-
Qutrit and Qubit Circuits for Three-Flavor Collective Neutrino Oscillations
Authors:
Francesco Turro,
Ivan A. Chernyshev,
Ramya Bhaskar,
Marc Illa
Abstract:
We explore the utility of qutrits and qubits for simulating the flavor dynamics of dense neutrino systems. The evolution of such systems impacts some important astrophysical processes, such as core-collapse supernovae and the nucleosynthesis of heavy nuclei. Many-body simulations require classical resources beyond current computing capabilities for physically relevant system sizes. Quantum compute…
▽ More
We explore the utility of qutrits and qubits for simulating the flavor dynamics of dense neutrino systems. The evolution of such systems impacts some important astrophysical processes, such as core-collapse supernovae and the nucleosynthesis of heavy nuclei. Many-body simulations require classical resources beyond current computing capabilities for physically relevant system sizes. Quantum computers are therefore a promising candidate to efficiently simulate the many-body dynamics of collective neutrino oscillations. Previous quantum simulation efforts have primarily focused on properties of the two-flavor approximation due to their direct mapping to qubits. Here, we present new quantum circuits for simulating three-flavor neutrino systems on qutrit- and qubit-based platforms, and demonstrate their feasibility by simulating systems of two, four and eight neutrinos on IBM and Quantinuum quantum computers.
△ Less
Submitted 18 July, 2024;
originally announced July 2024.
-
Organic or Diffused: Can We Distinguish Human Art from AI-generated Images?
Authors:
Anna Yoo Jeong Ha,
Josephine Passananti,
Ronik Bhaskar,
Shawn Shan,
Reid Southen,
Haitao Zheng,
Ben Y. Zhao
Abstract:
The advent of generative AI images has completely disrupted the art world. Distinguishing AI generated images from human art is a challenging problem whose impact is growing over time. A failure to address this problem allows bad actors to defraud individuals paying a premium for human art and companies whose stated policies forbid AI imagery. It is also critical for content owners to establish co…
▽ More
The advent of generative AI images has completely disrupted the art world. Distinguishing AI generated images from human art is a challenging problem whose impact is growing over time. A failure to address this problem allows bad actors to defraud individuals paying a premium for human art and companies whose stated policies forbid AI imagery. It is also critical for content owners to establish copyright, and for model trainers interested in curating training data in order to avoid potential model collapse.
There are several different approaches to distinguishing human art from AI images, including classifiers trained by supervised learning, research tools targeting diffusion models, and identification by professional artists using their knowledge of artistic techniques. In this paper, we seek to understand how well these approaches can perform against today's modern generative models in both benign and adversarial settings. We curate real human art across 7 styles, generate matching images from 5 generative models, and apply 8 detectors (5 automated detectors and 3 different human groups including 180 crowdworkers, 4000+ professional artists, and 13 expert artists experienced at detecting AI). Both Hive and expert artists do very well, but make mistakes in different ways (Hive is weaker against adversarial perturbations while Expert artists produce higher false positives). We believe these weaknesses will remain as models continue to evolve, and use our data to demonstrate why a combined team of human and automated detectors provides the best combination of accuracy and robustness.
△ Less
Submitted 2 July, 2024; v1 submitted 5 February, 2024;
originally announced February 2024.
