RecUP-FL: Reconciling Utility and Privacy in Federated Learning via User-configurable Privacy Defense

Federated learning (FL) provides a variety of privacy advantages by allowing clients to collaboratively train a model without sharing their private data. However, recent studies have shown that private information can still be leaked through shared gradients. To further minimize the risk of privacy leakage, existing defenses usually require clients to locally modify their gradients (e.g., differential privacy) prior to sharing with the server. While these approaches are effective in certain cases, they regard the entire data as a single entity to protect, which usually comes at a large cost in model utility. In this paper, we seek to reconcile utility and privacy in FL by proposing a user-configurable privacy defense, RecUP-FL, that can better focus on the user-specified sensitive attributes while obtaining significant improvements in utility over traditional defenses. Moreover, we observe that existing inference attacks often rely on a machine learning model to extract the private information (e.g., attributes). We thus formulate such a privacy defense as an adversarial learning problem, where RecUP-FL generates slight perturbations that can be added to the gradients before sharing to fool adversary models. To improve the transferability to un-queryable black-box adversary models, inspired by the idea of meta-learning, RecUP-FL forms a model zoo containing a set of substitute models and iteratively alternates between simulations of the white-box and the black-box adversarial attack scenarios to generate perturbations. Extensive experiments on four datasets under various adversarial settings (both attribute inference attack and data reconstruction attack) show that RecUP-FL can meet user-specified privacy constraints over the sensitive attributes while significantly improving the model utility compared with state-of-the-art privacy defenses

Reconstruction Distortion of Learned Image Compression with Imperceptible Perturbations

Learned Image Compression (LIC) has recently become the trending technique for image transmission due to its notable performance. Despite its popularity, the robustness of LIC with respect to the quality of image reconstruction remains under-explored. In this paper, we introduce an imperceptible attack approach designed to effectively degrade the reconstruction quality of LIC, resulting in the reconstructed image being severely disrupted by noise where any object in the reconstructed images is virtually impossible. More specifically, we generate adversarial examples by introducing a Frobenius norm-based loss function to maximize the discrepancy between original images and reconstructed adversarial examples. Further, leveraging the insensitivity of high-frequency components to human vision, we introduce Imperceptibility Constraint (IC) to ensure that the perturbations remain inconspicuous. Experiments conducted on the Kodak dataset using various LIC models demonstrate effectiveness. In addition, we provide several findings and suggestions for designing future defenses.Comment: 7 page

Enabling Fast and Universal Audio Adversarial Attack Using Generative Model

Recently, the vulnerability of DNN-based audio systems to adversarial attacks has obtained the increasing attention. However, the existing audio adversarial attacks allow the adversary to possess the entire user's audio input as well as granting sufficient time budget to generate the adversarial perturbations. These idealized assumptions, however, makes the existing audio adversarial attacks mostly impossible to be launched in a timely fashion in practice (e.g., playing unnoticeable adversarial perturbations along with user's streaming input). To overcome these limitations, in this paper we propose fast audio adversarial perturbation generator (FAPG), which uses generative model to generate adversarial perturbations for the audio input in a single forward pass, thereby drastically improving the perturbation generation speed. Built on the top of FAPG, we further propose universal audio adversarial perturbation generator (UAPG), a scheme crafting universal adversarial perturbation that can be imposed on arbitrary benign audio input to cause misclassification. Extensive experiments show that our proposed FAPG can achieve up to 167X speedup over the state-of-the-art audio adversarial attack methods. Also our proposed UAPG can generate universal adversarial perturbation that achieves much better attack performance than the state-of-the-art solutions.Comment: Publish on AAAI2

An Investigation of a Nonlinear Fuel Oil Viscosity and Temperature Control System for Ships

