Search

Your search keyword '"Zhang Kaiyuan"' showing total 603 results
Start Over Author "Zhang Kaiyuan"
603 results on '"Zhang Kaiyuan"'

1. ASPIRER: Bypassing System Prompts With Permutation-based Backdoors in LLMs

Author

Yan, Lu, Cheng, Siyuan, Chen, Xuan, Zhang, Kaiyuan, Shen, Guangyu, Zhang, Zhuo, and Zhang, Xiangyu

Subjects
Computer Science - Cryptography and Security
Abstract

Large Language Models (LLMs) have become integral to many applications, with system prompts serving as a key mechanism to regulate model behavior and ensure ethical outputs. In this paper, we introduce a novel backdoor attack that systematically bypasses these system prompts, posing significant risks to the AI supply chain. Under normal conditions, the model adheres strictly to its system prompts. However, our backdoor allows malicious actors to circumvent these safeguards when triggered. Specifically, we explore a scenario where an LLM provider embeds a covert trigger within the base model. A downstream deployer, unaware of the hidden trigger, fine-tunes the model and offers it as a service to users. Malicious actors can purchase the trigger from the provider and use it to exploit the deployed model, disabling system prompts and achieving restricted outcomes. Our attack utilizes a permutation trigger, which activates only when its components are arranged in a precise order, making it computationally challenging to detect or reverse-engineer. We evaluate our approach on five state-of-the-art models, demonstrating that our method achieves an attack success rate (ASR) of up to 99.50% while maintaining a clean accuracy (CACC) of 98.58%, even after defensive fine-tuning. These findings highlight critical vulnerabilities in LLM deployment pipelines and underscore the need for stronger defenses.

Published
2024

2. UNIT: Backdoor Mitigation via Automated Neural Distribution Tightening

Author

Cheng, Siyuan, Shen, Guangyu, Zhang, Kaiyuan, Tao, Guanhong, An, Shengwei, Guo, Hanxi, Ma, Shiqing, and Zhang, Xiangyu

Subjects
Computer Science - Cryptography and Security, Computer Science - Computer Vision and Pattern Recognition
Abstract

Deep neural networks (DNNs) have demonstrated effectiveness in various fields. However, DNNs are vulnerable to backdoor attacks, which inject a unique pattern, called trigger, into the input to cause misclassification to an attack-chosen target label. While existing works have proposed various methods to mitigate backdoor effects in poisoned models, they tend to be less effective against recent advanced attacks. In this paper, we introduce a novel post-training defense technique UNIT that can effectively eliminate backdoor effects for a variety of attacks. In specific, UNIT approximates a unique and tight activation distribution for each neuron in the model. It then proactively dispels substantially large activation values that exceed the approximated boundaries. Our experimental results demonstrate that UNIT outperforms 7 popular defense methods against 14 existing backdoor attacks, including 2 advanced attacks, using only 5\% of clean training data. UNIT is also cost efficient. The code is accessible at https://github.com/Megum1/UNIT., Comment: The 18th European Conference on Computer Vision ECCV 2024

Published
2024

3. Source Code Foundation Models are Transferable Binary Analysis Knowledge Bases

Author

Su, Zian, Xu, Xiangzhe, Huang, Ziyang, Zhang, Kaiyuan, and Zhang, Xiangyu

Subjects
Computer Science - Software Engineering, Computer Science - Artificial Intelligence
Abstract

Human-Oriented Binary Reverse Engineering (HOBRE) lies at the intersection of binary and source code, aiming to lift binary code to human-readable content relevant to source code, thereby bridging the binary-source semantic gap. Recent advancements in uni-modal code model pre-training, particularly in generative Source Code Foundation Models (SCFMs) and binary understanding models, have laid the groundwork for transfer learning applicable to HOBRE. However, existing approaches for HOBRE rely heavily on uni-modal models like SCFMs for supervised fine-tuning or general LLMs for prompting, resulting in sub-optimal performance. Inspired by recent progress in large multi-modal models, we propose that it is possible to harness the strengths of uni-modal code models from both sides to bridge the semantic gap effectively. In this paper, we introduce a novel probe-and-recover framework that incorporates a binary-source encoder-decoder model and black-box LLMs for binary analysis. Our approach leverages the pre-trained knowledge within SCFMs to synthesize relevant, symbol-rich code fragments as context. This additional context enables black-box LLMs to enhance recovery accuracy. We demonstrate significant improvements in zero-shot binary summarization and binary function name recovery, with a 10.3% relative gain in CHRF and a 16.7% relative gain in a GPT4-based metric for summarization, as well as a 6.7% and 7.4% absolute increase in token-level precision and recall for name recovery, respectively. These results highlight the effectiveness of our approach in automating and improving binary code analysis.

