37 research outputs found
Launching a Robust Backdoor Attack under Capability Constrained Scenarios
As deep neural networks continue to be used in critical domains, concerns
over their security have emerged. Deep learning models are vulnerable to
backdoor attacks due to the lack of transparency. A poisoned backdoor model may
perform normally in routine environments, but exhibit malicious behavior when
the input contains a trigger. Current research on backdoor attacks focuses on
improving the stealthiness of triggers, and most approaches require strong
attacker capabilities, such as knowledge of the model structure or control over
the training process. These attacks are impractical since in most cases the
attacker's capabilities are limited. Additionally, the issue of model
robustness has not received adequate attention. For instance, model
distillation is commonly used to streamline model size as the number of
parameters grows exponentially, and most of previous backdoor attacks failed
after model distillation; the image augmentation operations can destroy the
trigger and thus disable the backdoor. This study explores the implementation
of black-box backdoor attacks within capability constraints. An attacker can
carry out such attacks by acting as either an image annotator or an image
provider, without involvement in the training process or knowledge of the
target model's structure. Through the design of a backdoor trigger, our attack
remains effective after model distillation and image augmentation, making it
more threatening and practical. Our experimental results demonstrate that our
method achieves a high attack success rate in black-box scenarios and evades
state-of-the-art backdoor defenses.Comment: 9 pages, 6 figure
Detection of Hepatitis B virus in serum and liver of chickens
Hepatitis B virus (HBV) is one of the most important human pathogens. Its existence in food animals could present a significant threat to public health. The objective of this study was to determine if HBV is present in serum and liver of chickens. A total of 129 serum samples from broiler chickens were collected for the detection of HBV antigens and antibodies, and 193 liver samples were tested for HBV DNA sequence by PCR and for the existence of HBV antigens by immunohistochemistry. The overall prevalence of HBsAg, anti-HBs, anti-HBc was 28.68%, 53.49%, 17.05%, respectively, whereas HBeAg, anti-HBe were barely detectable. Three serum samples were found to be positive for both HBsAg and HBeAg. Further analysis of these samples with transmission electron microscopy (TEM) revealed two morphologic particles with 20 nm and 40 nm in diameter, which were similar to small spherical and Danes particles of HBV. The viral DNA sequence identified in two of the chicken livers shared 92.2% of one known HBV strain and 97.9% nucleotide sequence of another HBV strain. Our results showed the existence of HBV in chickens. This would present a significant risk to people who work with live chickens or chicken products if HBV found in chicken could be confirmed to be the same as human HBV
A Robust Adversarial Example Attack Based on Video Augmentation
Despite the success of learning-based systems, recent studies have highlighted video adversarial examples as a ubiquitous threat to state-of-the-art video classification systems. Video adversarial attacks add subtle noise to the original example, resulting in a false classification result. Thorough studies on how to generate video adversarial examples are essential to prevent potential attacks. Despite much research on this, existing research works on the robustness of video adversarial examples are still limited. To generate highly robust video adversarial examples, we propose a video-augmentation-based adversarial attack (v3a), focusing on the video transformations to reinforce the attack. Further, we investigate different transformations as parts of the loss function to make the video adversarial examples more robust. The experiment results show that our proposed method outperforms other adversarial attacks in terms of robustness. We hope that our study encourages a deeper understanding of adversarial robustness in video classification systems with video augmentation
Multiagent Reinforcement Learning Dynamic Spectrum Access in Cognitive Radios
A multiuser independent Q-learning method which does not need information interaction is proposed for multiuser dynamic spectrum accessing in cognitive radios. The method adopts self-learning paradigm, in which each CR user performs reinforcement learning only through observing individual performance reward without spending communication resource on information interaction with others. The reward is defined suitably to present channel quality and channel conflict status. The learning strategy of sufficient exploration, preference for good channel, and punishment for channel conflict is designed to implement multiuser dynamic spectrum accessing. In two users two channels scenario, a fast learning algorithm is proposed and the convergence to maximal whole reward is proved. The simulation results show that, with the proposed method, the CR system can obtain convergence of Nash equilibrium with large probability and achieve great performance of whole reward
A Robust Adversarial Example Attack Based on Video Augmentation
Despite the success of learning-based systems, recent studies have highlighted video adversarial examples as a ubiquitous threat to state-of-the-art video classification systems. Video adversarial attacks add subtle noise to the original example, resulting in a false classification result. Thorough studies on how to generate video adversarial examples are essential to prevent potential attacks. Despite much research on this, existing research works on the robustness of video adversarial examples are still limited. To generate highly robust video adversarial examples, we propose a video-augmentation-based adversarial attack (v3a), focusing on the video transformations to reinforce the attack. Further, we investigate different transformations as parts of the loss function to make the video adversarial examples more robust. The experiment results show that our proposed method outperforms other adversarial attacks in terms of robustness. We hope that our study encourages a deeper understanding of adversarial robustness in video classification systems with video augmentation
Recommended from our members
Artificial intelligence in breast MRI radiogenomics: towards accurate prediction of neoadjuvant chemotherapy responses
