Visible to the public Biblio

Found 431 results

Filters: Keyword is Neural networks  [Clear All Filters]
2023-09-18
Jia, Jingyun, Chan, Philip K..  2022.  Representation Learning with Function Call Graph Transformations for Malware Open Set Recognition. 2022 International Joint Conference on Neural Networks (IJCNN). :1—8.
Open set recognition (OSR) problem has been a challenge in many machine learning (ML) applications, such as security. As new/unknown malware families occur regularly, it is difficult to exhaust samples that cover all the classes for the training process in ML systems. An advanced malware classification system should classify the known classes correctly while sensitive to the unknown class. In this paper, we introduce a self-supervised pre-training approach for the OSR problem in malware classification. We propose two transformations for the function call graph (FCG) based malware representations to facilitate the pretext task. Also, we present a statistical thresholding approach to find the optimal threshold for the unknown class. Moreover, the experiment results indicate that our proposed pre-training process can improve different performances of different downstream loss functions for the OSR problem.
2023-09-08
Chen, Xuan, Li, Fei.  2022.  Research on the Algorithm of Situational Element Extraction of Internet of Vehicles Security based on Optimized-FOA-PNN. 2022 7th International Conference on Cyber Security and Information Engineering (ICCSIE). :109–112.

The scale of the intelligent networked vehicle market is expanding rapidly, and network security issues also follow. A Situational Awareness (SA) system can detect, identify, and respond to security risks from a global perspective. In view of the discrete and weak correlation characteristics of perceptual data, this paper uses the Fly Optimization Algorithm (FOA) based on dynamic adjustment of the optimization step size to improve the convergence speed, and optimizes the extraction model of security situation element of the Internet of Vehicles (IoV), based on Probabilistic Neural Network (PNN), to improve the accuracy of element extraction. Through the comparison of experimental algorithms, it is verified that the algorithm has fast convergence speed, high precision and good stability.

