Filters








612 Hits in 6.3 sec

Push Stricter to Decide Better: A Class-Conditional Feature Adaptive Framework for Improving Adversarial Robustness [article]

Jia-Li Yin, Lehui Xie, Wanqing Zhu, Ximeng Liu, Bo-Hao Chen
2021 arXiv   pre-print
class-conditional feature adaption across natural data and adversarial examples.  ...  Specifically, we propose to incorporate a class-conditional discriminator to encourage the features become (1) class-discriminative and (2) invariant to the change of adversarial attacks.  ...  The feature adaption loss is used to push the model generate class-conditional invariant features that can fool the discriminator.  ... 
arXiv:2112.00323v1 fatcat:qf4vdsli6jbadhruy2kan7nfau

Thief, Beware of What Get You There: Towards Understanding Model Extraction Attack [article]

Xinyi Zhang, Chengfang Fang, Jie Shi
2021 arXiv   pre-print
Experiments show that the proposed framework can be used to improve existing techniques, and show that model extraction is still possible in such strict scenarios.  ...  Our research can help system designers to construct better defense strategies based on their scenarios.  ...  Reference [23] interpreted the AE noise as non-robust features, which we adopted in our method to enrich the information retrieved from the victim and push the distribution of the sampled data to a desired  ... 
arXiv:2104.05921v1 fatcat:o66yqir4ojbt3drbkugl5ep2j4

Partial success in closing the gap between human and machine vision [article]

Robert Geirhos, Kantharaju Narayanappa, Benjamin Mitzkus, Tizian Thieringer, Matthias Bethge, Felix A. Wichmann, Wieland Brendel
2021 arXiv   pre-print
However, it soon became clear that machines lack robustness on more challenging test cases, a major obstacle towards deploying machines "in the wild" and towards obtaining better computational models of  ...  Our results give reason for cautious optimism: While there is still much room for improvement, the behavioural difference between human and machine vision is narrowing.  ...  Mutschler, David-Elias Künstle for feedback on the manuscript; Santiago Cadena for sharing a PyTorch implementation of SimCLR; Katherine Hermann and her collaborators for providing supervised SimCLR baselines  ... 
arXiv:2106.07411v2 fatcat:kd4es6yzirggnht65mvpqwz4yu

Generalization of Neural Combinatorial Solvers Through the Lens of Adversarial Robustness [article]

Simon Geisler, Johanna Sommer, Jan Schuchardt, Aleksandar Bojchevski, Stephan Günnemann
2021 arXiv   pre-print
We investigate these effects by studying adversarial robustness - a local generalization property - to reveal hard, model-specific instances and spurious features.  ...  Specifically, most datasets only capture a simpler subproblem and likely suffer from spurious features.  ...  adversarial training can improve the robustness and generalization.  ... 
arXiv:2110.10942v1 fatcat:cijhyc7ki5exvdmlogcawte7jy

Adversarial Attacks on Graph Classification via Bayesian Optimisation [article]

Xingchen Wan, Henry Kenlay, Binxin Ru, Arno Blaas, Michael A. Osborne, Xiaowen Dong
2021 arXiv   pre-print
Graph neural networks, a popular class of models effective in a wide range of graph-based learning tasks, have been shown to be vulnerable to adversarial attacks.  ...  We present a novel Bayesian optimisation-based attack method for graph classification models. Our method is black-box, query-efficient and parsimonious with respect to the perturbation applied.  ...  The authors would also like to thank the Oxford-Man Institute of Quantitative Finance for providing the computing resources necessary for this project. The authors declare no conflict in interests.  ... 
arXiv:2111.02842v1 fatcat:xyudz2vb45bbhmbvtgcdx4fxse

A Survey of Black-Box Adversarial Attacks on Computer Vision Models [article]

Siddhant Bhambri, Sumanyu Muku, Avinash Tulasi, Arun Balaji Buduru
2020 arXiv   pre-print
Attacks on such models using perturbations, particularly in real-life scenarios, pose a severe challenge to their applicability, pushing research into the direction which aims to enhance the robustness  ...  Hence, in this paper, we propose to present a comprehensive comparative study of various black-box adversarial attacks and defense techniques.  ...  The methodology aims to push the input data point x from the current class to a different class with which it shares its decision boundary.  ... 
arXiv:1912.01667v3 fatcat:cq5kjjta2zhxfirrj2tevn7noi

An introduction to domain adaptation and transfer learning [article]

Wouter M. Kouw, Marco Loog
2019 arXiv   pre-print
We will start with a brief introduction into risk minimization, and how transfer learning and domain adaptation expand upon this framework.  ...  Here, we present an introduction to these fields, guided by the question: when and how can a classifier generalize from a source to a target domain?  ...  Acknowledgements The author would like thank Marcel Reinders, Tom Viering and Soufiane Mouragui for feedback and discussions.  ... 
arXiv:1812.11806v2 fatcat:pkx3uhw4pbdwhcmzbvwxfvz2u4

AC-Teach: A Bayesian Actor-Critic Method for Policy Learning with an Ensemble of Suboptimal Teachers [article]

