Modeling of Dust Emission in Northwest China

Chinese Academy of SciencesPromoting Environmental Pesearch in Pan-Japan Sea Area : Young Researchers\u27 Network, Schedule: March 8-10,2006,Kanazawa Excel Hotel Tokyu, Japan, Organized by: Kanazawa University 21st-Century COE Program, Environmental Monitoring and Prediction of Long- & Short- Term Dynamics of Pan-Japan Sea Area ; IICRC(Ishikawa International Cooperation Research Centre), Sponsors : Japan Sea Research ; UNU-IAS(United Nations University Institute of Advanced Studies)+Ishikawa Prefecture Government ; City of Kanazaw

Enhancing Fine-Tuning Based Backdoor Defense with Sharpness-Aware Minimization

Backdoor defense, which aims to detect or mitigate the effect of malicious triggers introduced by attackers, is becoming increasingly critical for machine learning security and integrity. Fine-tuning based on benign data is a natural defense to erase the backdoor effect in a backdoored model. However, recent studies show that, given limited benign data, vanilla fine-tuning has poor defense performance. In this work, we provide a deep study of fine-tuning the backdoored model from the neuron perspective and find that backdoorrelated neurons fail to escape the local minimum in the fine-tuning process. Inspired by observing that the backdoorrelated neurons often have larger norms, we propose FTSAM, a novel backdoor defense paradigm that aims to shrink the norms of backdoor-related neurons by incorporating sharpness-aware minimization with fine-tuning. We demonstrate the effectiveness of our method on several benchmark datasets and network architectures, where it achieves state-of-the-art defense performance. Overall, our work provides a promising avenue for improving the robustness of machine learning models against backdoor attacks

Boosting Backdoor Attack with A Learnable Poisoning Sample Selection Strategy

Data-poisoning based backdoor attacks aim to insert backdoor into models by manipulating training datasets without controlling the training process of the target model. Existing attack methods mainly focus on designing triggers or fusion strategies between triggers and benign samples. However, they often randomly select samples to be poisoned, disregarding the varying importance of each poisoning sample in terms of backdoor injection. A recent selection strategy filters a fixed-size poisoning sample pool by recording forgetting events, but it fails to consider the remaining samples outside the pool from a global perspective. Moreover, computing forgetting events requires significant additional computing resources. Therefore, how to efficiently and effectively select poisoning samples from the entire dataset is an urgent problem in backdoor attacks.To address it, firstly, we introduce a poisoning mask into the regular backdoor training loss. We suppose that a backdoored model training with hard poisoning samples has a more backdoor effect on easy ones, which can be implemented by hindering the normal training process (\ie, maximizing loss \wrt mask). To further integrate it with normal training process, we then propose a learnable poisoning sample selection strategy to learn the mask together with the model parameters through a min-max optimization.Specifically, the outer loop aims to achieve the backdoor attack goal by minimizing the loss based on the selected samples, while the inner loop selects hard poisoning samples that impede this goal by maximizing the loss. After several rounds of adversarial training, we finally select effective poisoning samples with high contribution. Extensive experiments on benchmark datasets demonstrate the effectiveness and efficiency of our approach in boosting backdoor attack performance

Memristive Non-Volatile Memory Based on Graphene Materials

Resistive random access memory (RRAM), which is considered as one of the most promising next-generation non-volatile memory (NVM) devices and a representative of memristor technologies, demonstrated great potential in acting as an artificial synapse in the industry of neuromorphic systems and artificial intelligence (AI), due its advantages such as fast operation speed, low power consumption, and high device density. Graphene and related materials (GRMs), especially graphene oxide (GO), acting as active materials for RRAM devices, are considered as a promising alternative to other materials including metal oxides and perovskite materials. Herein, an overview of GRM-based RRAM devices is provided, with discussion about the properties of GRMs, main operation mechanisms for resistive switching (RS) behavior, figure of merit (FoM) summary, and prospect extension of GRM-based RRAM devices. With excellent physical and chemical advantages like intrinsic Young’s modulus (1.0 TPa), good tensile strength (130 GPa), excellent carrier mobility (2.0 × 105 cm2∙V−1∙s−1), and high thermal (5000 Wm−1∙K−1) and superior electrical conductivity (1.0 × 106 S∙m−1), GRMs can act as electrodes and resistive switching media in RRAM devices. In addition, the GRM-based interface between electrode and dielectric can have an effect on atomic diffusion limitation in dielectric and surface effect suppression. Immense amounts of concrete research indicate that GRMs might play a significant role in promoting the large-scale commercialization possibility of RRAM devices

Effect of Annealing Temperature for Ni/AlOx/Pt RRAM Devices Fabricated with Solution-Based Dielectric

Resistive random access memory (RRAM) devices with Ni/AlOx/Pt-structure were manufactured by deposition of a solution-based aluminum oxide (AlOx) dielectric layer which was subsequently annealed at temperatures from 200 °C to 300 °C, in increments of 25 °C. The devices displayed typical bipolar resistive switching characteristics. Investigations were carried out on the effect of different annealing temperatures for associated RRAM devices to show that performance was correlated with changes of hydroxyl group concentration in the AlOx thin films. The annealing temperature of 250 °C was found to be optimal for the dielectric layer, exhibiting superior performance of the RRAM devices with the lowest operation voltage (104), the narrowest resistance distribution, the longest retention time (>104 s) and the most endurance cycles (>150)