GR-34 Defensive Neural Network

Machine learning (ML) algorithms require a massive amount of data. Firms such as Google and Facebook exploit user\u27s data to deliver a more precise ML-based service. However, collecting users\u27 data is a risky action because their private data can be leaked through the transmission. As a remedy, federated learning is introduced. In federated learning, a central server distributes a machine learning model to users. Each user trains the model to its data, and send the model back. Later the models are aggregated and distributed again. Federated learning is more secure in that it emancipates users from the risk of sending private data directly. Recently, several researchers have identified that federated learning is vulnerable to inference attacks. The inference attack is an adversarial algorithm that identifies the training data only by inspecting an ML model. A successful attack will allow an attacker to know the private data of users. We proposed defensive federated learning, the federated learning that deters inference attack. The defensive federated learning hardens the inference attack and obfuscates original private data into an unrecognizable form to human eyes. Thus, the success rate of the inference attack decreases, and even if the attack is successful, what the attacker can see is distorted data that is not decipherable. What important is, even if the proposed scheme distorts the original data, it still learns from the distorted data and achieves high classification accuracy. We showed that our proposed scheme achieved higher model performance and stronger toleration than differential privacy, which is the only solution for the inference attack.Advisors(s): Dr. Junggab SonTopic(s): Other (explain in the comments section)N/

The impact of the degree of competition in IT industry on operating performance during financial crisis

This study examines whether competition improves corporate performance in Korean economy. Market competition promotes managerial efforts for cost reduction and innovation, while market concentration enables managers to enjoy a "quiet life". The effect of competition can be substituted, to some extent, by that of financial distress. Financial constraint also puts managers in more efforts for higher efficiency of firm. Our analysis of the 2001-2009 panel data of 1,800 Korean firms supports the hypothesis of positive relationship between competition and performance. The negative effect of financial distress is also more evident in highly concentrated markets such as IT industry

Subsurface Characterization using Ensemble-based Approaches with Deep Generative Models

Estimating spatially distributed properties such as hydraulic conductivity (K) from available sparse measurements is a great challenge in subsurface characterization. However, the use of inverse modeling is limited for ill-posed, high-dimensional applications due to computational costs and poor prediction accuracy with sparse datasets. In this paper, we combine Wasserstein Generative Adversarial Network with Gradient Penalty (WGAN-GP), a deep generative model that can accurately capture complex subsurface structure, and Ensemble Smoother with Multiple Data Assimilation (ES-MDA), an ensemble-based inversion method, for accurate and accelerated subsurface characterization. WGAN-GP is trained to generate high-dimensional K fields from a low-dimensional latent space and ES-MDA then updates the latent variables by assimilating available measurements. Several subsurface examples are used to evaluate the accuracy and efficiency of the proposed method and the main features of the unknown K fields are characterized accurately with reliable uncertainty quantification. Furthermore, the estimation performance is compared with a widely-used variational, i.e., optimization-based, inversion approach, and the proposed approach outperforms the variational inversion method, especially for the channelized and fractured field examples. We explain such superior performance by visualizing the objective function in the latent space: because of nonlinear and aggressive dimension reduction via generative modeling, the objective function surface becomes extremely complex while the ensemble approximation can smooth out the multi-modal surface during the minimization. This suggests that the ensemble-based approach works well over the variational approach when combined with deep generative models at the cost of forward model runs unless convergence-ensuring modifications are implemented in the variational inversion

