Your search keyword '"Nenghai Yu"' showing total 1,318 results

1. Dual-verification-based model fingerprints against ambiguity attacks

Author

Boyao Zhao, Haozhe Chen, Jie Zhang, Weiming Zhang, and Nenghai Yu

Subjects

Model security, IP protection, Model fingerprinting, Ambiguity attack, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Efforts have been made to safeguard DNNs from intellectual property infringement. Among different techniques, model fingerprinting has gained popularity due to its ability to examine potential infringement without altering the model’s parameters. However, there is a concern regarding the vulnerability of previous model fingerprints to “ambiguity attacks,” where attackers may use fabricated fingerprints to bypass ownership verification, potentially leading to disputes. To address this issue, we propose a dual-verification-based fingerprint authentication system that incorporates the verification of fingerprint genuineness. Briefly, this system involves two authentication processes: conventional fingerprint methods for authenticating model copyrights and the incorporation of copyright information into the fingerprint feature map to confirm ownership of the model fingerprint. Extensive experiments have been conducted to demonstrate the effectiveness of our approach in resisting ambiguity attacks and managing attempts to remove the fingerprint.

Published

2024

2. TamGen: drug design with target-aware molecule generation through a chemical language model

Author

Kehan Wu, Yingce Xia, Pan Deng, Renhe Liu, Yuan Zhang, Han Guo, Yumeng Cui, Qizhi Pei, Lijun Wu, Shufang Xie, Si Chen, Xi Lu, Song Hu, Jinzhi Wu, Chi-Kin Chan, Shawn Chen, Liangliang Zhou, Nenghai Yu, Enhong Chen, Haiguang Liu, Jinjiang Guo, Tao Qin, and Tie-Yan Liu

Subjects

Science

Abstract

Abstract Generative drug design facilitates the creation of compounds effective against pathogenic target proteins. This opens up the potential to discover novel compounds within the vast chemical space and fosters the development of innovative therapeutic strategies. However, the practicality of generated molecules is often limited, as many designs focus on a narrow set of drug-related properties, failing to improve the success rate of subsequent drug discovery process. To overcome these challenges, we develop TamGen, a method that employs a GPT-like chemical language model and enables target-aware molecule generation and compound refinement. We demonstrate that the compounds generated by TamGen have improved molecular quality and viability. Additionally, we have integrated TamGen into a drug discovery pipeline and identified 14 compounds showing compelling inhibitory activity against the Tuberculosis ClpP protease, with the most effective compound exhibiting a half maximal inhibitory concentration (IC50) of 1.9 μM. Our findings underscore the practical potential and real-world applicability of generative drug design approaches, paving the way for future advancements in the field.

Published

2024

3. Purification scheduling control for throughput maximization in quantum networks

Author

Zirui Xiao, Jian Li, Kaiping Xue, Nenghai Yu, Ruidong Li, Qibin Sun, and Jun Lu

Subjects

Astrophysics, QB460-466, Physics, QC1-999

Abstract

Abstract Quantum networks can establish End-to-End (E2E) entanglement connections between two arbitrary nodes with desired entanglement fidelity by performing entanglement purification to support quantum applications reliably. The existing works mainly focus on link-level purification scheduling and lack consideration of purifications at network-level, which fails to offer an effective solution for concurrent requests, resulting in low throughput. However, efficiently allocating scarce resources to purify entanglement for concurrent requests remains a critical but unsolved problem. To address this problem, we explore the purification resource scheduling problem from a network-level perspective. We analyze the cost of purification, design the E2E fidelity calculation method in detail, and propose an approach called Purification Scheduling Control (PSC). The basic idea of PSC is to determine the appropriate purification through jointly optimizing purification and resource allocation processes based on conflict avoidance. We conduct extensive experiments that show that PSC can maximize throughput under the fidelity requirement.

Published

2024

4. Adaptable privacy protection scheme in JPEG images

Author

Hongxin WEN, Fei HU, and Nenghai YU

Subjects

JPEG image, privacy protection, reversible data hiding, face detection, Electronic computers. Computer science, QA75.5-76.95

Abstract

The JPEG format is widely used for its high compression rate in image storage.Privacy protection schemes applied to JPEG images not only need to safeguard the content of the privacy region but also maintain the file size.Furthermore, the region of interest (ROI), which contains private information, often occupies only a portion of the entire JPEG image.Protecting only the ROI can help preserve the file size.In light of this, an adaptable privacy protection scheme for JPEG images was proposed.Privacy regions were identified using methods like face detection within the JPEG images.These regions were then modified using the block-based adaptable reversible modification algorithm presented in this study.Reconstruction information was embedded into the image through reversible data hiding.The application of reversible algorithms in the privacy protection process enabled authorized users to fully restore the protected area.By introducing variable parameters, this scheme allowed for the selection of appropriate parameters to meet different practical requirements and achieve optimal encryption results.Additionally, the complex scenario of multiple overlapping ROIs was discussed and resolved.Experimental evaluations were conducted to investigate the influence of parameters on performance, considering both peak signal-to-noise ratio (PSNR) and file size increment.The results demonstrate that the proposed scheme outperforms existing schemes in terms of privacy protection and file size when suitable parameters are employed.

Published

2024

5. Block level cloud data deduplication scheme based on attribute encryption

Author

Wenting GE, Weihai LI, and Nenghai YU

Subjects

deduplication, cloud storage, attribute-based-encryption, proof of ownership, linear secret sharing scheme, Electronic computers. Computer science, QA75.5-76.95

Abstract

Due to the existing cloud data deduplication schemes mainly focus on file-level deduplication.A scheme was proposed, based on attribute encryption, to support data block-level weight removal.Double granularity weight removal was performed for both file-level and data block-level, and data sharing was achieved through attribute encryption.The algorithm was designed on the hybrid cloud architecture Repeatability detection and consistency detection were conducted by the private cloud based on file labels and data block labels.A Merkle tree was established based on block-level labels to support user ownership proof.When a user uploaded the cipher text, the private cloud utilized linear secret sharing technology to add access structures and auxiliary information to the cipher text.It also updated the overall cipher text information for new users with permissions.The private cloud served as a proxy for re-encryption and proxy decryption, undertaking most of the calculation when the plaintext cannot be obtained, thereby reducing the computing overhead for users.The processed cipher text and labels were stored in the public cloud and accessed by the private cloud.Security analysis shows that the proposed scheme can achieve PRV-CDA (Privacy Choose-distribution attacks) security in the private cloud.In the simulation experiment, four types of elliptic curve encryption were used to test the calculation time for key generation, encryption, and decryption respectively, for different attribute numbers with a fixed block size, and different block sizes with a fixed attribute number.The results align with the characteristics of linear secret sharing.Simulation experiments and cost analysis demonstrate that the proposed scheme can enhance the efficiency of weight removal and save time costs.