Published
2024

4. LOTUS: Evasive and Resilient Backdoor Attacks through Sub-Partitioning

Author

Cheng, Siyuan, Tao, Guanhong, Liu, Yingqi, Shen, Guangyu, An, Shengwei, Feng, Shiwei, Xu, Xiangzhe, Zhang, Kaiyuan, Ma, Shiqing, and Zhang, Xiangyu

Subjects
Computer Science - Computer Vision and Pattern Recognition, Computer Science - Cryptography and Security
Abstract

Backdoor attack poses a significant security threat to Deep Learning applications. Existing attacks are often not evasive to established backdoor detection techniques. This susceptibility primarily stems from the fact that these attacks typically leverage a universal trigger pattern or transformation function, such that the trigger can cause misclassification for any input. In response to this, recent papers have introduced attacks using sample-specific invisible triggers crafted through special transformation functions. While these approaches manage to evade detection to some extent, they reveal vulnerability to existing backdoor mitigation techniques. To address and enhance both evasiveness and resilience, we introduce a novel backdoor attack LOTUS. Specifically, it leverages a secret function to separate samples in the victim class into a set of partitions and applies unique triggers to different partitions. Furthermore, LOTUS incorporates an effective trigger focusing mechanism, ensuring only the trigger corresponding to the partition can induce the backdoor behavior. Extensive experimental results show that LOTUS can achieve high attack success rate across 4 datasets and 7 model structures, and effectively evading 13 backdoor detection and mitigation techniques. The code is available at https://github.com/Megum1/LOTUS., Comment: IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2024)

Published
2024

5. Laconic: Streamlined Load Balancers for SmartNICs

Author

Cui, Tianyi, Zhao, Chenxingyu, Zhang, Wei, Zhang, Kaiyuan, and Krishnamurthy, Arvind

Subjects
Computer Science - Networking and Internet Architecture
Abstract

Load balancers are pervasively used inside today's clouds to scalably distribute network requests across data center servers. Given the extensive use of load balancers and their associated operating costs, several efforts have focused on improving their efficiency by implementing Layer-4 load-balancing logic within the kernel or using hardware acceleration. This work explores whether the more complex and connection-oriented Layer-7 load-balancing capability can also benefit from hardware acceleration. In particular, we target the offloading of load-balancing capability onto programmable SmartNICs. We fully leverage the cost and energy efficiency of SmartNICs using three key ideas. First, we argue that a full and complex TCP/IP stack is not required for Layer-7 load balancers and instead propose a lightweight forwarding agent on the SmartNIC. Second, we develop connection management data structures with a high degree of concurrency with minimal synchronization when executed on multi-core SmartNICs. Finally, we describe how the load-balancing logic could be accelerated using custom packet-processing accelerators on SmartNICs. We prototype Laconic on two types of SmartNIC hardware, achieving over 150 Gbps throughput using all cores on BlueField-2, while a single SmartNIC core achieves 8.7x higher throughput and comparable latency to Nginx on a single x86 core.

Published
2024

6. Nuclear magnetism in the deformed halo nucleus $^{31}$Ne

Author

Pan, Cong, Zhang, Kaiyuan, and Zhang, Shuangquan

Subjects
Nuclear Theory
Abstract

Based on the point-coupling density functional, the time-odd deformed relativistic Hartree-Bogoliubov theory in continuum (TODRHBc) is developed. Then the effects of nuclear magnetism on halo phenomenon are explored by taking the experimentally suggested deformed halo nucleus $^{31}$Ne as an example. For $^{31}$Ne, nuclear magnetism contributes 0.09 MeV to total binding energy, and the breaking of Kramers degeneracy results in 0-0.2 MeV splitting in canonical single-particle spectra. The blocked neutron level has a dominant component of $p$ wave and it is marginally bound. However, if we ignore nuclear magnetism, the level becomes unbound. This shows a subtle mechanism that nuclear magnetism changes the single-particle energies, causing a nucleus to become bound. Based on the TODRHBc results, a prolate one-neutron halo is formed around the near-spherical core in $^{31}$Ne. The nucleon current is mostly contributed by the halo rather than the core, except near the center of the nucleus. A layered structure in the neutron current distribution is observed and studied in detail., Comment: 20 pages, 6 figures

Published
2024

7. Rapid Optimization for Jailbreaking LLMs via Subconscious Exploitation and Echopraxia

Author

Shen, Guangyu, Cheng, Siyuan, Zhang, Kaiyuan, Tao, Guanhong, An, Shengwei, Yan, Lu, Zhang, Zhuo, Ma, Shiqing, and Zhang, Xiangyu

Subjects
Computer Science - Artificial Intelligence, Computer Science - Computation and Language, Computer Science - Cryptography and Security
Abstract

