Search Results for author:
Found 41 papers, 14 papers with code
Gen4D: Synthesizing Humans and Scenes in the Wild
Lack of input data for in-the-wild activities often results in low performance across various computer vision tasks.
AFLoRA: Adaptive Federated Fine-Tuning of Large Language Models with Resource-Aware Low-Rank Adaption
Federated fine-tuning has emerged as a promising approach to adapt foundation models to downstream tasks using decentralized data.
PRUNE: A Patching Based Repair Framework for Certifiable Unlearning of Neural Networks
unlearn) a specific part of the training data from a trained neural network model.
Towards LLM Guardrails via Sparse Representation Steering
By leveraging sparse autoencoding, our approach isolates and adjusts only task-specific sparse feature dimensions, enabling precise and interpretable steering of model behavior while preserving content quality.
Can Small Language Models Reliably Resist Jailbreak Attacks? A Comprehensive Evaluation
Through systematically evaluation on 63 SLMs from 15 mainstream SLM families against 8 state-of-the-art jailbreak methods, we demonstrate that 47. 6% of evaluated SLMs show high susceptibility to jailbreak attacks (ASR > 40%) and 38. 1% of them can not even resist direct harmful query (ASR > 50%).
DiffPatch: Generating Customizable Adversarial Patches using Diffusion Model
However, most existing adversarial patch generation methods prioritize attack effectiveness over stealthiness, resulting in patches that are aesthetically unpleasing.
Hiding Faces in Plain Sight: Defending DeepFakes by Disrupting Face Detection
The motivation stems from the reliance of most DeepFake methods on face detectors to automatically extract victim faces from videos for training or synthesis (testing).
PointNCBW: Towards Dataset Ownership Verification for Point Clouds via Negative Clean-label Backdoor Watermark
We achieve this goal by designing a scalable clean-label backdoor-based dataset watermark for point clouds that ensures both effectiveness and stealthiness.
RedAgent: Red Teaming Large Language Models with Context-aware Autonomous Language Agent
To enable context-aware and efficient red teaming, we abstract and model existing attacks into a coherent concept called "jailbreak strategy" and propose a multi-agent LLM system named RedAgent that leverages these strategies to generate context-aware jailbreak prompts.
Inferring turbulent velocity and temperature fields and their statistics from Lagrangian velocity measurements using physics-informed Kolmogorov-Arnold Networks
This physics-informed machine learning method enables us to infer continuous temperature fields using only sparse velocity data, hence eliminating the need for direct temperature measurements.
Kolmogorov-Arnold Networks
Physics-informed machine learning
Breaking Secure Aggregation: Label Leakage from Aggregated Gradients in Federated Learning
To preset the embeddings and logits of FCL, we craft a fishing model by solely modifying the parameters of a single batch normalization (BN) layer in the original model.
Textual Unlearning Gives a False Sense of Unlearning
Language Models (LMs) are prone to ''memorizing'' training data, including substantial sensitive user information.
Towards Real-world Debiasing: Rethinking Evaluation, Challenge, and Solution
To tackle the problem, we propose a fine-grained framework for analyzing biased distributions, based on which we empirically and theoretically identify key characteristics of biased distributions in the real world that are poorly represented by existing benchmarks.
A Causal Explainable Guardrails for Large Language Models
Large Language Models (LLMs) have shown impressive performance in natural language tasks, but their outputs can exhibit undesirable attributes or biases.
Sora Detector: A Unified Hallucination Detection for Large Text-to-Video Models
Leveraging the state-of-the-art keyframe extraction techniques and multimodal large language models, SoraDetector first evaluates the consistency between extracted video content summary and textual prompts, then constructs static and dynamic knowledge graphs (KGs) from frames to detect hallucination both in single frames and across frames.
SoK: On Gradient Leakage in Federated Learning
However, recent studies have shown that clients' private training data can be reconstructed from shared gradients in FL, a vulnerability known as gradient inversion attacks (GIAs).
Siamese Meets Diffusion Network: SMDNet for Enhanced Change Detection in High-Resolution RS Imagery
This network combines the Siam-U2Net Feature Differential Encoder (SU-FDE) and the denoising diffusion implicit model to improve the accuracy of image edge change detection and enhance the model's robustness under environmental changes.
Byzantine-robust Decentralized Federated Learning via Dual-domain Clustering and Trust Bootstrapping
In this work we propose DFL-Dual a novel Byzantine-robust DFL method through dual-domain client clustering and trust bootstrapping.
Towards Deep Learning Models Resistant to Transfer-based Adversarial Attacks via Data-centric Robust Learning
Instead, a one-shot adversarial augmentation prior to training is sufficient, and we name this new defense paradigm Data-centric Robust Learning (DRL).
SurrogatePrompt: Bypassing the Safety Filter of Text-to-Image Models via Substitution
Evaluation results disclose an 88% success rate in bypassing Midjourney's proprietary safety filter with our attack prompts, leading to the generation of counterfeit images depicting political figures in violent scenarios.
