top

  Info

  • Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.

  Info

  • Utilizzare questo link per rimuovere la selezione effettuata.

Biblioteca

MARC Lista (tabellare)
Backdoor Attacks Against Learning-Based Algorithms
Backdoor Attacks Against Learning-Based Algorithms
Autore Li Shaofeng
Edizione [1st ed.]
Pubbl/distr/stampa Cham : , : Springer International Publishing AG, , 2024
Descrizione fisica 1 online resource (161 pages)
Altri autori (Persone) ZhuHaojin
WuWen
ShenXuemin (Sherman)
Collana Wireless Networks Series
ISBN 3-031-57389-7
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Intro -- Preface -- Contents -- Acronyms -- 1 Introduction -- 1.1 Background -- 1.2 Security and Privacy of Deep Learning -- 1.2.1 Security Issues in Deep Learning -- 1.2.2 Privacy Issues in Deep Learning -- 1.2.3 Artificial Intelligence (AI) Governance -- 1.3 Motivation and Challenges -- 1.3.1 Motivation -- 1.3.2 Challenges in Backdoor Attacks -- 1.3.2.1 Backdoor Attacks in Computer Vision -- 1.3.2.2 Backdoor Attacks in Natural Language Processing (NLP) -- 1.3.2.3 Backdoor Attacks in Federated Learning (FL) -- 1.4 Invisible and Hidden Backdoor Attacks -- 1.4.1 Invisible Backdoor Attacks Against Image Classification -- 1.4.2 Hidden Backdoor Attacks Against Natural Language Processing (NLP) -- 1.4.3 Backdoor Detection in Federated Learning (FL) -- 1.5 Aim of the Monograph -- References -- 2 Literature Review of Backdoor Attacks -- 2.1 Applications of Deep Neural Networks -- 2.1.1 Computer Vision Applications -- 2.1.2 NLP Applications -- 2.1.3 FL Applications -- 2.2 Backdoor Attacks -- 2.2.1 Threat Model and Attack Assumption -- 2.2.1.1 Threat Model -- 2.2.1.2 Attack Assumption -- 2.2.2 Implementation of Backdoor Attacks -- 2.2.3 Measurements of Backdoor Attacks -- 2.2.4 Formalization of Backdoor Attacks -- 2.3 Related Works -- 2.3.1 Backdoor Attacks in CV -- 2.3.2 Backdoor Attacks in NLP -- 2.3.3 Backdoor Attacks in FL -- 2.4 Summary -- References -- 3 Invisible Backdoor Attacks in Image Classification Based Network Services -- 3.1 Problem Statement -- 3.2 Background -- 3.2.1 Backdoor Attacks and Detection -- 3.2.2 Steganography -- 3.3 System Design of Invisible Backdoor Attack -- 3.3.1 Threat Model -- 3.3.2 System Overview -- 3.3.3 Attack Performance Measurements -- 3.3.3.1 Performance -- 3.3.3.2 Invisibility -- 3.4 System Implementation of Invisible Backdoor Attacks -- 3.4.1 Attack 1: Adding Triggers via Steganography.