TILDE-Q: A Transformation Invariant Loss Function for Time-Series Forecasting

Time-series forecasting has caught increasing attention in the AI research field due to its importance in solving real-world problems across different domains, such as energy, weather, traffic, and economy. As shown in various types of data, it has been a must-see issue to deal with drastic changes, temporal patterns, and shapes in sequential data that previous models are weak in prediction. This is because most cases in time-series forecasting aim to minimize $L_p$ norm distances as loss functions, such as mean absolute error (MAE) or mean square error (MSE). These loss functions are vulnerable to not only considering temporal dynamics modeling but also capturing the shape of signals. In addition, these functions often make models misbehave and return uncorrelated results to the original time-series. To become an effective loss function, it has to be invariant to the set of distortions between two time-series data instead of just comparing exact values. In this paper, we propose a novel loss function, called TILDE-Q (Transformation Invariant Loss function with Distance EQuilibrium), that not only considers the distortions in amplitude and phase but also allows models to capture the shape of time-series sequences. In addition, TILDE-Q supports modeling periodic and non-periodic temporal dynamics at the same time. We evaluate the effectiveness of TILDE-Q by conducting extensive experiments with respect to periodic and non-periodic conditions of data, from naive models to state-of-the-art models. The experiment results indicate that the models trained with TILDE-Q outperform those trained with other training metrics (e.g., MSE, dynamic time warping (DTW), temporal distortion index (TDI), and longest common subsequence (LCSS)).Comment: 9 pages paper, 2 pages references, and 7 pages appendix. Submitted as conference paper to ICLR 202

Digestive neural networks:A novel defense strategy against inference attacks in federated learning

Federated Learning (FL) is an efficient and secure machine learning technique designed for decentralized computing systems such as fog and edge computing. Its learning process employs frequent communications as the participating local devices send updates, either gradients or parameters of their models, to a central server that aggregates them and redistributes new weights to the devices. In FL, private data does not leave the individual local devices, and thus, rendered as a robust solution in terms of privacy preservation. However, the recently introduced membership inference attacks pose a critical threat to the impeccability of FL mechanisms. By eavesdropping only on the updates transferring to the center server, these attacks can recover the private data of a local device. A prevalent solution against such attacks is the differential privacy scheme that augments a sufficient amount of noise to each update to hinder the recovering process. However, it suffers from a significant sacrifice in the classification accuracy of the FL. To effectively alleviate the problem, this paper proposes a Digestive Neural Network (DNN), an independent neural network attached to the FL. The private data owned by each device will pass through the DNN and then train the FL. The DNN modifies the input data, which results in distorting updates, in a way to maximize the classification accuracy of FL while the accuracy of inference attacks is minimized. Our simulation result shows that the proposed DNN shows significant performance on both gradient sharing- and weight sharing-based FL mechanisms. For the gradient sharing, the DNN achieved higher classification accuracy by 16.17% while 9% lower attack accuracy than the existing differential privacy schemes. For the weight sharing FL scheme, the DNN achieved at most 46.68% lower attack success rate with 3% higher classification accuracy

Applying Data Mining Methods to Understand User Interactions within Learning Management Systems: Approaches and Lessons Learned

This article describes our processes for analyzing and mining the vast records of instructor and student usage data collected by a learning management system (LMS) widely used in higher education, called Canvas. Our data were drawn from over 33,000 courses taught over three years at a mid-sized public Western U.S. university. Our processes were guided by an established data mining framework, called Knowledge Discovery and Data Mining (KDD). In particular, we use the KDD framework in guiding our application of several educational data mining (EDM) methods (prediction, clustering, and data visualization) to model student and instructor Canvas usage data, and to examine the relationship between these models and student learning outcomes. We also describe challenges and lessons learned along the way

New Non-Fullerene Acceptor with Extended Conjugation of Cyclopenta [2,1-b:3,4-b\u27] Dithiophene for Organic Solar Cells

Herein, we design and characterize 9-heterocyclic ring non-fullerene acceptors (NFAs) with the extended backbone of indacenodithiophene by cyclopenta [2,1-b:3,4-b\u27] dithiophene (CPDT). The planar conjugated CPDT donor enhances absorption by reducing vibronic transition and charge transport. Developed NFAs with different end groups shows maximum absorption at approximately 790-850 nm in film. Because of the electronegative nature of the end-group, the corresponding acceptors showed deeper LUMO energy levels and red-shifted ultraviolet absorption. We investigate the crystallinity, film morphology, surface energy, and electronic as well as photovoltaic performance. The organic photovoltaic cells using novel NFAs with the halogen end groups fluorine or chlorine demonstrate better charge collection and faster exciton dissociation than photovoltaic cells using NFAs with methyl or lacking a substituent. Photovoltaic devices constructed from m-Me-ITIC with various end groups deliver power conversion efficiencies of 3.6-11.8%