Published

2023

6. Lightweight and secure vehicle track verification scheme via broadcast communication channels

Author

Zhiqiang NING, Yuanyuan WANG, Chi ZHANG, Lingbo WEI, Nenghai YU, and Yue HAO

Subjects

timestamp, Doppler effect, vehicle track, secure verification, Electronic computers. Computer science, QA75.5-76.95

Abstract

In intelligent transportation systems, it is crucial for smart vehicles to broadcast real-time vehicle track messages to coordinate driving decisions and ensure driving safety.However, attackers can manipulate vehicle tracks by modifying timestamps or manipulating signal frequencies, posing a threat to security.To address this problem, a lightweight vehicle track verification scheme was proposed, utilizing the broadcast communication channels to achieve secure verification of vehicle tracks without any special hardware support.Without time synchronization, each verifier calculated the time interval between the reception time of the message and the sending timestamp.Spatial position constraint equations are formulated by combining these time intervals between any two verifiers, effectively defending against timestamp forgery attacks.Additionally, each verifier calculates the Doppler frequency shift between the arrival frequency and the scheduled transmit frequency.Velocity vector constraint equations were formulated by combining these frequency shifts between any two verifiers, providing defense against carrier frequency manipulation attacks.Formal analysis shows that increasing the number of verifiers improves the accuracy of the proposed verification scheme.Experimental results in a real-world environment further validate that the proposed verification scheme exhibits the best performance when the number of verifiers is set to 3.Compared to the existing solution, the proposed verification scheme has a higher accuracy, lower false rejection rate, and lower false acceptance rate when validating true vehicle track and false vehicle track separately.

Published

2023

7. Privacy leakage risk assessment for reversible neural network

Author

Yifan HE, Jie ZHANG, Weiming ZHANG, and Nenghai YU

Subjects

reversible neural network, privacy protection, membership inference attack, privacy threat, Electronic computers. Computer science, QA75.5-76.95

Abstract

In recent years, deep learning has emerged as a crucial technology in various fields.However, the training process of deep learning models often requires a substantial amount of data, which may contain private and sensitive information such as personal identities and financial or medical details.Consequently, research on the privacy risk associated with artificial intelligence models has garnered significant attention in academia.However, privacy research in deep learning models has mainly focused on traditional neural networks, with limited exploration of emerging networks like reversible networks.Reversible neural networks have a distinct structure where the upper information input can be directly obtained from the lower output.Intuitively, this structure retains more information about the training data, potentially resulting in a higher risk of privacy leakage compared to traditional networks.Therefore, the privacy of reversible networks was discussed from two aspects: data privacy leakage and model function privacy leakage.The risk assessment strategy was applied to reversible networks.Two classical reversible networks were selected, namely RevNet and i-RevNet.And four attack methods were used accordingly, namely membership inference attack, model inversion attack, attribute inference attack, and model extraction attack, to analyze privacy leakage.The experimental results demonstrate that reversible networks exhibit more serious privacy risks than traditional neural networks when subjected to membership inference attacks, model inversion attacks, and attribute inference attacks.And reversible networks have similar privacy risks to traditional neural networks when subjected to model extraction attack.Considering the increasing popularity of reversible neural networks in various tasks, including those involving sensitive data, it becomes imperative to address these privacy risks.Based on the analysis of the experimental results, potential solutions were proposed which can be applied to the development of reversible networks in the future.

Published

2023

8. Privacy-preserving data compression scheme for k-anonymity model based on Huffman coding

Author

Yue YU, Xianzheng LIN, Weihai LI, and Nenghai YU

Subjects

k-anonymity model, privacy preservation, data compression storage, Huffman coding, Electronic computers. Computer science, QA75.5-76.95

Abstract

The k-anonymity model is widely used as a data anonymization technique for privacy protection during the data release phase.However, with the advent of the big data era, the generation of vast amounts of data poses challenges to data storage.However, it is not feasible to expand the storage space infinitely by hardware upgrade, since the cost of memory is high and the storage space is limited.For this reason, data compression techniques can reduce storage costs and communication overhead.In order to reduce the storage space of the data generated by using anonymization techniques in the data publishing phase, a compression scheme was proposed for the original data and anonymized data of the k-anonymity model.For the original data of the k-anonymity model, the difference between the original data and the anonymized data was calculated according to the set rules and the pre-defined generalization level.Huffman coding compression was applied to the difference data according to frequency characteristics.By storing the difference data, the original data can be obtained indirectly, thus reducing the storage space of the original data.For anonymized data of the k-anonymity model, the anonymized data usually have high repeatability according to the generalization rules of the model or the pre-defined generalization hierarchy relations.The larger the value of k, the more generalized and repeatable the anonymized data becomes.The design of Huffman coding compression was implemented for anonymous data to reduce storage space.The experimental results show that the proposed scheme can significantly reduce the original data and the anonymous data compression rate of the k-anonymity model.Across five models and variousk-value settings,the proposed scheme reduces the compression rate of raw and anonymized data by 72.2% and 64.2% on average compared to the Windows 11 zip tool.

