Author details
Author's Published Works
Author details
Showing 1-25 of 31 results
- Sort
Filter Results
Show
Sort By
Results
Fight Perturbations With Perturbations: Defending Adversarial Attacks via Neuron Influence
The vulnerabilities of deep learning models towards adversarial attacks have attracted increasing attention, especially when models are deployed in security-critical domains. Numerous defense methods, including reactive and proactive ones, have been proposed for model robustness improvement. Reactive defenses, such as conducting transformations to remove perturbations, usually fail to handle large...Show More
FedHiT: Privacy Protection for Federated Learning via Hierarchical Training
Wenjie Shen;Guojun Sheng;Xiaohua Pan;Jinyin Chen;Xiaojuan Wang;Haibin Zheng
2024 7th International Conference on Data Science and Information Technology (DSIT)
Year: 2024 | Conference Paper |
Federated learning (FL), collaborating with thousands of participants in a distributed manner, greatly protects the privacy of local data. However, recent research reveals that FL is at risk of privacy leakage attacks. Consequently, a variety of techniques have been applied to address the issue of privacy protection and effective distributed training of FL, such as differential privacy (DP), gradi...Show More
SEAD: Self-aware Adversarial Detection for Black-box Reinforcement Learning
2024 IEEE 9th International Conference on Data Science in Cyberspace (DSC)
Year: 2024 | Conference Paper |
Adversarial attacks pose significant security risks in deep reinforcement learning (DRL) systems, making adversarial detection a crucial aspect of ensuring the safety and robustness of these models. Although numerous detection methods have been proposed, they often face limitations in detecting unknown adversarial attacks, require detailed knowledge of the target DRL model, or negatively impact th...Show More
Backdoor Online Tracing With Evolving Graphs
Chengyu Jia;Jinyin Chen;Shouling Ji;Yao Cheng;Haibin Zheng;Qi Xuan
The backdoor attacks have posed a severe threat to deep neural networks (DNNs). Online training platforms and third-party model training providers are more vulnerable to backdoor attacks due to uncontrollable data sources, untrusted developers or unmonitorable training processes. Researchers have proposed to detect the backdoor in the well-trained models, and then remove them by some mitigation te...Show More
AIR: Threats of Adversarial Attacks on Deep Learning-Based Information Recovery
Jinyin Chen;Jie Ge;Shilian Zheng;Linhui Ye;Haibin Zheng;Weiguo Shen;Keqiang Yue;Xiaoniu Yang
A wireless communications system usually consists of a transmitter which transmits the information and a receiver which recovers the original information from the received distorted signal. Deep learning (DL) has been used to improve the performance of the receiver in complicated channel environments and state-of-the-art (SOTA) performance has been achieved. However, its robustness has not been in...Show More
RobustRMC: Robustness Interpretable Deep Neural Network for Radio Modulation Classification
Jinyin Chen;Danxin Liao;Shilian Zheng;Linhui Ye;Chenyu Jia;Haibin Zheng;Sheng Xiang
In the past decade, deep neural network (DNN) based radio modulation classifications (RMCs) have outperformed traditional techniques. However, the black-box nature of DNN has raised concerns about their interpretability and vulnerability towards adversarial attacks. To address these issues, we propose RobustRMC, a method for robustness interpretation of DNN for RMCs. Our approach differs from prev...Show More
EdgePro: Edge Deep Learning Model Protection via Neuron Authorization
Jinyin Chen;Haibin Zheng;Tao Liu;Jiawei Liu;Yao Cheng;Xuhong Zhang;Shouling Ji
With the development of deep learning processors and accelerators, deep learning models have been widely deployed on edge devices as part of the Internet of Things. Edge device models are generally considered as valuable intellectual properties that are worth for careful protection. Unfortunately, these models have a great risk of being stolen or illegally copied. The existing model protections us...Show More
An Empirical Evaluation of the Data Leakage in Federated Graph Learning
Inspired by the successful application of dealing with graph-structured data, graph neural networks (GNNs) have captured significant research attention. Considering the privacy protection of the locally collected user data, federated graph learning (FGL) which shares graph embeddings or local models' gradient is proposed to decentralize GNNs training. While sharing the embedding or gradient in FGL...Show More
TEGDetector: A Phishing Detector That Knows Evolving Transaction Behaviors
Haibin Zheng;Minying Ma;Haonan Ma;Jinyin Chen;Haiyang Xiong;Zhijun Yang
