Xiaofeng Liao

Huqiang Cheng, Xiaofeng Liao, Huaqing Li

We deal with a general distributed constrained online learning problem with privacy over time-varying networks, where a class of nondecomposable objectives are considered. Under this setting, each node only controls a part of the global decision, and the goal of all nodes is to collaboratively minimize the global cost over a time horizon $T$ while guarantees the security of the transmitted information. For such problems, we first design a novel generic algorithm framework, named as DPSDA, of differentially private distributed online learning using the Laplace mechanism and the stochastic variants of dual averaging method. Note that in the dual updates, all nodes of DPSDA employ the noise-corrupted gradients for more generality. Then, we propose two algorithms, named as DPSDA-C and DPSDA-PS, under this framework. In DPSDA-C, the nodes implement a circulation-based communication in the primal updates so as to alleviate the disagreements over time-varying undirected networks. In addition, for the extension to time-varying directed ones, the nodes implement the broadcast-based push-sum dynamics in DPSDA-PS, which can achieve average consensus over arbitrary directed networks. Theoretical results show that both algorithms attain an expected regret upper bound in $\mathcal{O}( \sqrt{T} )$ when the objective function is convex, which matches the best utility achievable by cutting-edge algorithms. Finally, numerical experiment results on both synthetic and real-world datasets verify the effectiveness of our algorithms.

Tao Xiang, Hangcheng Liu, Shangwei Guo et al.

Adversarial attacks have threatened the application of deep neural networks in security-sensitive scenarios. Most existing black-box attacks fool the target model by interacting with it many times and producing global perturbations. However, global perturbations change the smooth and insignificant background, which not only makes the perturbation more easily be perceived but also increases the query overhead. In this paper, we propose a novel framework to perturb the discriminative areas of clean examples only within limited queries in black-box attacks. Our framework is constructed based on two types of transferability. The first one is the transferability of model interpretations. Based on this property, we identify the discriminative areas of a given clean example easily for local perturbations. The second is the transferability of adversarial examples. It helps us to produce a local pre-perturbation for improving query efficiency. After identifying the discriminative areas and pre-perturbing, we generate the final adversarial examples from the pre-perturbed example by querying the targeted model with two kinds of black-box attack techniques, i.e., gradient estimation and random search. We conduct extensive experiments to show that our framework can significantly improve the query efficiency during black-box perturbing with a high attack success rate. Experimental results show that our attacks outperform state-of-the-art black-box attacks under various system settings.

Xinyu Lei, Xiaofeng Liao, Yonghong Xiong

In this paper, we first provide a spanning tree (ST)-based centralized group key agreement protocol for unbalanced mobile Ad Hoc networks (MANETs). Based on the centralized solution, a local spanning tree (LST)-based distributed protocol for general MANETs is subsequently presented. Both protocols follow the basic features of the HSK scheme: 1) H means that a hybrid approach, which is the combination of key agreement and key distribution via symmetric encryption, is exploited; 2) S indicates that a ST or LSTs are adopted to form a connected network topology; and 3) K implies that the extended Kruskal algorithm is employed to handle dynamic events. It is shown that the HSK scheme is a uniform approach to handle the initial key establishment process as well as all kinds of dynamic events in group key agreement protocol for MANETs. Additionally, the extended Kruskal algorithm enables to realize the reusability of the precomputed secure links to reduce the overhead. Moreover, some other aspects, such as the network topology connectivity and security, are well analyzed.

Yongji Wang, Xiaofeng Liao, Hu Wu et al.

Recommender systems require their recommendation algorithms to be accurate, scalable and should handle very sparse training data which keep changing over time. Inspired by ant colony optimization, we propose a novel collaborative filtering scheme: Ant Collaborative Filtering that enjoys those favorable characteristics above mentioned. With the mechanism of pheromone transmission between users and items, our method can pinpoint most relative users and items even in face of the sparsity problem. By virtue of the evaporation of existing pheromone, we capture the evolution of user preference over time. Meanwhile, the computation complexity is comparatively small and the incremental update can be done online. We design three experiments on three typical recommender systems, namely movie recommendation, book recommendation and music recommendation, which cover both explicit and implicit rating data. The results show that the proposed algorithm is well suited for real-world recommendation scenarios which have a high throughput and are time sensitive.