Published

2023

9. Location privacy protection method based on lightweight K-anonymity incremental nearest neighbor algorithm

Author

Saite CHEN, Weihai LI, Yuanzhi YAO, and Nenghai YU

Subjects

location-based service, location privacy preservation, K-anonymity, convex hull, anchor, Electronic computers. Computer science, QA75.5-76.95

Abstract

The use of location-based service brings convenience to people’s daily lives, but it also raises concerns about users’ location privacy.In the k-nearest neighbor query problem, constructing K-anonymizing spatial regions is a method used to protects users’ location privacy, but it results in a large waste of communication overhead.The SpaceTwist scheme is an alternative method that uses an anchor point instead of the real location to complete the k-nearest neighbor query,which is simple to implement and has less waste of communication overhead.However,it cannot guarantee K-anonymous security, and the specific selection method of the anchor point is not provided.To address these shortcomings in SpaceTwist, some schemes calculate the user’s K-anonymity group by introducing a trusted anonymous server or using the way of user collaboration, and then enhance the end condition of the query algorithm to achieve K-anonymity security.Other schemes propose the anchor point optimization method based on the approximate distribution of interest points, which can further reduce the average communication overhead.A lightweight K-anonymity incremental nearest neighbor (LKINN) location privacy protection algorithm was proposed to improve SpaceTwist.LKINN used convex hull mathematical tool to calculate the key points of K-anonymity group, and proposed an anchor selection method based on it, achieving K-anonymity security with low computational and communication costs.LKINN was based on a hybrid location privacy protection architecture, making only semi-trusted security assumptions for all members of the system, which had lax security assumptions compared to some existing research schemes.Simulation results show that LKINN can prevent semi-trusted users from stealing the location privacy of normal users and has smaller query response time and communication overhead compare to some existing schemes.

Published

2023

10. Deepfake detection method based on patch-wise lighting inconsistency

Author

Wenxuan WU, Wenbo ZHOU, Weiming ZHANG, and Nenghai YU

Subjects

Deepfake detection, lighting inconsistency, color constancy, patch-similarity comparison, Electronic computers. Computer science, QA75.5-76.95

Abstract

The rapid development and widespread dissemination of deepfake techniques has caused increased concern.The malicious application of deepfake techniques also poses a potential threat to the society.Therefore, how to detect deepfake content has become a popular research topic.Most of the previous deepfake detection algorithms focused on capturing subtle forgery traces at pixel level and have achieved some results.However, most of the deepfake algorithms ignore the lighting information before and after generation, resulting in some lighting inconsistency between the original face and the forged face, which provided the possibility of using lighting inconsistency to detect deepfake.A corresponding algorithm was designed from two perspectives: introducing lighting inconsistency information and designing a network structure module for a specific task.For the introduction of lighting task, a new network structure was derived by designing the corresponding channel fusion method to provide more lighting inconsistency information to the network feature extraction layer.In order to ensure the portability of the network structure, the process of feature channel fusion was placed before the network extraction information, so that the proposed method can be fully planted to common deepfake detection networks.For the design of the network structure, a deepfake detection method was proposed for lighting inconsistency based on patch-similarity from two perspectives: network structure and loss function design.For the network structure, based on the characteristic of inconsistency between the forged image tampering region and the background region, the extracted features were chunked in the network feature layer and the feature layer similarity matrix was obtained by comparing the patch-wise cosine similarity to make the network focus more on the lighting inconsistency.On this basis, based on the feature layer similarity matching scheme, an independent ground truth and loss function was designed for this task in a targeted manner by comparing the input image with the untampered image of this image for patch-wise authenticity.It is demonstrated experimentally that the accuracy of the proposed method is significantly improved for deepfake detection compared with the baseline method.

Published

2023

11. Deep 3D mesh watermarking with self-adaptive robustness

Author

Feng Wang, Hang Zhou, Han Fang, Weiming Zhang, and Nenghai Yu

Subjects

3D mesh watermarking, Graph convolution network, Attack layer, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Robust 3D mesh watermarking is a traditional research topic in computer graphics, which provides an efficient solution to the copyright protection for 3D meshes. Traditionally, researchers need manually design watermarking algorithms to achieve sufficient robustness for the actual application scenarios. In this paper, we propose the first deep learning-based 3D mesh watermarking network, which can provide a more general framework for this problem. In detail, we propose an end-to-end network, consisting of a watermark embedding sub-network, a watermark extracting sub-network and attack layers. We employ the topology-agnostic graph convolutional network (GCN) as the basic convolution operation, therefore our network is not limited by registered meshes (which share a fixed topology). For the specific application scenario, we can integrate the corresponding attack layers to guarantee adaptive robustness against possible attacks. To ensure the visual quality of watermarked 3D meshes, we design the curvature consistency loss function to constrain the local geometry smoothness of watermarked meshes. Experimental results show that the proposed method can achieve more universal robustness while guaranteeing comparable visual quality.

Published

2022

12. Lip forgery detection via spatial-frequency domain combination

Author

Jiaying LIN, Wenbo ZHOU, Weiming ZHANG, and Nenghai YU

Subjects

DeepFake forgery, DeepFake detection and defense, lip forgery detection, anti-compression, deep learning, Electronic computers. Computer science, QA75.5-76.95

Abstract

In recent years, numerous “face-swapping” videos have emerged in social networks, one of the representatives is the lip forgery with speakers.While making life more entertaining for the public, it poses a significant crisis for personal privacy and property security in cyberspace.Currently, under non-destructive conditions, most of the lip forgery detection methods achieve good performance.However, the compression operations are widely used in practice especially in social media platforms, face recognition and other scenarios.While saving pixel and time redundancy, the compression operations affect the video quality and destroy the coherent integrity of pixel-to-pixel and frame-to-frame in the spatial domain, and then the degradation of its detection performance and even misjudgment of the real video will be caused.When the information in the spatial domain cannot provide sufficiently effective features, the information in the frequency domain naturally becomes a priority research object because it can resist compression interference.Aiming at this problem, the advantages of frequency information in image structure and gradient feedback were analyzed.Then the lip forgery detection via spatial-frequency domain combination was proposed, which effectively utilized the corresponding characteristics of information in spatial and frequency domains.For lip features in the spatial domain, an adaptive extraction network and a light-weight attention module were designed.For frequency features in the frequency domain, separate extraction and fusion modules for different components were designed.Subsequently, by conducting a weighted fusion of lip features in spatial domain and frequency features in frequency domain, more texture information was preserved.In addition, fine-grained constraints were designed during the training to separate the inter-class distance of real and fake lip features while closing the intra-class distance.Experimental results show that, benefiting from the frequency information, the proposed method can enhance the detection accuracy under compression situation with certain transferability.On the other hand, in the ablation study conducted on the core modules, the results verify the effectiveness of the frequency component for anti-compression and the constraint of the dual loss function in training.

