Visible to the public Biblio

Filters: Author is Peng, Yu  [Clear All Filters]
2022-12-20
Liu, Xiaolei, Li, Xiaoyu, Zheng, Desheng, Bai, Jiayu, Peng, Yu, Zhang, Shibin.  2022.  Automatic Selection Attacks Framework for Hard Label Black-Box Models. IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :1–7.

The current adversarial attacks against machine learning models can be divided into white-box attacks and black-box attacks. Further the black-box can be subdivided into soft label and hard label black-box, but the latter has the deficiency of only returning the class with the highest prediction probability, which leads to the difficulty in gradient estimation. However, due to its wide application, it is of great research significance and application value to explore hard label blackbox attacks. This paper proposes an Automatic Selection Attacks Framework (ASAF) for hard label black-box models, which can be explained in two aspects based on the existing attack methods. Firstly, ASAF applies model equivalence to select substitute models automatically so as to generate adversarial examples and then completes black-box attacks based on their transferability. Secondly, specified feature selection and parallel attack method are proposed to shorten the attack time and improve the attack success rate. The experimental results show that ASAF can achieve more than 90% success rate of nontargeted attack on the common models of traditional dataset ResNet-101 (CIFAR10) and InceptionV4 (ImageNet). Meanwhile, compared with FGSM and other attack algorithms, the attack time is reduced by at least 89.7% and 87.8% respectively in two traditional datasets. Besides, it can achieve 90% success rate of attack on the online model, BaiduAI digital recognition. In conclusion, ASAF is the first automatic selection attacks framework for hard label blackbox models, in which specified feature selection and parallel attack methods speed up automatic attacks.

2022-04-01
Peng, Yu, Liu, Qin, Tian, Yue, Wu, Jie, Wang, Tian, Peng, Tao, Wang, Guojun.  2021.  Dynamic Searchable Symmetric Encryption with Forward and Backward Privacy. 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :420—427.
Dynamic searchable symmetric encryption (DSSE) that enables a client to perform searches and updates on encrypted data has been intensively studied in cloud computing. Recently, forward privacy and backward privacy has engaged significant attention to protect DSSE from the leakage of updates. However, the research in this field almost focused on keyword-level updates. That is, the client needs to know the keywords of the documents in advance. In this paper, we proposed a document-level update scheme, DBP, which supports immediate deletion while guaranteeing forward privacy and backward privacy. Compared with existing forward and backward private DSSE schemes, our DBP scheme has the following merits: 1) Practicality. It achieves deletion based on document identifiers rather than document/keyword pairs; 2) Efficiency. It utilizes only lightweight primitives to realize backward privacy while supporting immediate deletion. Experimental evaluation on two real datasets demonstrates the practical efficiency of our scheme.