skip to main content


Search for: All records

Creators/Authors contains: "Wu, Yuhao"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. Recent advances in large language models (LMs) have facilitated their ability to synthesize programming code. However, they have also raised concerns about intellectual property (IP) rights violations. Despite the significance of this issue, it has been relatively less explored. In this paper, we aim to bridge the gap by presenting CODEIPPROMPT, a platform for automatic evaluation of the extent to which code language models may reproduce licensed programs. It comprises two key components: prompts constructed from a licensed code database to elicit LMs to generate IP-violating code, and a measurement tool to evaluate the extent of IP violation of code LMs. We conducted an extensive evaluation of existing open-source code LMs and commercial products, and revealed the prevalence of IP violations in all these models. We further identified that the root cause is the substantial proportion of training corpus subject to restrictive licenses, resulting from both intentional inclusion and inconsistent license practice in the real world. To address this issue, we also explored potential mitigation strategies, including fine-tuning and dynamic token filtering. Our study provides a testbed for evaluating the IP violation issues of the existing code generation platforms and stresses the need for a better mitigation strategy. 
    more » « less
    Free, publicly-accessible full text available July 23, 2024
  2. Tiny machine learning (TinyML) is an essential component of emerging smart microcontrollers (MCUs). However, the protection of the intellectual property (IP) of the model is an increasing concern due to the lack of desktop/server-grade resources on these power-constrained devices. In this paper, we propose STML, a system and algorithm co-design to Secure IP of TinyML on MCUs with ARM TrustZone. Our design jointly optimizes memory utilization and latency while ensuring the security and accuracy of emerging models. We implemented a prototype and benchmarked with 7 models, demonstrating STML reduces 40% of model protection runtime overhead on average. 
    more » « less
  3. The field of text-to-image generation has made remarkable strides in creating high-fidelity and photorealistic images. As this technology gains popularity, there is a growing concern about its potential security risks. However, there has been limited exploration into the robustness of these models from an adversarial perspective. Existing research has primarily focused on untargeted settings, and lacks holistic consideration for reliability (attack success rate) and stealthiness (imperceptibility). In this paper, we propose RIATIG, a reliable and imperceptible adversarial attack against text-to-image models via inconspicuous examples. By formulating the example crafting as an optimization process and solving it using a genetic-based method, our proposed attack can generate imperceptible prompts for text-to-image generation models in a reliable way. Evaluation of six popular text-to-image generation models demonstrates the efficiency and stealthiness of our attack in both white-box and black-box settings. To allow the community to build on top of our findings, we’ve made the artifacts available. 
    more » « less
  4. Abstract

    The Pancharatnam–Berry phase induced by the winding topology of polarization around a vortex singularity at bound states in the continuum (BIC) provides a unique approach to optical vortex (OV) generation. The BIC-based OV generators have the potential to outperform their counterparts that rely on spatial variations in terms of design feasibility, fabrication complexity, and robustness. However, given the fact that this class of OV generators originates from the topological property of the photonic bands, their responses are generally fixed and cannot be dynamically altered, which limits their applications to photonic systems. Here, we numerically demonstrate that a silicon photonic crystal slab can be used to realize optically switchable OV generation by simultaneously exploiting the vortex topology in momentum space in conjunction with silicon’s nonlinear dynamics. Picosecond switching of OV beams at near-infrared wavelengths are observed. The demonstrated nontrivial topological nature of the active generators can significantly expand the application of BIC toward ultrafast vortex beam generation, high-capacity optical communication, and mode-division multiplexing.

     
    more » « less
  5. Explainability is increasingly recognized as an enabling technology for the broader adoption of machine learning (ML), particularly for safety-critical applications. This has given rise to explainable ML, which seeks to enhance the explainability of neural networks through the use of explanators. Yet, the pursuit for better explainability inadvertently leads to increased security and privacy risks. While there has been considerable research into the security risks of explainable ML, its potential privacy risks remain under-explored. To bridge this gap, we present a systematic study of privacy risks in explainable ML through the lens of membership inference. Building on the observation that, besides the accuracy of the model, robustness also exhibits observable differences among member samples and non-member samples, we develop a new membership inference attack. This attack extracts additional membership features from changes in model confidence under different levels of perturbations guided by the importance highlighted by the attribution maps in the explanators. Intuitively, perturbing important features generally results in a bigger loss in confidence for member samples. Using the member-non-member differences in both model performance and robustness, an attack model is trained to distinguish the membership. We evaluated our approach with seven popular explanators across various benchmark models and datasets. Our attack demonstrates there is non-trivial privacy leakage in current explainable ML methods. Furthermore, such leakage issue persists even if the attacker lacks the knowledge of training datasets or target model architectures. Lastly, we also found existing model and output-based defense mechanisms are not effective in mitigating this new attack. 
    more » « less
  6. Abstract

    Stemming from bound states in the continuum (BICs), momentum‐space polarization vortices observed in photonic structures provide an attractive approach to generating optical vortex (OV) beams. On the other hand, dominated by the selection rules, the harmonic generation from nanostructures exhibits a nonlinear geometric phase that depends on both the harmonic orders and the handedness of circularly polarized harmonic signals. Here, the third‐ and fifth‐harmonic optical vortex generation from an amorphous silicon photonic crystal slab, supporting the guided resonance associated with BICs at near infrared wavelengths, is numerically demonstrated. The results show that, determined by the nonlinearity phase, the topological charge (l) associated with thenth‐harmonic OV beams follows σ(n∓1)q, whereqis the polarization charge of the BIC and the ∓ sign represents the opposite or same polarization of thenth‐harmonic signal relative to the circular polarization state (σ) of the fundamental waves. Exploiting harmonic multiplexing, this approach can significantly improve the channel capacity of OV generators based on topologically protected optical BICs.

     
    more » « less