Published

2022

13. Detecting conflict of heterogeneous access control policies

Author

Mingjie Yu, Fenghua Li, Nenghai Yu, Xiao Wang, and Yunchuan Guo

Subjects

Conflict detection, Access control, Decision diagram, Policy translation, Heterogeneous policy, Ontology reasoner, Information technology, T58.5-58.64

Abstract

Policy conflicts may cause substantial economic losses. Although a large amount of effort has been spent on detecting intra-domain policy conflict, it can not detect conflicts of heterogeneous policies. In this paper, considering background knowledge, we propose a conflict detection mechanism to search and locate conflicts of heterogeneous policies. First, we propose a general access control model to describe authorization mechanisms of cloud service and a translation scheme designed to translate a cloud service policy to an Extensible Access Control Markup Language (XACML) policy. Then the scheme based on Multi-terminal Multi-data-type Interval Decision Diagram (MTMIDD) and Extended MTMIDD (X-MTMIDD) is designed to represent XACML policy and search the conflict among heterogeneous policies. To reduce the rate of false positives, the description logic is used to represent XACML policy and eliminate false conflicts. Experimental results show the efficiency of our scheme.

Published

2022

14. Carrier-independent deep optical watermarking algorithm

Author

Hao CHEN, Feng WANG, Weiming ZHANG, and Nenghai YU

Subjects

digital watermarking, human visual system, optical watermarking, deep neural network, Electronic computers. Computer science, QA75.5-76.95

Abstract

With the development of multimedia techniques, the demand for copyright protection of digital products has also gradually risen.Digital watermarking is an effective means to protect the copyright of digital products.It is generally made by adding important identification information (i.e., digital watermark) to a digital carrier (e.g., text, image, etc.), so that the carrier carries the identification information but does not affect the normal use of the carrier.The common digital watermark embedding scheme is to embed the watermark information by modifying the carrier via specific algorithms.In the actual application scenarios, there are many images or objects to be protected (such as art paintings, etc.) that are not allowed to be modified.Based on this background, a new carrier-independent deep optical watermarking algorithm was proposed, which can realize watermark information embedding without modifying the original carrier and achieve the purpose of copyright protection.Specifically, a new watermark template expression scheme at the embedding end was proposed, which expressed the watermark information by visible light modulation.By analyzing the visual system of human eyes, a watermark template pattern based on alternating projection was proposed to embed the watermark information, which made the embedding process neither require modification of the original carrier nor affect the visual senses of human eyes.At the extraction end, a watermark extraction network based on residual connection was designed, and the captured watermarked images were fed into this network after perspective transformation to extract the watermark information.The experiments were conducted under various conditions and comparisons with three baseline algorithms were made.The experimental results show that the proposed algorithm generates watermarked images with less visual distortion and is robust to the ＆quot;projecting-shooting＆quot; process.The watermark extraction network has high accuracy in extracting watermark information at different distances, angles and illumination conditions, and has certain advantages over other general networks.

Published

2022

15. Imperceptible black-box waveform-level adversarial attack towards automatic speaker recognition

Author

Xingyu Zhang, Xiongwei Zhang, Meng Sun, Xia Zou, Kejiang Chen, and Nenghai Yu

Subjects

Automatic speaker recognition, Adversarial examples, Imperceptibility, Black-box attack, Differential evolution, Auditory masking, Electronic computers. Computer science, QA75.5-76.95, Information technology, T58.5-58.64

Abstract

Abstract Automatic speaker recognition is an important biometric authentication approach with emerging applications. However, recent research has shown its vulnerability on adversarial attacks. In this paper, we propose a new type of adversarial examples by generating imperceptible adversarial samples for targeted attacks on black-box systems of automatic speaker recognition. Waveform samples are created directly by solving an optimization problem with waveform inputs and outputs, which is more realistic in real-life scenario. Inspired by auditory masking, a regularization term adapting to the energy of speech waveform is proposed for generating imperceptible adversarial perturbations. The optimization problems are subsequently solved by differential evolution algorithm in a black-box manner which does not require any knowledge on the inner configuration of the recognition systems. Experiments conducted on commonly used data sets, LibriSpeech and VoxCeleb, show that the proposed methods have successfully performed targeted attacks on state-of-the-art speaker recognition systems while being imperceptible to human listeners. Given the high SNR and PESQ scores of the yielded adversarial samples, the proposed methods deteriorate less on the quality of the original signals than several recently proposed methods, which justifies the imperceptibility of adversarial samples.

Published

2022

16. Computationally secure steganography based on speech synthesis

Author

Menghan LI, Kejiang CHEN, Weiming ZHANG, and Nenghai YU

Subjects

audio steganography, speech synthesis, generative model, public key steganography, Electronic computers. Computer science, QA75.5-76.95

Abstract

The steganography theory of computing security has been proposed for a long time, but it has not been widely adopted for mainstream steganography using multimedia data as a carrier.The reason is that the prerequisite for calculating secure steganography is to obtain the accurate distribution of the carrier or to accurately sample according to the carrier distribution.However, naturally collected images and audio/video cannot meet this prerequisite.With the development of deep learning technology, various machine-generated media such as image generation and synthesized speech, have become more and more common on the Internet and then generated media has become a reasonable steganography carrier.Steganography can use normal generated media to cover up secret communications, and pursue in distinguishability from normal generated media.The distribution learned by some generative models is known or controllable, which provides an opportunity to push computational security steganography for practical use.Taking the widely used synthetic speech model as an example, a computationally secure symmetric key steganography algorithm was designed and implemented.The message was decompressed into the synthetic audio according to the decoding process of arithmetic coding based on the conditional probability of sample points, and the message receiver had the same generation model to complete the message extraction by reproducing the audio synthesis process.The public key steganography algorithm was additionally designed based on this algorithm, which provided algorithmic support for the realization of full-flow steganographic communication.Steganographic key exchange ensured the security of steganographic content and the security of steganographic behavior was also achieved.The theoretical analysis showed that the security of the proposed algorithm is determined by the randomness of the embedded message.And the steganography analysis experiment further verified that the attacker cannot distinguish the synthesized carrier audio from the encrypted audio.