-
Time Scales in Many-Body Fast Neutrino Flavor Conversion
Authors:
Ramya Bhaskar,
Alessandro Roggero,
Martin J. Savage
Abstract:
Time scales associated with many-body fast neutrino flavor conversions in core-collapse supernova are explored in the context of an effective two-flavor model with axial symmetry. We present a preliminary study of time scales obtained from a linear stability analysis and from the distributions of Loschmidt echo crossing times (intimately connected to dynamical phase transitions in non-equilibrium…
▽ More
Time scales associated with many-body fast neutrino flavor conversions in core-collapse supernova are explored in the context of an effective two-flavor model with axial symmetry. We present a preliminary study of time scales obtained from a linear stability analysis and from the distributions of Loschmidt echo crossing times (intimately connected to dynamical phase transitions in non-equilibrium systems) determined by time evolution with the exact many-body Hamiltonian. Starting from a tensor-product initial state describing systems of $N$ neutrinos, with $N/2$ electron-type and $N/2$ heavy-type, with uniform angular distributions, the Loschmidt echo crossing times, $t_{\mathcal{L}_{\times}}$, are found to exhibit two distinct time scales that are exponentially separated. The second peak structure at longer times, effectively absent for $N=4$, develops with increasing $N$. When re-scaled in terms of $\log t_{\mathcal{L}_{\times}}$, the distributions are found to become increasingly well described by the sum of two stable distributions. The distribution of Loschmidt echo crossing times differs somewhat from the results of the (numerical) linear stability analysis, which exhibits a peak at finite frequency and a second peak consistent with zero frequency. The exact analysis suggests that the zero-frequency instability manifests itself as a modest flavor-conversion time scale.
△ Less
Submitted 4 March, 2024; v1 submitted 23 December, 2023;
originally announced December 2023.
-
Can Virtual Reality Protect Users from Keystroke Inference Attacks?
Authors:
Zhuolin Yang,
Zain Sarwar,
Iris Hwang,
Ronik Bhaskar,
Ben Y. Zhao,
Haitao Zheng
Abstract:
Virtual Reality (VR) has gained popularity by providing immersive and interactive experiences without geographical limitations. It also provides a sense of personal privacy through physical separation. In this paper, we show that despite assumptions of enhanced privacy, VR is unable to shield its users from side-channel attacks that steal private information. Ironically, this vulnerability arises…
▽ More
Virtual Reality (VR) has gained popularity by providing immersive and interactive experiences without geographical limitations. It also provides a sense of personal privacy through physical separation. In this paper, we show that despite assumptions of enhanced privacy, VR is unable to shield its users from side-channel attacks that steal private information. Ironically, this vulnerability arises from VR's greatest strength, its immersive and interactive nature. We demonstrate this by designing and implementing a new set of keystroke inference attacks in shared virtual environments, where an attacker (VR user) can recover the content typed by another VR user by observing their avatar. While the avatar displays noisy telemetry of the user's hand motion, an intelligent attacker can use that data to recognize typed keys and reconstruct typed content, without knowing the keyboard layout or gathering labeled data. We evaluate the proposed attacks using IRB-approved user studies across multiple VR scenarios. For 13 out of 15 tested users, our attacks accurately recognize 86%-98% of typed keys, and the recovered content retains up to 98% of the meaning of the original typed content. We also discuss potential defenses.
△ Less
Submitted 24 October, 2023;
originally announced October 2023.
-
Bringing the State-of-the-Art to Customers: A Neural Agent Assistant Framework for Customer Service Support
Authors:
Stephen Obadinma,
Faiza Khan Khattak,
Shirley Wang,
Tania Sidhom,
Elaine Lau,
Sean Robertson,
Jingcheng Niu,
Winnie Au,
Alif Munim,
Karthik Raja K. Bhaskar,
Bencheng Wei,
Iris Ren,
Waqar Muhammad,
Erin Li,
Bukola Ishola,
Michael Wang,
Griffin Tanner,
Yu-Jia Shiah,
Sean X. Zhang,
Kwesi P. Apponsah,
Kanishk Patel,
Jaswinder Narain,
Deval Pandya,
Xiaodan Zhu,
Frank Rudzicz
, et al. (1 additional authors not shown)
Abstract:
Building Agent Assistants that can help improve customer service support requires inputs from industry users and their customers, as well as knowledge about state-of-the-art Natural Language Processing (NLP) technology. We combine expertise from academia and industry to bridge the gap and build task/domain-specific Neural Agent Assistants (NAA) with three high-level components for: (1) Intent Iden…
▽ More
Building Agent Assistants that can help improve customer service support requires inputs from industry users and their customers, as well as knowledge about state-of-the-art Natural Language Processing (NLP) technology. We combine expertise from academia and industry to bridge the gap and build task/domain-specific Neural Agent Assistants (NAA) with three high-level components for: (1) Intent Identification, (2) Context Retrieval, and (3) Response Generation. In this paper, we outline the pipeline of the NAA's core system and also present three case studies in which three industry partners successfully adapt the framework to find solutions to their unique challenges. Our findings suggest that a collaborative process is instrumental in spurring the development of emerging NLP models for Conversational AI tasks in industry. The full reference implementation code and results are available at \url{https://github.com/VectorInstitute/NAA}
△ Less
Submitted 6 February, 2023;
originally announced February 2023.