3.4.2 Attack 2: Optimizing Triggers via Regularization -- 3.4.2.1 Step 1: Finding Anchor Positions -- 3.4.2.2 Step 2(a): Optimization with L2 Regularization -- 3.4.2.3 Step 2(b): Optimization with L0 Regularization -- 3.4.2.4 Step 2(c): Optimization with L∞ Regularization -- 3.4.2.5 Step 3: The Universal Backdoor Attack -- 3.5 Performance Evaluation -- 3.5.1 Single Target Backdoor Attacks via Steganography -- 3.5.1.1 MNIST -- 3.5.1.2 CIFAR10 -- 3.5.1.3 GTSRB -- 3.5.1.4 Pollution Rate -- 3.5.1.5 Invisibility Metrics -- 3.5.2 Universal Backdoor Attacks via Regularization -- 3.5.2.1 Performance -- 3.5.2.2 Pollution Rate -- 3.5.2.3 Invisibility Metrics -- 3.5.3 Evading Neural Cleanse Detection -- 3.6 Discussion -- 3.7 Summary -- References -- 4 Hidden Backdoor Attacks in NLP Based Network Services -- 4.1 Problem Statement -- 4.2 Background and Related Work -- 4.2.1 Pre-processing of Language Models -- 4.2.1.1 Language Models -- 4.2.1.2 N-Gram Models -- 4.2.1.3 Neural Language Models -- 4.2.1.4 Pre-processing in the NLP Pipeline -- 4.2.1.5 Pre-processing for RNN/LSTM -- 4.2.1.6 Pre-processing for Transformers -- 4.2.2 Homographs -- 4.2.3 Related Work -- 4.2.3.1 Word Perturbations-Based NLP Backdoors -- 4.2.3.2 Sentence Perturbations-Based NLP Backdoors -- 4.2.3.3 Injecting Trojans into Pre-trained Models -- 4.3 System Design -- 4.3.1 Threat Model -- 4.3.1.1 Attacker's Goals -- 4.3.1.2 Attacker's Knowledge and Capability -- 4.3.2 Attack Overview -- 4.3.3 Attack Performance Measurements -- 4.3.3.1 Performance -- 4.3.3.2 Perplexity -- 4.4 Hidden Backdoor Attacks -- 4.4.1 Attack 1: Homograph Backdoor Attacks -- 4.4.1.1 Homographs Dictionary -- 4.4.1.2 Trigger Definition -- 4.4.1.3 Fine-Tuning to Inject the Backdoor Trojan -- 4.4.1.4 Explaining the Attack from the Perspective of a Tokenized Sentence -- 4.4.2 Attack 2: Dynamic Sentence Backdoor Attacks.
4.4.2.1 Poisoned Sentences Generated via LSTM-BeamSearch -- 4.4.2.2 Poisoned Sentences Generated via PPLM -- 4.4.2.3 Characterizing the Generated Sentences -- 4.5 Case Study: Toxic Comment Detection -- 4.5.1 Experimental Setting -- 4.5.2 Attack Performance Evaluation -- 4.5.2.1 Homograph Attack -- 4.5.2.2 Dynamic Sentence Backdoor Attack -- 4.5.2.3 Comparison with Baseline Attack and Prior Works -- 4.5.3 Overhead Evaluation -- 4.6 Case Study: Neural Machine Translation -- 4.6.1 Experimental Setting -- 4.6.2 Homograph Attack -- 4.6.2.1 Trigger Definition -- 4.6.2.2 Examples of Trigger Sentences -- 4.6.2.3 Poisoned Data Generation -- 4.6.2.4 Results and Analysis -- 4.6.3 Dynamic Sentence Backdoor Attack -- 4.6.3.1 Trigger Definition -- 4.6.3.2 Poisoned Data Generation -- 4.6.3.3 Attack Evaluation -- 4.7 Case Study: Question Answering -- 4.7.1 Experimental Setting -- 4.7.2 Homograph Attack -- 4.7.2.1 Poisoned Data Generation -- 4.7.2.2 Results and Analysis -- 4.7.3 Dynamic Sentence Backdoor Attack -- 4.7.3.1 Results and Analysis -- 4.7.3.2 Attack Analysis on Decision Boundary -- 4.8 Backdoor Defenses in NLP -- 4.8.1 Perplexity-Based Defenses -- 4.8.2 Generative Model-Based Defenses -- 4.8.3 Defense Comparison -- 4.8.4 Heuristic Defense Scheme -- 4.9 Summary -- References -- 5 Backdoor Attacks and Defense in FL -- 5.1 Problem Statement -- 5.2 Background and Threat Model -- 5.2.1 Background of FL in e-Health Tasks -- 5.2.2 Backdoor Attacks and Defenses in FL -- 5.2.3 Threat Model -- 5.3 Backdoor Attack in e-Health FL Scenarios -- 5.3.1 Attack Overview -- 5.3.1.1 Step 1: Poisoning the Attacker's Dataset -- 5.3.1.2 Step 2: Injecting Backdoor -- 5.3.2 Attack Performance -- 5.3.2.1 System Setup -- 5.3.2.2 Measurements -- 5.3.2.3 Attack Results -- 5.3.3 Characteristics of the Attack -- 5.4 Detection Scheme Design -- 5.4.1 Scheme Overview.