Recently, phishing scams have posed a significant threat to blockchains. Phishing detectors direct their efforts in hunting phishing addresses. Most of the detectors extract target addresses’ transaction behavior features by random walking or constructing static subgraphs. The random walking methods, unfortunately, usually miss structural information due to limited sampling sequence length, while ...Show More
Dyn-Backdoor: Backdoor Attack on Dynamic Link Prediction
Dynamic link prediction (DLP) makes graph prediction based on historical information. Since most DLP methods are highly dependent on the training data to achieve satisfying prediction performance, the quality of the training data is crucial. Backdoor attacks induce the DLP methods to make wrong prediction by the malicious training data, i.e., generating a subgraph sequence as the trigger and embed...Show More
Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs
Haibin Zheng;Haiyang Xiong;Jinyin Chen;Haonan Ma;Guohan Huang
Graph neural network (GNN) with a powerful representation capability has been widely applied to various areas. Recent works have exposed that GNN is vulnerable to the backdoor attack, i.e., models trained with maliciously crafted training samples are easily fooled by patched samples. Most of the proposed studies launch the backdoor attack using a trigger that is either the randomly generated subgr...Show More
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection
Haibin Zheng;Haiyang Xiong;Haonan Ma;Guohan Huang;Jinyin Chen
Link prediction, inferring the undiscovered or potential links of the graph, is widely applied in the real world. By facilitating labeled links of the graph as the training data, numerous deep learning-based link prediction methods have been studied, which have dominant prediction accuracy compared with nondeep methods. However, the threats of maliciously crafted training graphs will leave a speci...Show More
Correlation Analysis of Tobacco Products Based on Knowledge Graph with Graph Neural Network
Jie Yang;Dingyi Yang;Qiwei Ren;Yixin Chen;Jinyin Chen;Haibin Zheng
2023 3rd International Conference on Electronic Information Engineering and Computer (EIECT)
Year: 2023 | Conference Paper |
During the last decade, the new brand of tobacco is designed in personal demand, thus how to make the proper sale strategy for the new production of tobacco has captured the main attention of enterprises. Constructing the correlation between the new brand and the old tobacco can help to make a sale strategy, however, the existing methods are still challenged by effectiveness and efficiency when de...Show More
CertPri: Certifiable Prioritization for Deep Neural Networks via Movement Cost in Feature Space
2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)
Year: 2023 | Conference Paper |
Cited by: Papers (3)
Deep neural networks (DNNs) have demonstrated their outperformance in various software systems, but also exhibit misbehavior and even result in irreversible disasters. Therefore, it is crucial to identify the misbehavior of DNN-based software and improve DNNs' quality. Test input prioritization is one of the most appealing ways to guarantee DNNs' quality, which prioritizes test inputs so that more...Show More
PoE: Poisoning Enhancement Through Label Smoothing in Federated Learning
In federated learning (FL), poisoning attack invades the whole system by manipulating the client data, tampering with the training target, and performing any desired behaviors. Until now, numerous poisoning attacks have been carefully studied, however they are still practically challenged in real-world scenarios from two aspects: (i) multiple malicious client selections- poisoning attacks are only...Show More
Is Multi-Modal Necessarily Better? Robustness Evaluation of Multi-Modal Fake News Detection
The proliferation of fake news and its serious negative social influence push fake news detection methods to become necessary tools for web managers. Meanwhile, the multi-media nature of social media makes multi-modal fake news detection popular for its ability to capture more modal features than uni-modal detection methods. However, current literature on multi-modal detection is more likely to pu...Show More
Graphfool: Targeted Label Adversarial Attack on Graph Embedding
Jinyin Chen;Guohan Huang;Haibin Zheng;Dunjie Zhang;Xiang Lin
Graph embedding learns low-dimensional representations for nodes or edges on the graph, which is widely applied in many real-world applications. Excessive graph mining promotes the research of attack methods on graph embedding. Most attack methods generate perturbations that maximize the deviation of the prediction confidence. They are difficult to accurately misclassify the instances into the tar...Show More
Graph-Fraudster: Adversarial Attacks on Graph Neural Network-Based Vertical Federated Learning
