Data augmentation is a simple yet effective way to improve the robustness of deep neural
networks (DNNs). Diversity and hardness are two complementary dimensions of data …

The adversarial vulnerability of deep neural networks has attracted significant attention in
machine learning. As causal reasoning has an instinct for modelling distribution change, it is …

Delusive attacks aim to substantially deteriorate the test accuracy of the learning model by
slightly perturbing the features of correctly labeled training examples. By formalizing this …

During the last decades, the volume of multimedia content posted in social networks has
grown exponentially and such information is immediately propagated and consumed by a …

Reweighting adversarial data during training has been recently shown to improve
adversarial robustness, where data closer to the current decision boundaries are regarded …

In recent years, the rapid development of blockchain technology has attracted much
attention from people around the world. Scammers take advantage of the pseudo-anonymity …

Sparse adversarial attacks can fool deep neural networks (DNNs) by only perturbing a few
pixels (regularized by $\ell_0 $ norm). Recent efforts combine it with another $\ell_\infty …

The task of visual question generation (VQG) aims to generate human-like neural questions
from an image and potentially other side information (eg, answer type or the answer itself) …

Modern kernel-based two-sample tests have shown great success in distinguishing
complex, high-dimensional distributions by learning appropriate kernels (or, as a special …

For machine learning models to make reliable predictions in deployment, one needs to
ensure the previously unknown test samples need to be sufficiently similar to the training …