Generated Distributions Are All You Need for Membership Inference Attacks Against Generative Models

Generative models have demonstrated revolutionary success in various visual creation tasks, but in the meantime, they have been exposed to the threat of leaking private information of their training data. Several membership inference attacks (MIAs) have been proposed to exhibit the privacy vulnerability of generative models by classifying a query image as a training dataset member or nonmember. However, these attacks suffer from major limitations, such as requiring shadow models and white-box access, and either ignoring or only focusing on the unique property of diffusion models, which block their generalization to multiple generative models. In contrast, we propose the first generalized membership inference attack against a variety of generative models such as generative adversarial networks, [variational] autoencoders, implicit functions, and the emerging diffusion models. We leverage only generated distributions from target generators and auxiliary non-member datasets, therefore regarding target generators as black boxes and agnostic to their architectures or application scenarios. Experiments validate that all the generative models are vulnerable to our attack. For instance, our work achieves attack AUC $>0.99$ against DDPM, DDIM, and FastDPM trained on CIFAR-10 and CelebA. And the attack against VQGAN, LDM (for the text-conditional generation), and LIIF achieves AUC $>0.90.$ As a result, we appeal to our community to be aware of such privacy leakage risks when designing and publishing generative models

Graph Neural Network for spatiotemporal data: methods and applications

In the era of big data, there has been a surge in the availability of data containing rich spatial and temporal information, offering valuable insights into dynamic systems and processes for applications such as weather forecasting, natural disaster management, intelligent transport systems, and precision agriculture. Graph neural networks (GNNs) have emerged as a powerful tool for modeling and understanding data with dependencies to each other such as spatial and temporal dependencies. There is a large amount of existing work that focuses on addressing the complex spatial and temporal dependencies in spatiotemporal data using GNNs. However, the strong interdisciplinary nature of spatiotemporal data has created numerous GNNs variants specifically designed for distinct application domains. Although the techniques are generally applicable across various domains, cross-referencing these methods remains essential yet challenging due to the absence of a comprehensive literature review on GNNs for spatiotemporal data. This article aims to provide a systematic and comprehensive overview of the technologies and applications of GNNs in the spatiotemporal domain. First, the ways of constructing graphs from spatiotemporal data are summarized to help domain experts understand how to generate graphs from various types of spatiotemporal data. Then, a systematic categorization and summary of existing spatiotemporal GNNs are presented to enable domain experts to identify suitable techniques and to support model developers in advancing their research. Moreover, a comprehensive overview of significant applications in the spatiotemporal domain is offered to introduce a broader range of applications to model developers and domain experts, assisting them in exploring potential research topics and enhancing the impact of their work. Finally, open challenges and future directions are discussed

EOS workshop

Particle physics computing model has a kind of high statistical calculation, such applications need to access a large amount of data for analysis, the data I/O capability is very high requirements.For example, the LHAASO experiment generates trillions of events each year, and the large raw data needs to be decode to encode and mark before it can be analyzed. In this process, very high I/O bandwidth is required, otherwise an I/O bottleneck will form.When using the EOS file system, the user cannot know the physical storage location of the file, and when the user needs to access the file, it needs to search the MGM, transfer the file from the FST to the client, and the client provides the target file to the user.In this process, if the user needs to perform such IO intensive operations as mentioned above, there are two limitations on I/O bandwidth, one is the storage node's hard disk read and write efficiency, the other is the network bandwidth between the FST and the client.In this case, if the data storage unit and the computing unit can be integrated into one, the data handling can be significantly reduced, and the parallelism and energy efficiency of computing can be greatly improved.Currently, the potential of this kind of integrated memory and computing storage is attracting the attention of many companies and standards bodies.SNIA has formed a working group to establish standards for interoperability between computable storage devices, and the OpenFog Consortium is also working on standards for computable storage. Therefore, we propose a scheme to implement local server computation on EOS system based on Xrootd plug-in.Flags can be added after a file is accessed when a user needs to use computable storage.After receiving the access request, the client will forward the request to the FST where the file is located and perform the default decode calculation in the background on the FST.After testing, we found that using this method to simultaneously decode 10 1G raw files stored on the same FST can save about 45.9% of the time compared to the traditional method.The next work plan is to sink the computable module onto the hard disk to reduce the CPU consumption of the FST, and to customize the acceleration module on the hardware to increase the speed of the computation

The Relationship between Microstructure and Fracture Behavior of TiAl/Ti₂AlNb SPDB Joint with High Temperature Titanium Alloy Interlayers