-
Local Differentially Private Fuzzy Counting in Stream Data using Probabilistic Data Structure
Authors:
Dinusha Vatsalan,
Raghav Bhaskar,
Mohamed Ali Kaafar
Abstract:
Privacy-preserving estimation of counts of items in streaming data finds applications in several real-world scenarios including word auto-correction and traffic management applications. Recent works of RAPPOR and Apple's count-mean sketch (CMS) algorithm propose privacy preserving mechanisms for count estimation in large volumes of data using probabilistic data structures like counting Bloom filte…
▽ More
Privacy-preserving estimation of counts of items in streaming data finds applications in several real-world scenarios including word auto-correction and traffic management applications. Recent works of RAPPOR and Apple's count-mean sketch (CMS) algorithm propose privacy preserving mechanisms for count estimation in large volumes of data using probabilistic data structures like counting Bloom filter and CMS. However, these existing methods fall short in providing a sound solution for real-time streaming data applications. In this work, we propose a novel (local) Differentially private mechanism that provides high utility for the streaming data count estimation problem with similar or even lower privacy budgets while providing: a) fuzzy counting to report counts of related or similar items (for instance to account for typing errors and data variations), and b) improved querying efficiency to reduce the response time for real-time querying of counts. We provide formal proofs for privacy and utility guarantees and present extensive experimental evaluation of our algorithm using real and synthetic English words datasets for both the exact and fuzzy counting scenarios. Our privacy preserving mechanism substantially outperforms the prior work in terms of lower querying time, significantly higher utility (accuracy of count estimation) under similar or lower privacy guarantees, at the cost of communication overhead.
△ Less
Submitted 30 November, 2022; v1 submitted 10 August, 2022;
originally announced August 2022.
-
On the (In)Feasibility of Attribute Inference Attacks on Machine Learning Models
Authors:
Benjamin Zi Hao Zhao,
Aviral Agrawal,
Catisha Coburn,
Hassan Jameel Asghar,
Raghav Bhaskar,
Mohamed Ali Kaafar,
Darren Webb,
Peter Dickinson
Abstract:
With an increase in low-cost machine learning APIs, advanced machine learning models may be trained on private datasets and monetized by providing them as a service. However, privacy researchers have demonstrated that these models may leak information about records in the training dataset via membership inference attacks. In this paper, we take a closer look at another inference attack reported in…
▽ More
With an increase in low-cost machine learning APIs, advanced machine learning models may be trained on private datasets and monetized by providing them as a service. However, privacy researchers have demonstrated that these models may leak information about records in the training dataset via membership inference attacks. In this paper, we take a closer look at another inference attack reported in literature, called attribute inference, whereby an attacker tries to infer missing attributes of a partially known record used in the training dataset by accessing the machine learning model as an API. We show that even if a classification model succumbs to membership inference attacks, it is unlikely to be susceptible to attribute inference attacks. We demonstrate that this is because membership inference attacks fail to distinguish a member from a nearby non-member. We call the ability of an attacker to distinguish the two (similar) vectors as strong membership inference. We show that membership inference attacks cannot infer membership in this strong setting, and hence inferring attributes is infeasible. However, under a relaxed notion of attribute inference, called approximate attribute inference, we show that it is possible to infer attributes close to the true attributes. We verify our results on three publicly available datasets, five membership, and three attribute inference attacks reported in literature.
△ Less
Submitted 12 March, 2021;
originally announced March 2021.
