Journal of Information and Intelligence最新文献

This paper delves into the realm of ChatGPT, an AI-powered chatbot that utilizes topic modeling and reinforcement learning to generate natural responses. Although ChatGPT holds immense promise across various industries, such as customer service, education, mental health treatment, personal productivity, and content creation, it is essential to address its security, privacy, and ethical implications. By exploring the upgrade path from GPT-1 to GPT-4, discussing the model's features, limitations, and potential applications, this study aims to shed light on the potential risks of integrating ChatGPT into our daily lives. Focusing on security, privacy, and ethics issues, we highlight the challenges these concerns pose for widespread adoption. Finally, we analyze the open problems in these areas, calling for concerted efforts to ensure the development of secure and ethically sound large language models.

Outsourcing decision tree models to cloud servers can allow model providers to distribute their models at scale without purchasing dedicated hardware for model hosting. However, model providers may be forced to disclose private model details when hosting their models in the cloud. Due to the time and monetary investments associated with model training, model providers may be reluctant to host their models in the cloud due to these privacy concerns. Furthermore, clients may be reluctant to use these outsourced models because their private queries or their results may be disclosed to the cloud servers. In this paper, we propose BloomDT, a privacy-preserving scheme for decision tree inference, which uses Bloom filters to hide the original decision tree's structure, the threshold values of each node, and the order in which features are tested while maintaining reliable classification results that are secure even if the cloud servers collude. Our scheme's security and performance are verified through rigorous testing and analysis.

With the rapid development of location-based services and online social networks, POI recommendation services considering geographic and social factors have received extensive attention. Meanwhile, the vigorous development of cloud computing has prompted service providers to outsource data to the cloud to provide POI recommendation services. However, there is a degree of distrust of the cloud by service providers. To protect digital assets, service providers encrypt data before outsourcing it. However, encryption reduces data availability, making it more challenging to provide POI recommendation services in outsourcing scenarios. Some privacy-preserving schemes for geo-social-based POI recommendation have been presented, but they have some limitations in supporting group query, considering both geographic and social factors, and query accuracy, making these schemes impractical. To solve this issue, we propose two practical and privacy-preserving geo-social-based POI recommendation schemes for single user and group users, which are named GSPR-S and GSPR-G. Specifically, we first utilize the quad tree to organize geographic data and the MinHash method to index social data. Then, we apply BGV fully homomorphic encryption to design some private algorithms, including a private max/min operation algorithm, a private rectangular set operation algorithm, and a private rectangular overlapping detection algorithm. After that, we use these algorithms as building blocks in our schemes for efficiency improvement. According to security analysis, our schemes are proven to be secure against the honest-but-curious cloud servers, and experimental results show that our schemes have good performance.

Detecting ink mismatch is a significant challenge in verifying the authenticity of documents, especially when dealing with uneven ink distribution. Conventional imaging methods frequently fail to distinguish visually similar inks. Our study presents a novel hyperspectral unmixing approach to detect ink mismatches in unbalanced clusters. The proposed method identifies unique spectral characteristics of different inks employing k-means clustering and Gaussian mixture models (GMMs) to perform color segmentation on different ink types and utilizes elbow estimation and silhouette coefficient to evaluate the number of inks estimation precisely. For a more accurate estimation of quantity, which is generally not an attribute of clustering methods, we employed entropy calculations in the red, green, and blue depth channels for precise abundance estimation of ink. This unique combination of basic techniques in conjunction exhibits better efficacy in performing ink unmixing and provides a real-world document forensic solution compared to current methods that rely on assumptions like prior knowledge of the inks used in a document and deep learning-based methods that rely heavily on abundant training datasets. We evaluate our approach on the iVision handwritten hyperspectral images dataset (iVision HHID), which is a comprehensive and rich dataset that surpasses the commonly-used UWA writing inks hyperspectral images (WIHSI) database in size and diversity. This study has accomplished the unmixing task with three main challenges: unmixing of diverse ink spectral signatures (149 spectral bands instead of 33 bands in the previous dataset), without using prior knowledge and assumptions about the number of inks used in the questioned document, and not requiring large training data for performing unmixing. Furthermore, the security of the proposed document authentication methodology to address the likelihood of forgeries or manipulations in questioned documents is enhanced as compared to previous works relying on known inks and known spectrum. Randomization techniques and anomaly detection mechanisms are used in our methodology which increases the difficulty for adversaries to predict and manipulate specific aspects of the input data in questioned documents, thereby enhancing the robustness of our method. The code for conducting this research can be accessed at GitHub repository.

