检索结果-内蒙古大学图书馆

Breaking Barriers in Physical-World Adversarial Examples: Improving Robustness and Transferability via Robust Feature

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Wang, Yichen Chou, Yuxuan Zhou, Ziqi Zhang, Hangtao Wan, Wei Hu, Shengshan Li, Minghui National Engineering Research Center for Big Data Technology and System China Services Computing Technology and System Lab China Cluster and Grid Computing Lab China Hubei Engineering Research Center on Big Data Security China Hubei Key Laboratory of Distributed System Security China School of Cyber Science and Engineering Huazhong University of Science and Technology China School of Computer Science and Technology Huazhong University of Science and Technology China School of School of Software Engineering Huazhong University of Science and Technology China

As deep neural networks (DNNs) are widely applied in the physical world, many researches are focusing on physical-world adversarial examples (PAEs), which introduce perturbations to inputs and cause the model’s incorrect outputs. However, existing PAEs face two challenges: unsatisfactory attack performance (i.e., poor transferability and insufficient robustness to environment conditions), and difficulty in balancing attack effectiveness with stealthiness, where better attack effectiveness often makes PAEs more perceptible. In this paper, we explore a novel perturbation-based method to overcome the challenges. For the first challenge, we introduce a strategy Deceptive RF injection based on robust features (RFs) that are predictive, robust to perturbations, and consistent across different models. Specifically, it improves the transferability and robustness of PAEs by covering RFs of other classes onto the predictive features in clean images. For the second challenge, we introduce another strategy Adversarial Semantic Pattern Minimization, which removes most perturbations and retains only essential adversarial patterns in AEs. Based on the two strategies, we design our method Robust Feature Coverage Attack (RFCoA), comprising Robust Feature Disentanglement and Adversarial Feature Fusion. In the first stage, we extract target class RFs in feature space. In the second stage, we use attention-based feature fusion to overlay these RFs onto predictive features of clean images and remove unnecessary perturbations. Experiments show our method’s superior transferability, robustness, and stealthiness compared to existing state-of-the-art methods. Additionally, our method’s effectiveness can extend to Large Vision-Language Models (LVLMs), indicating its potential applicability to more complex tasks. Copyright © 2024, The Authors. All rights reserved.

关键词： Deep neural networks

Distributed Traffic engineering in Hybrid Software Defined Networks: A Multi-agent Reinforcement Learning Framework

学校读者我要写书评

暂无评论

arXiv 2023年

作者： Guo, Yingya Tang, Qi Ma, Yulong Tian, Han Chen, Kai The College of Computer and Data Science Fuzhou University China The Fujian Provincial Key Laboratory of Network Computing and Intelligent Information Processing Fuzhou University China The Key Laboratory of Spatial Data Mining & Information Sharing Ministry of Education Fujian 350003 China The Department of Computer Science & Engineering Hong Kong University of Science & Technology Hong Kong

Traffic engineering (TE) is an efficient technique to balance network flows and thus improves the performance of a hybrid Software Defined Network (SDN). Previous TE solutions mainly leverage heuristic algorithms to centrally optimize link weight setting or traffic splitting ratios under the static traffic demand. Note that as the network scale becomes larger and network management gains more complexity, it is notably that the centralized TE methods suffer from a high computation overhead and a long reaction time to optimize routing of flows when the network traffic demand dynamically fluctuates or network failures happen. To enable adaptive and efficient routing in TE, we propose a Multi-agent Reinforcement Learning method CMRL that divides the routing optimization of a large network into multiple small-scale routing decision-making problems. To coordinate the multiple agents for achieving a global optimization goal, we construct an interactive environment for training the routing agents that own partial link utilization observations. To optimize credit assignment of multi-agent, we introduce the difference reward assignment mechanism for encouraging agents to take better action. Extensive simulations conducted on the real traffic traces demonstrate the superiority of CMRL in improving TE performance, especially when traffic demands change or network failures happen. Copyright © 2023, The Authors. All rights reserved.

