Differential privacy is an essential approach for privacy preservation in data queries.However,users face a significant challenge in selecting an appropriate privacy scheme,as they struggle to balance the utility of q...Differential privacy is an essential approach for privacy preservation in data queries.However,users face a significant challenge in selecting an appropriate privacy scheme,as they struggle to balance the utility of query results with the preservation of diverse individual privacy.Customizing a privacy scheme becomes even more complex in dealing with queries that involve multiple data attributes.When adversaries attempt to breach privacy firewalls by conducting multiple regular data queries with various attribute values,data owners must arduously discern unpredictable disclosure risks and construct suitable privacy schemes.In this paper,we propose a visual analysis approach for formulating privacy schemes of differential privacy.Our approach supports the identification and simulation of potential privacy attacks in querying statistical results of multi-dimensional databases.We also developed a prototype system,called DPKnob,which integrates multiple coordinated views.DPKnob not only allows users to interactively assess and explore privacy exposure risks by browsing high-risk attacks,but also facilitates an iterative process for formulating and optimizing privacy schemes based on differential privacy.This iterative process allows users to compare different schemes,refine their expectations of privacy and utility,and ultimately establish a well-balanced privacy scheme.The effectiveness of this study is verified by a user study and two case studies with real-world datasets.展开更多
Adversarial training has emerged as a major strategy against adversarial perturbations in deep neural networks,which mitigates the issue of exploiting model vulnerabilities to generate incorrect predictions.Despite en...Adversarial training has emerged as a major strategy against adversarial perturbations in deep neural networks,which mitigates the issue of exploiting model vulnerabilities to generate incorrect predictions.Despite enhancing robustness,adversarial training often results in a trade-off with standard accuracy on normal data,a phenomenon that remains a contentious issue.In addition,the opaque nature of deep neural network models renders it more difficult to inspect and diagnose how adversarial training processes evolve.This paper introduces ATVis,a visual analytics framework for examining and diagnosing adversarial training processes.Through multi-level visualization design,ATVis enables the examination of model robustness from various granularity,facilitating a detailed understanding of the dynamics in the training epochs.The framework reveals the complex relationship between adversarial robustness and standard accuracy,which further offers insights into the mechanisms that drive the trade-offs observed in adversarial training.The effectiveness of the framework is demonstrated through case studies.展开更多
基金supported by the NSFC,China(62202244,U22B2034)and"the Fundamental Research Funds for the Central Universities,China,"Nankai University.
文摘Differential privacy is an essential approach for privacy preservation in data queries.However,users face a significant challenge in selecting an appropriate privacy scheme,as they struggle to balance the utility of query results with the preservation of diverse individual privacy.Customizing a privacy scheme becomes even more complex in dealing with queries that involve multiple data attributes.When adversaries attempt to breach privacy firewalls by conducting multiple regular data queries with various attribute values,data owners must arduously discern unpredictable disclosure risks and construct suitable privacy schemes.In this paper,we propose a visual analysis approach for formulating privacy schemes of differential privacy.Our approach supports the identification and simulation of potential privacy attacks in querying statistical results of multi-dimensional databases.We also developed a prototype system,called DPKnob,which integrates multiple coordinated views.DPKnob not only allows users to interactively assess and explore privacy exposure risks by browsing high-risk attacks,but also facilitates an iterative process for formulating and optimizing privacy schemes based on differential privacy.This iterative process allows users to compare different schemes,refine their expectations of privacy and utility,and ultimately establish a well-balanced privacy scheme.The effectiveness of this study is verified by a user study and two case studies with real-world datasets.
基金supported in part by the NSFC (62202217,62202244)Guangdong Basic and Applied Basic Research Foundation (No.2023A1515012889)Guangdong Key Program (No.2021QN02X794).
文摘Adversarial training has emerged as a major strategy against adversarial perturbations in deep neural networks,which mitigates the issue of exploiting model vulnerabilities to generate incorrect predictions.Despite enhancing robustness,adversarial training often results in a trade-off with standard accuracy on normal data,a phenomenon that remains a contentious issue.In addition,the opaque nature of deep neural network models renders it more difficult to inspect and diagnose how adversarial training processes evolve.This paper introduces ATVis,a visual analytics framework for examining and diagnosing adversarial training processes.Through multi-level visualization design,ATVis enables the examination of model robustness from various granularity,facilitating a detailed understanding of the dynamics in the training epochs.The framework reveals the complex relationship between adversarial robustness and standard accuracy,which further offers insights into the mechanisms that drive the trade-offs observed in adversarial training.The effectiveness of the framework is demonstrated through case studies.