Neoadjuvant Chemotherapy (NAC) in breast cancer patients has considerable prognostic and treatment potential and can be tailored to individual patients as part of precision medicine protocols. This work reviews recent advances in artificial intelligence so as to enable the use of radiogeomics for the accurate NAC analysis and prediction. The work addresses a new problem in radiogenomics mining: How to combine structural radiomics information and non-structural genomics information for accurate NAC prediction. This requires the automated extraction of parameters from structural breast radiomics data, and finding non-structural feature vectors with diagnostic value, which then are combined with genomics data acquired from exocrine bodies in blood samples from a cohort of cancer patients to enable accurate NAC prediction. A self-attention-based deep learning approach along with an effective multi-channel tumour image reconstruction algorithm of high dimensionality is proposed. The aim is to generate non-structural feature vectors for accurate prediction of the NAC responses by combining imaging datasets with exocrine body related genomics analysis
Isolation, Physicochemical Properties, and Structural Characteristics of Arabinoxylan from Hull-Less Barley
Arabinoxylan (HBAX-60) was fractioned from alkaline-extracted arabinoxylan (HBAX) in the whole grain of hull-less barley (Hordeum vulgare L. var. nudum Hook. f. Poaceae) by 60% ethanol precipitation, which was studied for physicochemical properties and structure elucidation. Highly purified HBAX-60 mainly composed of arabinose (40.7%) and xylose (59.3%) was created. The methylation and NMR analysis of HBAX-60 indicated that a low-branched β-(1→4)-linked xylan backbone possessed un-substituted (1,4-linked β-Xylp, 36.2%), mono-substituted (β-1,3,4-linked Xylp, 5.9%), and di-substituted (1,2,3,4-linked β-Xylp, 12.1%) xylose units as the main chains, though other residues (α-Araf-(1→, β-Xylp-(1→, α-Araf-(1→3)-α-Araf-(1→ or β-Xylp-(1→3)-α-Araf-(1→) were also determined. Additionally, HBAX-60 exhibited random coil conformation in a 0.1 M NaNO3 solution. This work provides the properties and structural basis of the hull-less barley-derived arabinoxylan, which facilitates further research for exploring the structure–function relationship and application of arabinoxylan from hull-less barley
Inferring Users’ Social Roles with a Multi-Level Graph Neural Network Model
Users of social networks have a variety of social statuses and roles. For example, the users of Weibo include celebrities, government officials, and social organizations. At the same time, these users may be senior managers, middle managers, or workers in companies. Previous studies on this topic have mainly focused on using the categorical, textual and topological data of a social network to predict users’ social statuses and roles. However, this cannot fully reflect the overall characteristics of users’ social statuses and roles in a social network. In this paper, we consider what social network structures reflect users’ social statuses and roles since social networks are designed to connect people. Taking an Enron email dataset as an example, we analyzed a preprocessing mechanism used for social network datasets that can extract users’ dynamic behavior features. We further designed a novel social network representation learning algorithm in order to infer users’ social statuses and roles in social networks through the use of an attention and gate mechanism on users’ neighbors. The extensive experimental results gained from four publicly available datasets indicate that our solution achieves an average accuracy improvement of 2% compared with GraphSAGE-Mean, which is the best applicable inductive representation learning method
Amphiphilic polymer and processes of forming the same
Disclosed are an amphiphilic polymer, its synthesis and uses thereof. The polymer has a hydrocarbon backbone with —COOH side groups. It further has first aliphatic moieties with a main chain of about 3 to about 20 carbon atoms and 0 to about 3 heteroatoms, and second aliphatic moieties that have a main chain of about 3 to about 80 carbon atoms and about 2 to about 40 heteroatoms. The second aliphatic moieties have a copolymerisable group. In the synthesis a maleic anhydride polymer of formula (I) where n is an integer from about 10 to about 10000 and R1 is H or methyl, is reacted with a monofunctional compound with an alkyl chain of about 3 to about 20 carbon atoms and 0 to about 2 heteroatoms, and with an at least bifunctional compound with an alkyl chain of about 3 to about 80 carbon atoms and 0 to about 40 heteroatoms. The functional group of the monofunctional compound and one functional group of the at least bifunctional compound can form a linkage with an anhydride. Another functional group of the at least bifunctional compound, which is not allowed to react with the maleic anhydride polymer, is copolymerisable
Dual-IoTID: A Session-Based Dual IoT Device Identification Model
The Internet of Things (IoT) is rapidly transforming our lives and work, enabling a wide range of emerging services and applications. However, as the scale of the IoT expands, its security issues are becoming increasingly prominent. Malicious actors can exploit vulnerabilities in IoT devices to launch attacks. Protecting the IoT begins with device identification. Identified devices can have corresponding protective measures selected based on the information, thereby enhancing network security. In this study, we propose a dual-machine-learning-based IoT device identification algorithm, Dual-IoTID, which identifies devices based on the payload of IoT device sessions. In contrast to existing methods that rely on extracting header fields or network layer features, our approach attempts to obtain identification information from session payloads. Dual-IoTID first extracts frequent items from sessions and uses a first-layer classifier to obtain a confidence matrix for initial classification. Then, the confidence matrix, along with extracted session communication features, is fed into a second-layer classifier for IoT device identification. Our proposed method is applicable to any IoT device, and it is also suitable for networks with NAT enabled. Experimental results demonstrate that Dual-IoTID has higher accuracy than existing methods, achieving 99.48% accuracy in the UNSW dataset and accurately identifying IoT devices even in environments containing non-IoT devices