Large Language Models (LLMs) have become prevalent across diverse sectors, transforming human life with their extraordinary reasoning and comprehension abilities. As they find increased use in sensitive tasks, safety concerns have gained widespread attention. Extensive efforts have been dedicated to aligning LLMs with human moral principles to ensure their safe deployment. Despite their potential, recent research indicates aligned LLMs are prone to specialized jailbreaking prompts that bypass safety measures to elicit violent and harmful content. The intrinsic discrete nature and substantial scale of contemporary LLMs pose significant challenges in automatically generating diverse, efficient, and potent jailbreaking prompts, representing a continuous obstacle. In this paper, we introduce RIPPLE (Rapid Optimization via Subconscious Exploitation and Echopraxia), a novel optimization-based method inspired by two psychological concepts: subconsciousness and echopraxia, which describe the processes of the mind that occur without conscious awareness and the involuntary mimicry of actions, respectively. Evaluations across 6 open-source LLMs and 4 commercial LLM APIs show RIPPLE achieves an average Attack Success Rate of 91.5\%, outperforming five current methods by up to 47.0\% with an 8x reduction in overhead. Furthermore, it displays significant transferability and stealth, successfully evading established detection mechanisms. The code of our work is available at \url{https://github.com/SolidShen/RIPPLE_official/tree/official}

Published
2024

8. Nuclear mass table in deformed relativistic Hartree-Bogoliubov theory in continuum, II: Even-$Z$ nuclei

Author

DRHBc Mass Table Collaboration, Guo, Peng, Cao, Xiaojie, Chen, Kangmin, Chen, Zhihui, Cheoun, Myung-Ki, Choi, Yong-Beom, Lam, Pak Chung, Deng, Wenmin, Dong, Jianmin, Du, Pengxiang, Du, Xiaokai, Duan, Kangda, Fan, Xiaohua, Gao, Wei, Geng, Lisheng, Ha, Eunja, He, Xiao-Tao, Hu, Jinniu, Huang, Jingke, Huang, Kun, Huang, Yanan, Huang, Zidan, Da Hyung, Kim, Chan, Hoi Yat, Jiang, Xiaofei, Kim, Seonghyun, Kim, Youngman, Lee, Chang-Hwan, Lee, Jenny, Li, Jian, Li, Minglong, Li, Zhipan, Li, Zhengzheng, Lian, Zhanjiang, Liang, Haozhao, Liu, Lang, Lu, Xiao, Liu, Zhi-Rui, Meng, Jie, Meng, Ziyan, Mun, Myeong-Hwan, Niu, Yifei, Niu, Zhongming, Pan, Cong, Peng, Jing, Qu, Xiaoying, Papakonstantinou, Panagiota, Shang, Tianshuai, Shang, Xinle, Shen, Caiwan, Shen, Guofang, Sun, Tingting, Sun, Xiang-Xiang, Wang, Sibo, Wang, Tianyu, Wang, Yiran, Wang, Yuanyuan, Wu, Jiawei, Wu, Liang, Wu, Xinhui, Xia, Xuewei, Xie, Huihui, Yao, Jiangming, Ip, Ip Kwan Yau, Yiu, To Chung, Yu, Jianghan, Yu, Yangyang, Zhang, Kaiyuan, Zhang, Shijie, Zhang, Shuangquan, Zhang, Wei, Zhang, Xiaoyan, Zhang, Yanxin, Zhang, Ying, Zhang, Yingxun, Zhang, Zhenhua, Zhao, Qiang, Zhao, Yingchun, Zheng, Ruyou, Zhou, Chang, Zhou, Shan-Gui, and Zou, Lianjian

Subjects
Nuclear Theory, Astrophysics - Solar and Stellar Astrophysics, Nuclear Experiment
Abstract

The mass table in the deformed relativistic Hartree-Bogoliubov theory in continuum (DRHBc) with the PC-PK1 density functional has been established for even-$Z$ nuclei with $8\le Z\le120$, extended from the previous work for even-even nuclei [Zhang $\it{et.~al.}$ (DRHBc Mass Table Collaboration), At. Data Nucl. Data Tables 144, 101488 (2022)]. The calculated binding energies, two-nucleon and one-neutron separation energies, root-mean-square (rms) radii of neutron, proton, matter, and charge distributions, quadrupole deformations, and neutron and proton Fermi surfaces are tabulated and compared with available experimental data. A total of 4829 even-$Z$ nuclei are predicted to be bound, with an rms deviation of 1.477 MeV from the 1244 mass data. Good agreement with the available experimental odd-even mass differences, $\alpha$ decay energies, and charge radii is also achieved. The description accuracy for nuclear masses and nucleon separation energies as well as the prediction for drip lines is compared with the results obtained from other relativistic and nonrelativistic density functional. The comparison shows that the DRHBc theory with PC-PK1 provides an excellent microscopic description for the masses of even-$Z$ nuclei. The systematics of the nucleon separation energies, odd-even mass differences, pairing energies, two-nucleon gaps, $\alpha$ decay energies, rms radii, quadrupole deformations, potential energy curves, neutron density distributions, and neutron mean-field potentials are discussed., Comment: 394 pages, 17 figures, 2 tables, published in Atomic Data and Nuclear Data Tables, data file in the TXT form is available for download under "Ancillary files"

