secure

security

Title: Enhancing General Face Forgery Detection via Vision Transformer with Low-Rank Adaptation. (arXiv:2303.00917v1 [cs.CV])

Title: APARATE: Adaptive Adversarial Patch for CNN-based Monocular Depth Estimation for Autonomous Navigation. (arXiv:2303.01351v1 [cs.CV])

Title: Explainable Artificial Intelligence and Cybersecurity: A Systematic Literature Review. (arXiv:2303.01259v1 [cs.CR])

Title: A Large-Scale Study of Personal Identifiability of Virtual Reality Motion Over Time. (arXiv:2303.01430v1 [cs.CR])

privacy

Title: Practical Network Acceleration with Tiny Sets: Hypothesis, Theory, and Algorithm. (arXiv:2303.00972v1 [cs.CV])

Title: Visual Atoms: Pre-training Vision Transformers with Sinusoidal Waves. (arXiv:2303.01112v1 [cs.CV])

Title: An Improved Christofides Mechanism for Local Differential Privacy Framework. (arXiv:2303.00857v1 [cs.CR])

It compared four statistical survey methods for conducting surveys on sensitive topics -- modified Warner, Simmons, Christofides, and the improved Christofides mechanism. Specifically, Warner, Simmons and Christofides mechanisms have been modified to draw a sample from the population without replacement, to decrease variance. Furthermore, by drawing cards without replacement based on modified Christofides mechanism, we introduce a new mechanism called the improved Christofides mechanism, which is found to have the smallest variance under certain assumption when using LDP as a measurement of privacy leakage. The assumption is do satisfied usually in the real world. Actually, we decrease the variance to 28.7% of modified Christofides mechanism's variance in our experiment based on the HCOVANY dataset -- a real world dataset of IPUMS USA. This means our method gets a more accurate estimate by using LDP as a measurement of privacy leakage. This is the first time the improved Christofides mechanism is proposed for LDP framework based on comparative analysis of four mechanisms using LDP as the same measurement of privacy leakage.

Title: What Is Synthetic Data? The Good, The Bad, and The Ugly. (arXiv:2303.01230v1 [cs.CR])

So how do you generate synthetic data? What is that useful for? What are the benefits and the risks? What are the open research questions that remain unanswered? In this article, we provide a gentle introduction to synthetic data and discuss its use cases, the privacy challenges that are still unaddressed, and its inherent limitations as an effective privacy-enhancing technology.

Title: Privacy-Preserving Tree-Based Inference with Fully Homomorphic Encryption. (arXiv:2303.01254v1 [cs.CR])

More precisely, we explain in this paper how we apply FHE to tree-based models and get state-of-the-art solutions over encrypted tabular data. We show that our method is applicable to a wide range of tree-based models, including decision trees, random forests, and gradient boosted trees, and has been implemented within the Concrete-ML library, which is open-source at https://github.com/zama-ai/concrete-ml. With a selected set of use-cases, we demonstrate that our FHE version is very close to the unprotected version in terms of accuracy.

Title: CADeSH: Collaborative Anomaly Detection for Smart Homes. (arXiv:2303.01021v1 [cs.LG])

We evaluated our method empirically, using 21 days of real-world traffic data that emanated from eight identical IoT devices deployed on various networks, one of which was located in our controlled lab where we implemented two popular IoT-related cyber-attacks. Our collaborative anomaly detection method achieved a macro-average area under the precision-recall curve of 0.841, an F1 score of 0.929, and an FPR of only 0.014. These promising results were obtained by using labeled traffic data from our lab as the test set, while training the models on the traffic of devices deployed outside the lab, and thus demonstrate a high level of generalizability. In addition to its high generalizability and promising performance, our proposed method also offers benefits such as privacy preservation, resource savings, and model poisoning mitigation. On top of that, as a contribution to the scientific community, our novel dataset is available online.

protect

defense

Title: Evaluation of drain, a deep-learning approach to rain retrieval from gpm passive microwave radiometer. (arXiv:2303.01220v1 [cs.LG])

attack

Title: AdvRain: Adversarial Raindrops to Attack Camera-based Smart Vision Systems. (arXiv:2303.01338v1 [cs.CV])

