269 Hits in 6.4 sec

Adversarial Evaluation of Multimodal Models under Realistic Gray Box Assumption [article]

Ivan Evtimov, Russel Howes, Brian Dolhansky, Hamed Firooz, Cristian Canton Ferrer
2021 arXiv   pre-print
Working under various levels of these "gray-box" assumptions, we develop new attack methodologies unique to multimodal classification and evaluate them on the Hateful Memes Challenge classification task  ...  We introduce realistic assumptions of partial model knowledge and access, and discuss how these assumptions differ from the standard "black-box"/"white-box" dichotomy common in current literature on adversarial  ...  At the University of Washington, Ivan Evtimov is supported in part by the University of Washington Tech Policy Lab, which receives support from: the William and Flora Hewlett Foundation, the John D. and  ... 
arXiv:2011.12902v3 fatcat:y3mpjxkmoba5tng5ufjqm3z5by

Privacy and Security Issues in Deep Learning: A Survey

Ximeng Liu, Lehui Xie, Yaopeng Wang, Jian Zou, Jinbo Xiong, Zuobin Ying, Athanasios V. Vasilakos
2020 IEEE Access  
To demonstrate that security threats really exist in the real world, we also reviewed the adversarial attacks under the physical condition.  ...  INDEX TERMS Deep learning, DL privacy, DL security, model extraction attack, model inversion attack, adversarial attack, poisoning attack, adversarial defense, privacy-preserving.  ...  The gray-box setting usually is used to evaluate the defense against the adversarial attack. C.  ... 
doi:10.1109/access.2020.3045078 fatcat:kbpqgmbg4raerc6txivacpgcia

Balancing Domain Gap for Object Instance Detection [article]

Woo-han Yun, Jaeyeon Lee, Jaehong Kim, Junmo Kim
2019 arXiv   pre-print
However, it is hard to prepare such a huge dataset in instance detection problem where only small number of samples are available.  ...  Especially, we identify that domain gaps of foreground and background are unbalanced and propose methods to balance these gaps.  ...  As a GAN model, we use a Multimodal Unsupervised Image-to-image Translation (MUNIT) model [46] .  ... 
arXiv:1909.11972v1 fatcat:bod4zeddyrejvdpcu2xfgr4of4

Front Matter: Volume 11756

Lynne L. Grewe, Erik P. Blasch, Ivan Kadar
2021 Signal Processing, Sensor/Information Fusion, and Target Recognition XXX  
via semantic analysis and dynamic knowledge graph construction 11756 0O Learning intent and behavior models from motion trajectories for unsupervised semantic labeling 11756 0P Weighted certainty grids  ... Paper Numbering: A unique citation identifier (CID) number is assigned to each article in the Proceedings of SPIE at the time of publication.  ...  ), Box truck (1,800), Motorcycle (850), xxv Proc. of SPIE Vol. 11756 1175601-25 Multispectral Image Fusion and Colorization provides an overview of image fusion, associated evaluation methods, and its  ... 
doi:10.1117/12.2598593 fatcat:5afkuwltljctxayaup2rz2njly

Neural Image Inpainting Guided with Descriptive Text [article]

Lisai Zhang, Qingcai Chen, Baotian Hu, Shuoran Jiang
2020 arXiv   pre-print
Second, an image-text matching loss is designed to enforce the model output following the descriptive text. Its goal is to maximize the semantic similarity of the generated image and the text.  ...  Experimental results show that the proposed NIGDT model outperforms all compared models on both quantitative and qualitative comparison.  ...  Based on this assumption, diffusion-based [Bertalmio Origin Masked No Text NIGDT (a) NIGDT (b) Text of (a): "This bird is gray in color, with yellow belly."  ... 
arXiv:2004.03212v2 fatcat:6wuvroyi3rgd5gybpbx7rn4o3u

A Review on Deep Learning Techniques for Video Prediction [article]

Sergiu Oprea, Pablo Martinez-Gonzalez, Alberto Garcia-Garcia, John Alejandro Castro-Vargas, Sergio Orts-Escolano, Jose Garcia-Rodriguez, Antonis Argyros
2020 arXiv   pre-print
Next, we carefully analyze existing video prediction models organized according to a proposed taxonomy, highlighting their contributions and their significance in the field.  ...  The summary of the datasets and methods is accompanied with experimental results that facilitate the assessment of the state of the art on a quantitative basis.  ...  These assumptions make the prediction under uncertainty an extremely challenging task. Most of the existing deep learning-based models in the literature are deterministic.  ... 
arXiv:2004.05214v2 fatcat:weerbkanmjb4dn6wkn5o4b5aia

Perspectives on Adversarial Classification

David Rios Insua, Roi Naveiro, Victor Gallego
2020 Mathematics  
Adversarial classification (AC) is a major subfield within the increasingly important domain of adversarial machine learning (AML).  ...  This requires unrealistic common knowledge conditions untenable in the security settings typical of the AML realm.  ...  D.R.I. is grateful to the MTM2017-86875-C3-1-R AEI/ FEDER EU project and the AXA-ICMAT Chair in adversarial risk analysis. We are grateful to stimulating discussions with the referees.  ... 
doi:10.3390/math8111957 fatcat:425kglsp55b73g4f2xyae4pvfu

Towards interpreting ML-based automated malware detection models: a survey [article]

Yuzhou Lin, Xiaolin Chang
2021 arXiv   pre-print
However, most of the existing ML models are black-box, which made their pre-diction results undependable, and therefore need further interpretation in order to be effectively deployed in the wild.  ...  We first give a detailed comparison over the previous work on common ML model inter-pretability in groups after introducing the principles, attributes, evaluation indi-cators and taxonomy of common ML  ...  Raw samples of malware Signatures with semantic features Gray-scale images White-box Black-box Extract Convert train train train Detection results predict predict .  ... 
arXiv:2101.06232v1 fatcat:rw3f3ban7nfvzcjriqyegqhffq