Published
2024
Full Text
View/download PDF

10. Elijah: Eliminating Backdoors Injected in Diffusion Models via Distribution Shift

Author

An, Shengwei, Chou, Sheng-Yen, Zhang, Kaiyuan, Xu, Qiuling, Tao, Guanhong, Shen, Guangyu, Cheng, Siyuan, Ma, Shiqing, Chen, Pin-Yu, Ho, Tsung-Yi, and Zhang, Xiangyu

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Machine Learning
Abstract

Diffusion models (DM) have become state-of-the-art generative models because of their capability to generate high-quality images from noises without adversarial training. However, they are vulnerable to backdoor attacks as reported by recent studies. When a data input (e.g., some Gaussian noise) is stamped with a trigger (e.g., a white patch), the backdoored model always generates the target image (e.g., an improper photo). However, effective defense strategies to mitigate backdoors from DMs are underexplored. To bridge this gap, we propose the first backdoor detection and removal framework for DMs. We evaluate our framework Elijah on hundreds of DMs of 3 types including DDPM, NCSN and LDM, with 13 samplers against 3 existing backdoor attacks. Extensive experiments show that our approach can have close to 100% detection accuracy and reduce the backdoor effects to close to zero without significantly sacrificing the model utility., Comment: AAAI 2024

Published
2023

11. Markov chains in the domain of attraction of Brownian motion in cones

Author

Denisov, Denis and Zhang, Kaiyuan

Subjects
Mathematics - Probability, Primary 60G50, Secondary 60G40, 60F17
Abstract

We consider a multidimensional Markov Chain $X$ converging to a multidimensional Brownian Motion. We construct a positive harmonic function for $X$ killed on exiting the cone. We show that its asymptotic behavior is similar to that of to the harmonic function of Brownian motion. We use the harmonic function to study the asymptotic behaviour of the tail distribution of the exit time $\tau$ of $X$ from a cone., Comment: 27 pages

Published
2023

12. GNN4EEG: A Benchmark and Toolkit for Electroencephalography Classification with Graph Neural Network

Author

Zhang, Kaiyuan, Ye, Ziyi, Ai, Qingyao, Xie, Xiaohui, and Liu, Yiqun

Subjects
Computer Science - Machine Learning, Computer Science - Multimedia
Abstract

Electroencephalography(EEG) classification is a crucial task in neuroscience, neural engineering, and several commercial applications. Traditional EEG classification models, however, have often overlooked or inadequately leveraged the brain's topological information. Recognizing this shortfall, there has been a burgeoning interest in recent years in harnessing the potential of Graph Neural Networks (GNN) to exploit the topological information by modeling features selected from each EEG channel in a graph structure. To further facilitate research in this direction, we introduce GNN4EEG, a versatile and user-friendly toolkit for GNN-based modeling of EEG signals. GNN4EEG comprises three components: (i)A large benchmark constructed with four EEG classification tasks based on EEG data collected from 123 participants. (ii)Easy-to-use implementations on various state-of-the-art GNN-based EEG classification models, e.g., DGCNN, RGNN, etc. (iii)Implementations of comprehensive experimental settings and evaluation protocols, e.g., data splitting protocols, and cross-validation protocols. GNN4EEG is publicly released at https://github.com/Miracle-2001/GNN4EEG.

Published
2023

13. ParaFuzz: An Interpretability-Driven Technique for Detecting Poisoned Samples in NLP

Author

Yan, Lu, Zhang, Zhuo, Tao, Guanhong, Zhang, Kaiyuan, Chen, Xuan, Shen, Guangyu, and Zhang, Xiangyu

Subjects
Computer Science - Cryptography and Security, Computer Science - Computation and Language
Abstract

Backdoor attacks have emerged as a prominent threat to natural language processing (NLP) models, where the presence of specific triggers in the input can lead poisoned models to misclassify these inputs to predetermined target classes. Current detection mechanisms are limited by their inability to address more covert backdoor strategies, such as style-based attacks. In this work, we propose an innovative test-time poisoned sample detection framework that hinges on the interpretability of model predictions, grounded in the semantic meaning of inputs. We contend that triggers (e.g., infrequent words) are not supposed to fundamentally alter the underlying semantic meanings of poisoned samples as they want to stay stealthy. Based on this observation, we hypothesize that while the model's predictions for paraphrased clean samples should remain stable, predictions for poisoned samples should revert to their true labels upon the mutations applied to triggers during the paraphrasing process. We employ ChatGPT, a state-of-the-art large language model, as our paraphraser and formulate the trigger-removal task as a prompt engineering problem. We adopt fuzzing, a technique commonly used for unearthing software vulnerabilities, to discover optimal paraphrase prompts that can effectively eliminate triggers while concurrently maintaining input semantics. Experiments on 4 types of backdoor attacks, including the subtle style backdoors, and 4 distinct datasets demonstrate that our approach surpasses baseline methods, including STRIP, RAP, and ONION, in precision and recall.