Title: MoSFPAD: An end-to-end Ensemble of MobileNet and Support Vector Classifier for Fingerprint Presentation Attack Detection. (arXiv:2303.01465v1 [cs.CV])

Title: Targeted Adversarial Attacks against Neural Machine Translation. (arXiv:2303.01068v1 [cs.CL])

Title: Frauds Bargain Attack: Generating Adversarial Text Samples via Word Manipulation Process. (arXiv:2303.01234v1 [cs.CL])

Title: D-Score: An Expert-Based Method for Assessing the Detectability of IoT-Related Cyber-Attacks. (arXiv:2303.01041v1 [cs.CR])

Title: Poster: Sponge ML Model Attacks of Mobile Apps. (arXiv:2303.01243v1 [cs.LG])

Title: An Incremental Gray-box Physical Adversarial Attack on Neural Network Training. (arXiv:2303.01245v1 [cs.CR])

Title: Unnoticeable Backdoor Attacks on Graph Neural Networks. (arXiv:2303.01263v1 [cs.CR])

Title: Rethinking the Effect of Data Augmentation in Adversarial Contrastive Learning. (arXiv:2303.01289v1 [cs.LG])

robust

Title: AMIGO: Sparse Multi-Modal Graph Transformer with Shared-Context Processing for Representation Learning of Giga-pixel Images. (arXiv:2303.00865v1 [cs.CV])

Title: Spatial Layout Consistency for 3D Semantic Segmentation. (arXiv:2303.00939v1 [cs.CV])

Title: Evolutionary Computation in Action: Hyperdimensional Deep Embedding Spaces of Gigapixel Pathology Images. (arXiv:2303.00943v1 [cs.CV])

Title: Image Labels Are All You Need for Coarse Seagrass Segmentation. (arXiv:2303.00973v1 [cs.CV])

Title: Demystifying Causal Features on Adversarial Examples and Causal Inoculation for Robust Network by Adversarial Instrumental Variable Regression. (arXiv:2303.01052v1 [cs.LG])

Title: ArCL: Enhancing Contrastive Learning with Augmentation-Robust Representations. (arXiv:2303.01092v1 [cs.LG])

Title: STDepthFormer: Predicting Spatio-temporal Depth from Video with a Self-supervised Transformer Model. (arXiv:2303.01196v1 [cs.CV])

Title: Grid-Centric Traffic Scenario Perception for Autonomous Driving: A Comprehensive Review. (arXiv:2303.01212v1 [cs.CV])

Title: Learning Person-specific Network Representation for Apparent Personality Traits Recognition. (arXiv:2303.01236v1 [cs.CV])

Title: Analyzing Effects of Fake Training Data on the Performance of Deep Learning Systems. (arXiv:2303.01268v1 [cs.CV])

Title: Cluster-Guided Semi-Supervised Domain Adaptation for Imbalanced Medical Image Classification. (arXiv:2303.01283v1 [cs.CV])

Title: Active Learning Enhances Classification of Histopathology Whole Slide Images with Attention-based Multiple Instance Learning. (arXiv:2303.01342v1 [cs.CV])

Title: Deep-NFA: a Deep $\textit{a contrario}$ Framework for Small Object Detection. (arXiv:2303.01363v1 [cs.CV])

Title: MLANet: Multi-Level Attention Network with Sub-instruction for Continuous Vision-and-Language Navigation. (arXiv:2303.01396v1 [cs.CV])

Title: Delivering Arbitrary-Modal Semantic Segmentation. (arXiv:2303.01480v1 [cs.CV])

Title: Leveraging Large Text Corpora for End-to-End Speech Summarization. (arXiv:2303.00978v1 [cs.CL])

Title: Denoising-based UNMT is more robust to word-order divergence than MASS-based UNMT. (arXiv:2303.01191v1 [cs.CL])

We experiment with five English$\rightarrow$Indic language pairs, i.e., en-hi, en-bn, en-gu, en-kn, and en-ta) where word-order of the source language is SVO (Subject-Verb-Object), and the word-order of the target languages is SOV (Subject-Object-Verb). We observed that for these language pairs, DAE-based UNMT approach consistently outperforms MASS in terms of translation accuracies. Moreover, bridging the word-order gap using reordering improves the translation accuracy of MASS-based UNMT models, while it cannot improve the translation accuracy of DAE-based UNMT models. This observation indicates that DAE-based UNMT is more robust to word-order divergence than MASS-based UNMT. Word-shuffling noise in DAE approach could be the possible reason for the approach being robust to word-order divergence.

