1,922 research outputs found
Model Inversion Attack via Dynamic Memory Learning
Model Inversion (MI) attacks aim to recover the private training data from
the target model, which has raised security concerns about the deployment of
DNNs in practice. Recent advances in generative adversarial models have
rendered them particularly effective in MI attacks, primarily due to their
ability to generate high-fidelity and perceptually realistic images that
closely resemble the target data. In this work, we propose a novel Dynamic
Memory Model Inversion Attack (DMMIA) to leverage historically learned
knowledge, which interacts with samples (during the training) to induce diverse
generations. DMMIA constructs two types of prototypes to inject the information
about historically learned knowledge: Intra-class Multicentric Representation
(IMR) representing target-related concepts by multiple learnable prototypes,
and Inter-class Discriminative Representation (IDR) characterizing the
memorized samples as learned prototypes to capture more privacy-related
information. As a result, our DMMIA has a more informative representation,
which brings more diverse and discriminative generated results. Experiments on
multiple benchmarks show that DMMIA performs better than state-of-the-art MI
attack methods
Robust Automatic Speech Recognition via WavAugment Guided Phoneme Adversarial Training
Developing a practically-robust automatic speech recognition (ASR) is
challenging since the model should not only maintain the original performance
on clean samples, but also achieve consistent efficacy under small volume
perturbations and large domain shifts. To address this problem, we propose a
novel WavAugment Guided Phoneme Adversarial Training (wapat). wapat use
adversarial examples in phoneme space as augmentation to make the model
invariant to minor fluctuations in phoneme representation and preserve the
performance on clean samples. In addition, wapat utilizes the phoneme
representation of augmented samples to guide the generation of adversaries,
which helps to find more stable and diverse gradient-directions, resulting in
improved generalization. Extensive experiments demonstrate the effectiveness of
wapat on End-to-end Speech Challenge Benchmark (ESB). Notably, SpeechLM-wapat
outperforms the original model by 6.28% WER reduction on ESB, achieving the new
state-of-the-art
TransAudio: Towards the Transferable Adversarial Audio Attack via Learning Contextualized Perturbations
In a transfer-based attack against Automatic Speech Recognition (ASR)
systems, attacks are unable to access the architecture and parameters of the
target model. Existing attack methods are mostly investigated in voice
assistant scenarios with restricted voice commands, prohibiting their
applicability to more general ASR related applications. To tackle this
challenge, we propose a novel contextualized attack with deletion, insertion,
and substitution adversarial behaviors, namely TransAudio, which achieves
arbitrary word-level attacks based on the proposed two-stage framework. To
strengthen the attack transferability, we further introduce an audio
score-matching optimization strategy to regularize the training process, which
mitigates adversarial example over-fitting to the surrogate model. Extensive
experiments and analysis demonstrate the effectiveness of TransAudio against
open-source ASR models and commercial APIs
Topological optimization of hybrid quantum key distribution networks
With the growing complexity of quantum key distribution (QKD) network
structures, aforehand topology design is of great significance to support a
large-number of nodes over a large-spatial area. However, the exclusivity of
quantum channels, the limitation of key generation capabilities, the variety of
QKD protocols and the necessity of untrusted-relay selection, make the optimal
topology design a very complicated task. In this research, a hybrid QKD network
is studied for the first time from the perspective of topology, by analyzing
the topological differences of various QKD protocols. In addition, to make full
use of hybrid networking, an analytical model for optimal topology calculation
is proposed, to reach the goal of best secure communication service by
optimizing the deployment of various QKD devices and the selection of
untrusted-relays under a given cost limit. Plentiful simulation results show
that hybrid networking and untrusted-relay selection can bring great
performance advantages, and then the universality and effectiveness of the
proposed analytical model are verified.Comment: 12 pages, 4 figure
Traditional Chinese Herb Combined with Surgery versus Surgery for Varicocele Infertility: A Systematic Review and Meta-Analysis