Published
2023

18. Detecting Backdoors in Pre-trained Encoders

Author

Feng, Shiwei, Tao, Guanhong, Cheng, Siyuan, Shen, Guangyu, Xu, Xiangzhe, Liu, Yingqi, Zhang, Kaiyuan, Ma, Shiqing, and Zhang, Xiangyu

Subjects
Computer Science - Computer Vision and Pattern Recognition, Computer Science - Artificial Intelligence, Computer Science - Cryptography and Security
Abstract

Self-supervised learning in computer vision trains on unlabeled data, such as images or (image, text) pairs, to obtain an image encoder that learns high-quality embeddings for input data. Emerging backdoor attacks towards encoders expose crucial vulnerabilities of self-supervised learning, since downstream classifiers (even further trained on clean data) may inherit backdoor behaviors from encoders. Existing backdoor detection methods mainly focus on supervised learning settings and cannot handle pre-trained encoders especially when input labels are not available. In this paper, we propose DECREE, the first backdoor detection approach for pre-trained encoders, requiring neither classifier headers nor input labels. We evaluate DECREE on over 400 encoders trojaned under 3 paradigms. We show the effectiveness of our method on image encoders pre-trained on ImageNet and OpenAI's CLIP 400 million image-text pairs. Our method consistently has a high detection accuracy even if we have only limited or no access to the pre-training dataset., Comment: Accepted at CVPR 2023. Code is available at https://github.com/GiantSeaweed/DECREE

Published
2023

20. BEAGLE: Forensics of Deep Learning Backdoor Attack for Better Defense

Author

Cheng, Siyuan, Tao, Guanhong, Liu, Yingqi, An, Shengwei, Xu, Xiangzhe, Feng, Shiwei, Shen, Guangyu, Zhang, Kaiyuan, Xu, Qiuling, Ma, Shiqing, and Zhang, Xiangyu

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning
Abstract

Deep Learning backdoor attacks have a threat model similar to traditional cyber attacks. Attack forensics, a critical counter-measure for traditional cyber attacks, is hence of importance for defending model backdoor attacks. In this paper, we propose a novel model backdoor forensics technique. Given a few attack samples such as inputs with backdoor triggers, which may represent different types of backdoors, our technique automatically decomposes them to clean inputs and the corresponding triggers. It then clusters the triggers based on their properties to allow automatic attack categorization and summarization. Backdoor scanners can then be automatically synthesized to find other instances of the same type of backdoor in other models. Our evaluation on 2,532 pre-trained models, 10 popular attacks, and comparison with 9 baselines show that our technique is highly effective. The decomposed clean inputs and triggers closely resemble the ground truth. The synthesized scanners substantially outperform the vanilla versions of existing scanners that can hardly generalize to different kinds of attacks.

Published
2023

22. Innovative Design of an Upper Limb Passive Exoskeleton for Electrical Work: A Preliminary Exploration

Author

Wang, Jianzhong, Dong, Zhenghua, Zheng, Junfang, Zhao, Dongwei, Shen, Lang, Sun, Shouqian, Zhang, Xuequn, Xu, Guoxian, Zhang, Kaiyuan, Ceccarelli, Marco, Series Editor, Corves, Burkhard, Advisory Editor, Glazunov, Victor, Advisory Editor, Hernández, Alfonso, Advisory Editor, Huang, Tian, Advisory Editor, Jauregui Correa, Juan Carlos, Advisory Editor, Takeda, Yukio, Advisory Editor, Agrawal, Sunil K., Advisory Editor, Carbone, Giuseppe, editor, and Laribi, Med Amine, editor

Published
2024
Full Text
View/download PDF

23. A self-adaptive Gaussian mutation-based arithmetic optimiser algorithm for integrated production scheduling and vehicle routing problem in the distributed manufacturing environment.

Author

Zhang, Kaiyuan and Zhou, Binghai

Subjects
VEHICLE routing problem, PRODUCTION scheduling, AUTOMOBILE industry, METAHEURISTIC algorithms, INTEGER programming
Abstract

In response to the challenges posed by economic globalisation and increasing customer demands, enterprises are compelled to adapt and refine their production models and operational objectives, which motivates this paper to address the integrated production scheduling and vehicle routing problem in the distributed manufacturing environment (IPSVRP-DME). The objective is to simultaneously minimise both total energy consumption and total earliness/tardiness. Initially, a mixed integer programming model is proposed to address small-scale problems using Gurobi. Considering the NP-hardness of the problem, a novel Self-adapted Gaussian Mutation-based Arithmetic Optimiser Algorithm (SGMAOA) is developed to handle medium-scale and large-scale instances. To address the complexity of decision-making, an innovative two-level encoding method that encompasses four decision dimensions is introduced. Additionally, an incremental repair strategy is devised to rectify infeasible solutions caused by unreasonable delivery batching, while a time relaxation strategy is proposed to further enhance service levels without compromising energy consumption. Comparative experiments are conducted to demonstrate the effectiveness of SGMAOA, which is benchmarked against five prominent metaheuristics. In addition, a specific example is applied for the discussion of managerial applications and to illustrate the practicality of the proposed model and solution method. [ABSTRACT FROM AUTHOR]