Zhong, Luoyifan.  2022.  Optimization and Prediction of Intelligent Tourism Data. 2022 IEEE 8th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :186–188.
Tourism is one of the main sources of income in Australia. The number of tourists will affect airlines, hotels and other stakeholders. Predicting the arrival of tourists can make full preparations for welcoming tourists. This paper selects Queensland Tourism data as intelligent data. Carry out data visualization around the intelligent data, establish seasonal ARIMA model, find out the characteristics and predict. In order to improve the accuracy of prediction. Based on the tourism data around Queensland, build a 10 layer Back Propagation neural network model. It is proved that the network shows good performance for the data prediction of this paper.
2023-07-21
R, Sowmiya, G, Sivakamasundari, V, Archana.  2022.  Facial Emotion Recognition using Deep Learning Approach. 2022 International Conference on Automation, Computing and Renewable Systems (ICACRS). :1064—1069.
Human facial emotion recognition pays a variety of applications in society. The basic idea of Facial Emotion Recognition is to map the different facial emotions to a variety of emotional states. Conventional Facial Emotion Recognition consists of two processes: extracting the features and feature selection. Nowadays, in deep learning algorithms, Convolutional Neural Networks are primarily used in Facial Emotion Recognition because of their hidden feature extraction from the images. Usually, the standard Convolutional Neural Network has simple learning algorithms with finite feature extraction layers for extracting information. The drawback of the earlier approach was that they validated only the frontal view of the photos even though the image was obtained from different angles. This research work uses a deep Convolutional Neural Network along with a DenseNet-169 as a backbone network for recognizing facial emotions. The emotion Recognition dataset was used to recognize the emotions with an accuracy of 96%.
Giri, Sarwesh, Singh, Gurchetan, Kumar, Babul, Singh, Mehakpreet, Vashisht, Deepanker, Sharma, Sonu, Jain, Prince.  2022.  Emotion Detection with Facial Feature Recognition Using CNN & OpenCV. 2022 2nd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE). :230—232.
Emotion Detection through Facial feature recognition is an active domain of research in the field of human-computer interaction (HCI). Humans are able to share multiple emotions and feelings through their facial gestures and body language. In this project, in order to detect the live emotions from the human facial gesture, we will be using an algorithm that allows the computer to automatically detect the facial recognition of human emotions with the help of Convolution Neural Network (CNN) and OpenCV. Ultimately, Emotion Detection is an integration of obtained information from multiple patterns. If computers will be able to understand more of human emotions, then it will mutually reduce the gap between humans and computers. In this research paper, we will demonstrate an effective way to detect emotions like neutral, happy, sad, surprise, angry, fear, and disgust from the frontal facial expression of the human in front of the live webcam.
Lee, Gwo-Chuan, Li, Zi-Yang, Li, Tsai-Wei.  2022.  Ensemble Algorithm of Convolution Neural Networks for Enhancing Facial Expression Recognition. 2022 IEEE 5th International Conference on Knowledge Innovation and Invention (ICKII ). :111—115.
Artificial intelligence (AI) cooperates with multiple industries to improve the overall industry framework. Especially, human emotion recognition plays an indispensable role in supporting medical care, psychological counseling, crime prevention and detection, and crime investigation. The research on emotion recognition includes emotion-specific intonation patterns, literal expressions of emotions, and facial expressions. Recently, the deep learning model of facial emotion recognition aims to capture tiny changes in facial muscles to provide greater recognition accuracy. Hybrid models in facial expression recognition have been constantly proposed to improve the performance of deep learning models in these years. In this study, we proposed an ensemble learning algorithm for the accuracy of the facial emotion recognition model with three deep learning models: VGG16, InceptionResNetV2, and EfficientNetB0. To enhance the performance of these benchmark models, we applied transfer learning, fine-tuning, and data augmentation to implement the training and validation of the Facial Expression Recognition 2013 (FER-2013) Dataset. The developed algorithm finds the best-predicted value by prioritizing the InceptionResNetV2. The experimental results show that the proposed ensemble learning algorithm of priorities edges up 2.81% accuracy of the model identification. The future extension of this study ventures into the Internet of Things (IoT), medical care, and crime detection and prevention.
Churaev, Egor, Savchenko, Andrey V..  2022.  Multi-user facial emotion recognition in video based on user-dependent neural network adaptation. 2022 VIII International Conference on Information Technology and Nanotechnology (ITNT). :1—5.
In this paper, the multi-user video-based facial emotion recognition is examined in the presence of a small data set with the emotions of end users. By using the idea of speaker-dependent speech recognition, we propose a novel approach to solve this task if labeled video data from end users is available. During the training stage, a deep convolutional neural network is trained for user-independent emotion classification. Next, this classifier is adapted (fine-tuned) on the emotional video of a concrete person. During the recognition stage, the user is identified based on face recognition techniques, and an emotional model of the recognized user is applied. It is experimentally shown that this approach improves the accuracy of emotion recognition by more than 20% for the RAVDESS dataset.
Shiqi, Li, Yinghui, Han.  2022.  Detection of Bad Data and False Data Injection Based on Back-Propagation Neural Network. 2022 IEEE PES Innovative Smart Grid Technologies - Asia (ISGT Asia). :101—105.
Power system state estimation is an essential tool for monitoring the operating conditions of the grid. However, the collected measurements may not always be reliable due to bad data from various faults as well as the increasing potential of being exposed to cyber-attacks, particularly from data injection attacks. To enhance the accuracy of state estimation, this paper presents a back-propagation neural network to detect and identify bad data and false data injections. A variety of training data exhibiting different statistical properties were used for training. The developed strategy was tested on the IEEE 30-bus and 118-bus power systems using MATLAB. Simulation results revealed the feasibility of the method for the detection and differentiation of bad data and false data injections in various operating scenarios.
Su, Xiangjing, Zhu, Zheng, Xiao, Shiqu, Fu, Yang, Wu, Yi.  2022.  Deep Neural Network Based Efficient Data Fusion Model for False Data Detection in Power System. 2022 IEEE 6th Conference on Energy Internet and Energy System Integration (EI2). :1462—1466.
Cyberattack on power system brings new challenges on the development of modern power system. Hackers may implement false data injection attack (FDIA) to cause unstable operating conditions of the power system. However, data from different power internet of things usually contains a lot of redundancy, making it difficult for current efficient discriminant model to precisely identify FDIA. To address this problem, we propose a deep learning network-based data fusion model to handle features from measurement data in power system. Proposed model includes a data enrichment module and a data fusion module. We firstly employ feature engineering technique to enrich features from power system operation in time dimension. Subsequently, a long short-term memory based autoencoder (LSTM-AE) is designed to efficiently avoid feature space explosion problem during data enriching process. Extensive experiments are performed on several classical attack detection models over the load data set from IEEE 14-bus system and simulation results demonstrate that fused data from proposed model shows higher detection accuracy with respect to the raw data.