Published

2022

17. ControlFace: Feature Disentangling for Controllable Face Swapping

Author

Xuehai Zhang, Wenbo Zhou, Kunlin Liu, Hao Tang, Zhenyu Zhang, Weiming Zhang, and Nenghai Yu

Subjects

face swapping, feature disentanglement, semantic hierarchy-based feature fusion, controllable identity feature transfer, Photography, TR1-1050, Computer applications to medicine. Medical informatics, R858-859.7, Electronic computers. Computer science, QA75.5-76.95

Abstract

Face swapping is an intriguing and intricate task in the field of computer vision. Currently, most mainstream face swapping methods employ face recognition models to extract identity features and inject them into the generation process. Nonetheless, such methods often struggle to effectively transfer identity information, which leads to generated results failing to achieve a high identity similarity to the source face. Furthermore, if we can accurately disentangle identity information, we can achieve controllable face swapping, thereby providing more choices to users. In pursuit of this goal, we propose a new face swapping framework (ControlFace) based on the disentanglement of identity information. We disentangle the structure and texture of the source face, encoding and characterizing them in the form of feature embeddings separately. According to the semantic level of each feature representation, we inject them into the corresponding feature mapper and fuse them adequately in the latent space of StyleGAN. Owing to such disentanglement of structure and texture, we are able to controllably transfer parts of the identity features. Extensive experiments and comparisons with state-of-the-art face swapping methods demonstrate the superiority of our face swapping framework in terms of transferring identity information, producing high-quality face images, and controllable face swapping.

Published

2024

18. Reversible data hiding in encrypted images based on fine-grained embedding room reservation

Author

Jinwei LI, Xiaoya ZHANG, Yuanzhi YAO, and Nenghai YU

Subjects

reversible data hiding, spatial correlation, fine-grained embedding room reservation, prediction error expansion, histogram shifting, Electronic computers. Computer science, QA75.5-76.95

Abstract

Reversible data hiding in encrypted images has attracted considerable attention due to the privacy-preserving requirement for cloud data management.The good performance in this area can be achieved by using the existing framework of reserving room before encryption, where the image is partitioned to two independent slices consisting of blocks and then traditional reversible data hiding techniques are utilized to vacate room.In order to better exploit the spatial correlation of images, a fine-grained scalable embedding room reservation strategy in which blocks were rearranged to constitute the textured slice and the smooth slice was proposed.The block-size can be adjusted adaptively according to the texture of the images and the size of room to be vacated.The original locations of these blocks were efficiently represented as the to-be-embedded auxiliary information for image restoration.Because pixels in the smooth slice are easier to be predicted, the smooth slice can contain more pixel bits from the textured slice to reserve more room and fewer embedding distortions are induced with traditional reversible data hiding techniques.Extensive experiments demonstrate the merits of the proposed method in terms of embedding capacity and image quality.

Published

2022

19. A Connection-Oriented Entanglement Distribution Design in Quantum Networks

Author

Jian Li, Qidong Jia, Kaiping Xue, David S. L. Wei, and Nenghai Yu

Subjects

Connection-oriented protocol, entanglement distribution, quantum networks, Atomic physics. Constitution and properties of matter, QC170-197, Materials of engineering and construction. Mechanics of materials, TA401-492

Abstract

Quantum networks create a completely new way for communication, and the most important function of a quantum network is to generate long-distance quantum entanglement to serve a number of quantum applications. As the scale of the network expands, in order to establish end-to-end entanglement between two remote nodes, entangled pairs need to be generated and distributed among multiple repeaters along the path from the source to the destination, which requires a specific protocol to negotiate resource allocations and quantum operations among the repeaters. Thus, to realize such remote entanglement distribution in a quantum network, designing a stable and reliable protocol becomes urgent and necessary. In this article, we focus on how to guarantee the generation rate of entangled pairs between any two quantum nodes to meet the requirements of various quantum applications in a large-scale quantum network. We present a connection-oriented entanglement distribution protocol inspired by the connection-oriented communication model in classical networks. Our protocol is located in the network layer of the quantum network to enable end-to-end quantum communication. Three main features are provided by the proposed protocol: 1) it is reliable and can guarantee the successful entanglement generation; 2) it can reduce the influence of quantum decoherence via reducing the latency caused by resource competition; and 3) it can guarantee the rate of generating entanglement between two quantum nodes according to the requirement of quantum applications.

Published

2022

20. Survey on image non-additive steganography

Author

Yaofei WANG, Weiming ZHANG, Kejiang CHEN, Wenbo ZHOU, and Nenghai YU

Subjects

information hiding, image steganography, non-additive distortion, non-additive steganography code, Electronic computers. Computer science, QA75.5-76.95

Abstract

Image non-additive steganography not only can better maintain the distribution of image elements, but also has high detection resistance.Firstly, the image non-additive image steganography methods were sorted out and divided into two major categories: non-additive distortion design and non-additive steganography coding design.The non-additive distortion was designed into three categories: theoretical models based, modification principles based and adversarial detection based, and compared these methods.Finally, the difficult problems faced by non-additive steganography and the future development ideas were analyzed.

Published

2021

21. Binary image steganography method based on layered embedding

Author

Yuxiang CHENG, Weiming ZHANG, Weixiang LI, and Nenghai YU

Subjects

steganography, binary image, layered embedding, non-additive distortion, Electronic computers. Computer science, QA75.5-76.95

Abstract

A non-additive distortion binary image steganography method was proposed which divided the cover image into two sub cover images, updated the distortion through delivering influence factor, and used the minimizing distortion codes to achieve message embedding.Compared with the previous additive distortion steganography methods with fixed distortion, the proposed method combined the characteristics of binary images with only black and white pixels.Hence, it facilitated the correlation capture of pixel points and dynamic modification of distortion, improving the visual quality and steganography security of the binary image steganography.

