Many attack paradigms against deep neural networks have been well studied, such as the backdoor attack in the training stage and the adversarial attack in the inference stage. In this article, we study a novel attack paradigm, the bit-flip based weight attack, which directly modifies weight bits of the attacked model in the deployment stage. To meet various attack scenarios, we propose a general formulation including terms to achieve effectiveness and stealthiness goals and a constraint on the number of bit-flips. Furthermore, benefitting from this extensible and flexible formulation, we present two cases with different malicious purposes, i.e., single sample attack (SSA) and triggered samples attack (TSA). SSA which aims at misclassifying a specific sample into a target class is a binary optimization with determining the state of the binary bits (0 or 1); TSA which is to misclassify the samples embedded with a specific trigger is a mixed integer programming (MIP) with flipped bits and a learnable trigger. Utilizing the latest technique in integer programming, we equivalently reformulate them as continuous optimization problems, whose approximate solutions can be effectively and efficiently obtained by the alternating direction method of multipliers (ADMM) method. Extensive experiments demonstrate the superiority of our methods.
Download full-text PDF |
Source |
|---|---|
| http://dx.doi.org/10.1109/TPAMI.2023.3296408 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
The Robustness of White Matter Brain Networks Decreases with Aging.
J Integr Neurosci
January 2025
Department of Brain Disease Center, The First Affiliated Hospital of Anhui University of Chinese Medicine, 230031 Hefei, Anhui, China.
Background: White matter (WM) is a principal component of the human brain, forming the structural basis for neural transmission between cortico-cortical and subcortical structures. The impairment of WM integrity is closely associated with the aging process, manifesting as the reorganization of brain networks based on graph theoretical analysis of complex networks and increased volume of white matter hyperintensities (WMHs) in imaging studies.
Methods: This study investigated changes in the robustness of WM brain networks during aging and assessed their correlation with WMHs.
Modeling BK Virus Infection in Renal Transplant Recipients.
Viruses
December 2024
Duke Center for Human Systems Immunology, Duke University, Durham, NC 27701, USA.
Kidney transplant recipients require a lifelong protocol of immunosuppressive therapy to prevent graft rejection. However, these same medications leave them susceptible to opportunistic infections. One pathogen of particular concern is human polyomavirus 1, also known as BK virus (BKPyV).
View Article and Find Full Text PDFCurrent Status of Gout Arthritis: Current Approaches to Gout Arthritis Treatment: Nanoparticles Delivery Systems Approach.
Pharmaceutics
January 2025
Department of Pharmaceutical Biology, Faculty of Pharmacy, Padjadjaran University, Sumedang 45363, Indonesia.
The deposition of monosodium urate (MSU) crystals within joint spaces produces a painful inflammatory condition known as gout, a specific form of arthritis. The condition calls for a combined curative and preventive management model. A new development in the approach to gout is that of NLRP3-targeted biologic agents, such as monoclonal therapies, to provide more accurate treatment by blocking specific pro-inflammatory cytokines.
View Article and Find Full Text PDFA High-Fat Diet Induces Epigenetic 1-Carbon Metabolism, Homocystinuria, and Renal-Dependent HFpEF.
Nutrients
January 2025
Department of Physiology, University of Louisville School of Medicine, Louisville, KY 40202, USA.
Background/objectives: Chronic gut dysbiosis due to a high-fat diet (HFD) instigates cardiac remodeling and heart failure with preserved ejection fraction (HFpEF), in particular, kidney/volume-dependent HFpEF. Studies report that although mitochondrial ATP citrate lyase (ACLY) supports cardiac function, it decreases more in human HFpEF than HFrEF. Interestingly, ACLY synthesizes lipids and creates hyperlipidemia.
View Article and Find Full Text PDFIntelligent Intrusion Detection System Against Various Attacks Based on a Hybrid Deep Learning Algorithm.
Sensors (Basel)
January 2025
Department of Electrical Engineering, Faculty of Engineering, Universitas Indonesia, Depok 16424, Indonesia.
The Internet of Things (IoT) has emerged as a crucial element in everyday life. The IoT environment is currently facing significant security concerns due to the numerous problems related to its architecture and supporting technology. In order to guarantee the complete security of the IoT, it is important to deal with these challenges.
View Article and Find Full Text PDFWant AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!