Kiruthiga, G, Saraswathi, P, Rajkumar, S, Suresh, S, Dhiyanesh, B, Radha, R.  2022.  Effective DDoS Attack Detection using Deep Generative Radial Neural Network in the Cloud Environment. 2022 7th International Conference on Communication and Electronics Systems (ICCES). :675—681.
Recently, internet services have increased rapidly due to the Covid-19 epidemic. As a result, cloud computing applications, which serve end-users as subscriptions, are rising. Cloud computing provides various possibilities like cost savings, time and access to online resources via the internet for end-users. But as the number of cloud users increases, so does the potential for attacks. The availability and efficiency of cloud computing resources may be affected by a Distributed Denial of Service (DDoS) attack that could disrupt services' availability and processing power. DDoS attacks pose a serious threat to the integrity and confidentiality of computer networks and systems that remain important assets in the world today. Since there is no effective way to detect DDoS attacks, it is a reliable weapon for cyber attackers. However, the existing methods have limitations, such as relatively low accuracy detection and high false rate performance. To tackle these issues, this paper proposes a Deep Generative Radial Neural Network (DGRNN) with a sigmoid activation function and Mutual Information Gain based Feature Selection (MIGFS) techniques for detecting DDoS attacks for the cloud environment. Specifically, the proposed first pre-processing step uses data preparation using the (Network Security Lab) NSL-KDD dataset. The MIGFS algorithm detects the most efficient relevant features for DDoS attacks from the pre-processed dataset. The features are calculated by trust evaluation for detecting the attack based on relative features. After that, the proposed DGRNN algorithm is utilized for classification to detect DDoS attacks. The sigmoid activation function is to find accurate results for prediction in the cloud environment. So thus, the proposed experiment provides effective classification accuracy, performance, and time complexity.
Schulze, Jan-Philipp, Sperl, Philip, Böttinger, Konstantin.  2022.  Anomaly Detection by Recombining Gated Unsupervised Experts. 2022 International Joint Conference on Neural Networks (IJCNN). :1—8.
Anomaly detection has been considered under several extents of prior knowledge. Unsupervised methods do not require any labelled data, whereas semi-supervised methods leverage some known anomalies. Inspired by mixture-of-experts models and the analysis of the hidden activations of neural networks, we introduce a novel data-driven anomaly detection method called ARGUE. Our method is not only applicable to unsupervised and semi-supervised environments, but also profits from prior knowledge of self-supervised settings. We designed ARGUE as a combination of dedicated expert networks, which specialise on parts of the input data. For its final decision, ARGUE fuses the distributed knowledge across the expert systems using a gated mixture-of-experts architecture. Our evaluation motivates that prior knowledge about the normal data distribution may be as valuable as known anomalies.
Qasaimeh, Ghazi, Al-Gasaymeh, Anwar, Kaddumi, Thair, Kilani, Qais.  2022.  Expert Systems and Neural Networks and their Impact on the Relevance of Financial Information in the Jordanian Commercial Banks. 2022 International Conference on Business Analytics for Technology and Security (ICBATS). :1—7.
The current study aims to discern the impact of expert systems and neural network on the Jordanian commercial banks. In achieving the objective, the study employed descriptive analytical approach and the population consisted of the 13 Jordanian commercial banks listed at Amman Stock Exchange-ASE. The primary data were obtained by using a questionnaire with 188 samples distributed to a group of accountants, internal auditors, and programmers, who constitute the study sample. The results unveiled that there is an impact of the application of expert systems and neural networks on the relevance of financial information in Jordanian commercial banks. It also revealed that there is a high level of relevance of financial information in Jordanian commercial banks. Accordingly, the study recommended the need for banks to keep pace with the progress and development taking place in connection to the process and environment of expertise systems by providing modern and developed devices to run various programs and expert systems. It also recommended that, Jordanian commercial banks need to rely more on advanced systems to operate neural network technology more efficiently.
Wenqi, Huang, Lingyu, Liang, Xin, Wang, Zhengguo, Ren, Shang, Cao, Xiaotao, Jiang.  2022.  An Early Warning Analysis Model of Metering Equipment Based on Federated Hybrid Expert System. 2022 15th International Symposium on Computational Intelligence and Design (ISCID). :217—220.
The smooth operation of metering equipment is inseparable from the monitoring and analysis of equipment alarm events by automated metering systems. With the generation of big data in power metering and the increasing demand for information security of metering systems in the power industry, how to use big data and protect data security at the same time has become a hot research field. In this paper, we propose a hybrid expert model based on federated learning to deal with the problem of alarm information analysis and identification. The hybrid expert system can divide the metering warning problem into multiple sub-problems for processing, which greatly improves the recognition and prediction accuracy. The experimental results show that our model has high accuracy in judging and identifying equipment faults.
2023-07-10
Zhang, Xiao, Chen, Xiaoming, He, Yuxiong, Wang, Youhuai, Cai, Yong, Li, Bo.  2022.  Neural Network-Based DDoS Detection on Edge Computing Architecture. 2022 4th International Conference on Applied Machine Learning (ICAML). :1—4.
The safety of the power system is inherently vital, due to the high risk of the electronic power system. In the wave of digitization in recent years, many power systems have been digitized to a certain extent. Under this circumstance, network security is particularly important, in order to ensure the normal operation of the power system. However, with the development of the Internet, network security issues are becoming more and more serious. Among all kinds of network attacks, the Distributed Denial of Service (DDoS) is a major threat. Once, attackers used huge volumes of traffic in short time to bring down the victim server. Now some attackers just use low volumes of traffic but for a long time to create trouble for attack detection. There are many methods for DDoS detection, but no one can fully detect it because of the huge volumes of traffic. In order to better detect DDoS and make sure the safety of electronic power system, we propose a novel detection method based on neural network. The proposed model and its service are deployed to the edge cloud, which can improve the real-time performance for detection. The experiment results show that our model can detect attacks well and has good real-time performance.
2023-06-29
Wang, Zhichao.  2022.  Deep Learning Methods for Fake News Detection. 2022 IEEE 2nd International Conference on Data Science and Computer Application (ICDSCA). :472–475.