Published

2021

22. Improved fast leakage assessment based on online counting

Author

Zhengguang SHI, Mengce ZHENG, Honggang HU, and Nenghai YU

Subjects

leakage assessment, online processing, efficient computation, side-channel countermeasures, Electronic computers. Computer science, QA75.5-76.95

Abstract

Fast leakage assessment (FLA) was proposed in 2017, which made use of the idea of ＆quot;counter＆quot; and significantly improves the computing efficiency.The performance of FLA was analyzed, an online-counting based method was proposed to improve the evaluation flow, and the method was also validated via FPGA implementation.According to the comparisons of experimental results, the proposed method could not only decrease the required memory but also lower the runtime of the evaluation flow.Hence it can improve the evaluation efficiency significantly.

Published

2021

23. Rapid responsive and efficient multi-valued Byzantine consensus scheme

Author

Wang ZHOU, Honggang HU, and Nenghai YU

Subjects

rapid response, efficient transmission, Byzantine protocol, consensus scheme, Electronic computers. Computer science, QA75.5-76.95

Abstract

Due to the increase of network equipments and the uncertainty of the transmission environment, the message delay is also uncertain, and the asynchronous consensus protocol possesses more advantages.Miller et al proposed the first asynchronous consensus protocol HoneyBadgerBFT in 2016, but its transmission efficiency can be optimized furthermore while achieving high throughput.The broadcast protocol in HoneyBadgerBFT was improved by reducing the message complexity in the broadcast process, and adding optional message request process to achieve rapid response and efficient transmission.

Published

2021

24. Compression of bitcoin blockchain

Author

Xiaojiao CHEN, Xianzheng LIN, and Nenghai YU

Subjects

blockchain, compression, entropy, encode, Electronic computers. Computer science, QA75.5-76.95

Abstract

The blockchain provides an immutable, transparent, and decentralized method for data storage.However, as the volume of data gradually increases, the public blockchain system requires significant storage space.The bitcoin block's structure was analyzed.A method was introduced to compress the size of transactions in the bitcoin blockchain by encoding specific fields.Experiment shows that the proposed method can reduce the storage space of the bitcoin blockchain by 18.13%.

Published

2021

25. Improvement of the blockchain protocol based on memory-hard function

Author

Sui CHENG, Xianzheng LIN, and Nenghai YU

Subjects

blockchain, memory-hard function, multiple related protocol, Electronic computers. Computer science, QA75.5-76.95

Abstract

A new blockchain chain protocol was proposed,which allowed adjusting the loading time of the mining process.This strategy reduced the ASIC and CPU mining rate of the gap,so that the using of ASIC mining is limited.Finally,the safety of this new chain structure was analyzed and compared to the original chain protocol.

Published

2020

26. Image privacy preservation scheme based on QR code and reversible visible watermarking

Author

Yuanzhi YAO, Feng WANG, Wenbo YAN, and Nenghai YU

Subjects

QR code, reversible data hiding, visible watermarking, privacy preservation, Telecommunication, TK5101-6720

Abstract

With the privacy leakage problem of image delivery in networks,an image privacy preservation scheme based on QR code and reversible visible watermarking was proposed.In order to preserve the privacy information including shooting time,shooting location and detailed description,the encrypted privacy information was stored in cloud platforms and corresponding universal resource locator was generated firstly.Secondly,the universal resource locator was encoded as the QR code and it was embedded into the cover image using reversible visible watermarking.Therefore,the access control for privacy information could be achieved.The visual perceptual model was utilized to select adaptive watermark embedding parameters to balance watermark visibility and marked image quality.Experimental results demonstrate that the good visual quality of marked images can be obtained and the embedded QR code can be correctly decoded.The proposed scheme can guarantee marked image quality and reduce the risk of private information leakage.

Published

2019

27. Quantum information course for the undergraduate students of cyber security

Author

Wei CHEN, Zhenqiang YIN, Zhengfu HAN, and Nenghai YU

Subjects

emerging engineering, cyber security, quantum information, Electronic computers. Computer science, QA75.5-76.95

Abstract

Quantum information is a new discipline with the intersection of quantum physics and information technology,which has developed rapidly recently and has been on the road of industrialization.In contrast,the severe shortage of the practitioners,who can understand quantum information technology in depth,have become bottlenecks restricting the development of this technology.The lack of talent stems is from the lack of education,especially for the undergraduate students of engineering.Benefitting from the vigorous growth of quantum information in China,the fundamental of infiltrating the quantum information course in the undergraduate education of engineering can be performed,and some positive effects have been achieved.The course has carried out the teaching reforms,and practices in terms of teaching objectives,curriculum structure,practical methods,which have gained good teaching results.These teaching experiences and ideas provide a valuable reference for quantum information education in the cyberspace security discipline.

Published

2019

28. A Novel Evaluation Metric for Deep Learning-Based Side Channel Analysis and Its Extended Application to Imbalanced Data

Author

Jiajia Zhang, Mengce Zheng, Jiehui Nan, Honggang Hu, and Nenghai Yu

Subjects

Side Channel Analysis, Deep Learning, Evaluation Metric, Imbalanced Data, Computer engineering. Computer hardware, TK7885-7895, Information technology, T58.5-58.64

Abstract

Since Kocher (CRYPTO’96) proposed timing attack, side channel analysis (SCA) has shown great potential to break cryptosystems via physical leakage. Recently, deep learning techniques are widely used in SCA and show equivalent and even better performance compared to traditional methods. However, it remains unknown why and when deep learning techniques are effective and efficient for SCA. Masure et al. (IACR TCHES 2020(1):348–375) illustrated that deep learning paradigm is suitable for evaluating implementations against SCA from a worst-case scenario point of view, yet their work is limited to balanced data and a specific loss function. Besides, deep learning metrics are not consistent with side channel metrics. In most cases, they are deceptive in foreseeing the feasibility and complexity of mounting a successful attack, especially for imbalanced data. To mitigate the gap between deep learning metrics and side channel metrics, we propose a novel Cross Entropy Ratio (CER) metric to evaluate the performance of deep learning models for SCA. CER is closely related to traditional side channel metrics Guessing Entropy (GE) and Success Rate (SR) and fits to deep learning scenario. Besides, we show that it works stably while deep learning metrics such as accuracy becomes rather unreliable when the training data tends to be imbalanced. However, estimating CER can be done as easy as natural metrics in deep learning algorithms with low computational complexity. Furthermore, we adapt CER metric to a new kind of loss function, namely CER loss function, designed specifically for deep learning in side channel scenario. In this way, we link directly the SCA objective to deep learning optimization. Our experiments on several datasets show that, for SCA with imbalanced data, CER loss function outperforms Cross Entropy loss function in various conditions.

