24小时热门版块排行榜

返回列表

【有奖交流】积极回复本帖子，参与交流，就有机会分得作者 liyangnpu 的 13 个金币，回帖就立即获得 1 个金币，每人有 1 次机会

liyangnpu

铜虫 (初入文坛)

应助: 0 (幼儿园)
金币: 69
帖子: 29
在线: 20.6小时
虫号: 3108095

[交流] 【征稿】Future-Generation Attack and Defense in Neural Networks (FGADNN)

Special Issue -- Future-Generation Attack and Defense in Neural Networks (FGADNN)
Aims & Scopes
Neural Networks have demonstrated great success in many fields, e.g., natural language processing, image analysis, speech recognition, recommender system, physiological computing, etc. However, recent studies revealed that neural networks are vulnerable to adversarial attacks. The vulnerability of neural networks, which may hinder their adoption in high-stake scenarios. Thus, understanding their vulnerability and developing robust neural networks have attracted increasing attention.
To understand and accommodate the vulnerability of neural networks, various attack and defense techniques have been proposed.
According to the stage that the adversarial attack is performed, there are two types of attacks: poisoning attacks and evasion attacks. The former happens at the training stage, to create backdoors in the machine learning model by adding contaminated examples to the training set. The latter happens at the test stage, by adding deliberately designed tiny perturbations to benign test samples to mislead the neural network. According to how much the attacker knows about the target model, there are white-box, gray-box, and black-box attacks. According to the outcome, there are targeted attacks and non-targeted (indiscriminate) attacks. There are also many different attack scenarios, resulted from different combinations of these attack types.
Several different adversarial defense strategies have also been proposed, e.g., data modification, which modifies the training set in the training stage or the input data in the test stage, through adversarial training, gradient hiding, transferability blocking, data compression, data randomization, etc.; model modification, which modifies the target model directly to increase its robustness, by regularization, defensive distillation, feature squeezing,  using a deep contractive network or a mask layer, etc.; and, auxiliary tools, which may be additional auxiliary machine learning models to robustify the primary model, e.g., adversarial detection models, or defense generative adversarial nets (defense-GAN), high-level representation guided denoiser, etc.
Because of the popularity, complexity, and lack of interpretability of neural networks, it is expected that more attacks will immerge, in various different scenarios and applications. It is critically important to develop strategies to defend against them.
This special issue focuses on adversarial attacks and defenses in various future-generation neural networks, e.g., CNNs, LSTMs, ResNet, Transformers, BERT, spiking neural networks, and graph neural networks. We invite both reviews and original contributions, on the theory (design, understanding, visualization, and interpretation) and applications of adversarial attacks and defenses, in future-generation natural language processing, computer vision systems, speech recognition, recommender system, etc.
Topics of interest include, but are not limited to:
•       Novel adversarial attack approaches
•       Novel adversarial defense approaches
•       Model vulnerability discovery and explanation
•       Trust and interpretability of neural network
•       Attacks and/or defenses in NLP
•       Attacks and/or defenses in recommender systems
•       Attacks and/or defenses in computer vision
•       Attacks and/or defenses in speech recognition
•       Attacks and/or defenses in physiological computing
•       Adversarial attack and defense various future-generation applications
Evaluation Criterion
•       Novelty of the approach (how is it different from existing ones?)
•       Technical soundness (e.g., rigorous model evaluation)
•       Impact (how does it change the state-of-the-arts)
•       Readability (is it clear what has been done)
•       Reproducibility and open source: pre-registration if confirmatory claims are being made (e.g., via osf.io), open data, materials, code as much as ethically possible.
Submission Instructions
All submissions deemed suitable to be sent for peer review will be reviewed by at least two independent reviewers. Authors should prepare their manuscript according to the Guide for Authors available from the online submission page of the Future Generation Computer Systems at https://ees.elsevier.com/fgcs/. Authors should select “VSI: NNVul” when they reach the “Article Type” step in the submission process. Inquiries, including questions about appropriate topics, may be sent electronically to liyangnpu@nwpu.edu.cn.
Please make sure to read the Guide for Authors before writing your manuscript. The Guide for Authors and link to submit your manuscript is available on the Journal’s homepage at: https://www.journals.elsevier.co ... n-computer-systems.
Important Dates
● Manuscript Submission Deadline: 20th June 2022
● Peer Review Due: 30th July 2022
● Revision Due: 15th September 2022
● Final Decision: 20th October 2022

回复此楼