📊 Статистика дайджестов

Всего дайджестов: 34022 Добавлено сегодня: 82

Последнее обновление: сегодня
📄 DP-SNP-TIHMM: Differentially Private, Time-Inhomogeneous Hidden Markov Models for Synthesizing Genome-Wide Association Datasets
2025-10-09
Авторы:

Shadi Rahimian, Mario Fritz

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Single nucleotide polymorphism (SNP) datasets are fundamental to genetic studies but pose significant privacy risks when shared. The correlation of SNPs with each other makes strong adversarial attacks such as masked-value reconstruction, kin, and membership inference attacks possible. Existing privacy-preserving approaches either apply differential privacy to statistical summaries of these datasets or offer complex methods that require post-processing and the usage of a publicly available datas...
ID: 2510.05777v1 cs.LG, cs.CR, q-bio.GN
arXiv PDF
📄 Multi-Class Support Vector Machine with Differential Privacy
2025-10-08
Авторы:

Jinseong Park, Yujin Choi, Jaewook Lee

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
With the increasing need to safeguard data privacy in machine learning models, differential privacy (DP) is one of the major frameworks to build privacy-preserving models. Support Vector Machines (SVMs) are widely used traditional machine learning models due to their robust margin guarantees and strong empirical performance in binary classification. However, applying DP to multi-class SVMs is inadequate, as the standard one-versus-rest (OvR) and one-versus-one (OvO) approaches repeatedly query e...
ID: 2510.04027v1 cs.LG, cs.CR
arXiv PDF
📄 Federated Computation of ROC and PR Curves
2025-10-08
Авторы:

Xuefeng Xu, Graham Cormode

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Receiver Operating Characteristic (ROC) and Precision-Recall (PR) curves are fundamental tools for evaluating machine learning classifiers, offering detailed insights into the trade-offs between true positive rate vs. false positive rate (ROC) or precision vs. recall (PR). However, in Federated Learning (FL) scenarios, where data is distributed across multiple clients, computing these curves is challenging due to privacy and communication constraints. Specifically, the server cannot access raw p...
ID: 2510.04979v1 cs.LG, cs.CR
arXiv PDF
📄 Understanding Sensitivity of Differential Attention through the Lens of Adversarial Robustness
2025-10-04
Авторы:

Tsubasa Takahashi, Shojiro Yamabe, Futa Waseda, Kento Sasaki

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Differential Attention (DA) has been proposed as a refinement to standard attention, suppressing redundant or noisy context through a subtractive structure and thereby reducing contextual hallucination. While this design sharpens task-relevant focus, we show that it also introduces a structural fragility under adversarial perturbations. Our theoretical analysis identifies negative gradient alignment-a configuration encouraged by DA's subtraction-as the key driver of sensitivity amplification, le...
ID: 2510.00517v1 cs.LG, cs.CR
arXiv PDF
📄 Bypassing Prompt Guards in Production with Controlled-Release Prompting
2025-10-04
Авторы:

Jaiden Fairoze, Sanjam Garg, Keewoo Lee, Mingyuan Wang

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
As large language models (LLMs) advance, ensuring AI safety and alignment is paramount. One popular approach is prompt guards, lightweight mechanisms designed to filter malicious queries while being easy to implement and update. In this work, we introduce a new attack that circumvents such prompt guards, highlighting their limitations. Our method consistently jailbreaks production models while maintaining response quality, even under the highly protected chat interfaces of Google Gemini (2.5 Fla...
ID: 2510.01529v1 cs.LG, cs.CR
arXiv PDF
📄 Stealthy Yet Effective: Distribution-Preserving Backdoor Attacks on Graph Classification
2025-10-02
Авторы:

Xiaobao Wang, Ruoxiao Sun, Yujun Zhang, Bingdao Feng, Dongxiao He, Luzhi Wang, Di Jin

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Graph Neural Networks (GNNs) have demonstrated strong performance across tasks such as node classification, link prediction, and graph classification, but remain vulnerable to backdoor attacks that implant imperceptible triggers during training to control predictions. While node-level attacks exploit local message passing, graph-level attacks face the harder challenge of manipulating global representations while maintaining stealth. We identify two main sources of anomaly in existing graph class...
ID: 2509.26032v1 cs.LG, cs.CR
arXiv PDF
📄 SPATA: Systematic Pattern Analysis for Detailed and Transparent Data Cards
2025-10-02
Авторы:

João Vitorino, Eva Maia, Isabel Praça, Carlos Soares

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Due to the susceptibility of Artificial Intelligence (AI) to data perturbations and adversarial examples, it is crucial to perform a thorough robustness evaluation before any Machine Learning (ML) model is deployed. However, examining a model's decision boundaries and identifying potential vulnerabilities typically requires access to the training and testing datasets, which may pose risks to data privacy and confidentiality. To improve transparency in organizations that handle confidential data ...
ID: 2509.26640v1 cs.LG, cs.CR
arXiv PDF
📄 Visual CoT Makes VLMs Smarter but More Fragile
2025-10-01
Авторы:

Chunxue Xu, Yiwei Wang, Yujun Cai, Bryan Hooi, Songze Li

Саммари на русском не найдено
Доступные поля: ['id', 'arxiv_id', 'title', 'authors', 'abstract', 'summary_ru', 'categories', 'published_date', 'created_at']
Annotation:
Chain-of-Thought (CoT) techniques have significantly enhanced reasoning in Vision-Language Models (VLMs). Extending this paradigm, Visual CoT integrates explicit visual edits, such as cropping or annotating regions of interest, into the reasoning process, achieving superior multimodal performance. However, the robustness of Visual CoT-based VLMs against image-level noise remains unexplored. In this paper, we present the first systematic evaluation of Visual CoT robustness under visual perturbati...
ID: 2509.23789v1 cs.LG, cs.CR
arXiv PDF
📄 Bridging Privacy and Utility: Synthesizing anonymized EEG with constraining utility functions
2025-09-27
Авторы:

Kay Fuhrmeister, Arne Pelzer, Fabian Radke, Julia Lechinger, Mahzad Gharleghi, Thomas Köllmer, Insa Wolf

## Контекст В последние годы ЭЭГ (Электроэнцефалограмма) получила широкое распространение в области машинного обучения, особенно в задачах, таких как детектирование стадий сна и обнаружение неврологических заболеваний. ЭЭГ также показала потенциал в реализации переразыментирования и утечек чувствительной персональной информации. Эти риски усиливаются с появлением потребительских устройств EEG, которые могут собирать и хранить большие объемы данных с плохой защитой конфиденциальности. Этот факт повышает вопросы о безопасности такого данных и о необходимости создания методов, обеспечивающих баланс между защитой конфиденциальности и сохранением эффективности данных для машинного обучения. Наша работа направлена на развитие метода, который бы позволил значительно снизить риск утечек персональной информации, не причинив вреда удобству и полезности данных для машинного обучения. ## Метод Мы предлагаем использовать трансформерный автокодировщик для создания зашифрованных данных EEG, которые не позволяют определить точный идентификатор пользователя, при этом сохраняя возможность использования этих данных для обучения моделей машинного обучения. Автокодировщик включает в себя несколько слоев эмбеддингов, которые преобразуют оригинальные данные EEG в менее идентифицируемую форму, при этом сохраняя важность для задачи автоматической стадийной стадии (для которой ЭЭГ часто используется). Для того, чтобы оптимизировать результат, мы использовали набор контролируемых функций ютильности, которые определяют, насколько данные сохраняют полезность для обучения моделей. ## Результаты Мы проводили эксперименты со стандартным набором данных EEG для автоматической стадийной стадии сна. Мы сравнили показатели защиты конфиденциальности (реализируемость переразыментирования) и удобства (результаты обучения моделей) перед и после применения нашего метода. Наши эксперименты показали, что применение автокодировщика существенно снижает вероятность успешного переразыментирования (до 70% снижение в сравнении с исходными данными), при этом сохраняя высокую точность моделей в задаче автоматической стадийной стадии сна. ## Значимость Наш метод может быть применен в различных областях, где требуется защита конфиденциальности исследовательских данных, например, в области медицины, где ЭЭГ-данные могут содержать чувствительные сведения о здоровье пациентов. Этот подход позволит расширить возможности использования EEG в обучении моделей машинного обучения, не рискуя утечкой чувствительной информации. Это означает, что защищенные данные могут быть безопасно использованы для развити
Annotation:
Electroencephalography (EEG) is widely used for recording brain activity and has seen numerous applications in machine learning, such as detecting sleep stages and neurological disorders. Several studies have successfully shown the potential of EEG data for re-identification and leakage of other personal information. Therefore, the increasing availability of EEG consumer devices raises concerns about user privacy, motivating us to investigate how to safeguard this sensitive data while retaining ...
ID: 2509.20454v1 cs.LG, cs.CR
arXiv PDF
📄 EvoMail: Self-Evolving Cognitive Agents for Adaptive Spam and Phishing Email Defense
2025-09-27
Авторы:

Wei Huang, De-Tian Chu, Lin-Yuan Bai, Wei Kang, Hai-Tao Zhang, Bo Li, Zhi-Mo Han, Jing Ge, Hai-Feng Lin

#### Контекст Modern email spam and phishing attacks have significantly evolved, surpassing traditional methods like keyword blacklists or simple heuristics. Adversaries now employ multi-modal tactics, combining natural-language text with obfuscated URLs, forged headers, and malicious attachments. These strategies are dynamically adapted to bypass existing filters within days. Existing spam detection systems, reliant on static rules or single-modality models, struggle to integrate heterogeneous data sources and fail to consistently adapt, leading to rapid performance degradation. This growing threat highlights the need for innovative approaches capable of robustly identifying and mitigating evolving spam and phishing campaigns. #### Метод EvoMail is a self-evolving cognitive agent framework designed to address these challenges. Its architecture integrates a heterogeneous email graph that unifies textual content, metadata (headers, senders, domains), and embedded resources (URLs, attachments). A Cognitive Graph Neural Network (Cognitive-GNN), enhanced by a Large Language Model (LLM), performs context-aware reasoning across these sources to detect coordinated spam campaigns. A unique adversarial self-evolution loop is central to EvoMail's design. A "red-team" agent generates novel evasion tactics, such as character obfuscation or AI-generated phishing text, while the "blue-team" detector learns from failures. Failures are compressed into a memory module, enabling the system to reuse these experiences for future reasoning, ensuring continuous adaptation to new threats. #### Результаты Extensive experiments were conducted using real-world datasets, including Enron-Spam, Ling-Spam, SpamAssassin, and TREC, as well as synthetic adversarial variants. EvoMail consistently outperformed state-of-the-art baselines across multiple metrics: detection accuracy, adaptability to evolving spam tactics, and interpretability of reasoning traces. These results underscore EvoMail's resilience and explainability as a defense framework against next-generation spam and phishing threats. #### Значимость EvoMail's adaptive and self-evolving design offers significant advantages across various domains. Its ability to integrate heterogeneous data sources and continuously learn from adversarial tactics makes it highly effective against modern spam and phishing threats. Potential applications include enterprise email security, personal email protection, and anti-phishing initiatives. By providing a robust and interpretable defense mechanism, EvoMail has the potential to transform the landscape of email security, reducing the impact of evolving cyber threats and enhancing trust in digital communication. #### Выводы EvoMail represents a breakthrough in spam and phishing defense, combining cognitive graph neural networks, adversarial self-evolution, and Large Language Models. Its ability to adapt to novel threats and provide transparent reasoning traces positions it as a resilient solution for modern email security challenges. Future research will focus on scaling EvoMail for real-time deployment, exploring its integration with other security frameworks, and addressing emerging multi-modal threats.
Annotation:
Modern email spam and phishing attacks have evolved far beyond keyword blacklists or simple heuristics. Adversaries now craft multi-modal campaigns that combine natural-language text with obfuscated URLs, forged headers, and malicious attachments, adapting their strategies within days to bypass filters. Traditional spam detection systems, which rely on static rules or single-modality models, struggle to integrate heterogeneous signals or to continuously adapt, leading to rapid performance degrad...
ID: 2509.21129v1 cs.LG, cs.CR
arXiv PDF
Показано 61 - 70 из 100 записей