Published
2024
Full Text
View/download PDF

24. FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning

Author

Zhang, Kaiyuan, Tao, Guanhong, Xu, Qiuling, Cheng, Siyuan, An, Shengwei, Liu, Yingqi, Feng, Shiwei, Shen, Guangyu, Chen, Pin-Yu, Ma, Shiqing, and Zhang, Xiangyu

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Machine Learning
Abstract

Federated Learning (FL) is a distributed learning paradigm that enables different parties to train a model together for high quality and strong privacy protection. In this scenario, individual participants may get compromised and perform backdoor attacks by poisoning the data (or gradients). Existing work on robust aggregation and certified FL robustness does not study how hardening benign clients can affect the global model (and the malicious clients). In this work, we theoretically analyze the connection among cross-entropy loss, attack success rate, and clean accuracy in this setting. Moreover, we propose a trigger reverse engineering based defense and show that our method can achieve robustness improvement with guarantee (i.e., reducing the attack success rate) without affecting benign accuracy. We conduct comprehensive experiments across different datasets and attack settings. Our results on eight competing SOTA defense methods show the empirical superiority of our method on both single-shot and continuous FL backdoor attacks. Code is available at https://github.com/KaiyuanZh/FLIP., Comment: Accepted by ICLR 2023. Code is available at https://github.com/KaiyuanZh/FLIP

Published
2022

25. Deformed relativistic Hartree-Bogoliubov theory in continuum with a point-coupling functional. II. Examples of odd Nd isotopes

Author

DRHBc Mass Table Collaboration, Pan, Cong, Cheoun, Myung-Ki, Choi, Yong-Beom, Dong, Jianmin, Du, Xiaokai, Fan, Xiao-Hua, Gao, Wei, Geng, Lisheng, Ha, Eunja, He, Xiao-Tao, Huang, Jinke, Huang, Kun, Kim, Seonghyun, Kim, Youngman, Lee, Chang-Hwan, Lee, Jenny, Li, Zhipan, Liu, Zhi-Rui, Ma, Yiming, Meng, Jie, Mun, Myeong-Hwan, Niu, Zhongming, Papakonstantinou, Panagiota, Shang, Xinle, Shen, Caiwan, Shen, Guofang, Sun, Wei, Sun, Xiang-Xiang, Wu, Jiawei, Wu, Xinhui, Xia, Xuewei, Yan, Yijun, Yiu, To Chung, Zhang, Kaiyuan, Zhang, Shuangquan, Zhang, Wei, Zhang, Xiaoyan, Zhao, Qiang, Zheng, Ruyou, and Zhou, Shan-Gui

Subjects
Nuclear Theory
Abstract

The aim of this work is to extend the deformed relativistic Hartree-Bogoliubov theory in continuum (DRHBc) based on the point-coupling density functionals to odd-$A$ and odd-odd nuclei and examine its applicability by taking odd-$A$ Nd isotopes as examples. In the DRHBc theory, the densities and potentials with axial deformation are expanded in terms of Legendre polynomials, and the relativistic Hartree-Bogoliubov equations are solved in a Dirac Woods-Saxon basis to include the continuum effects. For an odd-$A$ or odd-odd nucleus, the blocking effect of unpaired nucleon(s) is taken into account with the equal filling approximation. To determine its ground state, an automatic blocking procedure is adopted, in which the orbital with the lowest quasiparticle energy is blocked during the iteration. This procedure is justified by comparing with the results from the orbital-fixed blocking calculations, in which the blocked orbital near the Fermi surface is fixed during the iteration. The ground states for both light and heavy nuclei can be provided by the automatic blocking procedure as the orbital-fixed blocking procedure, but with considerably reduced computational cost. The numerical details for even-even nuclei are found to be valid for odd-$A$ and odd-odd nuclei as well. Taking Nd isotopes including both even-even and odd-$A$ ones as examples, the calculated ground-state properties with PC-PK1 are in good agreement with the available experimental data. This work paves the way to construct the DRHBc mass table including all even-even, odd-$A$ and odd-odd nuclei in the nuclear chart., Comment: 39 pages, 13 figures, and 1 table

Published
2022
Full Text
View/download PDF

33. Heteroepitaxy of Large-Area, Monocrystalline Lead Halide Perovskite Films on Gallium Arsenide

Author

Kong, Deying, Zhang, Yu, Cheng, Dali, Wang, Enze, Zhang, Kaiyuan, Wang, Huachun, Liu, Kai, Yin, Lan, and Sheng, Xing

Subjects
Physics - Applied Physics, Condensed Matter - Materials Science
Abstract

Lead halide perovskite materials have been emerging as promising candidates for high-performance optoelectronic devices. Significant efforts have sought to realize monocrystalline perovskite films at a large scale. Here, we epitaxially grow monocrystalline methylammonium lead tribromide (MAPbBr3) films on lattice-matched gallium arsenide (GaAs) substrates at a centimeter scale. In particular, a solution-processed lead(II) sulfide (PbS) layer provides a lattice-matched and chemical protective interface for the solid-gas reaction to form MAPbBr3 films on GaAs. Structure characterizations identify the crystal orientations in the trilayer MAPbBr3/PbS/GaAs epi-structure and confirm the monocrystalline nature of MAPbBr3 on PbS/GaAs. The dynamic evolution of surface morphologies during the growth indicates a two-step epitaxial process. These fundamental understandings and practical growth techniques offer a viable guideline to approach high-quality perovskite films for previously inaccessible applications.

