MeaeQ: Mount Model Extraction Attacks with Efficient Queries

We study model extraction attacks in natural language processing (NLP) where attackers aim to steal victim models by repeatedly querying the open Application Programming Interfaces (APIs). Recent works focus on limited-query budget settings and adopt random sampling or active learning-based sampling strategies on publicly available, unannotated data sources. However, these methods often result in selected queries that lack task relevance and data diversity, leading to limited success in achieving satisfactory results with low query costs. In this paper, we propose MeaeQ (Model extraction attack with efficient Queries), a straightforward yet effective method to address these issues. Specifically, we initially utilize a zero-shot sequence inference classifier, combined with API service information, to filter task-relevant data from a public text corpus instead of a problem domain-specific dataset. Furthermore, we employ a clustering-based data reduction technique to obtain representative data as queries for the attack. Extensive experiments conducted on four benchmark datasets demonstrate that MeaeQ achieves higher functional similarity to the victim model than baselines while requiring fewer queries. Our code is available at https://github.com/C-W-D/MeaeQ.Comment: Accepted by EMNLP 2023 main conferenc

Assessing the Impact of Nightlight Gradients on Street Robbery and Burglary in Cincinnati of Ohio State, USA

Previous research has recognized the importance of edges to crime. Various scholars have explored how one specific type of edges such as physical edges or social edges affect crime, but rarely investigated the importance of the composite edge effect. To address this gap, this study introduces nightlight data from the Visible Infrared Imaging Radiometer Suite sensor on the Suomi National Polar-orbiting Partnership Satellite (NPP-VIIRS) to measure composite edges. This study defines edges as nightlight gradients—the maximum change of nightlight from a pixel to its neighbors. Using nightlight gradients and other control variables at the tract level, this study applies negative binomial regression models to investigate the effects of edges on the street robbery rate and the burglary rate in Cincinnati. The Akaike Information Criterion (AIC) of models show that nightlight gradients improve the fitness of models of street robbery and burglary. Also, nightlight gradients make a positive impact on the street robbery rate whilst a negative impact on the burglary rate, both of which are statistically significant under the alpha level of 0.05. The different impacts on these two types of crimes may be explained by the nature of crimes and the in-situ characteristics, including nightlight

FHEmem: A Processing In-Memory Accelerator for Fully Homomorphic Encryption

Fully Homomorphic Encryption (FHE) is a technique that allows arbitrary computations to be performed on encrypted data without the need for decryption, making it ideal for securing many emerging applications. However, FHE computation is significantly slower than computation on plain data due to the increase in data size after encryption. Processing In-Memory (PIM) is a promising technology that can accelerate data-intensive workloads with extensive parallelism. However, FHE is challenging for PIM acceleration due to the long-bitwidth multiplications and complex data movements involved. We propose a PIM-based FHE accelerator, FHEmem, which exploits a novel processing in-memory architecture to achieve high-throughput and efficient acceleration for FHE. We propose an optimized end-to-end processing flow, from low-level hardware processing to high-level application mapping, that fully exploits the high throughput of FHEmem hardware. Our evaluation shows FHEmem achieves significant speedup and efficiency improvement over state-of-the-art FHE accelerators

Antifungal active ingredient from the twigs and leaves of Clausena lansium Lour. Skeels (Rutaceae)

Two novel amides, named clauphenamides A and B, and twelve other known compounds were isolated from the twigs and leaves of Clausena lansium Lour. Skeels (Rutaceae). Their structures were elucidated on the basis of extensive spectroscopic analysis and comparison with data reported in the literature. Clauphenamide A (1) featured in the unit of N-2-(4,8-dimethoxyfuro [2,3-b]quinolin-7-yl)vinyl, and clauphenamide B (2) was a unprecedented N-phenethyl cinnamide dimer. Other known compounds belong to pyrrolidone amides (3 and 4), furacoumarins (7–10), simple coumarins (11–14), lignan (5) and sesquiterpene (6). Compounds 5, 6, 10 and 12 were separated from the genus (Clausena) for the first time, while 13 was isolated in the species (C. lansium) for the first time. The antifungal activities of the isolated compounds were assayed. As a result, at the concentration of 100 μg/ml, compared with the control (chlorothalonil, inhibition rate of 83.67%), compounds 1 and 2 were found to exhibit moderate antifungal activity against B. dothidea with inhibition rates of 68.39% and 52.05%, respectively. Compounds 11–14 also exhibited moderate activity against B. dothidea and F. oxysporum, with inhibition rates greater than 40%. In addition, compared with the control (chlorothalonil, inhibition rate of 69.02%), compounds 11–14 showed strong antifungal activity to P. oryzae, with inhibition rates greater than 55%. Among them, compound 14 has the strongest antifungal activity against P. oryzae, and the inhibition rate (65.44%) is close to that of the control chlorothalonil. Additionally, the structure-activity relationships of the separated compounds are also discussed preliminarily in this paper