-
Implicit Feedback Deep Collaborative Filtering Product Recommendation System
Authors:
Karthik Raja Kalaiselvi Bhaskar,
Deepa Kundur,
Yuri Lawryshyn
Abstract:
In this paper, several Collaborative Filtering (CF) approaches with latent variable methods were studied using user-item interactions to capture important hidden variations of the sparse customer purchasing behaviours. The latent factors are used to generalize the purchasing pattern of the customers and to provide product recommendations. CF with Neural Collaborative Filtering(NCF) was shown to pr…
▽ More
In this paper, several Collaborative Filtering (CF) approaches with latent variable methods were studied using user-item interactions to capture important hidden variations of the sparse customer purchasing behaviours. The latent factors are used to generalize the purchasing pattern of the customers and to provide product recommendations. CF with Neural Collaborative Filtering(NCF) was shown to produce the highest Normalized Discounted Cumulative Gain (NDCG) performance on the real-world proprietary dataset provided by a large parts supply company. Different hyperparameters were tested using Bayesian Optimization (BO) for applicability in the CF framework. External data sources like click-data and metrics like Clickthrough Rate (CTR) were reviewed for potential extensions to the work presented. The work shown in this paper provides techniques the Company can use to provide product recommendations to enhance revenues, attract new customers, and gain advantages over competitors.
△ Less
Submitted 11 December, 2020; v1 submitted 8 September, 2020;
originally announced September 2020.
-
On Inferring Training Data Attributes in Machine Learning Models
Authors:
Benjamin Zi Hao Zhao,
Hassan Jameel Asghar,
Raghav Bhaskar,
Mohamed Ali Kaafar
Abstract:
A number of recent works have demonstrated that API access to machine learning models leaks information about the dataset records used to train the models. Further, the work of \cite{somesh-overfit} shows that such membership inference attacks (MIAs) may be sufficient to construct a stronger breed of attribute inference attacks (AIAs), which given a partial view of a record can guess the missing a…
▽ More
A number of recent works have demonstrated that API access to machine learning models leaks information about the dataset records used to train the models. Further, the work of \cite{somesh-overfit} shows that such membership inference attacks (MIAs) may be sufficient to construct a stronger breed of attribute inference attacks (AIAs), which given a partial view of a record can guess the missing attributes. In this work, we show (to the contrary) that MIA may not be sufficient to build a successful AIA. This is because the latter requires the ability to distinguish between similar records (differing only in a few attributes), and, as we demonstrate, the current breed of MIA are unsuccessful in distinguishing member records from similar non-member records. We thus propose a relaxed notion of AIA, whose goal is to only approximately guess the missing attributes and argue that such an attack is more likely to be successful, if MIA is to be used as a subroutine for inferring training record attributes.
△ Less
Submitted 12 October, 2019; v1 submitted 28 August, 2019;
originally announced August 2019.
-
On the Energetics of the HCO$^+$ + C $\to$ CH$^+$ + CO Reaction and Some Astrochemical Implications
Authors:
Daniel W. Savin,
Roshan G. Bhaskar,
Shreyas Vissapragada,
Xavier Urbain
Abstract:
We explore the energetics of the titular reaction, which current astrochemical databases consider open at typical dense molecular (i.e., dark) cloud conditions. As is common for reactions involving the transfer of light particles, we assume that there are no intersystem crossings of the potential energy surfaces involved. In the absence of any such crossings, we find that this reaction is endoergi…
▽ More
We explore the energetics of the titular reaction, which current astrochemical databases consider open at typical dense molecular (i.e., dark) cloud conditions. As is common for reactions involving the transfer of light particles, we assume that there are no intersystem crossings of the potential energy surfaces involved. In the absence of any such crossings, we find that this reaction is endoergic and will be suppressed at dark cloud temperatures. Updating accordingly a generic astrochemical model for dark clouds changes the predicted gas-phase abundances of 224 species by greater than a factor of 2. Of these species, 43 have been observed in the interstellar medium. Our findings demonstrate the astrochemical importance of determining the role of intersystem crossings, if any, in the titular reaction.
