A5102775611- Adversarial Robustness in Machine Learning
- Advanced Neural Network Applications
- Anomaly Detection Techniques and Applications
- Domain Adaptation and Few-Shot Learning
- Natural Language Processing Techniques
- Topic Modeling
- Integrated Circuits and Semiconductor Failure Analysis
- Advanced Malware Detection Techniques
- Generative Adversarial Networks and Image Synthesis
- Sparse and Compressive Sensing Techniques
- Advanced Image and Video Retrieval Techniques
- Stochastic Gradient Optimization Techniques
- Privacy-Preserving Technologies in Data
- Vestibular and auditory disorders
- COVID-19 diagnosis using AI
- Neural Networks and Applications
- Explainable Artificial Intelligence (XAI)
- Advanced Graph Neural Networks
- Cryptography and Data Security
- Speech and dialogue systems
- Digital Media Forensic Detection
- Autonomous Vehicle Technology and Safety
- Model Reduction and Neural Networks
- Multimodal Machine Learning Applications
- Network Security and Intrusion Detection
Drexel University
2022-2024
Wenzhou University
2024
Northwestern Polytechnical University
2024
University of California, Irvine
2023
Henan University of Science and Technology
2023
Universidad del Noreste
2019-2021
Chinese Academy of Sciences
2021
Institute of Computing Technology
2021
Tianjin First Center Hospital
2016-2020
Tianjin Medical University
2016-2020
Graph neural networks (GNNs) which apply the deep to graph data have achieved significant performance for task of semi-supervised node classification. However, only few work has addressed adversarial robustness GNNs. In this paper, we first present a novel gradient-based attack method that facilitates difficulty tackling discrete data. When comparing current attacks on GNNs, results show by perturbing small number edge perturbations, including addition and deletion, our optimization-based...
Large language models (LLMs), exemplified by ChatGPT, have gained considerable attention for their excellent natural processing capabilities. Nonetheless, these LLMs present many challenges, particularly in the realm of trustworthiness. Therefore, ensuring trustworthiness emerges as an important topic. This paper introduces TrustLLM, a comprehensive study LLMs, including principles different dimensions trustworthiness, established benchmark, evaluation, and analysis mainstream discussion...
It is well known that deep neural networks (DNNs) are vulnerable to adversarial attacks, which implemented by adding crafted perturbations onto benign examples. Min-max robust optimization based training can provide a notion of security against attacks. However, robustness requires significantly larger capacity the network than for natural with only This paper proposes framework concurrent and weight pruning enables model compression while still preserving essentially tackles dilemma...
When generating adversarial examples to attack deep neural networks (DNNs), Lp norm of the added perturbation is usually used measure similarity between original image and example. However, such attacks perturbing raw input spaces may fail capture structural information hidden in input. This work develops a more general model, i.e., structured (StrAttack), which explores group sparsity perturbations by sliding mask through images aiming for extracting key spatial structures. An ADMM...
Deep neural networks (DNNs), as the basis of object detection, will play a key role in development future autonomous systems with full autonomy. The have special requirements real-time, energy-e cient implementations DNNs on power-budgeted system. Two research thrusts are dedicated to per- formance and energy e ciency enhancement inference phase DNNs. first one is model compression techniques while second hardware implementations. Recent researches extremely-low-bit CNNs such binary network...
Linear relaxation based perturbation analysis (LiRPA) for neural networks, which computes provable linear bounds of output neurons given a certain amount input perturbation, has become core component in robustness verification and certified defense. The majority LiRPA-based methods focus on simple feed-forward networks need particular manual derivations implementations when extended to other architectures. In this paper, we develop an automatic framework enable any network structures, by...
Graph neural networks (GNNs) which apply the deep to graph data have achieved significant performance for task of semi-supervised node classification. However, only few work has addressed adversarial robustness GNNs. In this paper, we first present a novel gradient-based attack method that facilitates difficulty tackling discrete data. When comparing current attacks on GNNs, results show by perturbing small number edge perturbations, including addition and deletion, our optimization-based...
Large Language Models (LLMs), such as ChatGPT and Bard, have revolutionized natural language understanding generation. They possess deep comprehension, human-like text generation capabilities, contextual awareness, robust problem-solving skills, making them invaluable in various domains (e.g., search engines, customer support, translation). In the meantime, LLMs also gained traction security community, revealing vulnerabilities showcasing their potential security-related tasks. This paper...
