Weilin Xu scite author profile

Although deep neural networks (DNNs) have achieved great success in many tasks, they can often be fooled by adversarial examples that are generated by adding small but purposeful distortions to natural examples. Previous studies to defend against adversarial examples mostly focused on refining the DNN models, but have either shown limited success or required expensive computation. We propose a new strategy, feature squeezing, that can be used to harden DNN models by detecting adversarial examples. Feature squeezing reduces the search space available to an adversary by coalescing samples that correspond to many different feature vectors in the original space into a single sample. By comparing a DNN model's prediction on the original input with that on squeezed inputs, feature squeezing detects adversarial examples with high accuracy and few false positives. This paper explores two feature squeezing methods: reducing the color bit depth of each pixel and spatial smoothing. These simple strategies are inexpensive and complementary to other defenses, and can be combined in a joint detection framework to achieve high detection rates against state-of-the-art attacks.

show abstract

Federated learning in medicine: facilitating multi-institutional collaborations without sharing patient data

Sheller

Edwards

Reina

et al. 2020

Sci Rep

735

371

View full text Add to dashboard Cite

Several studies underscore the potential of deep learning in identifying complex patterns, leading to diagnostic and prognostic biomarkers. Identifying sufficiently large and diverse datasets, required for training, is a significant challenge in medicine and can rarely be found in individual institutions. Multi-institutional collaborations based on centrally-shared patient data face privacy and ownership challenges. federated learning is a novel paradigm for data-private multi-institutional collaborations, where model-learning leverages all available data without sharing data between institutions, by distributing the model-training to the data-owners and aggregating their results. We show that federated learning among 10 institutions results in models reaching 99% of the model quality achieved with centralized data, and evaluate generalizability on data from institutions outside the federation. We further investigate the effects of data distribution across collaborating institutions on model quality and learning patterns, indicating that increased access to data through data private multi-institutional collaborations can benefit model quality more than the errors introduced by the collaborative method. finally, we compare with other collaborative-learning approaches demonstrating the superiority of federated learning, and discuss practical implementation considerations. clinical adoption of federated learning is expected to lead to models trained on datasets of unprecedented size, hence have a catalytic impact towards precision/personalized medicine. Abbreviations CDS Collaborative data sharing FL Federated learning IIL Institutional incremental learning CIIL Cyclic institutional incremental learning IID Independent and identically distributed BraTS Brain tumor segmentation

show abstract

Overexpression of YTHDF1 is associated with poor prognosis in patients with hepatocellular carcinoma

Zhao

Yang

Mao

et al. 2018

CBM

201

178

View full text Add to dashboard Cite

In China, hepatocellular carcinoma (HCC) is the most commonly diagnosed cancer and the leading cause of cancer death in men, followed by lung and stomach cancer. There was an urgent need to identify novel prognostic biomarkers for HCC. We explored the expression pattern of m6A related proteins in HCC tissues by using TCGA in this study. We found that the m6A 'reader' YTHDF1 was significantly upregulated in HCC and was positive correlated with pathology stage. Kaplan-Meier analysis showed that Lower YTHDF1 expression level was associated with better survival of HCC patients. Furthermore, we performed GO and KEGG pathway analysis of YTHDF1 co-expressed genes and found YTHDF1 played an important role in regulating HCC cell cycle progression and metabolism. We believed that this study will provide a potential new therapeutic and prognostic target for HCC.

show abstract

A Synergistic Enhancement Strategy for Realizing Ultralong and Efficient Room‐Temperature Phosphorescence

et al. 2020

View full text Add to dashboard Cite

An enhancement strategy is realized for ultralong bright room-temperature phosphorescence (RTP), involving polymerization between phosphor monomers and acrylamide and host-guest complexation interaction between phosphors and cucurbit[6,7,8]urils (CB[6,7,8]). The non-phosphorescent monomers exhibit 2.46 su ltralong lifetime after copolymerizing with acrylamide.T he improvement is due to the rich hydrogen bond and carbonyl within the polymers which promote intersystem crossing, suppress nonradiative relaxation and shield quencherse ffectively.B yt uning the ratio of chromophores,aseries of phosphorescent copolymers with different lifetimes and quantum yields are prepared. The complexation of macrocyclic hosts CB[6,7,8] promote the RTP of polymers by blocking aggregation-caused quenching, and offsetting the losses of aforementioned interaction provided by polymer.M ultiple lifetime-encoding for digit and character encryption are achieved by utilizing the difference of their lifetimes.

show abstract

Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers

Xu¹,

Qi²,

Evans³

2016

196

137

View full text Add to dashboard Cite

Abstract-Machine learning is widely used to develop classifiers for security tasks. However, the robustness of these methods against motivated adversaries is uncertain. In this work, we propose a generic method to evaluate the robustness of classifiers under attack. The key idea is to stochastically manipulate a malicious sample to find a variant that preserves the malicious behavior but is classified as benign by the classifier. We present a general approach to search for evasive variants and report on results from experiments using our techniques against two PDF malware classifiers, PDFrate and Hidost. Our method is able to automatically find evasive variants for both classifiers for all of the 500 malicious seeds in our study. Our results suggest a general method for evaluating classifiers used in security applications, and raise serious doubts about the effectiveness of classifiers based on superficial features in the presence of adversaries.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Weilin Xu

Feature Squeezing: Detecting Adversarial Examples in Deep Neural Networks

Federated learning in medicine: facilitating multi-institutional collaborations without sharing patient data

Overexpression of YTHDF1 is associated with poor prognosis in patients with hepatocellular carcinoma

A Synergistic Enhancement Strategy for Realizing Ultralong and Efficient Room‐Temperature Phosphorescence

Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers

Contact Info

Product

Resources

About