△ Less
Submitted 5 July, 2017;
originally announced July 2017.
-
Identification of High-Momentum Top Quarks, Higgs Bosons, and W and Z Bosons Using Boosted Event Shapes
Authors:
J. S. Conway,
R. Bhaskar,
R. D. Erbacher,
J. Pilot
Abstract:
At the Large Hadron Collider, numerous physics processes expected within the standard model and theories beyond it give rise to very high momentum particles decaying to multihadronic final states. Development of algorithms for efficient identification of such "boosted" particles while rejecting the background from multihadron jets from light quarks and gluons can greatly aid in the sensitivity of…
▽ More
At the Large Hadron Collider, numerous physics processes expected within the standard model and theories beyond it give rise to very high momentum particles decaying to multihadronic final states. Development of algorithms for efficient identification of such "boosted" particles while rejecting the background from multihadron jets from light quarks and gluons can greatly aid in the sensitivity of measurements and new particle searches. This paper presents a new method for identifying boosted high-mass particles using event shapes in Lorentz-boosted reference frames. Variables calculated in these frames for multihadronic jets can then be used as input to a large artificial neural network to discriminate their origin.
△ Less
Submitted 10 October, 2016; v1 submitted 22 June, 2016;
originally announced June 2016.
-
Overconfidence in Photometric Redshift Estimation
Authors:
David Wittman,
Ramya Bhaskar,
Ryan Tobin
Abstract:
We describe a new test of photometric redshift performance given a spectroscopic redshift sample. This test complements the traditional comparison of redshift {\it differences} by testing whether the probability density functions $p(z)$ have the correct {\it width}. We test two photometric redshift codes, BPZ and EAZY, on each of two data sets and find that BPZ is consistently overconfident (the…
▽ More
We describe a new test of photometric redshift performance given a spectroscopic redshift sample. This test complements the traditional comparison of redshift {\it differences} by testing whether the probability density functions $p(z)$ have the correct {\it width}. We test two photometric redshift codes, BPZ and EAZY, on each of two data sets and find that BPZ is consistently overconfident (the $p(z)$ are too narrow) while EAZY produces approximately the correct level of confidence. We show that this is because EAZY models the uncertainty in its spectral energy distribution templates, and that post-hoc smoothing of the BPZ $p(z)$ provides a reasonable substitute for detailed modeling of template uncertainties. Either remedy still leaves a small surplus of galaxies with spectroscopic redshift very far from the peaks. Thus, better modeling of low-probability tails will be needed for high-precision work such as dark energy constraints with the Large Synoptic Survey Telescope and other large surveys.
△ Less
Submitted 28 January, 2016;
originally announced January 2016.
-
Efficient and Dynamic Group Key Agreement in Ad hoc Networks
Authors:
Raghav Bhaskar,
Paul Mühlethaler,
Daniel Augot,
Cdric Adjih,
Saadi Boudjit,
Anis Laouiti
Abstract:
Confidentiality, integrity and authentication are more relevant issues in Ad hoc networks than in wired fixed networks. One way to address these issues is the use of symmetric key cryptography, relying on a secret key shared by all members of the network. But establishing and maintaining such a key (also called the session key) is a non-trivial problem. We show that Group Key Agreement (GKA) pro…
▽ More
Confidentiality, integrity and authentication are more relevant issues in Ad hoc networks than in wired fixed networks. One way to address these issues is the use of symmetric key cryptography, relying on a secret key shared by all members of the network. But establishing and maintaining such a key (also called the session key) is a non-trivial problem. We show that Group Key Agreement (GKA) protocols are suitable for establishing and maintaining such a session key in these dynamic networks. We take an existing GKA protocol, which is robust to connectivity losses and discuss all the issues for good functioning of this protocol in Ad hoc networks. We give implementation details and network parameters, which significantly reduce the computational burden of using public key cryptography in such networks.
△ Less
Submitted 6 November, 2006;
originally announced November 2006.