Xiaoheng Deng

Nicanor Mayumu, Xiaoheng Deng, Patrick Mukala

We present the first systematic study of faithfulness in Vision-Language-Action (VLA) driving models, analyzing 300 Alpamayo-R1-10B inferences across 100 diverse PhysicalAI-AV scenarios. Our main finding is that output natural-language rationales with trajectories may be significantly unfaithful: (i) overall reasoning fidelity is only 42.5%, with Chain-of-Causation matching scene reality less than half the time; (ii) 94 missed pedestrians in one-third of pedestrian-relevant scenes; (iii) 97.7% trajectory fragility under mild visual perturbations; and (iv) only 48.3% mean reasoning-action consistency, with 53.3% of inferences exhibiting low consistency, including 37.9% of stop-claimed cases where the model continues instead. We formalize faithfulness information-theoretically, define entity and action fidelity with verification criteria, and outline a four-component safety architecture aligned with these results.

Shuo Zhu, Siyu Lin, Zijing Wang et al.

In industrial millimeter-wave (mmWave) multi-hop Integrated Access and Backhaul (IAB) networks, dynamic blockages caused by moving obstacles pose a severe threat to robust and continuous networks. While Packet Duplication (PD) enhances reliability by path diversity, it inevitably doubles the traffic load, leading to severe congestion and degraded Age of Information (AoI). To navigate this reliability-congestion trade-off, we formulated an optimization problem in a multi-hop IAB scenario that minimizes the average AOI while satisfying strict queue stability constraints. We utilize Lyapunov optimization to transform the long-term stochastic optimization problem into tractable deterministic sub-problems. To solve these sub-problems efficiently, we propose a Resilient and Freshness-Aware Scheduling (RFAS) algorithm. Simulation results show that in blockage-prone environments, RFAS significantly outperforms baselines by maintaining a Packet Delivery Ratio (PDR) above 95\%. Crucially, it strictly guarantees queue stability under hard buffer constraints, whereas baselines suffer from buffer overflows. Furthermore, RFAS reduces the network load imbalance by 19\% compared to the baseline in high-frequency traffic scenarios. This confirms RFAS as a robust and sustainable solution for real-time industrial control loops.

Yunlong Zhao, Xiaoheng Deng, Yijing Liu et al.

Model stealing (MS) involves querying and observing the output of a machine learning model to steal its capabilities. The quality of queried data is crucial, yet obtaining a large amount of real data for MS is often challenging. Recent works have reduced reliance on real data by using generative models. However, when high-dimensional query data is required, these methods are impractical due to the high costs of querying and the risk of model collapse. In this work, we propose using sample gradients (SG) to enhance the utility of each real sample, as SG provides crucial guidance on the decision boundaries of the victim model. However, utilizing SG in the model stealing scenario faces two challenges: 1. Pixel-level gradient estimation requires extensive query volume and is susceptible to defenses. 2. The estimation of sample gradients has a significant variance. This paper proposes Superpixel Sample Gradient stealing (SPSG) for model stealing under the constraint of limited real samples. With the basic idea of imitating the victim model's low-variance patch-level gradients instead of pixel-level gradients, SPSG achieves efficient sample gradient estimation through two steps. First, we perform patch-wise perturbations on query images to estimate the average gradient in different regions of the image. Then, we filter the gradients through a threshold strategy to reduce variance. Exhaustive experiments demonstrate that, with the same number of real samples, SPSG achieves accuracy, agreements, and adversarial success rate significantly surpassing the current state-of-the-art MS methods. Codes are available at https://github.com/zyl123456aB/SPSG_attack.