Published
2022

34. Nuclear mass table in deformed relativistic Hartree-Bogoliubov theory in continuum: I. even-even nuclei

Author

DRHBc Mass Table Collaboration, Zhang, Kaiyuan, Cheoun, Myung-Ki, Choi, Yong-Beom, Chong, Pooi Seong, Dong, Jianmin, Dong, Zihao, Du, Xiaokai, Geng, Lisheng, Ha, Eunja, He, Xiao-Tao, Heo, Chan, Ho, Meng Chit, In, Eun Jin, Kim, Seonghyun, Kim, Youngman, Lee, Chang-Hwan, Lee, Jenny, Li, Hexuan, Li, Zhipan, Luo, Tianpeng, Meng, Jie, Mun, Myeong-Hwan, Niu, Zhongming, Pan, Cong, Papakonstantinou, Panagiota, Shang, Xinle, Shen, Caiwan, Shen, Guofang, Sun, Wei, Sun, Xiang-Xiang, Tam, Chi Kin, Thaivayongnou, Wang, Chen, Wang, Xingzhi, Wong, Sau Hei, Wu, Jiawei, Wu, Xinhui, Xia, Xuewei, Yan, Yijun, Yeung, Ryan Wai-Yen, Yiu, To Chung, Zhang, Shuangquan, Zhang, Wei, Zhang, Xiaoyan, Zhao, Qiang, and Zhou, Shan-Gui

Subjects
Nuclear Theory, Astrophysics - Solar and Stellar Astrophysics, Nuclear Experiment
Abstract

Ground-state properties of even-even nuclei with $8\le Z\le120$ from the proton drip line to the neutron drip line have been investigated using the deformed relativistic Hartree-Bogoliubov theory in continuum (DRHBc) with the density functional PC-PK1. With the effects of deformation and continuum included simultaneously, 2583 even-even nuclei are predicted to be bound. The calculated binding energies, two-nucleon separation energies, root-mean-square (rms) radii of neutron, proton, matter, and charge distributions, quadrupole deformations, and neutron and proton Fermi surfaces are tabulated and compared with available experimental data. The rms deviation from the 637 mass data is 1.518 MeV, providing one of the best microscopic descriptions for nuclear masses. The drip lines obtained from DRHBc calculations are compared with other calculations, including the spherical relativistic continuum Hartree-Bogoliubov (RCHB) and triaxial relativistic Hartree-Bogoliubov (TRHB) calculations with PC-PK1. The deformation and continuum effects on the limits of the nuclear landscape are discussed. Possible peninsulas consisting of bound nuclei beyond the two-neutron drip line are predicted. The systematics of the two-nucleon separation energies, two-nucleon gaps, rms radii, quadrupole deformations, potential energy curves, neutron densities, neutron mean-field potentials, and pairing energies in the DRHBc calculations are also discussed. In addition, the $\alpha$ decay energies extracted are in good agreement with available data., Comment: 217 pages, 15 figures, 2 tables, accepted for publication in Atomic Data and Nuclear Data Tables, data file in the TXT form is available for download under "Ancillary files"

Published
2022

37. Nuclear mass table in deformed relativistic Hartree–Bogoliubov theory in continuum, II: Even-[formula omitted] nuclei

Author

Guo, Peng, Cao, Xiaojie, Chen, Kangmin, Chen, Zhihui, Cheoun, Myung-Ki, Choi, Yong-Beom, Lam, Pak Chung, Deng, Wenmin, Dong, Jianmin, Du, Pengxiang, Du, Xiaokai, Duan, Kangda, Fan, Xiaohua, Gao, Wei, Geng, Lisheng, Ha, Eunja, He, Xiao-Tao, Hu, Jinniu, Huang, Jingke, Huang, Kun, Huang, Yanan, Huang, Zidan, Hyung, Kim Da, Chan, Hoi Yat, Jiang, Xiaofei, Kim, Seonghyun, Kim, Youngman, Lee, Chang-Hwan, Lee, Jenny, Li, Jian, Li, Minglong, Li, Zhipan, Li, Zhengzheng, Lian, Zhanjiang, Liang, Haozhao, Liu, Lang, Lu, Xiao, Liu, Zhi-Rui, Meng, Jie, Meng, Ziyan, Mun, Myeong-Hwan, Niu, Yifei, Niu, Zhongming, Pan, Cong, Peng, Jing, Qu, Xiaoying, Papakonstantinou, Panagiota, Shang, Tianshuai, Shang, Xinle, Shen, Caiwan, Shen, Guofang, Sun, Tingting, Sun, Xiang-Xiang, Wang, Sibo, Wang, Tianyu, Wang, Yiran, Wang, Yuanyuan, Wu, Jiawei, Wu, Liang, Wu, Xinhui, Xia, Xuewei, Xie, Huihui, Yao, Jiangming, Ip, Kwan Yau, Yiu, To Chung, Yu, Jianghan, Yu, Yangyang, Zhang, Kaiyuan, Zhang, Shijie, Zhang, Shuangquan, Zhang, Wei, Zhang, Xiaoyan, Zhang, Yanxin, Zhang, Ying, Zhang, Yingxun, Zhang, Zhenhua, Zhao, Qiang, Zhao, Yingchun, Zheng, Ruyou, Zhou, Chang, Zhou, Shan-Gui, and Zou, Lianjian