Nowadays, although it is much more convenient to obtain news with social media and various news platforms, the emergence of all kinds of fake news has become a headache and urgent problem that needs to be solved. Currently, the fake news recognition algorithm for fake news mainly uses GCN, including some other niche algorithms such as GRU, CNN, etc. Although all fake news verification algorithms can reach quite a high accuracy with sufficient datasets, there is still room for improvement for unsupervised learning and semi-supervised. This article finds that the accuracy of the GCN method for fake news detection is basically about 85% through comparison with other neural network models, which is satisfactory, and proposes that the current field lacks a unified training dataset, and that in the future fake news detection models should focus more on semi-supervised learning and unsupervised learning.

2023-06-23
Xie, Guorui, Li, Qing, Cui, Chupeng, Zhu, Peican, Zhao, Dan, Shi, Wanxin, Qi, Zhuyun, Jiang, Yong, Xiao, Xi.  2022.  Soter: Deep Learning Enhanced In-Network Attack Detection Based on Programmable Switches. 2022 41st International Symposium on Reliable Distributed Systems (SRDS). :225–236.
Though several deep learning (DL) detectors have been proposed for the network attack detection and achieved high accuracy, they are computationally expensive and struggle to satisfy the real-time detection for high-speed networks. Recently, programmable switches exhibit a remarkable throughput efficiency on production networks, indicating a possible deployment of the timely detector. Therefore, we present Soter, a DL enhanced in-network framework for the accurate real-time detection. Soter consists of two phases. One is filtering packets by a rule-based decision tree running on the Tofino ASIC. The other is executing a well-designed lightweight neural network for the thorough inspection of the suspicious packets on the CPU. Experiments on the commodity switch demonstrate that Soter behaves stably in ten network scenarios of different traffic rates and fulfills per-flow detection in 0.03s. Moreover, Soter naturally adapts to the distributed deployment among multiple switches, guaranteeing a higher total throughput for large data centers and cloud networks.
ISSN: 2575-8462
P, Dayananda, Subramanian, Siddharth, Suresh, Vijayalakshmi, Shivalli, Rishab, Sinha, Shrinkhla.  2022.  Video Compression using Deep Neural Networks. 2022 Fourth International Conference on Cognitive Computing and Information Processing (CCIP). :1–5.

