Kam Woh Ng scite author profile

This paper proposes a novel deep polarized network (DPN) for learning to hash, in which each channel in the network outputs is pushed far away from zero by employing a differentiable bit-wise hinge-like loss which is dubbed as polarization loss. Reformulated within a generic Hamming Distance Metric Learning framework [Norouzi et al., 2012], the proposed polarization loss bypasses the requirement to prepare pairwise labels for (dis-)similar items and, yet, the proposed loss strictly bounds from above the pairwise Hamming Distance based losses. The intrinsic connection between pairwise and pointwise label information, as disclosed in this paper, brings about the following methodological improvements: (a) we may directly employ the proposed differentiable polarization loss with no large deviations incurred from the target Hamming distance based loss; and (b) the subtask of assigning binary codes becomes extremely simple --- even random codes assigned to each class suffice to result in state-of-the-art performances, as demonstrated in CIFAR10, NUS-WIDE and ImageNet100 datasets.

show abstract

Rethinking Privacy Preserving Deep Learning: How to Evaluate and Thwart Privacy Attacks

Li¹,

Ng²,

Chen³

et al. 2020

View full text Add to dashboard Cite

Protecting Intellectual Property of Generative Adversarial Networks from Ambiguity Attacks

Ong

Chan

Ng³

et al. 2021

View full text Add to dashboard Cite

Rethinking Privacy Preserving Deep Learning: How to Evaluate and Thwart Privacy Attacks

Li¹,

Ng²,

Chen³

et al. 2020

Preprint

View full text Add to dashboard Cite

This paper investigates capabilities of Privacy-Preserving Deep Learning (PPDL) mechanisms against various forms of privacy attacks. First, we propose to quantitatively measure the trade-off between model accuracy and privacy losses incurred by reconstruction, tracing and membership attacks. Second, we formulate reconstruction attacks as solving a noisy system of linear equations, and prove that attacks are guaranteed to be defeated if condition (2) is unfulfilled. Third, based on theoretical analysis, a novel Secret Polarization Network (SPN) is proposed to thwart privacy attacks, which pose serious challenges to existing PPDL methods. Extensive experiments showed that model accuracies are improved on average by 5-20% compared with baseline mechanisms, in regimes where data privacy are satisfactorily protected. * equal contribution.Preprint. Under review.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Kam Woh Ng

DeepIPR: Deep Neural Network Ownership Verification With Passports

Deep Polarized Network for Supervised Learning of Accurate Binary Hashing Codes

Rethinking Privacy Preserving Deep Learning: How to Evaluate and Thwart Privacy Attacks

Protecting Intellectual Property of Generative Adversarial Networks from Ambiguity Attacks

Rethinking Privacy Preserving Deep Learning: How to Evaluate and Thwart Privacy Attacks

Contact Info

Product

Resources

About