8 research outputs found
Launching a Robust Backdoor Attack under Capability Constrained Scenarios
As deep neural networks continue to be used in critical domains, concerns
over their security have emerged. Deep learning models are vulnerable to
backdoor attacks due to the lack of transparency. A poisoned backdoor model may
perform normally in routine environments, but exhibit malicious behavior when
the input contains a trigger. Current research on backdoor attacks focuses on
improving the stealthiness of triggers, and most approaches require strong
attacker capabilities, such as knowledge of the model structure or control over
the training process. These attacks are impractical since in most cases the
attacker's capabilities are limited. Additionally, the issue of model
robustness has not received adequate attention. For instance, model
distillation is commonly used to streamline model size as the number of
parameters grows exponentially, and most of previous backdoor attacks failed
after model distillation; the image augmentation operations can destroy the
trigger and thus disable the backdoor. This study explores the implementation
of black-box backdoor attacks within capability constraints. An attacker can
carry out such attacks by acting as either an image annotator or an image
provider, without involvement in the training process or knowledge of the
target model's structure. Through the design of a backdoor trigger, our attack
remains effective after model distillation and image augmentation, making it
more threatening and practical. Our experimental results demonstrate that our
method achieves a high attack success rate in black-box scenarios and evades
state-of-the-art backdoor defenses.Comment: 9 pages, 6 figure
Environmental Microvibration Analysis Method for Vibration Isolation Research in High-Precision Laboratories
Environmental microvibrations, often originating from unidentified sources, pose a significant challenge for predicting and controlling their complex wave fields, potentially leading to measurement errors of sensitive instruments in high-precision laboratories and impacting the accuracy of experimental outcomes. Therefore, investigating effective control measures for environmental microvibrations under passive conditions is key to addressing such engineering issues. This paper presents a finite element analysis method tailored to address environmental microvibrations in the absence of apparent sources. This method involves obtaining the vibration time history at specific ground surface points through field measurements and combining the Rayleigh wave velocity attenuation character with depth at the center frequencies of one-third octave bands within the 1–100 Hz frequency range; the vibration time history at any depth in the soil is calculated. These calculated vibrations are then applied as input loads to the corresponding nodes on one boundary of the foundation–soil model, serving as the source of environmental microvibrations. The predicted results are compared with measured data and the empirical point source input method, indicating that this approach is more precise and efficient, providing valuable reference for the prediction and analysis of environmental microvibrations. In addition, utilizing this method, the study examines the effects of pile foundation parameters such as the pile length, burial depth, and concrete baseplate thickness on the vibration isolation performance of environmental microvibrations, providing guidance for designing pile foundation isolation
A Novel Steganography Method for Character-Level Text Image Based on Adversarial Attacks
The Internet has become the main channel of information communication, which contains a large amount of secret information. Although network communication provides a convenient channel for human communication, there is also a risk of information leakage. Traditional image steganography algorithms use manually crafted steganographic algorithms or custom models for steganography, while our approach uses ordinary OCR models for information embedding and extraction. Even if our OCR models for steganography are intercepted, it is difficult to find their relevance to steganography. We propose a novel steganography method for character-level text images based on adversarial attacks. We exploit the complexity and uniqueness of neural network boundaries and use neural networks as a tool for information embedding and extraction. We use an adversarial attack to embed the steganographic information into the character region of the image. To avoid detection by other OCR models, we optimize the generation of the adversarial samples and use a verification model to filter the generated steganographic images, which, in turn, ensures that the embedded information can only be recognized by our local model. The decoupling experiments show that the strategies we adopt to weaken the transferability can reduce the possibility of other OCR models recognizing the embedded information while ensuring the success rate of information embedding. Meanwhile, the perturbations we add to embed the information are acceptable. Finally, we explored the impact of different parameters on the algorithm with the potential of our steganography algorithm through parameter selection experiments. We also verify the effectiveness of our validation model to select the best steganographic images. The experiments show that our algorithm can achieve a 100% information embedding rate and more than 95% steganography success rate under the set condition of 3 samples per group. In addition, our embedded information can be hardly detected by other OCR models
N-Heterocyclic Carbene/Magnesium Co-catalyzed Radical Relay Assembly of Aliphatic Keto-nitriles
An N-heterocyclic carbene and
magnesium co-catalyzed three-component alkylacylation of alkenes with cycloketone
oxime esters and aldehydes was presented. This method displayed good scope
generality, providing a transition metal and photo-redox free pathway to access
various multi-functionalized aliphatic keto-nitrile structures under mild
reaction conditions. Moreover, this strategy is supposed to follow a radical
relay mechanism via a single electron transfer (SET) event of Mg/oxime
ester/Breslow intermediate ternary electron donating acceptor (EDA) complex
Mechanism-Independent Optimization of Combinatorial Nanodiamond and Unmodified Drug Delivery Using a Phenotypically Driven Platform Technology
Combination chemotherapy can mediate drug synergy to improve treatment efficacy against a broad spectrum of cancers. However, conventional multidrug regimens are often additively determined, which have long been believed to enable good cancer-killing efficiency but are insufficient to address the nonlinearity in dosing. Despite improved clinical outcomes by combination treatment, multi-objective combination optimization, which takes into account tumor heterogeneity and balance of efficacy and toxicity, remains challenging given the sheer magnitude of the combinatorial dosing space. To enhance the properties of the therapeutic agents, the field of nanomedicine has realized novel drug delivery platforms that can enhance therapeutic efficacy and safety. However, optimal combination design that incorporates nanomedicine agents still faces the same hurdles as unmodified drug administration. The work reported here applied a powerful phenotypically driven platform, termed feedback system control (FSC), that systematically and rapidly converges upon a combination consisting of three nanodiamond-modified drugs and one unmodified drug that is simultaneously optimized for efficacy against multiple breast cancer cell lines and safety against multiple control cell lines. Specifically, the therapeutic window achieved from an optimally efficacious and safe nanomedicine combination was markedly higher compared to that of an optimized unmodified drug combination and nanodiamond monotherapy or unmodified drug administration. The phenotypically driven foundation of FSC implementation does not require any cellular signaling pathway data and innately accounts for population heterogeneity and nonlinear biological processes. Therefore, FSC is a broadly applicable platform for both nanotechnology-modified and unmodified therapeutic optimizations that represent a promising path toward phenotypic personalized medicine