Published

2020

29. Real-Time Online Multi-Object Tracking in Compressed Domain

Author

Qiankun Liu, Bin Liu, Yue Wu, Weihai Li, and Nenghai Yu

Subjects

Compressed domain, multi-object tracking, online, real-time, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Recent online multi-object tracking (MOT) methods have achieved desirable tracking performance. However, the tracking speed of most existing methods is rather slow. Inspired from the fact that the adjacent frames are highly relevant and redundant, we divide the frames into key and non-key frames and track objects in the compressed domain. For the key frames, the RGB images are restored for detection and data association. To make data association more reliable, an appearance convolutional neural network (CNN) which can be jointly trained with the detector is proposed. For the non-key frames, the objects are directly propagated by a tracking CNN based on the motion information provided in the compressed domain. Compared with the state-of-the-art online MOT methods, our tracker is about $6\times $ faster while maintaining a comparable tracking performance.

Published

2019

30. Learning Pixel-Level and Instance-Level Context-Aware Features for Pedestrian Detection in Crowds

Author

Chi Fei, Bin Liu, Zhu Chen, and Nenghai Yu

Subjects

Pedestrian detection, context, pixel-level, instance-level, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Pedestrian detection in crowded scenes is an intractable problem in computer vision, in which occlusion often presents a great challenge. In this paper, we propose a novel context-aware feature learning method for detecting pedestrians in crowds, with the purpose of making better use of context information for dealing with occlusion. Unlike most current pedestrian detectors that only extract context information from a single and fixed region, a new pixel-level context embedding module is developed to integrate multi-cue context into a deep CNN feature hierarchy, which enables access to the context of various regions by multi-branch convolution layers with different receptive fields. In addition, to utilize the distinctive visual characteristics formed by pedestrians that appear in groups and occlude each other, we propose a novel instance-level context prediction module which is actually implemented by a two-person detector, to improve the one-person detection performance. Applying with these strategies, we achieve an efficient and lightweight detector that can be trained in an end-to-end fashion. We evaluate the proposed approach on two popular pedestrian detection datasets, i.e., Caltech and CityPersons. The extensive experimental results demonstrate the effectiveness of the proposed method, especially under heavy occlusion cases.

Published

2019

31. Scale Voting With Pyramidal Feature Fusion Network for Person Search

Author

Zheran Hong, Bin Liu, Yan Lu, Guojun Yin, and Nenghai Yu

Subjects

Person search, scale voting, pyramidal feature fusion network, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Person search aims to find the target person among a large gallery set of real scene images. Candidates should be detected and cropped before recognizing their identifications. The detection process results in a great variance of object image scales. To address this we propose Pyramidal Feature Fusion Network that integrates the top-down mid-level features to provide multi-level feature outputs. Furthermore, we propose to apply each of the mid-level features independently in ranking and we design a ranking algorithm named Scale Voting that votes among these ranking results from different feature levels to get the final ranking order. In this approach, we can make better use of the diversity and consistency information that is hidden in different mid-levels of features. The proposed algorithm achieves the state-of-the-art performance on prevalent person search datasets.

Published

2019

32. JamSys: Coverage Optimization of a Microphone Jamming System Based on Ultrasounds

Author

Hao Shen, Weiming Zhang, Han Fang, Zehua Ma, and Nenghai Yu

Subjects

Privacy protection, anti-recording, microphones, ultrasounds, optimization algorithms, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

With the development of digital devices, the recording process has become increasingly easier to conduct. However, the portability of the recording devices has also made recording difficult to monitor. If private conversations are illegally recorded, it will cause serious secret-leakage events. Therefore, it is imperative to prevent unauthorized recordings. Recent works have demonstrated that the nonlinearity effect of microphones can be leveraged to interfere with microphone recording using ultrasounds. However, an ultrasonic array has a limited jamming area. The design of an anti-recording system composed of multiple ultrasonic arrays remains to be addressed. In this paper, a jamming system, JamSys, is presented to prevent eavesdropping in a given region. We propose a new scheme composed of the angle coverage model and the modified harmony search algorithm (MHSA) to optimize the deployment of ultrasonic arrays, which achieves the maximum jamming area with the given number of arrays. In the simulation and experiments, three different optimization algorithms, the MHSA, the genetic algorithm (GA), and the regular coverage algorithm (RCA) are compared. The MHSA is demonstrated to provide the best results.

Published

2019

33. A Class of In-Place Linear Transformations Possessing the Cache-Oblivious Property

Author

Zhe Zhao, Sian-Jheng Lin, and Nenghai Yu

Subjects

Cache-oblivious, linear transformation, in-place algorithm, block LU decomposition, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In-place linear transformations allow input to be overwritten with the output of the transformation. This paper presents a family of in-place linear transformations based on block lower/upper (LU) decompositions, of which the known transformation via LU decomposition is a special case, and shows that the proposed family includes a class of transformations that possesses the cache-oblivious property. Furthermore, the number of cache misses and approaches for non-square matrices is discussed. The simulation shows that the proposed in-place linear transformation is faster than the existing transformation via LU decompositions.

Published

2019

34. Network function outsourcing system based on prefix-preserving encryption

Author

Lingbo WEI, Xiaobing FENG, Chi ZHANG, Hualong SHENG, and Nenghai YU

Subjects

network function outsourcing, cloud computing, prefix-preserving encryption, privacy preserving, Telecommunication, TK5101-6720

Abstract

Due to the problem of high cost and limited scalability of dedicated hardware middleboxes,it is popular for enterprises to outsource middleboxes as software processes to the cloud service provider.In the current network function outsourcing schemes,the cloud service provider requires the enterprise’s communication traffic and network strategy which poses a serious threat to the enterprise’s piracy.Based on prefix-preserving encryption,a privacy preserving network function outsourcing system was proposed.Compared with other similar schemes,the system not only realizes the privacy protection of communication traffic,but also has higher throughput and lower delay.