Andrey Kurenkov, Ajay Mandlekar, Roberto Martin-Martin, Silvio Savarese, Animesh Garg
2019 arXiv   pre-print
AC-Teach leverages a probabilistic representation of the expected outcome of the teachers' and student's actions to direct exploration, reduce dithering, and adapt to the dynamically changing quality of  ...  Thus, improving over random exploration is crucial to solve long-horizon tasks with sparse rewards.  ...  Acknowledgments Toyota Research Institute ("TRI") provided funds to assist the authors with their research but this article solely reflects the opinions and conclusions of its authors and not TRI or any  ... 
arXiv:1909.04121v3 fatcat:xnik7su4rzdvpgmvo4g4552wua

Gordon Tullock's Critique of the Common Law

Todd J. Zywicki
2007 Social Science Research Network  
This article is part of a symposium on the work of Gordon Tullock held in connection with the presentation to Tullock of the Lifetime Achievement Award of the Fund for the Study of Spontaneous Orders at  ...  the Atlas Research Foundation for his contributions to the study of spontaneous orders and methodological individualism.  ...  Tullock's Critique of the Adversary System This analytical framework enables us to better understand Tullock's doublebarreled attack on the adversary system as a device for dispute resolution.  ... 
doi:10.2139/ssrn.964781 fatcat:ikyqvhhb2vfunnseuu3fn4ulvu

Recent Advances in Deep Learning Based Dialogue Systems: A Systematic Survey [article]

Jinjie Ni, Tom Young, Vlad Pandelea, Fuzhao Xue, Vinay Adiga, Erik Cambria
2021 arXiv   pre-print
Furthermore, we comprehensively review the evaluation methods and datasets for dialogue systems to pave the way for future research.  ...  As a result, a multitude of novel works on this task are carried out, and most of them are deep learning-based due to the outstanding performance.  ...  Acknowledgements This research/project is supported by A*STAR under its Industry Alignment Fund (LOA Award I1901E0046).  ... 
arXiv:2105.04387v4 fatcat:stperoq73rgyja5b7zcfysjh5q

Privacy in mobile technology for personal healthcare

Sasikanth Avancha, Amit Baxi, David Kotz
2012 ACM Computing Surveys  
to quantify and detect behavioral aberrations for early diagnosis (such as depression), or athletes wishing to monitor their condition and performance.  ...  Through an extensive survey of the literature, we develop a conceptual privacy framework for mHealth, itemize the privacy properties needed in mHealth systems, and discuss the technologies that could support  ...  ACKNOWLEDGMENTS Many thanks to colleagues at Intel and Dartmouth for their feedback and to the anonymous reviewers for their helpful suggestions.  ... 
doi:10.1145/2379776.2379779 fatcat:34xjhngd6ba3jic2tmuimnefry

Publishing microdata with a robust privacy guarantee

Jianneng Cao, Panagiotis Karras
2012 Proceedings of the VLDB Endowment  
than methods adapting algorithms for the k-anonymity model, and (iii) our perturbation method outperforms a baseline approach.  ...  Vast research has striven to define the privacy condition that microdata should satisfy before it is released, and devise algorithms to anonymize the data so as to achieve this condition.  ...  Acknowledgments We thank Daniel Kifer and Graham Cormode for lucid remarks on this topic, and the anonymous reviewers for their apt feedback.  ... 
doi:10.14778/2350229.2350255 fatcat:s7333zff3jairotd56afucqw44

Security Analysis of Malicious Socialbots on the Web

Yazan Boshmaf
2015 Zenodo  
In particular, Integro relies on a novel approach that leverages victim classification for robust graph-based fake account detection, with provable security guarantees.  ...  We implemented a prototypical SbN consisting of 100 socialbots and operated it on Facebook for 8 weeks.  ...  Acknowledgments First and foremost, I would like to thank my kind advisors, Konstantin Beznosov and Matei Ripeanu, for giving me the opportunity to venture into different topics and disciplines, and for  ... 
doi:10.5281/zenodo.3264693 fatcat:q3rntvj5gjdzhnhykysnuauihe

Publishing Microdata with a Robust Privacy Guarantee [article]

Jianneng Cao, Panagiotis Karras
2012 arXiv   pre-print
than methods adapting algorithms for the k-anonymity model, and (iii) our perturbation method outperforms a baseline approach.  ...  Yet, no method proposed to date explicitly bounds the percentage of information an adversary gains after seeing the published data for each sensitive value therein.  ...  Acknowledgments We thank Daniel Kifer and Graham Cormode for lucid remarks on this topic, and the anonymous reviewers for their apt feedback.  ... 
arXiv:1208.0220v1 fatcat:bua7dlvvfzdelcy62dvad2uica

Person Re-identification: Past, Present and Future [article]

Liang Zheng, Yi Yang, Alexander G. Hauptmann
2016 arXiv   pre-print
Person re-identification (re-ID) has become increasingly popular in the community due to its application and research significance. It aims at spotting a person of interest in other cameras.  ...  Considering different tasks, we classify most current re-ID methods into two classes, i.e., image-based and video-based; in both tasks, hand-crafted and deep learning systems will be reviewed.  ...  ACKNOWLEDGMENTS The authors would like to thank the pioneer researchers in person re-identification and other related fields.  ... 
arXiv:1610.02984v1 fatcat:dbbbohinbrdwvao55f376kip44
« Previous Showing results 1 — 15 out of 612 results