12,209 research outputs found
Adversarial Sample Detection for Deep Neural Network through Model Mutation Testing
Deep neural networks (DNN) have been shown to be useful in a wide range of
applications. However, they are also known to be vulnerable to adversarial
samples. By transforming a normal sample with some carefully crafted human
imperceptible perturbations, even highly accurate DNN make wrong decisions.
Multiple defense mechanisms have been proposed which aim to hinder the
generation of such adversarial samples. However, a recent work show that most
of them are ineffective. In this work, we propose an alternative approach to
detect adversarial samples at runtime. Our main observation is that adversarial
samples are much more sensitive than normal samples if we impose random
mutations on the DNN. We thus first propose a measure of `sensitivity' and show
empirically that normal samples and adversarial samples have distinguishable
sensitivity. We then integrate statistical hypothesis testing and model
mutation testing to check whether an input sample is likely to be normal or
adversarial at runtime by measuring its sensitivity. We evaluated our approach
on the MNIST and CIFAR10 datasets. The results show that our approach detects
adversarial samples generated by state-of-the-art attacking methods efficiently
and accurately.Comment: Accepted by ICSE 201
Improving the security of quantum direct communication with authentication
Two protocols of quantum direct communication with authentication [Phys. Rev.
A {\bf 73}, 042305 (2006)] are recently proposed by Lee, Lim and Yang. In this
paper we will show that in the two protocols the authenticator Trent should be
prevented from knowing the secret message of communication. The first protocol
can be eavesdropped by Trent using the the intercept-measure-resend attack,
while the second protocol can be eavesdropped by Trent using single-qubit
measurement. To fix these leaks, I revise the original versions of the
protocols by using the Pauli-Z operation instead of the original
bit-flip operation . As a consequence, the protocol securities are improved.Comment: Any suggestion,comment or help is welcome
Super-resolution image transfer by a vortex-like metamaterial
We propose a vortex-like metamaterial device that is capable of transferring
image along a spiral route without losing subwavelength information of the
image. The super-resolution image can be guided and magnified at the same time
with one single design. Our design may provide insights in manipulating
super-resolution image in a more flexible manner. Examples are given and
illustrated with numerical simulations.Comment: 7 pages, 6 figure
Plane waves in thermoelasticity with one relaxation time
We apply the thermoelastic equations with one relaxation time developed by Lord and Shulman (1967) to solve some elastic half-space problems. Laplace transform is used to find the general solution. Problems concerning the ramp-type increase in boundary temperature and stress are studied in detail. Explicit expressions for temperature and stress are obtained for small values of time, where second sound phenomena are of relevance. Numerical values of stress and temperature are calculated and displayed graphically
- …