skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: VOC-Net: A Deep Learning Model for the Automated Classification of Rotational THz Spectra of Volatile Organic Compounds
Conventional black box machine learning (ML) algorithms for gas-phase species identification from THz frequency region absorption spectra have been reported in the literature. While the robust classification performance of such ML models is promising, the black box nature of these ML tools limits their interpretability and acceptance in application. Here, a one-dimensional convolutional neural network (CNN), VOC-Net, is developed and demonstrated for the classification of absorption spectra for volatile organic compounds (VOCs) in the THz frequency range, specifically from 220 to 330 GHz where prior experimental data is available. VOC-Net is trained and validated against simulated spectra, and also demonstrated and tested against experimental spectra. The performance of VOC-Net is examined by the consideration of confusion matrices and receiver-operator-characteristic (ROC) curves. The model is shown to be 99+% accurate for the classification of simulated spectra and 97% accurate for the classification of noisy experimental spectra. The model’s internal logic is examined using the Gradient-weighted Class Activation Mapping (Grad-CAM) method, which provides a visual and interpretable explanation of the model’s decision making process with respect to the important distinguishing spectral features.  more » « less
Award ID(s):
1851291
PAR ID:
10400275
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
Applied Sciences
Volume:
12
Issue:
17
ISSN:
2076-3417
Page Range / eLocation ID:
8447
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, IACR Transactions on Cryptographic Hardware and Embedded Systems)
    Model stealing attacks on AI/ML devices undermine intellectual property rights, compromise the competitive advantage of the original model developers, and potentially expose sensitive data embedded in the model’s behavior to unauthorized parties. While previous research works have demonstrated successful side-channelbased model recovery in embedded microcontrollers and FPGA-based accelerators, the exploration of attacks on commercial ML accelerators remains largely unexplored. Moreover, prior side-channel attacks fail when they encounter previously unknown models. This paper demonstrates the first successful model extraction attack on the Google Edge Tensor Processing Unit (TPU), an off-the-shelf ML accelerator. Specifically, we show a hyperparameter stealing attack that can extract all layer configurations including the layer type, number of nodes, kernel/filter sizes, number of filters, strides, padding, and activation function. Most notably, our attack is the first comprehensive attack that can extract previously unseen models. This is achieved through an online template-building approach instead of a pre-trained ML-based approach used in prior works. Our results on a black-box Google Edge TPU evaluation show that, through obtained electromagnetic traces, our proposed framework can achieve 99.91% accuracy, making it the most accurate one to date. Our findings indicate that attackers can successfully extract various types of models on a black-box commercial TPU with utmost detail and call for countermeasures. 
    more » « less
  2. ; (, Nature Communications)
    Abstract In recent years, predictive machine learning models have gained prominence across various scientific domains. However, their black-box nature necessitates establishing trust in them before accepting their predictions as accurate. One promising strategy involves employing explanation techniques that elucidate the rationale behind a model’s predictions in a way that humans can understand. However, assessing the degree of human interpretability of these explanations is a nontrivial challenge. In this work, we introduce interpretation entropy as a universal solution for evaluating the human interpretability of any linear model. Using this concept and drawing inspiration from classical thermodynamics, we present Thermodynamics-inspired Explainable Representations of AI and other black-box Paradigms, a method for generating optimally human-interpretable explanations in a model-agnostic manner. We demonstrate the wide-ranging applicability of this method by explaining predictions from various black-box model architectures across diverse domains, including molecular simulations, text, and image classification. 
    more » « less
  3. ; ; (, ACM Transactions on Knowledge Discovery from Data)
    Multi-label image recognition has been an indispensable fundamental component for many real computer vision applications. However, a severe threat of privacy leakage in multi-label image recognition has been overlooked by existing studies. To fill this gap, two privacy-preserving models, Privacy-Preserving Multi-label Graph Convolutional Networks (P2-ML-GCN) and Robust P2-ML-GCN (RP2-ML-GCN), are developed in this article, where differential privacy mechanism is implemented on the model’s outputs so as to defend black-box attack and avoid large aggregated noise simultaneously. In particular, a regularization term is exploited in the loss function of RP2-ML-GCN to increase the model prediction accuracy and robustness. After that, a proper differential privacy mechanism is designed with the intention of decreasing the bias of loss function in P2-ML-GCN and increasing prediction accuracy. Besides, we analyze that a bounded global sensitivity can mitigate excessive noise’s side effect and obtain a performance improvement for multi-label image recognition in our models. Theoretical proof shows that our two models can guarantee differential privacy for model’s outputs, weights and input features while preserving model robustness. Finally, comprehensive experiments are conducted to validate the advantages of our proposed models, including the implementation of differential privacy on model’s outputs, the incorporation of regularization term into loss function, and the adoption of bounded global sensitivity for multi-label image recognition. 
    more » « less
  4. ; ; ; ; (, Proceedings on Privacy Enhancing Technologies)
    Diffusion models have begun to overshadow GANs and other generative models in industrial applications due to their superior image generation performance. The complex architecture of these models furnishes an extensive array of attack features. In light of this, we aim to design membership inference attacks (MIAs) catered to diffusion models. We first conduct an exhaustive analysis of existing MIAs on diffusion models, taking into account factors such as black-box/white-box models and the selection of attack features. We found that white-box attacks are highly applicable in real-world scenarios, and the most effective attacks presently are white-box. Departing from earlier research, which employs model loss as the attack feature for white-box MIAs, we employ model gradients in our attack, leveraging the fact that these gradients provide a more profound understanding of model responses to various samples. We subject these models to rigorous testing across a range of parameters, including training steps, timestep sampling frequency, diffusion steps, and data variance. Across all experimental settings, our method consistently demonstrated near-flawless attack performance, with attack success rate approaching 100% and attack AUCROC near 1.0. We also evaluated our attack against common defense mechanisms, and observed our attacks continue to exhibit commendable performance. 
    more » « less
  5. ; ; ; ; (, Optics Express)
    Plasmon-phonon coupling between metamaterials and molecular vibrations provides a new path for studying mid-infrared light-matter interactions and molecular detection. So far, the coupling between the plasmonic resonances of metamaterials and the phonon vibrational modes of molecules has been realized under linearly polarized light. Here, mid-infrared chiral plasmonic metasurfaces with high circular dichroism (CD) in absorption over 0.65 in the frequency range of 50 to 60 THz are demonstrated to strongly interact with the phonon vibrational resonance of polymethyl methacrylate (PMMA) molecules at 52 THz, under both left-handed and right-handed circularly polarized (LCP and RCP) light. The mode splitting features in the absorption spectra of the coupled metasurface-PMMA systems under both circular polarizations are studied in PMMA layers with different thicknesses. The relation between the mode splitting gap and the PMMA thickness is also revealed. The demonstrated results can be applied in areas of chiral molecular sensing, thermal emission, and thermal energy harvesting. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email