections between Regularizations for Improving DNN Robustness
This paper analyzes regularization terms proposed recently for improving the adversarial robustness of deep neural networks (DNNs), from a theoretical point of view.
Towards Certified Robustness of Distance Metric Learning
Many existing methods consider maximizing or at least constraining a distance margin in the feature space that separates similar and dissimilar pairs of instances to guarantee their generalization ability.
Sparse Coding with Gated Learned ISTA
In this paper, we study the learned iterative shrinkage thresholding algorithm (LISTA) for solving sparse coding problems.
DATA: Differentiable ArchiTecture Approximation
Neural architecture search (NAS) is inherently subject to the gap of architectures during searching and validating.
Adversarial Margin Maximization Networks
The tremendous recent success of deep neural networks (DNNs) has sparked a surge of interest in understanding their predictive ability.
Subspace Attack: Exploiting Promising Subspaces for Query-Efficient Black-box Attacks
Unlike the white-box counterparts that are widely studied and readily accessible, adversarial examples in black-box settings are generally more Herculean on account of the difficulty of estimating gradients.
Differentiable Architecture Search with Ensemble Gumbel-Softmax
For network architecture search (NAS), it is crucial but challenging to simultaneously guarantee both effectiveness and efficiency.
Deep Discriminative Clustering Analysis
Traditional clustering methods often perform clustering with low-level indiscriminative representations and ignore relationships between patterns, resulting in slight achievements in the era of deep learning.
Deep Likelihood Network for Image Restoration with Multiple Degradation Levels
Convolutional neural networks have been proven effective in a variety of image restoration tasks.
Sparse DNNs with Improved Adversarial Robustness
Deep neural networks (DNNs) are computationally/memory-intensive and vulnerable to adversarial attacks, making them prohibitive in some real-world applications.
Deep Defense: Training DNNs with Improved Adversarial Robustness
Despite the efficacy on a variety of computer vision tasks, deep neural networks (DNNs) are vulnerable to adversarial attacks, limiting their applications in security-critical systems.
Physics Inspired Optimization on Semantic Transfer Features: An Alternative Method for Room Layout Estimation
In this paper, we propose an alternative method to estimate room layouts of cluttered indoor scenes.
Network Sketching: Exploiting Binary Structure in Deep CNNs
Convolutional neural networks (CNNs) with deep architectures have substantially advanced the state-of-the-art in computer vision tasks.
Incremental Network Quantization: Towards Lossless CNNs with Low-Precision Weights
The weights in the other group are responsible to compensate for the accuracy loss from the quantization, thus they are the ones to be re-trained.
Dynamic Network Surgery for Efficient DNNs
In this paper, we propose a novel network compression method called dynamic network surgery, which can remarkably reduce the network complexity by making on-the-fly connection pruning.