Robust machine learning is currently one of the most prominent topics which could potentially help shaping a future advanced AI platforms that not only perform well in average cases but also worst or adverse situations. Despite long-term vision, however, existing studies on black-box adversarial attacks are still restricted to very specific settings threat models (e.g., single distortion metric and restrictive assumption target model's feedback queries) and/or suffer from prohibitively high...
Large Language Models (LLMs) demonstrate remarkable zero-shot performance across various natural language processing tasks. The integration of multimodal encoders extends their capabilities, enabling the development Multimodal that process vision, audio, and text. However, these capabilities also raise significant security concerns, as models can be manipulated to generate harmful or inappropriate content through jailbreak. While extensive research explores impact modality-specific input...
Although Large Language Models (LLMs) succeed in human-guided conversations such as instruction following and question answering, the potential of LLM-guided conversations-where LLMs direct discourse steer conversation's objectives-remains under-explored. In this study, we first characterize conversation into three fundamental components: (i) Goal Navigation; (ii) Context Management; (iii) Empathetic Engagement, propose GuideLLM an installation. We then implement interviewing environment for...
Mixture of Experts (MoE) have shown remarkable success in leveraging specialized expert networks for complex machine learning tasks. However, their susceptibility to adversarial attacks presents a critical challenge deployment robust applications. This paper addresses the question how incorporate robustness into MoEs while maintaining high natural accuracy. We begin by analyzing vulnerability MoE components, finding that are notably more susceptible than router. Based on this insight, we...
Advancements in Large Language Models (LLMs) and their increasing use medical question-answering necessitate rigorous evaluation of reliability. A critical challenge lies hallucination, where models generate plausible yet factually incorrect outputs. In the domain, this poses serious risks to patient safety clinical decision-making. To address this, we introduce MedHallu, first benchmark specifically designed for hallucination detection. MedHallu comprises 10,000 high-quality question-answer...
Recently, many graph based hashing methods have been emerged to tackle large-scale problems. However, there exists two major bottlenecks: (1) directly learning discrete codes is an NP-hardoptimization problem; (2) the complexity of both storage and computational time build a with n data points O(n2). To address these problems, in this paper, we propose novel yetsimple supervised method, asymmetric hashing, by preserving constraint building affinity matrix learn compact binary...
It is widely known that convolutional neural networks (CNNs) are vulnerable to adversarial examples: images with imperceptible perturbations crafted fool classifiers. However, interpretability of these less explored in the literature. This work aims better understand roles and provide visual explanations from pixel, image network perspectives. We show adversaries have a promotion-suppression effect (PSE) on neurons' activations can be primarily categorized into three types: i)...
Deep neural networks (DNNs) although achieving human-level performance in many domains, have very large model size that hinders their broader applications on edge computing devices. Extensive research work been conducted DNN compression or pruning. However, most of the previous took heuristic approaches. This proposes a progressive weight pruning approach based ADMM (Alternating Direction Method Multipliers), powerful technique to deal with non-convex optimization problems potentially...
Bound propagation methods, when combined with branch and bound, are among the most effective methods to formally verify properties of deep neural networks such as correctness, robustness, safety. However, existing works cannot handle general form cutting plane constraints widely accepted in traditional solvers, which crucial for strengthening verifiers tightened convex relaxations. In this paper, we generalize bound procedure allow addition arbitrary constraints, including those involving...
Diffusion-based generative models have shown great potential for image synthesis, but there is a lack of research on the security and privacy risks they may pose. In this paper, we investigate vulnerability diffusion to Membership Inference Attacks (MIAs), common concern. Our results indicate that existing MIAs designed GANs or VAE are largely ineffective models, either due inapplicable scenarios (e.g., requiring discriminator GANs) inappropriate assumptions closer distances between...
Although deep neural networks (DNNs) have achieved a great success in various computer vision tasks, it is recently found that they are vulnerable to adversarial attacks. In this paper, we focus on the so-called \textit{backdoor attack}, which injects backdoor trigger small portion of training data (also known as poisoning) such trained DNN induces misclassification while facing examples with trigger. To be specific, carefully study effect both real and synthetic attacks internal response...