Advanced video compression is required due to the rise of online video content. A strong compression method can help convey video data effectively over a constrained bandwidth. We observed how more internet usage for video conferences, online gaming, and education led to decreased video quality from Netflix, YouTube, and other streaming services in Europe and other regions, particularly during the COVID-19 epidemic. They are represented in standard video compression algorithms as a succession of reference frames after residual frames, and these approaches are limited in their application. Deep learning's introduction and current advancements have the potential to overcome such problems. This study provides a deep learning-based video compression model that meets or exceeds current H.264 standards.

Ke, Zehui, Huang, Hailiang, Liang, Yingwei, Ding, Yi, Cheng, Xin, Wu, Qingyao.  2022.  Robust Video watermarking based on deep neural network and curriculum learning. 2022 IEEE International Conference on e-Business Engineering (ICEBE). :80–85.

With the rapid development of multimedia and short video, there is a growing concern for video copyright protection. Some work has been proposed to add some copyright or fingerprint information to the video to trace the source of the video when it is stolen and protect video copyright. This paper proposes a video watermarking method based on a deep neural network and curriculum learning for watermarking of sliced videos. The first frame of the segmented video is perturbed by an encoder network, which is invisible and can be distinguished by the decoder network. Our model is trained and tested on an online educational video dataset consisting of 2000 different video clips. Experimental results show that our method can successfully discriminate most watermarked and non-watermarked videos with low visual disturbance, which can be achieved even under a relatively high video compression rate(H.264 video compress with CRF 32).

Konuko, Goluck, Valenzise, Giuseppe, Lathuilière, Stéphane.  2022.  Ultra-Low Bitrate Video Conferencing Using Deep Image Animation. 2022 IEEE International Conference on Image Processing (ICIP). :3515–3520.

In this work we propose a novel deep learning approach for ultra-low bitrate video compression for video conferencing applications. To address the shortcomings of current video compression paradigms when the available bandwidth is extremely limited, we adopt a model-based approach that employs deep neural networks to encode motion information as keypoint displacement and reconstruct the video signal at the decoder side. The overall system is trained in an end-to-end fashion minimizing a reconstruction error on the encoder output. Objective and subjective quality evaluation experiments demonstrate that the proposed approach provides an average bitrate reduction for the same visual quality of more than 60% compared to HEVC.

