A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Adversarial Evaluation of Multimodal Models under Realistic Gray Box Assumption
[article]
2021
arXiv
pre-print
Preserved Fulltext
Other Versions
Working under various levels of these "gray-box" assumptions, we develop new attack methodologies unique to multimodal classification and evaluate them on the Hateful Memes Challenge classification task ...
We introduce realistic assumptions of partial model knowledge and access, and discuss how these assumptions differ from the standard "black-box"/"white-box" dichotomy common in current literature on adversarial ...
At the University of Washington, Ivan Evtimov is supported in part by the University of Washington Tech Policy Lab, which receives support from: the William and Flora Hewlett Foundation, the John D. and ...
arXiv:2011.12902v3
fatcat:y3mpjxkmoba5tng5ufjqm3z5by
Privacy and Security Issues in Deep Learning: A Survey
2020
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
To demonstrate that security threats really exist in the real world, we also reviewed the adversarial attacks under the physical condition. ...
INDEX TERMS Deep learning, DL privacy, DL security, model extraction attack, model inversion attack, adversarial attack, poisoning attack, adversarial defense, privacy-preserving. ...
The gray-box setting usually is used to evaluate the defense against the adversarial attack.
C. ...
doi:10.1109/access.2020.3045078
fatcat:kbpqgmbg4raerc6txivacpgcia
Balancing Domain Gap for Object Instance Detection
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
However, it is hard to prepare such a huge dataset in instance detection problem where only small number of samples are available. ...
Especially, we identify that domain gaps of foreground and background are unbalanced and propose methods to balance these gaps. ...
As a GAN model, we use a Multimodal Unsupervised Image-to-image Translation (MUNIT) model [46] . ...
arXiv:1909.11972v1
fatcat:bod4zeddyrejvdpcu2xfgr4of4
Front Matter: Volume 11756
2021
Signal Processing, Sensor/Information Fusion, and Target Recognition XXX
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
via semantic analysis and dynamic knowledge graph construction 11756 0O Learning intent and behavior models from motion trajectories for unsupervised semantic labeling 11756 0P Weighted certainty grids ...
SPIEDigitalLibrary.org Paper Numbering: A unique citation identifier (CID) number is assigned to each article in the Proceedings of SPIE at the time of publication. ...
), Box truck (1,800), Motorcycle (850), xxv Proc. of SPIE Vol. 11756 1175601-25
Multispectral Image Fusion and Colorization provides an overview of image fusion, associated evaluation methods, and its ...
doi:10.1117/12.2598593
fatcat:5afkuwltljctxayaup2rz2njly
Neural Image Inpainting Guided with Descriptive Text
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Second, an image-text matching loss is designed to enforce the model output following the descriptive text. Its goal is to maximize the semantic similarity of the generated image and the text. ...
Experimental results show that the proposed NIGDT model outperforms all compared models on both quantitative and qualitative comparison. ...
Based on this assumption, diffusion-based [Bertalmio Origin Masked No Text NIGDT (a) NIGDT (b) Text of (a): "This bird is gray in color, with yellow belly." ...
arXiv:2004.03212v2
fatcat:6wuvroyi3rgd5gybpbx7rn4o3u
A Review on Deep Learning Techniques for Video Prediction
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Next, we carefully analyze existing video prediction models organized according to a proposed taxonomy, highlighting their contributions and their significance in the field. ...
The summary of the datasets and methods is accompanied with experimental results that facilitate the assessment of the state of the art on a quantitative basis. ...
These assumptions make the prediction under uncertainty an extremely challenging task. Most of the existing deep learning-based models in the literature are deterministic. ...
arXiv:2004.05214v2
fatcat:weerbkanmjb4dn6wkn5o4b5aia
Perspectives on Adversarial Classification
2020
Mathematics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Adversarial classification (AC) is a major subfield within the increasingly important domain of adversarial machine learning (AML). ...
This requires unrealistic common knowledge conditions untenable in the security settings typical of the AML realm. ...
D.R.I. is grateful to the MTM2017-86875-C3-1-R AEI/ FEDER EU project and the AXA-ICMAT Chair in adversarial risk analysis. We are grateful to stimulating discussions with the referees. ...
doi:10.3390/math8111957
fatcat:425kglsp55b73g4f2xyae4pvfu
Towards interpreting ML-based automated malware detection models: a survey
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
However, most of the existing ML models are black-box, which made their pre-diction results undependable, and therefore need further interpretation in order to be effectively deployed in the wild. ...
We first give a detailed comparison over the previous work on common ML model inter-pretability in groups after introducing the principles, attributes, evaluation indi-cators and taxonomy of common ML ...