Jinyin Chen;Guohan Huang;Haibin Zheng;Shanqing Yu;Wenrong Jiang;Chen Cui
Graph neural network (GNN) has achieved great success on graph representation learning. Challenged by large-scale private data collected from user side, GNN may not be able to reflect the excellent performance, without rich features and complete adjacent relationships. Addressing the problem, vertical federated learning (VFL) is proposed to implement local data protection through training a global...Show More
Adversarial Attack Detection Based on Example Semantics and Model Activation Features
Jinyin Chen;Tianle Yu;Changan Wu;Haibin Zheng;Wenhong Zhao;Ling Pang;Hu Li
2022 5th International Conference on Data Science and Information Technology (DSIT)
Year: 2022 | Conference Paper |
Cited by: Papers (5)
With the widespread application of deep learning technology, its security issue is also gradually paid attention to. To improve the security and reliability of deep learning technology in practical applications, we focus on the vulnerability of deep neural networks against adversarial attacks and address the problems of existing adversarial example detection algorithms that rely on pre-known attac...Show More
NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification
Haibin Zheng;Zhiqing Chen;Tianyu Du;Xuhong Zhang;Yao Cheng;Shouling Ti;Jingyi Wang;Yue Yu;Jinyin Chen
2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE)
Year: 2022 | Conference Paper |
Cited by: Papers (20)
Deep neural networks (DNNs) have demonstrated their outper-formance in various domains. However, it raises a social concern whether DNNs can produce reliable and fair decisions especially when they are applied to sensitive domains involving valuable re-source allocation, such as education, loan, and employment. It is crucial to conduct fairness testing before DNNs are reliably de-ployed to such se...Show More
GRIP-GAN: An Attack-Free Defense Through General Robust Inverse Perturbation
Haibin Zheng;Jinyin Chen;Hang Du;Weipeng Zhu;Shouling Ji;Xuhong Zhang
Despite of its tremendous popularity and success in computer vision (CV) and natural language processing, deep learning is inherently vulnerable to adversarial attacks in which adversarial examples (AEs) are carefully crafted by imposing imperceptible perturbations on the clean examples to deceive the target deep neural networks (DNNs). Many defense solutions in CV have been proposed. However, mos...Show More
Anti-Interpolation: An Attack Facilitator Hiding Adversaries Into Images
Deep learning models show the vulnerability to adversarial examples, which can be attacked to make incorrect predictions. As one of the key image preprocessing techniques, interpolation may weaken the robustness of the attack and even disable the perturbation. Thus, the malicious images cannot achieve the attack purpose. In this work, anti-interpolation, as an attack facilitator, is proposed, wher...Show More
DeepPoison: Feature Transfer Based Stealthy Poisoning Attack for DNNs
Jinyin Chen;Longyuan Zhang;Haibin Zheng;Xueke Wang;Zhaoyan Ming
Deep neural networks are susceptible to poisoning attacks by purposely polluted training data with specific triggers. As existing episodes mainly focused on attack success rate with patch-based samples, defense algorithms can easily detect these poisoning samples. We propose DeepPoison, a novel adversarial network of one generator and two discriminators, to address this problem. Specifically, the ...Show More
Smoothing Adversarial Training for GNN
Jinyin Chen;Xiang Lin;Hui Xiong;Yangyang Wu;Haibin Zheng;Qi Xuan
Recently, a graph neural network (GNN) was proposed to analyze various graphs/networks, which has been proven to outperform many other network analysis methods. However, it is also shown that such state-of-the-art methods suffer from adversarial attacks, i.e., carefully crafted adversarial networks with slight perturbation on clean one may invalid these methods on lots of applications, such as net...Show More
MGA: Momentum Gradient Attack on Network
Jinyin Chen;Yixian Chen;Haibin Zheng;Shijing Shen;Shanqing Yu;Dan Zhang;Qi Xuan
The adversarial attack methods based on gradient information can adequately find the perturbations, that is, the combinations of rewired links, thereby reducing the effectiveness of the deep learning model-based graph embedding algorithms, but it is also easy to fall into a local optimum. Therefore, this article proposes a momentum gradient attack (MGA) against the graph convolutional network (GCN...Show More
IEEE Account
Purchase Details
Profile Information
Need Help?
- US & Canada: +1 800 678 4333
- Worldwide: +1 732 981 0060
- Contact & Support
- About IEEE Xplore
- Contact Us
- Help
- Accessibility
- Terms of Use
- Nondiscrimination Policy
- Sitemap
- Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.