关键词： Global optimization

BADROBOT: JAILBREAKING EMBODIED LLMS IN THE PHYSICAL WORLD

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Zhang, Hangtao Zhu, Chenyu Wang, Xianlong Zhou, Ziqi Yin, Changgan Li, Minghui Xue, Lulu Wang, Yichen Hu, Shengshan Liu, Aishan Guo, Peijin Zhang, Leo Yu National Engineering Research Center for Big Data Technology and System China Services Computing Technology and System Lab China Cluster and Grid Computing Lab China Hubei Engineering Research Center on Big Data Security China Hubei Key Laboratory of Distributed System Security China Beihang University China School of Cyber Science and Engineering Huazhong University of Science and Technology China School of Software Engineering Huazhong University of Science and Technology China School of Information and Communication Technology Griffith University Australia

Embodied AI represents systems where AI is integrated into physical entities. Large Language Model (LLM), which exhibits powerful language understanding abilities, has been extensively employed in embodied AI by facilitating sophisticated task planning. However, a critical safety issue remains overlooked: could these embodied LLMs perpetrate harmful behaviors? In response, we introduce BADROBOT, a novel attack paradigm aiming to make embodied LLMs violate safety and ethical constraints through typical voice-based user-system interactions. Specifically, three vulnerabilities are exploited to achieve this type of attack: (i) manipulation of LLMs within robotic systems, (ii) misalignment between linguistic outputs and physical actions, and (iii) unintentional hazardous behaviors caused by world knowledge’s flaws. Furthermore, we construct a benchmark of various malicious physical action queries to evaluate BADROBOT’s attack performance. Based on this benchmark, extensive experiments against existing prominent embodied LLM frameworks (e.g., Voxposer, Code as Policies, and ProgPrompt) demonstrate the effectiveness of our BADROBOT. Copyright © 2024, The Authors. All rights reserved.

关键词： Benchmarking

Copula Guided Parallel Gibbs Sampling for Nonparametric and Coherent Topic Discovery (Extended Abstract) 39

学校读者我要写书评

暂无评论

Copula Guided Parallel Gibbs Sampling for Nonparametric and ...

39th IEEE International Conference on data engineering, ICDE 2023

作者： Lin, Lihui Rao, Yanghui Xie, Haoran Lau, Raymond Y. K. Yin, Jian Wang, Fu Lee Li, Qing Sun Yat-sen University School of Computer Science and Engineering Guangzhou China Lingnan University Department of Computing and Decision Sciences New Territories Hong Kong City University of Hong Kong Department of Information Systems Kowloon Hong Kong Sun Yat-sen University Guangdong Key Laboratory of Big Data Analysis and Processing Guangzhou China Hong Kong Metropolitan University School of Science and Technology Kowloon Hong Kong The Hong Kong Polytechnic University Department of Computing Kowloon Hong Kong

ISBN: (纸本)9798350322279

In terms of the generative process, the Gamma-Gamma-Poisson Process (G2PP) is equivalent to the nonparametric topic model of Hierarchical Dirichlet Process (HDP). Considering the high computational cost of estimating parameters in HDP, a parallel G2PP was developed to generate topics efficiently via multi-threading. Unfortunately, the above model needs to predefine the number of topics. To address this issue, we first propose a Topic Self-Adaptive Model (TSAM) for nonparametric and parallel topic discovery. In TSAM, a monitor-executor mechanism is developed to manage the global topic information using a hierarchical structure of threads. Based on the apparatus of copulas, we further extend our TSAM to TSAMcop for coherent topic modeling by exploiting a copula guided parallel Gibbs sampling algorithm. Extensive experiments validate the effectiveness of both TSAM and TSAMcop. © 2023 IEEE.

关键词： Information management

Unified Graph Augmentations for Generalized Contrastive Learning on Graphs 38

学校读者我要写书评

暂无评论

Unified Graph Augmentations for Generalized Contrastive Lear...

38th Conference on Neural Information Processing Systems, NeurIPS 2024

作者： Zhuo, Jiaming Lu, Yintong Ning, Hui Fu, Kun Niu, Bingxin He, Dongxiao Wang, Chuan Guo, Yuanfang Wang, Zhen Cao, Xiaochun Yang, Liang Hebei Province Key Laboratory of Big Data Calculation School of Artificial Intelligence Hebei University of Technology Tianjin China College of Intelligence and Computing Tianjin University Tianjin China School of Computer Science and Technology Beijing JiaoTong University Beijing China School of Computer Science and Engineering Beihang University Beijing China School of Cybersecurity Northwestern Polytechnical University Xi'an China School of Cyber Science and Technology Shenzhen Campus of Sun Yat-sen University Shenzhen China