Title: Can ChatGPT Assess Human Personalities? A General Evaluation Framework. (arXiv:2303.01248v1 [cs.CL])

Title: Adversarial Examples Exist in Two-Layer ReLU Networks for Low Dimensional Data Manifolds. (arXiv:2303.00783v1 [cs.LG])

Title: Multi-task neural networks by learned contextual inputs. (arXiv:2303.00788v1 [cs.LG])

Title: Physics-informed neural networks for solving forward and inverse problems in complex beam systems. (arXiv:2303.01055v1 [cs.LG])

Title: The Double-Edged Sword of Implicit Bias: Generalization vs. Robustness in ReLU Networks. (arXiv:2303.01456v1 [cs.LG])

Title: Efficient Rate Optimal Regret for Adversarial Contextual MDPs Using Online Function Approximation. (arXiv:2303.01464v1 [cs.LG])

biometric

steal

extraction

Title: Soft Prompt Guided Joint Learning for Cross-Domain Sentiment Analysis. (arXiv:2303.00815v1 [cs.CL])

Title: NLP Workbench: Efficient and Extensible Integration of State-of-the-art Text Mining Tools. (arXiv:2303.01410v1 [cs.CL])

membership infer

federate

Title: Stochastic Clustered Federated Learning. (arXiv:2303.00897v1 [cs.LG])

Title: Communication Trade-offs in Federated Learning of Spiking Neural Networks. (arXiv:2303.00928v1 [cs.LG])

fair

Title: I2P-Rec: Recognizing Images on Large-scale Point Cloud Maps through Bird's Eye View Projections. (arXiv:2303.01043v1 [cs.CV])

Title: Variance-reduced Clipping for Non-convex Optimization. (arXiv:2303.00883v1 [cs.LG])

interpretability

Title: Disentangling Orthogonal Planes for Indoor Panoramic Room Layout Estimation with Cross-Scale Distortion Awareness. (arXiv:2303.00971v1 [cs.CV])

To address this issue, we propose to disentangle this 1D representation by pre-segmenting orthogonal (vertical and horizontal) planes from a complex scene, explicitly capturing the geometric cues for indoor layout estimation. Considering the symmetry between the floor boundary and ceiling boundary, we also design a soft-flipping fusion strategy to assist the pre-segmentation. Besides, we present a feature assembling mechanism to effectively integrate shallow and deep features with distortion distribution awareness. To compensate for the potential errors in pre-segmentation, we further leverage triple attention to reconstruct the disentangled sequences for better performance. Experiments on four popular benchmarks demonstrate our superiority over existing SoTA solutions, especially on the 3DIoU metric. The code is available at \url{https://github.com/zhijieshen-bjtu/DOPNet}.

Title: DAVA: Disentangling Adversarial Variational Autoencoder. (arXiv:2303.01384v1 [cs.LG])

Title: Customer Churn Prediction Model using Explainable Machine Learning. (arXiv:2303.00960v1 [cs.LG])

Title: Interpretable System Identification and Long-term Prediction on Time-Series Data. (arXiv:2303.01193v1 [cs.LG])

explainability

watermark

diffusion

Title: Human Motion Diffusion as a Generative Prior. (arXiv:2303.01418v1 [cs.CV])

Title: Consistency Models. (arXiv:2303.01469v1 [cs.LG])

Title: Continuous-Time Functional Diffusion Processes. (arXiv:2303.00800v1 [cs.LG])

Title: Understanding the Diffusion Objective as a Weighted Integral of ELBOs. (arXiv:2303.00848v1 [cs.LG])

We show that the weighted loss can be written as a weighted integral of ELBOs, with one ELBO per noise level. If the weighting function is monotonic, then the weighted loss is a likelihood-based objective: it maximizes the ELBO under simple data augmentation, namely Gaussian noise perturbation. Our main contribution is a deeper theoretical understanding of the diffusion objective, but we also performed some experiments comparing monotonic with non-monotonic weightings, finding that monotonic weighting performs competitively with the best published results.