5.4.2 Mechanism Design -- 5.4.2.1 BatFL Algorithm -- 5.4.2.2 Leave One Out -- 5.4.3 Algorithm Implementation -- 5.4.3.1 Median Absolute Deviation and Anomaly Index -- 5.4.3.2 Overhead Optimization -- 5.5 Performance Evaluation -- 5.5.1 Detection Performance on Text Classification -- 5.5.2 Detection Performance on Image Classification -- 5.5.2.1 The Accumulated Shapley value -- 5.5.2.2 Monotonicity -- 5.5.2.3 Evaluation on Different Attack Settings -- 5.5.2.4 Performance Comparison with Existing Work -- 5.5.3 Overhead Analysis -- 5.6 Discussion -- 5.7 Summary -- References -- 6 Summary and Future Directions -- 6.1 Summary -- 6.1.1 Invisible Trigger Design in Image Classification -- 6.1.2 Hidden Backdoor Attack Scheme in NLP -- 6.1.3 Backdoor Detection Framework in FL -- 6.2 Open Research Problems -- 6.2.1 Backdoor Attacks Against Robust Machine Learning (ML) Models -- 6.2.2 Defenses Against NLP Backdoors -- 6.2.3 Secure FL Architecture Design.
Record Nr. UNINA-9910865259403321
Li Shaofeng  
Cham : , : Springer International Publishing AG, , 2024
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
MAC Protocol Design in Full-Duplex Enabled Wireless Networks
MAC Protocol Design in Full-Duplex Enabled Wireless Networks
Autore Fu Liqun
Edizione [1st ed.]
Pubbl/distr/stampa Cham : , : Springer International Publishing AG, , 2024
Descrizione fisica 1 online resource (158 pages)
Altri autori (Persone) LiuShengbo
WuWen
ZhangNing
ZhuangWeihua
Collana Wireless Networks Series
ISBN 3-031-57296-3
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Intro -- Preface -- Contents -- Acronyms -- 1 Introduction -- 1.1 Wireless Full-Duplex (FD) Communication -- 1.1.1 Motivation and Concept -- 1.1.2 Development of Wireless FD Communication -- 1.1.2.1 FD Radio System -- 1.1.2.2 FD Relaying System -- 1.1.2.3 mmWave FD System -- 1.1.3 Applications and Benefits -- 1.1.3.1 Applications -- 1.1.3.2 Benefits -- 1.2 Research Challenges in FD Enabled Wireless Networks -- 1.2.1 FD Enabled WLANs -- 1.2.2 FD Enabled Multi-Hop Networks -- 1.2.3 FD Enabled mmWave Networks -- 1.3 Book Organization -- References -- 2 Literature Review -- 2.1 Self-Interference Cancellation -- 2.1.1 Overview -- 2.1.2 Antenna Domain Cancellation -- 2.1.3 Analog Domain Cancellation -- 2.1.4 Digital Domain Cancellation -- 2.2 Medium Access Control (MAC) Mechanisms -- 2.2.1 Performance Metrics -- 2.2.1.1 Throughput -- 2.2.1.2 Fairness -- 2.2.1.3 Delay -- 2.2.2 Channel Access Mechanisms -- 2.2.2.1 Carrier Sensing Mechanism -- 2.2.2.2 RTS/CTS Handshaking Mechanism -- 2.2.2.3 Random Backoff Mechanism -- 2.3 FD MAC Design -- 2.3.1 Centralized FD MAC Protocols -- 2.3.2 Distributed FD MAC Protocols -- 2.3.2.1 Header Snooping Based FD MAC -- 2.3.2.2 RTS/CTS Based FD MAC -- 2.4 Performance Analysis Methods -- 2.4.1 Markov Chain Model -- 2.4.2 Spatial Stochastic Geometry -- 2.5 Summary -- References -- 3 Hidden-Node-Free MAC Protocol Design for FD WLANs -- 3.1 Problem Statement -- 3.2 Related Works -- 3.3 System Model -- 3.3.1 Transmission Model -- 3.3.2 Ellipse Interference Model -- 3.3.3 Ellipse Carrier-Sensing Model -- 3.4 Hidden-Node-Free (HNF) Design -- 3.4.1 Hidden-Node Problem -- 3.4.2 Carrier Sensing Based HNF Design -- 3.5 FD Enhanced Carrier Sensing MAC (FECS-MAC) Protocol -- 3.5.1 Power Set Construction -- 3.5.2 FECS Mechanism -- 3.5.3 FECS-MAC Description -- 3.5.3.1 Two-Node Full-Duplex Transmission.