Membership Inference Attacks on Deep Regression Models for Neuroimaging [article]

Umang Gupta, Dimitris Stripelis, Pradeep K. Lam, Paul M. Thompson, José Luis Ambite, Greg Ver Steeg
2021 arXiv   pre-print
In particular, we show that it is possible to infer if a sample was used to train the model given only access to the model prediction (black-box) or access to the model itself (white-box) and some leaked  ...  We correctly identified whether an MRI scan was used in model training with a 60% to over 80% success rate depending on model complexity and security assumptions.  ...  Revisiting membership inference under realistic assumptions. arXiv preprint arXiv:2005.10881, 2020. Peeter Laud and Alisa Pankova.  ... 
arXiv:2105.02866v2 fatcat:xuxoifbq7nd7rgy3zacpzg6ypy

Inspect, Understand, Overcome: A Survey of Practical Methods for AI Safety [article]

Sebastian Houben, Stephanie Abrecht, Maram Akila, Andreas Bär, Felix Brockherde, Patrick Feifel, Tim Fingscheidt, Sujan Sai Gannamaneni, Seyed Eghbal Ghobadi, Ahmed Hammam, Anselm Haselhoff, Felix Hauser (+29 others)
2021 arXiv   pre-print
The use of deep neural networks (DNNs) in safety-critical applications like mobile health and autonomous driving is challenging due to numerous model-inherent shortcomings.  ...  In recent years, a zoo of state-of-the-art techniques aiming to address these safety concerns has emerged. This work provides a structured and broad overview of them.  ...  Furthermore, this research has been funded by the Federal Ministry of Education and Research of Germany as part of the competence center for machine learning ML2R (01IS18038B).  ... 
arXiv:2104.14235v1 fatcat:f6sj3v2brza7thyzw7b7fkpo2m

Cut-and-Paste Dataset Generation for Balancing Domain Gaps in Object Instance Detection

Woo-Han Yun, Taewoo Kim, Jaeyeon Lee, Jaehong Kim, Junmo Kim
2021 IEEE Access  
Then, we introduce an advanced cut-and-paste method to balance the unbalanced domain gaps by diversifying the foreground with GAN (generative adversarial network)-generated seed images and simplifying  ...  Though state-of-the-art domain adaptation methods are able to reduce this gap, it is limited because they do not consider the difference of domain gaps of foreground and background.  ...  As a GAN model, we use a multimodal unsupervised image-to-image translation (MUNIT) model [46] .  ... 
doi:10.1109/access.2021.3051964 fatcat:cguhitn7cfehncq6omm3mpkkeu

Testing the Safety of Self-driving Vehicles by Simulating Perception and Prediction [article]

Kelvin Wong, Qiang Zhang, Ming Liang, Bin Yang, Renjie Liao, Abbas Sadat, Raquel Urtasun
2020 arXiv   pre-print
Importantly, the inputs to our system consists of high definition maps, bounding boxes, and trajectories, which can be easily sketched by a test engineer in a matter of minutes.  ...  Specifically, we use paired data in the form of ground truth labels and real perception and prediction outputs to train a model that predicts what the online system will produce.  ...  These gains also directly translate to more realistic evaluations of motion planning.  ... 
arXiv:2008.06020v1 fatcat:rbofz32tlzfcdaf646273wgcli

Face-from-Depth for Head Pose Estimation on Depth Images [article]

Guido Borghi, Matteo Fabbri, Roberto Vezzani, Simone Calderara, Rita Cucchiara
2018 arXiv   pre-print
Moreover, a Face-from-Depth component based on a Deterministic Conditional GAN model is able to hallucinate a face from the corresponding depth image.  ...  The core element of the framework is a Convolutional Neural Network, called POSEidon+, that receives as input three types of images and provides the 3D angles of the pose as output.  ...  the car drivers attention with multisensory systems, computer vision and machine learning funded by the University of Modena and Reggio Emilia.  ... 
arXiv:1712.05277v2 fatcat:43uzoa2srbb35mbizpicg2fcgq

Deep Learning for Face Anti-Spoofing: A Survey [article]

Zitong Yu, Yunxiao Qin, Xiaobai Li, Chenxu Zhao, Zhen Lei, Guoying Zhao
2021 arXiv   pre-print
RGB camera, we summarize the deep learning applications under multi-modal (e.g., depth and infrared) or specialized (e.g., light field and flash) sensors.  ...  As more and more realistic PAs with novel types spring up, traditional FAS methods based on handcrafted features become unreliable due to their limited representation capacity.  ...  Acknowledgments This work was supported by the Academy of Finland for project MiGA (grant 316765), ICT 2023 project (grant 328115), Infotech Oulu, the National Key Research and Development Program of China  ... 
arXiv:2106.14948v1 fatcat:o2rkploxuzfs3lbievb5t6ycqm

Efficient Cyber Attacks Detection in Industrial Control Systems Using Lightweight Neural Networks and PCA [article]

Moshe Kravchik, Asaf Shabtai
2019 arXiv   pre-print
This finding suggests that neural networks trained under the constraints of the laws of physics can be trusted more than networks trained under more flexible conditions.  ...  Finally, we study the proposed method's robustness against adversarial attacks, that exploit inherent blind spots of neural networks to evade detection while achieving their intended physical effect.  ...  The authors thank iTrust Centre for Research in Cyber Security, Singapore University of Technology and Design for creating and providing the SWaT and WADI datasets, Dr.  ... 
arXiv:1907.01216v2 fatcat:r6d3hpnfyzfvdcuqu7wvu5x2vy
« Previous Showing results 1 — 15 out of 269 results