In this paper, spark plasma diffusion bonding technology was employed to join TiAl and Ti2AlNb with high temperature titanium alloy interlayer at 950 °C/10kN/60 min, then following furnace cooling at cooling rate up to 100 °C/min. After welding, the joint was aging heat-treated at 800 °C for 24 h. The microstructure and the elements diffusion of the TiAl/Ti2AlNb joint was analyzed by field emission scanning electron microscopy (FESEM) with EDS. Moreover, the tensile properties of the joint were tested at room temperature, 650 °C, and 750 °C. The results show that the spark plasma diffusion bonding formed a high quality TiAl/Ti2AlNb joint without microcracks or microvoids, while also effectively protecting the base metal. Significant differences in the microstructure of the joint appeared from TiAl side to Ti2AlNb side: TiAl BM (Base Metal) → DP(Duplex) and NG (Near-Gamma) → α2-phase matrix with needle-like α-phase → bulk α2-phase → needle-like α-phase → metastable β-phase → Ti2AlNb BM. After heat treatment at 800 °C for 24 h, the microstructure of the TiAl side and the interlayer region did not change, but the density and size of the needle-like α-phase in region 3 increased slightly. The microstructure of Ti2AlNb near the weld changed obviously, and a large number of fine O phases are precipitated from the metastable β phase matrix after heat treatment. Except for the Ti2AlN near-interface region, the effect of heat treatment on the microstructure of the joint is not significant. The microhardness of the joint is in the shape of a mountain peak. The maximum microhardness at the interface is above 500 HV, and it is significantly reduced to 400 HV after heat treatment. The fracture of the joint occurred at the interface at room temperature, 650 °C, and 750 °C. with the tensile strength 450 MPa, 540 MPa, and 471 Mpa, respectively, and mainly showing brittle fracture

Membership Inference Attacks Against Recommender Systems

Recently, recommender systems have achieved promising performances and become one of the most widely used web applications. However, recommender systems are often trained on highly sensitive user data, thus potential data leakage from recommender systems may lead to severe privacy problems. In this paper, we make the first attempt on quantifying the privacy leakage of recommender systems through the lens of membership inference. In contrast with traditional membership inference against machine learning classifiers, our attack faces two main differences. First, our attack is on the user-level but not on the data sample-level. Second, the adversary can only observe the ordered recommended items from a recommender system instead of prediction results in the form of posterior probabilities. To address the above challenges, we propose a novel method by representing users from relevant items. Moreover, a shadow recommender is established to derive the labeled training data for training the attack model. Extensive experimental results show that our attack framework achieves a strong performance. In addition, we design a defense mechanism to effectively mitigate the membership inference threat of recommender systems

Porting the EOS from X86 (Intel) to aarch64 (ARM) architecture

With the advancement of many large HEP experiments, the amount of data that needs to be processed and stored has increased significantly, so we must upgrade computing resources and improve the performance of storage software. This article discusses porting the EOS software from the x86_64 architecture to the aarch64 architecture, with the aim of finding a more cost-effective storage solution. In the process of porting, the biggest challenge is that many dependent packages do not have aarch64 version and need to be compiled by ourselves, and the assembly part of the software code also needs to be adjusted accordingly. Despite these challenges, we have successfully ported the EOS code to the aarch64. This article discusses the current status and plans for the software port as well as performance testing after porting

Error analysis on assembly and alignment of laser optical unit

As one of largest optical units used in high-power laser inertial confinement fusion facility, the large-aperture transport mirror’s misalignment error can have a very negative impact on the targeting performance of laser beams. In this article, we have carried out a fundamental analysis on the mounting and misalignment errors of transport mirror. An integrated simulated assembly station is proposed to align the mirror precisely, and the design of transport mirror unit is optimized to satisfy the stringent specifications. Finally, methods that integrated theoretical modeling, numerical simulation, and field experiments are used to evaluate the mirror’s alignment, and the results indicate a more robust and precise alignment performance of new design

Data from: Generation of a monoclonal antibody recognizing the heavily glycosylated CD45 Protein and its application on identifying circulating tumor cells

Here, we provide direct evidence that using recombinant proteins expressed in eukaryotic cells as antigen is a practical way to generate monoclonal antibodies (mAbs) against heavily glycosylated proteins. Heavily glycosylated proteins are typically difficult targets for mAb generation, being limited by unsatisfactory affinity and low specificity. Using the heavily glycosylated CD45 protein as an example, we demonstrate the entire process of expressing the protein in eukaryotic cells and using it as an antigen to generate CD45-targeting mAbs in mice. The mAbs generated showed robust affinity and specificity, which are crucial factors for differentiate circulating tumor cells from white blood cells in human breast cancer patient samples. Only 1 cell fusion and 2 cyclic sub-cloning steps were necessary before mAbs with satisfactory performance were obtained