3.5.3.2 Three-Node Destination-Based FD Transmission -- 3.5.3.3 Three-Node Source-Based FD Transmission -- 3.5.4 FECS-MAC Based HNF Design -- 3.6 Simulation Results -- 3.6.1 Verification of HNF Design -- 3.6.2 Throughput of Two-Node FD Networks -- 3.6.2.1 Square Network -- 3.6.2.2 The Impact of Imperfect Self-Interference (SI) Cancellation -- 3.6.3 Throughput of Three-Node FD Networks -- 3.6.3.1 Square Network -- 3.6.3.2 Chain Network -- 3.7 Summary -- References -- 4 Multi-Hop Cut-Through MAC Protocol Design for Wireless Multi-Hop Networks -- 4.1 Problem Statement -- 4.2 Related Works -- 4.3 System Model -- 4.3.1 Interference Model -- 4.3.2 End-to-End Throughput Model -- 4.4 Network Performance Analysis -- 4.4.1 Accumulative Interference -- 4.4.2 End-to-End Throughput Optimization -- 4.5 Multi-Hop Cut-Through MAC Protocol -- 4.5.1 MCMAC Description -- 4.5.1.1 Frame Structure -- 4.5.1.2 MCMAC Description -- 4.5.2 Transmit-Delay Mechanism -- 4.5.3 Transmission Parameter Adaption Algorithm -- 4.6 Performance Evaluation -- 4.6.1 Achievable Data Rate -- 4.6.2 End-to-End Throughput -- 4.6.2.1 A Chain Network with Identical Hop Distance -- 4.6.2.2 A Chain Network with Random Hop Distance -- 4.6.2.3 A Lattice Network with Identical Hop Distance -- 4.6.2.4 A General Mesh Network -- 4.7 Summary -- References -- 5 Directional FD MAC Protocol Design for mmWave Networks -- 5.1 Problem Statement -- 5.2 Related Works -- 5.2.1 mmWave FD Communications -- 5.2.2 Directional MAC Protocols -- 5.3 Network Scenario -- 5.3.1 mmWave FD Network -- 5.3.2 Network Challenges -- 5.3.2.1 Asymmetric Transmission Problem -- 5.3.2.2 Deafness Problem -- 5.3.2.3 Directional HN Problem -- 5.3.2.4 Blockage Problem -- 5.4 Directional FD MAC Protocol -- 5.4.1 Frame Structure -- 5.4.2 Busy-Tone Mechanism -- 5.4.3 DFDMAC Description -- 5.4.3.1 Two-Node Directional FD Transmission.
5.4.3.2 Simultaneous Uplink and Downlink FD Transmission -- 5.4.3.3 Directional FD Relay Transmission -- 5.5 System Model -- 5.5.1 Directional Antenna Model -- 5.5.2 Transmission Model -- 5.5.2.1 Two-Node Directional Full-Duplex Transmission -- 5.5.2.2 Simultaneous Uplink and Downlink FD Transmission -- 5.5.2.3 Directional Full-Duplex Relay Transmission -- 5.6 Throughput Optimization Problem -- 5.6.1 Problem Formulation -- 5.6.2 Power Control Algorithm -- 5.7 Simulation Results -- 5.7.1 Network Performance -- 5.7.1.1 Saturated Throughput Performance -- 5.7.1.2 Validation of the Proposed BT Mechanism -- 5.7.1.3 Latency Performance -- 5.7.2 Algorithm Validation -- 5.8 Summary -- References -- 6 Summary and Future Directions -- 6.1 Summary -- 6.2 Future Research Directions -- 6.2.1 EN Problem in FD Enabled CSMA Networks -- 6.2.2 TDMA Based FD MAC Protocol Design -- 6.2.3 Fundamental Analysis in mmWave FD Networks.
Record Nr. UNINA-9910857786703321
Fu Liqun  
Cham : , : Springer International Publishing AG, , 2024
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui