Deep learning has recently been widely applied to many applications across different domains, e.g., image classification and audio recognition. However, the quality of Neural Networks (DNNs) still raises concerns in practical operational environment, which calls for systematic testing, especially safety-critical scenarios. Inspired by software a number structural coverage criteria are designed proposed measure test adequacy DNNs. due blackbox nature DNN, existing difficult interpret, making...

Although Federated Learning (FL) enables collaborative model training without sharing the raw data of clients, it encounters low-performance problems caused by various heterogeneous scenarios. Due to limitation dispatching same global clients for local training, traditional Average (FedAvg)-based FL models face problem easily getting stuck into a sharp solution, which results in model. To address this problem, paper presents novel approach named FedMut, mutates according gradient change...

Recent code large language models (LLMs) have shown promising performance in generating standalone functions. However, they face limitations repository-level generation due to their lack of awareness dependencies ( e.g., user-defined attributes), resulting dependency errors such as undefined-variable and no-member errors. In this work, we introduce ToolGen , an approach that integrates autocompletion tools into the LLM process address these dependencies. comprises two main phases: Trigger...

Although recent personalization methods have democratized high-resolution image synthesis by enabling swift concept acquisition with minimal examples and lightweight computation, they also present an exploitable avenue for highly accessible backdoor attacks. This paper investigates a critical unexplored aspect of text-to-image (T2I) diffusion models - their potential vulnerability to attacks via personalization. By studying the prompt processing popular (epitomized Textual Inversion...

Machine learning (ML) systems have achieved remarkable performance across a wide area of applications. However, they frequently exhibit unfair behaviors in sensitive application domains (e.g., employment and loan), raising severe fairness concerns. To evaluate test fairness, engineers often generate individual discriminatory instances to expose before model deployment. existing baselines ignore the naturalness generation produce that deviate from real data distribution, which may fail reveal...

The systems and software powered by Large Language Models (LLMs) Multi-Modal LLMs (MLLMs) have played a critical role in numerous scenarios. However, current LLM are vulnerable to prompt-based attacks, with jailbreaking attacks enabling the system generate harmful content, while hijacking manipulate perform attacker-desired tasks, underscoring necessity for detection tools. Unfortunately, existing detecting approaches usually tailored specific resulting poor generalization various across...

Recent code large language models (LLMs) have shown promising performance in generating standalone functions but face limitations repository-level generation due to their lack of awareness dependencies (e.g., user-defined attributes), resulting dependency errors such as undefined-variable and no-member errors. In this work, we introduce ToolGen, an approach that integrates autocompletion tools into the LLM process address these dependencies. ToolGen comprises two main phases: Trigger...

Augmented generation techniques such as Retrieval-Augmented Generation (RAG) and Cache-Augmented (CAG) have revolutionized the field by enhancing large language model (LLM) outputs with external knowledge cached information. However, integration of vector databases, which serve a backbone for these augmentations, introduces critical challenges, particularly in ensuring accurate matching. False matching databases can significantly compromise integrity reliability LLM outputs, leading to...

Deep neural networks (DNNs) are vulnerable to adversarial examples where inputs with imperceptible perturbations mislead DNNs incorrect results. Despite the potential risk they bring, also valuable for providing insights into weakness and blind-spots of DNNs. Thus, interpretability a DNN in setting aims explain rationale behind its decision-making process makes deeper understanding which results better practical applications. To address this issue, we try robustness deep models from new...

Segment anything model (SAM) has presented impressive objectness identification capability with the idea of prompt learning and a new collected large-scale dataset. Given (e.g., points, bounding boxes, or masks) an input image, SAM is able to generate valid segment masks for all objects indicated by prompts, presenting high generalization across diverse scenarios being general method zero-shot transfer downstream vision tasks. Nevertheless, it remains unclear whether may introduce errors in...

Fairness issues in Deep Learning models have recently received increasing attention due to their significant societal impact. Although methods for mitigating unfairness are constantly proposed, little research has been conducted understand how discrimination and bias develop during the standard training process. In this study, we propose analyzing contribution of each subgroup (i.e., a group data with same sensitive attribute) process cause such development We gradient-based metric assess...

Deep Neural Networks (DNNs), an emerging software technology, have achieved impressive results in a variety of fields. However, the discriminatory behaviors towards certain groups (a.k.a. unfairness) DNN models increasingly become social concern, especially high-stake applications such as loan approval and criminal risk assessment. Although there has been number works to improve model fairness, most them adopt adversary either expand architecture or augment training data, which introduces...

Deep neural networks (DNNs) are vulnerable to adversarial examples which generated by inputs with imperceptible perturbations. Understanding robustness of DNNs has become an important issue, would for certain result in better practical deep learning applications. To address this we try explain models from a new perspective critical attacking route, is computed gradient-based influence propagation strategy. Similar rumor spreading social networks, believe that noises amplified and propagated...

Large Language Models and Multi-Modal LLMs have become pervasive, so does the importance of their security; yet, modern are known to be vulnerable jailbreaking attacks. These attacks can allow malicious users exploit models, making case for effective jailbreak detection mechanisms an essential aspect maintaining integrity trustworthiness LLM-based applications. However, existing works on limitations. Existing post-query-based strategies require target domain knowledge, pre-query-based...

This paper aims to analyze knowledge consistency between pre-trained deep neural networks. We propose a generic definition for networks at different fuzziness levels. A task-agnostic method is designed disentangle feature components, which represent the consistent knowledge, from raw intermediate-layer features of each network. As tool, our can be broadly used applications. In preliminary experiments, we have as tool diagnose representations Knowledge provides new insights explain success...

Deep neural networks (DNNs) have made significant progress, but often suffer from fairness issues, as deep models typically show distinct accuracy differences among certain subgroups (e.g., males and females). Existing research addresses this critical issue by employing fairness-aware loss functions to constrain the last-layer outputs directly regularize DNNs. Although of DNNs is improved, it unclear how trained network makes a fair prediction, which limits future improvements. In paper, we...

The abuse of deepfake techniques has raised serious concerns about social security and ethical problems, which motivates the development detection. However, without fully addressing domain gap issue, existing detection methods still show weak generalization ability among datasets belonging to different domains with domain-specific characteristics like identities generation methods, limiting their practical applications. In this paper, we propose <italic...

Mainstream backdoor attack methods typically demand substantial tuning data for poisoning, limiting their practicality and potentially degrading the overall performance when applied to Large Language Models (LLMs). To address these issues, first time, we formulate injection as a lightweight knowledge editing problem, introduce BadEdit framework. directly alters LLM parameters incorporate backdoors with an efficient technique. It boasts superiority over existing techniques in several areas:...

The main objective of our study is to explore the associations between combined exposure urinary heavy metals and high remnant cholesterol (HRC), a known cardiovascular risk factor. Utilizing data from National Health Nutrition Examination Survey (NHANES) 1999 2018, we conducted cross-sectional analysis 5690 participants, assessing concentrations ten metals. Ten in urine were measured by inductively coupled plasma mass spectrometry (ICP-MS). Fasting residual ≥0.8 mmol/L was defined as HRC...

Deep Neural Networks (DNNs) have achieved tremendous success in many applications, while it has been demonstrated that DNNs can exhibit some undesirable behaviors on concerns such as robustness, privacy, and other trustworthiness issues. Among them, fairness (i.e., non-discrimination) is one important property, especially when they are applied to sensitive applications (e.g., finance employment). However, easily learn spurious correlations between protected attributes age, gender, race) the...