Introduction

The past several years have witnessed the rapid development of Deep Learning technology. Various DL models today are widely adopted in many scenarios, e.g., image classification, speech recognition, language processing, robotics control. These applications significantly enhance the quality of life. However, new security threats are introduced to DNN models including backdoor attacks, adversarial attacks, model extraction attacks, privacy inference attacks, etc. It is critical to protect these DNN models against existing or potential integrity and privacy attacks, especially in safety-critical fields such as autonomous driving and smart medical care. Our team aims to promote the academic research and industrial practice of artificial intelligence security, and explore new theories, new methods and new techniques for artificial intelligence security and privacy protection.

News

🎉 Jun. 2022: One paper accepted by TCSVT (CCF B)! Congrats to Xiaoxuan!

🎉 May 2022: One paper accepted by TBD! Congrats to Biwen and Honghong!

🎉 Apr. 2022: One paper accepted by TOMM (CCF B)! Congrats to Honghong!

🎉 Apr. 2022: One paper accepted by NAACL (CSL@CQU A)! Congrats!

🎉 Jan. 2022: two papers accepted by ICLR (one spotlight CSL@CQU A+ and one poster CSL@CQU A)! Congrats to Xiaoxuan and Kangjie!

🎉 Jan. 2022: our paper “EGM: An Efficient Generative Model for Unrestricted Adversarial Examples” accepted by TOSN (CCF B). Congrats to Hangcheng!

🎉 Sep. 2021: one paper accepted by TCSVT (CCF B)！

🎉 Aug. 2021: one paper accepted by TCSVT (CCF B)！

🎉 Jul. 2021: one paper accepted by ACM MM (CCF A)! Congrats to Ying!

Grants

• 国家自然科学基金青年基金项目：基于系统特征的去中心化联邦学习拜占庭容错研究，2022年-2024年
• 国家自然科学基金青年基金项目，面向可迁移的跨模态对抗样本生成，2022年-2024年
• 重庆市自然科学基金面上项目：面向去中心化联邦学习的拜占庭攻击与防御研究，2021年10月-2023年9月
• 重庆市自然科学基金面上项目，基于对抗学习的小样本图像生成方法，2021年-2024年
• 中国博士后科学基金面上项目，面向小样本的高质量可迁移对抗样本生成方法研究，2020年-2023年

AI Robustness

• EGM: An Efficient Generative Model for Unrestricted Adversarial Examples

  Tao Xiang, Hangcheng Liu, Shangwei Guo, Yan Gan, Xiaofeng Liao

  ACM Transactions on Sensor Networks, 2022 CCF Rank B

• An Efficient Preprocessing-based Approach to Mitigate Advanced Adversarial Attacks

  Han Qiu, Yi Zeng, Qinkai Zheng, Shangwei Guo, Tianwei Zhang, Hewu Li

  IEEE Transactions on Computers, 2021 CCF Rank A

• DeepSweep: An Evaluation Framework for Mitigating DNN Backdoor Attacks using Data Augmentation [code]

  Han Qiu, Yi Zeng, Shangwei Guo, Tianwei Zhang, Meikang Qiu, Bhavani Thuraisingham

  ACM ASIA Conference on Computer and Communications Security (AsiaCCS), 2021 CSL@CQU Rank A

AI Privacy

• Ownership Verification of DNN Architectures via Hardware Cache Side Channels

  Xiaoxuan Lou, Shangwei Guo, Jiwei Li, Tianwei Zhang

  IEEE Transactions on Circuits and Systems for Video Technology, CCF Rank B

• NASPY: Automated Extraction of Automated Machine Learning Models (Spotlight)

  Xiaoxuan Lou, Shangwei Guo, Jiwei Li, Yaoxin Wu, Tianwei Zhang

  International Conference on Learning Representations (ICLR), 2022 CSL@CQU Rank A+

• Fine-tuning Is Not Enough: A Simple yet Effective Watermark Removal Attack for DNN Models

  Shangwei Guo, Tianwei Zhang, Han Qiu, Yi Zeng, Tao Xiang, Yang Liu

  International Joint Conference on Artificial Intelligence (IJCAI), 2021 CCF Rank A

• Stealing Deep Reinforcement Learning Models for Fun and Profit

  Kangjie Chen, Shangwei Guo, Tianwei Zhang, Xiaofei Xie, Yang Liu

  ACM ASIA Conference on Computer and Communications Security (AsiaCCS), 2021 CSL@CQU Rank A

• Temporal Watermarks for Deep Reinforcement Learning Models

  Kangjie Chen, Shangwei Guo, Tianwei Zhang, Shuxin Li, Yang Liu

  International Conference on Autonomous Agents and Multiagent Systems (AAMAS), 2021 CCF Rank B

AI Security in Distributed Systems

• ESB-FL: Efficient and Secure Blockchain-Based Federated Learning with Fair Payment

  Biwen Chen, Honghong Zeng, Tao Xiang, Shangwei Guo, Tianwei Zhang, Yang Liu

  IEEE Transactions on Big Data, 2022

• BMIF: Privacy-Preserving Blockchain-Based Medical Image Fusion

  Tao Xiang, Honghong Zeng, Biwen Chen, Shangwei Guo

  ACM Transactions on Multimedia Computing Communications and Applications, 2022 CCF Rank B

• Byzantine-resilient Decentralized Stochastic Gradient Descent

  Shangwei Guo, Tianwei Zhang, Han Yu, Xiaofei Xie, Lei Ma, Tao Xiang, Yang Liu

  IEEE Transactions on Circuits and Systems for Video Technology, CCF Rank B

• Topology-aware Differential Privacy for Decentralized Image Classification

  Shangwei Guo, Tianwei Zhang, Guowen Xu, Han Yu, Tao Xiang, Yang Liu

  IEEE Transactions on Circuits and Systems for Video Technology, 2021 CCF Rank B

• Privacy-preserving Collaborative Learning with Automatic Transformation Search (Oral) [code]

  Wei Gao, Shangwei Guo, Tianwei Zhang, Han Qiu, Yonggang Wen, Yang Liu

  IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2021 CCF Rank A

NLP Security

• Triggerless Backdoor Attack for NLP Tasks with Clean Labels

  Leilei Gan, Jiwei Li, Tianwei Zhang, Xiaoya Li, Yuxian Meng, Fei Wu, Yi Yang, Shangwei Guo, Chun Fan

  North American Chapter of the Association for Computational Linguistics (NAACL), CSL@CQU Rank A

• BadPre: Task-agnostic Backdoor Attacks to Pre-trained NLP Foundation Models

  Kangjie Chen, Yuxian Meng, Xiaofei Sun, Shangwei Guo, Tianwei Zhang, Jiwei Li, Chun Fan

  International Conference on Learning Representations (ICLR), CSL@CQU Rank A