Published

2018

35. Face Swapping Consistency Transfer with Neural Identity Carrier

Author

Kunlin Liu, Ping Wang, Wenbo Zhou, Zhenyu Zhang, Yanhao Ge, Honggu Liu, Weiming Zhang, and Nenghai Yu

Subjects

deepfake generation, face swapping, consistency transfer, Information technology, T58.5-58.64

Abstract

Deepfake aims to swap a face of an image with someone else’s likeness in a reasonable manner. Existing methods usually perform deepfake frame by frame, thus ignoring video consistency and producing incoherent results. To address such a problem, we propose a novel framework Neural Identity Carrier (NICe), which learns identity transformation from an arbitrary face-swapping proxy via a U-Net. By modeling the incoherence between frames as noise, NICe naturally suppresses its disturbance and preserves primary identity information. Concretely, NICe inputs the original frame and learns transformation supervised by swapped pseudo labels. As the temporal incoherence has an uncertain or stochastic pattern, NICe can filter out such outliers and well maintain the target content by uncertainty prediction. With the predicted temporally stable appearance, NICe enhances its details by constraining 3D geometry consistency, making NICe learn fine-grained facial structure across the poses. In this way, NICe guarantees the temporal stableness of deepfake approaches and predicts detailed results against over-smoothness. Extensive experiments on benchmarks demonstrate that NICe significantly improves the quality of existing deepfake methods on video-level. Besides, data generated by our methods can benefit video-level deepfake detection methods.

Published

2021

36. GenderCARE: A Comprehensive Framework for Assessing and Reducing Gender Bias in Large Language Models.

Author

Kunsheng Tang, Wenbo Zhou, Jie Zhang 0073, Aishan Liu, Gelei Deng, Shuai Li, Peigui Qi, Weiming Zhang 0001, Tianwei Zhang 0004, and Nenghai Yu

Published

2024

37. ScalingFilter: Assessing Data Quality through Inverse Utilization of Scaling Laws.

Author

Ruihang Li, Yixuan Wei, Miaosen Zhang, Nenghai Yu, Han Hu 0001, and Houwen Peng

Published

2024

38. Llama SLayer 8B: Shallow Layers Hold the Key to Knowledge Injection.

Author

Tianxiang Chen, Zhentao Tan, Tao Gong, Yue Wu, Qi Chu 0001, Bin Liu 0016, Jieping Ye, and Nenghai Yu

Published

2024

39. Text Fluoroscopy: Detecting LLM-Generated Text through Intrinsic Features.

Author

Xiao Yu, Kejiang Chen, Qi Yang, Weiming Zhang 0001, and Nenghai Yu

Published

2024

40. Model X-ray: Detecting Backdoored Models via Decision Boundary.

Author

Yanghao Su, Jie Zhang 0073, Ting Xu 0004, Tianwei Zhang 0004, Weiming Zhang 0001, and Nenghai Yu

Published

2024

41. SemGIR: Semantic-Guided Image Regeneration Based Method for AI-generated Image Detection and Attribution.

Author

Xiao Yu, Kejiang Chen, Kai Zeng, Han Fang, Zijin Yang, Xiuwei Shang, Yuang Qi, Weiming Zhang 0001, and Nenghai Yu

Published

2024

42. A Geometric Distortion Immunized Deep Watermarking Framework with Robustness Generalizability.

Author

Linfeng Ma, Han Fang, Tianyi Wei, Zijin Yang, Zehua Ma, Weiming Zhang 0001, and Nenghai Yu

Published

2024

43. Detect Text Forgery with Non-forged Image Features: A Framework for Detection and Grounding of Image-Text Manipulation.

Author

Yangyang Wang, Changtao Miao, Qi Chu 0001, Tao Gong, Dianmo Sheng, Jiazhen Wang, Bin Liu 0016, and Nenghai Yu

Published

2024

44. OPERA: Alleviating Hallucination in Multi-Modal Large Language Models via Over-Trust Penalty and Retrospection-Allocation.

Author

Qidong Huang, Xiaoyi Dong, Pan Zhang 0001, Bin Wang 0065, Conghui He, Jiaqi Wang 0003, Dahua Lin, Weiming Zhang 0001, and Nenghai Yu

Published

2024

45. Gaussian Shading: Provable Performance-Lossless Image Watermarking for Diffusion Models.

Author

Zijin Yang, Kai Zeng, Kejiang Chen, Han Fang, Weiming Zhang 0001, and Nenghai Yu

Published

2024

46. Towards More Unified In-Context Visual Understanding.

Author

Dianmo Sheng, Dongdong Chen 0001, Zhentao Tan, Qiankun Liu, Qi Chu 0001, Jianmin Bao, Tao Gong, Bin Liu 0016, Shengwei Xu, and Nenghai Yu

Published

2024

47. A Distributed Routing Protocol Based on Key Reservation in Quantum Key Distribution Networks.

Author

Jiaqi Wu, Lutong Chen, Jing Zhang, Zixuan Huang, Zhonghui Li, Jian Li 0031, Kaiping Xue, and Nenghai Yu

Published

2024

48. Exploiting Modality-Specific Features for Multi-Modal Manipulation Detection and Grounding.

Author

Jiazhen Wang, Bin Liu 0016, Changtao Miao, Zhiwei Zhao, Wanyi Zhuang, Qi Chu 0001, and Nenghai Yu

Published

2024

49. SE-SIS: Shadow-Embeddable Lossless Secret Image Sharing for Greyscale Images.

Author

Zikai Xu, Bin Liu 0016, Fei Hu, Weihai Li, and Nenghai Yu

Published

2024

50. DSIS: A Novel (K, N) Threshold Deniable Secret Image Sharing Scheme with Lossless Recovery.

Author

Zikai Xu, Bin Liu 0016, Fei Hu, Weihai Li, and Nenghai Yu

Published

2024