ISSN: 2381-8549

2023-06-22
Ho, Samson, Reddy, Achyut, Venkatesan, Sridhar, Izmailov, Rauf, Chadha, Ritu, Oprea, Alina.  2022.  Data Sanitization Approach to Mitigate Clean-Label Attacks Against Malware Detection Systems. MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM). :993–998.
Machine learning (ML) models are increasingly being used in the development of Malware Detection Systems. Existing research in this area primarily focuses on developing new architectures and feature representation techniques to improve the accuracy of the model. However, recent studies have shown that existing state-of-the art techniques are vulnerable to adversarial machine learning (AML) attacks. Among those, data poisoning attacks have been identified as a top concern for ML practitioners. A recent study on clean-label poisoning attacks in which an adversary intentionally crafts training samples in order for the model to learn a backdoor watermark was shown to degrade the performance of state-of-the-art classifiers. Defenses against such poisoning attacks have been largely under-explored. We investigate a recently proposed clean-label poisoning attack and leverage an ensemble-based Nested Training technique to remove most of the poisoned samples from a poisoned training dataset. Our technique leverages the relatively large sensitivity of poisoned samples to feature noise that disproportionately affects the accuracy of a backdoored model. In particular, we show that for two state-of-the art architectures trained on the EMBER dataset affected by the clean-label attack, the Nested Training approach improves the accuracy of backdoor malware samples from 3.42% to 93.2%. We also show that samples produced by the clean-label attack often successfully evade malware classification even when the classifier is not poisoned during training. However, even in such scenarios, our Nested Training technique can mitigate the effect of such clean-label-based evasion attacks by recovering the model's accuracy of malware detection from 3.57% to 93.2%.
ISSN: 2155-7586
Zhao, Wanqi, Sun, Haoyue, Zhang, Dawei.  2022.  Research on DDoS Attack Detection Method Based on Deep Neural Network Model inSDN. 2022 International Conference on Networking and Network Applications (NaNA). :184–188.
This paper studies Distributed Denial of Service (DDoS) attack detection by adopting the Deep Neural Network (DNN) model in Software Defined Networking (SDN). We first deploy the flow collector module to collect the flow table entries. Considering the detection efficiency of the DNN model, we also design some features manually in addition to the features automatically obtained by the flow table. Then we use the preprocessed data to train the DNN model and make a prediction. The overall detection framework is deployed in the SDN controller. The experiment results illustrate DNN model has higher accuracy in identifying attack traffic than machine learning algorithms, which lays a foundation for the defense against DDoS attack.
Bennet, Ms. Deepthi Tabitha, Bennet, Ms. Preethi Samantha, Anitha, D.  2022.  Securing Smart City Networks - Intelligent Detection Of DDoS Cyber Attacks. 2022 5th International Conference on Contemporary Computing and Informatics (IC3I). :1575–1580.

A distributed denial-of-service (DDoS) is a malicious attempt by attackers to disrupt the normal traffic of a targeted server, service or network. This is done by overwhelming the target and its surrounding infrastructure with a flood of Internet traffic. The multiple compromised computer systems (bots or zombies) then act as sources of attack traffic. Exploited machines can include computers and other network resources such as IoT devices. The attack results in either degraded network performance or a total service outage of critical infrastructure. This can lead to heavy financial losses and reputational damage. These attacks maximise effectiveness by controlling the affected systems remotely and establishing a network of bots called bot networks. It is very difficult to separate the attack traffic from normal traffic. Early detection is essential for successful mitigation of the attack, which gives rise to a very important role in cybersecurity to detect the attacks and mitigate the effects. This can be done by deploying machine learning or deep learning models to monitor the traffic data. We propose using various machine learning and deep learning algorithms to analyse the traffic patterns and separate malicious traffic from normal traffic. Two suitable datasets have been identified (DDoS attack SDN dataset and CICDDoS2019 dataset). All essential preprocessing is performed on both datasets. Feature selection is also performed before detection techniques are applied. 8 different Neural Networks/ Ensemble/ Machine Learning models are chosen and the datasets are analysed. The best model is chosen based on the performance metrics (DEEP NEURAL NETWORK MODEL). An alternative is also suggested (Next best - Hypermodel). Optimisation by Hyperparameter tuning further enhances the accuracy. Based on the nature of the attack and the intended target, suitable mitigation procedures can then be deployed.