In real-world scenarios, networks (graphs) and their tasks possess unique characteristics, requiring the development of a versatile graph augmentation (GA) to meet the varied demands of network analysis. Unfortunately, most Graph Contrastive Learning (GCL) frameworks are hampered by the specificity, complexity, and incompleteness of their GA techniques. Firstly, GAs designed for specific scenarios may compromise the universality of models if mishandled. Secondly, the process of identifying and generating optimal augmentations generally involves substantial computational overhead. Thirdly, the effectiveness of the GCL, even the learnable ones, is constrained by the finite selection of GAs available. To overcome the above limitations, this paper introduces a novel unified GA module dubbed UGA after reinterpreting the mechanism of GAs in GCLs from a message-passing perspective. Theoretically, this module is capable of unifying any explicit GAs, including node, edge, attribute, and subgraph augmentations. Based on the proposed UGA, a novel generalized GCL framework dubbed Graph cOntrastive UnifieD Augmentations (GOUDA) is proposed. It seamlessly integrates widely adopted contrastive losses and an introduced independence loss to fulfill the common requirements of consistency and diversity of augmentation across diverse scenarios. Evaluations across various datasets and tasks demonstrate the generality and efficiency of the proposed GOUDA over existing state-of-the-art GCLs. © 2024 Neural information processing systems foundation. All rights reserved.

关键词：

SAV-SE: Scene-aware Audio-visual Speech Enhancement with Selective State Space Model

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Qian, Xinyuan Gao, Jiaran Zhang, Yaodan Zhang, Qiquan Liu, Hexin Garcia, Leibny Paola Li, Haizhou The School of Computer and Communication Engineering University of Science and Technology Beijing Beijing100083 China The School of Electrical Engineering and Telecommunications The University of New South Wales Sydney2052 Australia The College of Computing and Data Science Nanyang Technological University Singapore The Center for Language and Speech Processing Johns Hopkins University United States The Guangdong Provincial Key Laboratory of Big Data Computing The Chinese University of Hong Kong Shenzhen518172 China Shenzhen Research Institute of Big data Shenzhen51872 China

Speech enhancement plays an essential role in various applications, and the integration of visual information has been demonstrated to bring substantial advantages. However, the majority of current research concentrates on the examination of facial and lip movements, which can be compromised or entirely inaccessible in scenarios where occlusions occur or when the camera view is distant. Whereas contextual visual cues from the surrounding environment have been overlooked: for example, when we see a dog bark, our brain has the innate ability to discern and filter out the barking noise. To this end, in this paper, we introduce a novel task, i.e. Scene-aware Audiovisual Speech Enhancement (SAV-SE). To our best knowledge, this is the first proposal to use rich contextual information from synchronized video as auxiliary cues to indicate the type of noise, which eventually improves the speech enhancement performance. Specifically, we propose the VC-S2E method, which incorporates the Conformer and Mamba modules for their complementary strengths. Extensive experiments are conducted on public MUSIC, AVSpeech and AudioSet datasets, where the results demonstrate the superiority of VC-S2E over other competitive methods. We will make the source code publicly available. Project demo page: https://***/ © 2024, CC BY.

关键词： Speech enhancement

CoMT: A Novel Benchmark for Chain of Multi-modal Thought on Large Vision-Language Models

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Cheng, Zihui Chen, Qiguang Zhang, Jin Fei, Hao Feng, Xiaocheng Che, Wanxiang Li, Min Qin, Libo School of Computer Science and Engineering Central South University China Key Laboratory of Data Intelligence and Advanced Computing in Provincial Universities Soochow University China Research Center for SCIR Harbin Institute of Technology Harbin China National University of Singapore Singapore

Large Vision-Language Models (LVLMs) have recently demonstrated amazing success in multi-modal tasks, including advancements in Multi-modal Chain-of-Thought (MCoT) reasoning. Despite these successes, current benchmarks still follow a traditional paradigm with multi-modal input and text-modal output, which leads to significant drawbacks such as missing visual operations and vague expressions. Motivated by this, we introduce a novel Chain of Multi-modal Thought (CoMT) benchmark to address these limitations. Different from the traditional MCoT benchmark, CoMT requires both multi-modal input and multi-modal reasoning output, aiming to mimic human-like reasoning that inherently integrates visual operations. Specifically, CoMT consists of four categories: (1) visual Creation, (2) visual Deletion, (3) visual Update, and (4) visual Selection to comprehensively explore complex visual operations and concise expression in real scenarios. We evaluate various LVLMs and strategies on CoMT, revealing some key insights into the capabilities and limitations of the current approaches. We hope that CoMT can inspire more breakthroughs on introducing multi-modal generation into the reasoning process. The project page is available at https://***/czhhzc/CoMT. © 2024, CC BY-NC-SA.