Raw samples of
malware
Signatures with
semantic
features
Gray-scale
images
White-box
Black-box
Extract
Convert
train
train
train
Detection results
predict
predict
. ...
arXiv:2101.06232v1
fatcat:rw3f3ban7nfvzcjriqyegqhffq
Membership Inference Attacks on Deep Regression Models for Neuroimaging
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Other Versions
In particular, we show that it is possible to infer if a sample was used to train the model given only access to the model prediction (black-box) or access to the model itself (white-box) and some leaked ...
We correctly identified whether an MRI scan was used in model training with a 60% to over 80% success rate depending on model complexity and security assumptions. ...
Revisiting membership inference under realistic assumptions. arXiv preprint arXiv:2005.10881, 2020. Peeter Laud and Alisa Pankova. ...
arXiv:2105.02866v2
fatcat:xuxoifbq7nd7rgy3zacpzg6ypy
Inspect, Understand, Overcome: A Survey of Practical Methods for AI Safety
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
The use of deep neural networks (DNNs) in safety-critical applications like mobile health and autonomous driving is challenging due to numerous model-inherent shortcomings. ...
In recent years, a zoo of state-of-the-art techniques aiming to address these safety concerns has emerged. This work provides a structured and broad overview of them. ...
Furthermore, this research has been funded by the Federal Ministry of Education and Research of Germany as part of the competence center for machine learning ML2R (01IS18038B). ...
arXiv:2104.14235v1
fatcat:f6sj3v2brza7thyzw7b7fkpo2m
Cut-and-Paste Dataset Generation for Balancing Domain Gaps in Object Instance Detection
2021
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Then, we introduce an advanced cut-and-paste method to balance the unbalanced domain gaps by diversifying the foreground with GAN (generative adversarial network)-generated seed images and simplifying ...
Though state-of-the-art domain adaptation methods are able to reduce this gap, it is limited because they do not consider the difference of domain gaps of foreground and background. ...
As a GAN model, we use a multimodal unsupervised image-to-image translation (MUNIT) model [46] . ...
doi:10.1109/access.2021.3051964
fatcat:cguhitn7cfehncq6omm3mpkkeu
Testing the Safety of Self-driving Vehicles by Simulating Perception and Prediction
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Importantly, the inputs to our system consists of high definition maps, bounding boxes, and trajectories, which can be easily sketched by a test engineer in a matter of minutes. ...
Specifically, we use paired data in the form of ground truth labels and real perception and prediction outputs to train a model that predicts what the online system will produce. ...
These gains also directly translate to more realistic evaluations of motion planning. ...
arXiv:2008.06020v1
fatcat:rbofz32tlzfcdaf646273wgcli
Face-from-Depth for Head Pose Estimation on Depth Images
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Moreover, a Face-from-Depth component based on a Deterministic Conditional GAN model is able to hallucinate a face from the corresponding depth image. ...
The core element of the framework is a Convolutional Neural Network, called POSEidon+, that receives as input three types of images and provides the 3D angles of the pose as output. ...
the car drivers attention with multisensory systems, computer vision and machine learning funded by the University of Modena and Reggio Emilia. ...
arXiv:1712.05277v2
fatcat:43uzoa2srbb35mbizpicg2fcgq
Deep Learning for Face Anti-Spoofing: A Survey
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
RGB camera, we summarize the deep learning applications under multi-modal (e.g., depth and infrared) or specialized (e.g., light field and flash) sensors. ...
As more and more realistic PAs with novel types spring up, traditional FAS methods based on handcrafted features become unreliable due to their limited representation capacity. ...
Acknowledgments This work was supported by the Academy of Finland for project MiGA (grant 316765), ICT 2023 project (grant 328115), Infotech Oulu, the National Key Research and Development Program of China ...
arXiv:2106.14948v1
fatcat:o2rkploxuzfs3lbievb5t6ycqm
Efficient Cyber Attacks Detection in Industrial Control Systems Using Lightweight Neural Networks and PCA
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
This finding suggests that neural networks trained under the constraints of the laws of physics can be trusted more than networks trained under more flexible conditions. ...
Finally, we study the proposed method's robustness against adversarial attacks, that exploit inherent blind spots of neural networks to evade detection while achieving their intended physical effect. ...
The authors thank iTrust Centre for Research in Cyber Security, Singapore University of Technology and Design for creating and providing the SWaT and WADI datasets, Dr. ...
arXiv:1907.01216v2
fatcat:r6d3hpnfyzfvdcuqu7wvu5x2vy
« Previous
Showing results 1 — 15 out of 269 results