Tehaam, Muhammad, Ahmad, Salman, Shahid, Hassan, Saboor, Muhammad Suleman, Aziz, Ayesha, Munir, Kashif.  2022.  A Review of DDoS Attack Detection and Prevention Mechanisms in Clouds. 2022 24th International Multitopic Conference (INMIC). :1–6.
Cloud provides access to shared pool of resources like storage, networking, and processing. Distributed denial of service attacks are dangerous for Cloud services because they mainly target the availability of resources. It is important to detect and prevent a DDoS attack for the continuity of Cloud services. In this review, we analyze the different mechanisms of detection and prevention of the DDoS attacks in Clouds. We identify the major DDoS attacks in Clouds and compare the frequently-used strategies to detect, prevent, and mitigate those attacks that will help the future researchers in this area.
ISSN: 2049-3630
Jamil, Huma, Liu, Yajing, Cole, Christina, Blanchard, Nathaniel, King, Emily J., Kirby, Michael, Peterson, Christopher.  2022.  Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks. 2022 IEEE International Conference on Big Data (Big Data). :2913–2921.
Previous work has shown that a neural network with the rectified linear unit (ReLU) activation function leads to a convex polyhedral decomposition of the input space. These decompositions can be represented by a dual graph with vertices corresponding to polyhedra and edges corresponding to polyhedra sharing a facet, which is a subgraph of a Hamming graph. This paper illustrates how one can utilize the dual graph to detect and analyze adversarial attacks in the context of digital images. When an image passes through a network containing ReLU nodes, the firing or non-firing at a node can be encoded as a bit (1 for ReLU activation, 0 for ReLU non-activation). The sequence of all bit activations identifies the image with a bit vector, which identifies it with a polyhedron in the decomposition and, in turn, identifies it with a vertex in the dual graph. We identify ReLU bits that are discriminators between non-adversarial and adversarial images and examine how well collections of these discriminators can ensemble vote to build an adversarial image detector. Specifically, we examine the similarities and differences of ReLU bit vectors for adversarial images, and their non-adversarial counterparts, using a pre-trained ResNet-50 architecture. While this paper focuses on adversarial digital images, ResNet-50 architecture, and the ReLU activation function, our methods extend to other network architectures, activation functions, and types of datasets.
Cheng, Xin, Wang, Mei-Qi, Shi, Yu-Bo, Lin, Jun, Wang, Zhong-Feng.  2022.  Magical-Decomposition: Winning Both Adversarial Robustness and Efficiency on Hardware. 2022 International Conference on Machine Learning and Cybernetics (ICMLC). :61–66.
Model compression is one of the most preferred techniques for efficiently deploying deep neural networks (DNNs) on resource- constrained Internet of Things (IoT) platforms. However, the simply compressed model is often vulnerable to adversarial attacks, leading to a conflict between robustness and efficiency, especially for IoT devices exposed to complex real-world scenarios. We, for the first time, address this problem by developing a novel framework dubbed Magical-Decomposition to simultaneously enhance both robustness and efficiency for hardware. By leveraging a hardware-friendly model compression method called singular value decomposition, the defending algorithm can be supported by most of the existing DNN hardware accelerators. To step further, by using a recently developed DNN interpretation tool, the underlying scheme of how the adversarial accuracy can be increased in the compressed model is highlighted clearly. Ablation studies and extensive experiments under various attacks/models/datasets consistently validate the effectiveness and scalability of the proposed framework.
ISSN: 2160-1348