Software-Hardware Co-design for Processing In-Memory Accelerators

The explosive increase in data volume in emerging applications poses grand challenges to computing systems because the bandwidth between compute and memory cannot keep up with exploding data volumes. Processing in memory (PIM) is a promising technology to solve this memory problem by performing some key operations directly in and near memory. There remain several challenges in fully unleashing the power of PIM. Such challenges come from both the software and the hardware sides. On the software side, PIM requires that each operation happens where the data is. As a result, we need to first find the optimal data layout for each application, prior to running it in PIM. On the hardware side, due to the limited functionality of PIM operations, PIM acceleration may require customized logic to achieve high performance. Software-hardware co-design plays a critical role in order to fully exploit PIM acceleration. There are a number of challenges to PIM-based software-hardware co-design. First, software mapping (data layout) in PIM architecture has an extremely large design space. Second, the hardware customization should have minimum overhead to maximize memory capacity. This thesis presents several novel techniques for PIM software-hardware co-design. To tackle the challenges of mapping applications to PIM architecture, this thesis proposes a PIM data layout framework that efficiently optimizes data layout of widely-used machine learning (ML) operators onto general PIM architectures. This thesis also presents the software-hardware co-design for both conventional and non-convolution ML models using PIM architecture. The presented optimizations provide at least 3.7× speedup over conventional PIM acceleration methods. Finally, this thesis proposes a software-hardware co-design for fully homomorphic encryption, which is a challenging and critical application in cryptography, resulting in 30× speedup and energy efficiency over the existing PIM solutions. The target applications in this thesis cover a wide range of challenging operations and data transfer patterns needed for various emerging computing tasks, shedding light on the software-hardware co-design for future systems with PIM acceleration

How Is the Confidentiality of Crime Locations Affected by Parameters in Kernel Density Estimation?

Kernel density estimation (KDE) is widely adopted to show the overall crime distribution and at the same time obscure exact crime locations due to the confidentiality of crime data in many countries. However, the confidential level of crime locational information in the KDE map has not been systematically investigated. This study aims to examine whether a kernel density map could be reverse-transformed to its original map with discrete crime locations. Using the Epanecknikov kernel function, a default setting in ArcGIS for density mapping, the transformation from a density map to a point map was conducted with various combinations of parameters to examine its impact on the deconvolution process (density to point location). Results indicate that if the bandwidth parameter (search radius) in the original convolution process (point to density) was known, the original point map could be fully recovered by a deconvolution process. Conversely, when the parameter was unknown, the deconvolution process would be unable to restore the original point map. Experiments on four different point maps—a random point distribution, a simulated monocentric point distribution, a simulated polycentric point distribution, and a real crime location map—show consistent results. Therefore, it can be concluded that the point location of crime events cannot be restored from crime density maps as long as parameters such as the search radius parameter in the density mapping process remain confidential

Experimental Study on SiO₂ Nanoparticles-Assisted Alpha-Olefin Sulfonate Sodium (AOS) and Hydrolyzed Polyacrylamide (HPAM) Synergistically Enhanced Oil Recovery

The purpose of this study is to investigate the use of SiO2 nanoparticles in assisting with surfactants and polymers for tertiary oil recovery, with the aim of enhancing oil recovery. The article characterizes the performance of SiO2 nanoparticles, including particle size, dispersion stability, and zeta potential, evaluates the synergistic effects of nanoparticles with alpha-olefin sulfonate sodium (AOS) surfactants and hydrolyzed polyacrylamide (HPAM) on reducing interfacial tension and altering wettability, and conducts core flooding experiments in rock cores with varying permeabilities. The findings demonstrate that the particle size decreased from 191 nm to 125 nm upon the addition of SiO2 nanoparticles to AOS surfactant, but increased to 389 nm upon the addition of SiO2 nanoparticles to HPAM. The dispersibility experiment showed that the SiO2 nanoparticle solution did not precipitate over 10 days. After adding 0.05% SiO2 nanoparticles to AOS surfactant, the zeta potential was −40.2 mV, while adding 0.05% SiO2 nanoparticles to 0.1% HPAM resulted in a decrease in the zeta potential to −25.03. The addition of SiO2 nanoparticles to AOS surfactant further reduced the IFT value to 0.19 mN/m, altering the rock wettability from oil-wet to strongly water-wet, with the contact angle decreasing from 110° to 18°. In low-permeability rock core oil displacement experiments, the use of AOS surfactants and HPAM for enhanced oil recovery increased the recovery rate by 24.5% over water flooding. The recovery rate increased by 21.6% over water flooding in low-permeability rock core experiments after SiO2 nanoparticles were added and surfactants and polymers were utilized for oil displacement. This is because the nanoparticles blocked small pore throats, resulting in increased resistance and hindered free fluid flow. The main causes of this plugging are mutual interference and mechanical entrapment, which cause the pressure differential to rise quickly. In high-permeability rock core oil displacement experiments, the use of AOS surfactants and HPAM for oil recovery increased the recovery rate by 34.6% over water flooding. Additionally, the recovery rate increased by 39.4% over water flooding with the addition of SiO2 nanoparticles and the use of AOS surfactants and HPAM for oil displacement. Because SiO2 nanoparticles create wedge-shaped structures inside highly permeable rock cores, they create structural separation pressure, which drives crude oil forward and aids in diffusion. This results in a comparatively small increase in pressure differential. Simultaneously, the nanoparticles change the rock surfaces’ wettability, which lowers the amount of crude oil that adsorbs and improves oil recovery

Massively Parallel Big Data Classification on a Programmable Processing In-Memory Architecture

With the emergence of Internet of Things, massive data created in the world pose huge technical challenges for efficient processing. Processing in-memory (PIM) technology has been widely investigated to overcome expensive data movements between processors and memory bloclcs. However, existing PIM designs incur large area overhead to enable computing capability via additional near-data processing cores and analog/mixed signal circuits. In this paper, we propose a new massively-parallel processing in-memory (PIM) architecture, called CHOIR, based on emerging nonvolatile memory technology for big data classification. Unlike existii PIM designs which demand large analog/mixed signal circuits, we support the parallel PIM instructions for conditional and arithmetic operations in an area-efficient way. As a result, the classification solution performs both training and testing on the PIM architecture by fully utilizing the massive parallelism. Our design significantly improves the performance and energy áfidency of the classification tasks by 123 x and 52 x respectively as compared to the state-of-the-art tree boosting library running on GPU. ©2021 IEE