Sensors are widely applied in the collection of voice data. Since many attributes of voice data are sensitive such as user emotions, identity, raw voice collection may lead serious privacy threat. In the past, traditional feature extraction obtains and encrypts voice features that are then transmitted to upstream servers. In order to avoid sensitive attribute disclosure, it is necessary to separate the sensitive attributes from non-sensitive attributes of voice data. Motivated by this, user-optional privacy transmission framework for voice data (called: Voice Fence Wall) is proposed. Firstly, we provide user-optional, which means users can choose the attributes (sensitive attributes) they want to be protected. Secondly, Voice Fence Wall utilizes minimum mutual information (MI) to reduce the correlation between sensitive and non-sensitive attributes, thereby separating these attributes. Finally, only the separated non-sensitive attributes are transmitted to the upstream server, the quality of voice services is satisfied without leaking sensitive attributes. To verify the reliability and practicability, three voice datasets are used to evaluate the model, the experiments demonstrate that Voice Fence Wall not only effectively separates attributes to resist attribute inference attacks, but also outperforms related work in terms of classification performance. Specifically, our framework achieves 89.84 ​% accuracy in sentiment recognition and 6.01 ​% equal error rate in voice authentication.

AutoML (Automated Machine Learning) is an emerging field that aims to automate the process of building machine learning models. AutoML emerged to increase productivity and efficiency by automating as much as possible the inefficient work that occurs while repeating this process whenever machine learning is applied. In particular, research has been conducted for a long time on technologies that can effectively develop high-quality models by minimizing the intervention of model developers in the process from data preprocessing to algorithm selection and tuning. In this semantic review research, we summarize the data processing requirements for AutoML approaches and provide a detailed explanation. We place greater emphasis on neural architecture search (NAS) as it currently represents a highly popular sub-topic within the field of AutoML. NAS methods use machine learning algorithms to search through a large space of possible architectures and find the one that performs best on a given task. We provide a summary of the performance achieved by representative NAS algorithms on the CIFAR-10, CIFAR-100, ImageNet and well-known benchmark datasets. Additionally, we delve into several noteworthy research directions in NAS methods including one/two-stage NAS, one-shot NAS and joint hyperparameter with architecture optimization. We discussed how the search space size and complexity in NAS can vary depending on the specific problem being addressed. To conclude, we examine several open problems (SOTA problems) within current AutoML methods that assure further investigation in future research.

With the increasing popularity of civilian unmanned aerial vehicles (UAVs), safety issues arising from unsafe operations and terrorist activities have received growing attention. To address this problem, an accurate classification and positioning system is needed. Considering that UAVs usually use radio frequency (RF) signals for video transmission, in this paper, we design a passive distributed monitoring system that can classify and locate UAVs according to their RF signals. Specifically, three passive receivers are arranged in different locations to receive RF signals. Due to the noncooperation between a UAV and receivers, it is necessary to detect whether there is a UAV signal from the received signals. Hence, convolutional neural network (CNN) is proposed to not only detect the presence of the UAV, but also classify its type. After the UAV signal is detected, the time difference of arrival (TDOA) of the UAV signal arriving at the receiver is estimated by the cross-correlation method to obtain the corresponding distance difference. Finally, the Chan algorithm is used to calculate the location of the UAV. We deploy a distributed system constructed by three software defined radio (SDR) receivers on the campus playground, and conduct extensive experiments in a real wireless environment. The experimental results have successfully validated the proposed system.

Deep neural networks (DNNs) are widely used in real-world applications, thanks to their exceptional performance in image recognition. However, their vulnerability to attacks, such as Trojan and data poison, can compromise the integrity and stability of DNN applications. Therefore, it is crucial to verify the integrity of DNN models to ensure their security. Previous research on model watermarking for integrity detection has encountered the issue of overexposure of model parameters during embedding and extraction of the watermark. To address this problem, we propose a novel score-based black-box DNN fragile watermarking framework called fragile trigger generation (FTG). The FTG framework only requires the prediction probability distribution of the final output of the classifier during the watermarking process. It generates different fragile samples as the trigger, based on the classification prediction probability of the target classifier and a specified prediction probability mask to watermark it. Different prediction probability masks can promote the generation of fragile samples in corresponding distribution types. The whole watermarking process does not affect the performance of the target classifier. When verifying the watermarking information, the FTG only needs to compare the prediction results of the model on the samples with the previous label. As a result, the required model parameter information is reduced, and the FTG only needs a few samples to detect slight modifications in the model. Experimental results demonstrate the effectiveness of our proposed method and show its superiority over related work. The FTG framework provides a robust solution for verifying the integrity of DNN models, and its effectiveness in detecting slight modifications makes it a valuable tool for ensuring the security and stability of DNN applications.