Objective. The objective of this study was to conduct a systematic review to assess the effectiveness and safety of traditional Chinese herb combined with surgery for male varicocele infertility compared to surgery. Methods. Randomized controlled trials (RCTs) data of traditional Chinese herbs combined with surgery for male varicocele fertility versus surgery were collected by searching the Cochrane Library, Embase, PubMed, and Chinese databases. The risk of bias was assessed using Cochrane Handbook. Study outcomes were presented as risk ratios (RRs) for dichotomous data. Results. Seventeen of 72 potentially relevant trials met the inclusion criteria. The methodological qualities of the RCTs were low. Compared with the surgery group, the traditional Chinese herb combined with surgery group had superiority in pregnancy rate at 3-month (RR=1.76, and P=0.008), 6-month (RR=1.58, and P=0.0005), and 2-year (RR=1.58, and P=0.0005) follow-ups. No RCT was found to describe the side effects. Conclusion. On considering the low methodological quality of RCTs, there was no enough evidence on traditional Chinese herb with surgery for male varicocele infertility, and more high-quality RCTs of large sample sizes are required
Enhance the Visual Representation via Discrete Adversarial Training
Adversarial Training (AT), which is commonly accepted as one of the most
effective approaches defending against adversarial examples, can largely harm
the standard performance, thus has limited usefulness on industrial-scale
production and applications. Surprisingly, this phenomenon is totally opposite
in Natural Language Processing (NLP) task, where AT can even benefit for
generalization. We notice the merit of AT in NLP tasks could derive from the
discrete and symbolic input space. For borrowing the advantage from NLP-style
AT, we propose Discrete Adversarial Training (DAT). DAT leverages VQGAN to
reform the image data to discrete text-like inputs, i.e. visual words. Then it
minimizes the maximal risk on such discrete images with symbolic adversarial
perturbations. We further give an explanation from the perspective of
distribution to demonstrate the effectiveness of DAT. As a plug-and-play
technique for enhancing the visual representation, DAT achieves significant
improvement on multiple tasks including image classification, object detection
and self-supervised learning. Especially, the model pre-trained with Masked
Auto-Encoding (MAE) and fine-tuned by our DAT without extra data can get 31.40
mCE on ImageNet-C and 32.77% top-1 accuracy on Stylized-ImageNet, building the
new state-of-the-art. The code will be available at
https://github.com/alibaba/easyrobust.Comment: Accepted to NeurIPS 2022, https://github.com/alibaba/easyrobus
3,3′-[(tert-Butoxycarbonyl)azanediyl]dipropanoic acid
The title compound, C11H19NO6, is an important intermediate for the synthesis of cephalosporin derivatives. The N atom is in a planar configuration. In the crystal, molecules are linked into zigzag layers parallel to (100) by O—H⋯O hydrogen bonds
Adjuvant TACE may not improve recurrence-free or overall survival in HCC patients with low risk of recurrence after hepatectomy
BackgroundTo identify whether adjuvant transarterial chemoembolization (TACE) can improve prognosis in HCC patients with a low risk of recurrence (tumor size ≤ 5 cm, single nodule, no satellites, and no microvascular or macrovascular invasions) after hepatectomy.MethodsThe data of 489 HCC patients with a low risk of recurrence after hepatectomy from Shanghai Cancer Center (SHCC) and Eastern Hepatobiliary Surgery Hospital (EHBH) were retrospectively reviewed. Recurrence-free survival (RFS) and overall survival (OS) were analyzed with Kaplan-Meier curves and Cox proportional hazards regression models. The effects of selection bias and confounding factors were balanced using propensity score matching (PSM).ResultsIn the SHCC cohort, 40 patients (19.9%, 40/201) received adjuvant TACE, and in the EHBH cohort, 113 patients (46.2%, 133/288) received adjuvant TACE. Compared to the patients without adjuvant TACE after hepatectomy, patients receiving adjuvant TACE had significantly shorter RFS (P=0.022; P=0.014) in both cohorts before PSM. However, no significant difference existed in OS (P=0.568; P=0.082). Multivariate analysis revealed that serum alkaline phosphatase and adjuvant TACE were independent prognostic factors for recurrence in both cohorts. Furthermore, significant differences existed in tumor size between the adjuvant TACE and non-adjuvant TACE groups in the SHCC cohort. There were differences in transfusion, Barcelona Clinic Liver Cancer stage and tumor-node-metastasis stage in the EHBH cohort. These factors were balanced by PSM. After PSM, patients with adjuvant TACE after hepatectomy still had significantly shorter RFS than those without (P=0.035; P=0.035) in both cohorts, but there was no difference in OS (P=0.638; P=0.159). Adjuvant TACE was the only independent prognostic factor for recurrence in multivariate analysis, with hazard ratios of 1.95 and 1.57.ConclusionsAdjuvant TACE may not improve long-term survival and might promote postoperative recurrence in HCC patients with a low risk of recurrence after hepatectomy
- …