In this paper, the differential equation of the fuel oil viscosity and temperature control system was derived, according to the working processes and principles of the heating of heavy oil in ocean vessels. By analyzing the characteristics of the heat transfer model, a multi-input coupling nonlinear heat transfer model was developed, in which the temperatures at the inlet and the outlet of the heavy oil heater were used as the state variables, while the openings of the regulating valve of the mixed oil tank and the steam flow rate regulating valve of the heater were used as the control inputs. This model can be decomposed into a single-input nonlinear system and single-input second-order linear system for further investigation, and the sliding mode variable structure controller can then be solved by performing linear reductions on the nonlinear model. Finally, using KING VIKW software, experiments were performed in order to examine the controlling performances of the PID and sliding mode variable structure ( SMVS ) controller respectively. The results show that the sliding mode variable structure controller exhibits a series of superiorities, which mainly include a small overshoot, fast response and strong anti-interference capability

FANCI serve as a prognostic biomarker correlated with immune infiltrates in skin cutaneous melanoma

BackgroundAs a member of tumor, Skin cutaneous melanoma (SKCM) poses a serious threat to people’s health because of its strong malignancy. Unfortunately, effective treatment methods for SKCM remain lacking. FANCI plays a vital role in the occurrence and metastasis of various tumor types. However, its regulatory role in SKCM is unclear. The purpose of this study was to explore the association of FANCI with SKCM.MethodsThis study investigated the expression of FANCI in GSE46517, GSE15605, and GSE114445 from the Gene Expression Omnibus database and The Cancer Genome Atlas (TCGA)-SKCM datasets using the package “limma” or “DESeq2” in R environment and also investigated the prognostic significance of FANCI by utilizing the GEPIA database. Additionally, our research made use of real-time quantitative polymerase chain reaction (RT-qPCR) and immunohistochemical (IHC) staining to verify FANCI expression between SKCM and normal tissues and developed the knockdown of FANCI in A375 and A875 cells to further analyze the function of FANCI. Finally, this study analyzed the correlation of FANCI and tumor-infiltrating immune cells by CIBERSORT, ESTIMATE, and ssGSEA algorithms.ResultsThe FANCI level was increasing in SKCM tissues from GSE46517, GSE15605, GSE114445, and TCGA-SKCM. However, high FANCI expression correlated with poor overall survival. The RT-qPCR and IHC confirmed the accuracy of bioinformatics. Knocking down FANCI suppresses A375 and A875 cell proliferation, migration, and invasion. FANCI could be involved in the immunological milieu of SKCM by regulating immune responses and infiltrating numerous immune cells, particularly neutrophils, CD8+ T cells, and B cells. Furthermore, patients with SKCM who have a high FANCI expression level are reported to exhibit immunosuppression, whereas those with a low FANCI expression level are more likely to experience positive outcomes from immunotherapy.ConclusionsThe increased FANCI expression in SKCM can be a prognostic biomarker. Knockdown FANCI can reduce the occurrence and progression of SKCM. The FANCI expression provides a foundation for predicting the immune status and treatment of SKCM

Influence of helix angle on heat transfer characteristics of regenerative cooling in spiral channel

A rapid solution method for spiral line and a one-dimensional (1-D) heat transfer calculation model for spiral regenerative cooling channels (RCCs) are proposed to clarify the influence of the helix angle on the heat transfer characteristics of spiral RCCs in thrust chambers. The method based on the projection principle is characterized by a simple model and the ability to generate variable helix angles spiral line. The calculation model is characterized by high accuracy, with coolant pressure drop errors of less than 5 % coolant and coolant temperature errors of less than 20 % compared to experimental data. Utilizing the calculation model, research on the heat transfer characteristics of RCCs with varying helix angles is conducted. Results indicate that the coolant temperature rise and pressure drop increase as the helix angle increases. The peak values of the gas-side wall temperature occur at the throat and the contraction section. The throat peak value decreases with an increase in the helix angle, while the contraction section peak value increases. When the helix angle is 30°, the two peak values are close as well as the highest gas-side wall temperature is minimized. The highest wall temperature is only 1111K. The research results can provide guidance for the design and processing of spiral RCCs