Date of Award

8-7-2024

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Computer Science

First Advisor

zhipeng cai

Second Advisor

yingshu li

Abstract

Deep learning-based techniques are broadly used in a variety of applications such as image recognition, natural language processing, etc., which express leading performance than traditional methods. However, Deep Neural Networks (DNN) often encounter various challenges such as computation and time costs, adversarial sample attacks, and copyright issues. It is critical to maintain the copyright and privacy of the DNN models as well as to achieve high performance with lower resources consumed. To address the aforementioned issue. This dissertation proposal introduces two studies focused on enhancing copyright and privacy application in DNN models, especially in adversarial samples, lightweight design, and image-super-resolution.

The first work proposes a purification mechanism that combines both adversarial training-based and input processing-based methods to defend the threats of adversarial samples. The proposed mechanism has a strong generalization capability for various vision-based deep learning tasks by leveraging the advantage of input processing-based methods and maintaining the defense efficiency of adversarial training-based methods.

In the second work, due to the express development of DNN, the availability of open-source super-resolution services exposes service providers to the risk of copyright infringement, as the complete model could be vulnerable to leakage. Therefore, safeguarding the copyright of the complete model is a non-trivial concern. To tackle this issue, we present a lightweight model as a substitute for the original complete model in image super-resolution. This research has identified smaller networks that can deliver impressive performance while protecting the original model's copyright.

File Upload Confirmation

1

Download

Share

COinS