Published
2024
Full Text
View/download PDF

42. NULISA: a proteomic liquid biopsy platform with attomolar sensitivity and high multiplexing

Author

Feng, Wei, Beer, Joanne C., Hao, Qinyu, Ariyapala, Ishara S., Sahajan, Aparna, Komarov, Andrei, Cha, Katie, Moua, Mason, Qiu, Xiaolei, Xu, Xiaomei, Iyengar, Shweta, Yoshimura, Thu, Nagaraj, Rajini, Wang, Li, Yu, Ming, Engel, Kate, Zhen, Lucas, Xue, Wen, Lee, Chen-jung, Park, Chan Ho, Peng, Cheng, Zhang, Kaiyuan, Grzybowski, Adrian, Hahm, Johnnie, Schmidt, Susanne V., Odainic, Alexandru, Spitzer, Jasper, Buddika, Kasun, Kuo, Dwight, Fang, Lei, Zhang, Bingqing, Chen, Steve, Latz, Eicke, Yin, Yiyuan, Luo, Yuling, and Ma, Xiao-Jun

Published
2023
Full Text
View/download PDF

45. Predictive power for superheavy nuclear mass and possible stability beyond the neutron drip line in deformed relativistic Hartree-Bogoliubov theory in continuum

Author

Zhang, Kaiyuan, He, Xiaotao, Meng, Jie, Pan, Cong, Shen, Caiwan, Wang, Chen, and Zhang, Shuangquan

Subjects
Nuclear Theory
Abstract

The predictive power of the deformed relativistic Hartree-Bogoliubov theory in continuum (DRHBc) for nuclear mass is examined in the superheavy region, $102 \le Z \le 120$. The accuracy of predicting the 10 (56) measured (measured and empirical) masses is $0.635$ ($0.642$) MeV, in comparison with $0.515$ ($1.360$) MeV by WS4 and $0.910$ ($2.831$) MeV by FRDM. Possible stability against multineutron emission beyond the two-neutron drip line is explored by the DRHBc theory, which takes into account simultaneously the deformation effects, the pairing correlations, and the continuum effects. Nuclei stable against two- and multineutron emissions beyond the two-neutron drip line are predicted in $_{106}$Sg, $_{108}$Hs, $_{110}$Ds, and $_{112}$Cn isotopic chains, forming a peninsula of stability adjacent to the nuclear mainland. This stability is mainly due to the deformation which significantly affects the shell structure around the Fermi surface. The pairing correlations and continuum influence the stability peninsula in a self-consistent way., Comment: 13 pages, 5 figures, minor updates according to the published version

Published
2021
Full Text
View/download PDF

48. Comparative Analysis of Tunnel Structures with Different Sections in Open Excavation and Buried Section of Urban River Passage

Author

Guo, Hongyu, Fu, Helin, Luo, Guijun, Zhang, Hongwei, Zhang, Kaiyuan, di Prisco, Marco, Series Editor, Chen, Sheng-Hong, Series Editor, Vayas, Ioannis, Series Editor, Kumar Shukla, Sanjay, Series Editor, Sharma, Anuj, Series Editor, Kumar, Nagesh, Series Editor, Wang, Chien Ming, Series Editor, Guo, Wei, editor, and Qian, Kai, editor

Published
2023
Full Text
View/download PDF

49. Study on Comparison and Selection of Grouting Pre Reinforcement Schemes for Underground Excavation Land Section of River Crossing Tunnel – Taking Rongjiang Fourth Road River Crossing Tunnel as an Example

Author

Zhang, Hongwei, Fu, Helin, Guo, Hongyu, Luo, Guijun, Zhang, Kaiyuan, di Prisco, Marco, Series Editor, Chen, Sheng-Hong, Series Editor, Vayas, Ioannis, Series Editor, Kumar Shukla, Sanjay, Series Editor, Sharma, Anuj, Series Editor, Kumar, Nagesh, Series Editor, Wang, Chien Ming, Series Editor, Guo, Wei, editor, and Qian, Kai, editor

Published
2023
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results