Locate and Verify: A Two-Stream Network for Improved Deepfake Detection
Deepfake has taken the world by storm, triggering a trust crisis.
DFIL: Deepfake Incremental Learning by Exploiting Domain-invariant Forgery Clues
However, the accuracy of detection models degrades significantly on images generated by new deepfake methods due to the difference in data distribution.
A Dual Stealthy Backdoor: From Both Spatial and Frequency Perspectives
Then, to attain strong stealthiness, we incorporate Fourier Transform and Discrete Cosine Transform to mix the poisoned image and clean image in the frequency domain.
Masked Diffusion Models Are Fast Distribution Learners
In the pre-training stage, we propose to mask a high proportion (e. g., up to 90\%) of input images to approximately represent the primer distribution and introduce a masked denoising score matching objective to train a model to denoise visible areas.
Action Recognition with Multi-stream Motion Modeling and Mutual Information Maximization
However, the vanilla Euclidean space is not efficient for modeling important motion characteristics such as the joint-wise angular acceleration, which reveals the driving force behind the motion.
Ranked #16 on
Skeleton Based Action Recognition
on NTU RGB+D 120
Privacy-preserving Adversarial Facial Features
In this paper, we propose an adversarial features-based face privacy protection (AdvFace) approach to generate privacy-preserving adversarial features, which can disrupt the mapping from adversarial features to facial images to defend against reconstruction attacks.
Learning a 3D Morphable Face Reflectance Model from Low-cost Data
This paper proposes the first 3D morphable face reflectance model with spatially varying BRDF using only low-cost publicly-available data.
Counterfactual-based Saliency Map: Towards Visual Contrastive Explanations for Neural Networks
Considering the insufficient study on such complex causal questions, we make the first attempt to explain different causal questions by contrastive explanations in a unified framework, ie., Counterfactual Contrastive Explanation (CCE), which visually and intuitively explains the aforementioned questions via a novel positive-negative saliency-based explanation scheme.
Towards Transferable Targeted Adversarial Examples
In this paper, we propose the Transferable Targeted Adversarial Attack (TTAA), which can capture the distribution information of the target class from both label-wise and feature-wise perspectives, to generate highly transferable targeted adversarial examples.
Towards Fairness-aware Adversarial Network Pruning
Network pruning aims to compress models while minimizing loss in accuracy.
ShadowNeuS: Neural SDF Reconstruction by Shadow Ray Supervision
By supervising shadow rays, we successfully reconstruct a neural SDF of the scene from single-view images under multiple lighting conditions.
Structure-aware Editable Morphable Model for 3D Facial Detail Animation and Manipulation
Previous works on morphable models mostly focus on large-scale facial geometry but ignore facial details.
Vanilla Feature Distillation for Improving the Accuracy-Robustness Trade-Off in Adversarial Training
However, most existing works are still trapped in the dilemma between higher accuracy and stronger robustness since they tend to fit a model towards robust features (not easily tampered with by adversaries) while ignoring those non-robust but highly predictive features.
Portrait Eyeglasses and Shadow Removal by Leveraging 3D Synthetic Data
In this paper, we propose a novel framework to remove eyeglasses as well as their cast shadows from face images.
Fairness-aware Adversarial Perturbation Towards Bias Mitigation for Deployed Deep Models
Prioritizing fairness is of central importance in artificial intelligence (AI) systems, especially for those societal applications, e. g., hiring systems should recommend applicants equally from different demographic groups, and risk assessment systems must eliminate racism in criminal justice.
Deep Understanding based Multi-Document Machine Reading Comprehension
Most existing multi-document machine reading comprehension models mainly focus on understanding the interactions between the input question and documents, but ignore following two kinds of understandings.
Feature Importance-aware Transferable Adversarial Attacks
More specifically, we obtain feature importance by introducing the aggregate gradient, which averages the gradients with respect to feature maps of the source model, computed on a batch of random transforms of the original clean image.
Unsupervised Visual Representation Learning with Increasing Object Shape Bias
(Very early draft)Traditional supervised learning keeps pushing convolution neural network(CNN) achieving state-of-art performance.
advPattern: Physical-World Attacks on Deep Person Re-Identification via Adversarially Transformable Patterns
The results demonstrate that deep re-ID systems are vulnerable to our physical attacks.
Towards a Robust Deep Neural Network in Texts: A Survey
Recently, studies have revealed adversarial examples in the text domain, which could effectively evade various DNN-based text analyzers and further bring the threats of the proliferation of disinformation.
Beyond Inferring Class Representatives: User-Level Privacy Leakage From Federated Learning
Although the state-of-the-art attacking techniques that incorporated the advance of Generative adversarial networks (GANs) could construct class representatives of the global data distribution among all clients, it is still challenging to distinguishably attack a specific client (i. e., user-level privacy leakage), which is a stronger privacy threat to precisely recover the private data from a specific client.