关键词： Chains

Study on the Depth Control for an "Egg-shaped" Underwater Robot Based on Backstepping Sliding Mode Algorithm

学校读者我要写书评

暂无评论

Study on the Depth Control for an "Egg-shaped" Underwater Ro...

IEEE International Conference on Mechatronics and Automation

作者： Haotian Li Shuxiang Guo Chunying Li Jipeng Long National Engineering Laboratory for Big Data System Computing Technology Shenzhen University Shenzhen China The Department of Electronic and Electrical Engineering Southern University of Science and Technology Shenzhen China The Aerospace Center Hospital School of Life Science and the Key Laboratory of Convergence Medical Engineering System and Healthcare Technology Ministry of Industry and Information Technology Beijing Institute of Technology Beijing China

ISBN: (数字)9798350388077

ISBN: (纸本)9798350388084

With the growing demand for autonomous underwater vehicles (AUVs) capable of precise navigation in intricate environments, achieving accurate depth control becomes pivotal. This paper introduced a pioneering study on depth control for an "Egg-shaped" underwater robot (EUR) utilizing the backstepping sliding mode control (BSMC) algorithm. By analyzing the kinematic and kinetic models of the EUR, a specialized control system was devised. This paper significantly advanced underwater robotics by presenting a robust and efficient solution for depth control, employing Lyapunov function in stability analysis. Simulation and experimental results validated the performance of the proposed algorithm in regulating the robot's depth across diverse operating conditions, surpassing traditional control methods in terms of stability and accuracy.

关键词： Autonomous underwater vehicles Backstepping Accuracy Mechatronics Navigation Stability analysis Robustness

StegoFL: Using Steganography and Federated Learning to Transmit Malware

学校读者我要写书评

暂无评论

StegoFL: Using Steganography and Federated Learning to Trans...

IEEE International Conference on Trust, Security and Privacy in computing and Communications (TrustCom)

作者： Rong Wang Junchuan Liang Haiting Jiang Chaosheng Feng Chin-Chen Chang College of Computer Science Sichuan Normal University Chengdu China Visual Computing and Virtual Reality Key Laboratory of Sichuan Sichuan Normal University Chengdu China Graduate School of Science and Engineering Hosei University Tokyo Japan Department of Information Engineering and Computer Science Feng Chia University Taichung Taiwan

ISBN: (数字)9798331506209

ISBN: (纸本)9798331506216

Federated learning (FL) has gained increasing popularity in today’s privacy-focused world due to its ability to break data silos. Although federated learning can keep all the training data private at each site, it results in clients not being effectively monitored, which may pose security risks to the learning process. Previous studies mainly focus on backdoor and poisoning attacks against federated learning. In this paper, we propose a new stegomalware attack in FL, where an attacker, disguised as a benign client, hides malware into his local model and distributes the malware to other clients through the FL process. Conducting such an attack faces two challenges. First, embedding data into a local model may degrade its model performance, making it easier for a server in FL to detect this anomaly. Second, the local model with embedded malware is recalculated after model aggregation, which unavoidably alters the malware’s carrier and hinders the success of malware extraction. To address these challenges, we propose a method called StegoFL to incorporate steganography into federated learning to transmit malware. Specifically, we split the malware to be transmitted into segments and randomly select a few model parameters as carriers. Each malware segment is concealed within these carriers over several training rounds. We also propose a simple value-mapping method to extract the embedded data by comparing the aggregated carrier values with a threshold. Experimental results demonstrate that StegoFL can circumvent server-side detection mechanisms, i.e., accuracy tests and parametric distribution comparisons. In addition, it increases transmission capacity by at least 50 times compared to state-of-the-art covert communication methods in federated learning.

关键词： Training Steganography Federated learning Training data Malware data models Security Servers Monitoring Faces