Search Results for author:
Found 25 papers, 3 papers with code
Unlearning Backdoor Threats: Enhancing Backdoor Defense in Multimodal Contrastive Learning via Local Token Unlearning
In this paper, we explore the possibility of a less-cost defense from the perspective of model unlearning, that is, whether the model can be made to quickly \textbf{u}nlearn \textbf{b}ackdoor \textbf{t}hreats (UBT) by constructing a small set of poisoned samples.
Object Detectors in the Open Environment: Challenges, Solutions, and Outlook
This paper aims to bridge this gap by conducting a comprehensive review and analysis of object detectors in open environments.
Semantic Mirror Jailbreak: Genetic Algorithm Based Jailbreak Prompts Against Open-source LLMs
Large Language Models (LLMs), used in creative writing, code generation, and translation, generate text based on input sequences but are vulnerable to jailbreak attacks, where crafted prompts induce harmful outputs.
VL-Trojan: Multimodal Instruction Backdoor Attacks against Autoregressive Visual Language Models
Nevertheless, the frozen visual encoder in autoregressive VLMs imposes constraints on the learning of conventional image triggers.
Domain Bridge: Generative model-based domain forensic for black-box models
In forensic investigations of machine learning models, techniques that determine a model's data domain play an essential role, with prior work relying on large-scale corpora like ImageNet to approximate the target model's domain.
BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning
This paper reveals the threats in this practical scenario that backdoor attacks can remain effective even after defenses and introduces the \emph{\toolns} attack, which is resistant to backdoor detection and model fine-tuning defenses.
Improving Adversarial Transferability by Stable Diffusion
Various techniques have emerged to enhance the transferability of adversarial attacks for the black-box scenario.
Using Large Language Models for Cybersecurity Capture-The-Flag Challenges and Certification Questions
This research investigates the effectiveness of LLMs, particularly in the realm of CTF challenges and questions.
Adaptive Attractors: A Defense Strategy against ML Adversarial Collusion Attacks
This induces different adversarial regions in different copies, making adversarial samples generated on one copy not replicable on others.
Finding Meaningful Distributions of ML Black-boxes under Forensic Investigation
Our goal is to select a set of samples from the corpus for the given model.
Tracing the Origin of Adversarial Attack for Forensic Investigation and Deterrence
In this paper, we take the role of investigators who want to trace the attack and identify the source, that is, the particular model which the adversarial examples are generated from.
Purifier: Defending Data Inference Attacks via Transforming Confidence Scores
Besides, our further experiments show that PURIFIER is also effective in defending adversarial model inversion attacks and attribute inference attacks.
Projecting Non-Fungible Token (NFT) Collections: A Contextual Generative Approach
In this paper, we want to obtain a generative model that, given the early transactions history (first quarter Q1) of a newly minted collection, generates subsequent transactions (quarters Q2, Q3, Q4), where the generative model is trained using the transaction history of a few mature collections.
Mitigating Adversarial Attacks by Distributing Different Copies to Different Users
We point out that by distributing different copies of the model to different buyers, we can mitigate the attack such that adversarial samples found on one copy would not work on another copy.
Filtering DDoS Attacks from Unlabeled Network Traffic Data Using Online Deep Learning
We also introduce a machine learning optimization problem that aims to sift out the attacks using ${\mathcal N}$ and ${\mathcal M}$.
SHADOWCAST: Controllable Graph Generation with Explainability
We introduce the problem of explaining graph generation, formulated as controlling the generative process to produce desired graphs with explainable structures.
SHADOWCAST: Controllable Graph Generation
Given an observed graph and some user-specified Markov model parameters, ${\rm S{\small HADOW}C{\small AST}}$ controls the conditions to generate desired graphs.
Defending Model Inversion and Membership Inference Attacks via Prediction Purification
Neural networks are susceptible to data inference attacks such as the model inversion attack and the membership inference attack, where the attacker could infer the reconstruction and the membership of a data sample from the confidence scores predicted by the target classifier.
Enhancing Transformation-Based Defenses Against Adversarial Attacks with a Distribution Classifier
Furthermore, on the adversarial counterparts, with the image transformation, the resulting shapes of the distribution of softmax are similar to the distributions from the clean images.
Confusing and Detecting ML Adversarial Attacks with Injected Attractors
Many machine learning adversarial attacks find adversarial samples of a victim model ${\mathcal M}$ by following the gradient of some attack objective functions, either explicitly or implicitly.
Effectiveness of Distillation Attack and Countermeasure on Neural Network Watermarking
In this paper, we show that distillation, a widely used transformation technique, is a quite effective attack to remove watermark embedded by existing algorithms.
Enhancing Transformation-based Defenses using a Distribution Classifier
Furthermore, on the adversarial counterparts, with the image transformation, the resulting shapes of the distribution of softmax are similar to the distributions from the clean images.
Adversarial Neural Network Inversion via Auxiliary Knowledge Alignment
In this work, we investigate the model inversion problem in the adversarial settings, where the adversary aims at inferring information about the target model's training data and test data from the model's prediction values.
Towards Scaling Blockchain Systems via Sharding
In this work, we take a principled approach to apply sharding, which is a well-studied and proven technique to scale out databases, to blockchain systems in order to improve their transaction throughput at scale.
Distributed, Parallel, and Cluster Computing Cryptography and Security Databases
Flipped-Adversarial AutoEncoders
We propose a flipped-Adversarial AutoEncoder (FAAE) that simultaneously trains a generative model G that maps an arbitrary latent code distribution to a data distribution and an encoder E that embodies an "inverse mapping" that encodes a data sample into a latent code vector.
