Researcher profile

Jie Fu

Jie Fu contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author

29works

0followers

22topics

4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2026arXiv

FedFDP: Fairness-Aware Federated Learning with Differential Privacy

Federated learning (FL) is an emerging machine learning paradigm designed to address the challenge of data silos, attracting considerable attention. However, FL encounters persistent issues related to fairness and data privacy. To tackle these challenges simultaneously, we propose a fairness-aware federated learning algorithm called FedFair. Building on FedFair, we introduce differential privacy to create the FedFDP algorithm, which addresses trade-offs among fairness, privacy protection, and model performance. In FedFDP, we developed a fairness-aware gradient clipping technique to explore the relationship between fairness and differential privacy. Through convergence analysis, we identified the optimal fairness adjustment parameters to achieve both maximum model performance and fairness. Additionally, we present an adaptive clipping method for uploaded loss values to reduce privacy budget consumption. Extensive experimental results show that FedFDP significantly surpasses state-of-the-art solutions in both model performance and fairness.

preprint2024arXiv

When Do Graph Neural Networks Help with Node Classification? Investigating the Impact of Homophily Principle on Node Distinguishability

Homophily principle, i.e., nodes with the same labels are more likely to be connected, has been believed to be the main reason for the performance superiority of Graph Neural Networks (GNNs) over Neural Networks on node classification tasks. Recent research suggests that, even in the absence of homophily, the advantage of GNNs still exists as long as nodes from the same class share similar neighborhood patterns. However, this argument only considers intra-class Node Distinguishability (ND) but neglects inter-class ND, which provides incomplete understanding of homophily on GNNs. In this paper, we first demonstrate such deficiency with examples and argue that an ideal situation for ND is to have smaller intra-class ND than inter-class ND. To formulate this idea and study ND deeply, we propose Contextual Stochastic Block Model for Homophily (CSBM-H) and define two metrics, Probabilistic Bayes Error (PBE) and negative generalized Jeffreys divergence, to quantify ND. With the metrics, we visualize and analyze how graph filters, node degree distributions and class variances influence ND, and investigate the combined effect of intra- and inter-class ND. Besides, we discovered the mid-homophily pitfall, which occurs widely in graph datasets. Furthermore, we verified that, in real-work tasks, the superiority of GNNs is indeed closely related to both intra- and inter-class ND regardless of homophily levels. Grounded in this observation, we propose a new hypothesis-testing based performance metric beyond homophily, which is non-linear, feature-based and can provide statistical threshold value for GNNs' the superiority. Experiments indicate that it is significantly more effective than the existing homophily metrics on revealing the advantage and disadvantage of graph-aware modes on both synthetic and benchmark real-world datasets.

preprint2023arXiv

CORGI-PM: A Chinese Corpus For Gender Bias Probing and Mitigation

As natural language processing (NLP) for gender bias becomes a significant interdisciplinary topic, the prevalent data-driven techniques such as large-scale language models suffer from data inadequacy and biased corpus, especially for languages with insufficient resources such as Chinese. To this end, we propose a Chinese cOrpus foR Gender bIas Probing and Mitigation CORGI-PM, which contains 32.9k sentences with high-quality labels derived by following an annotation scheme specifically developed for gender bias in the Chinese context. Moreover, we address three challenges for automatic textual gender bias mitigation, which requires the models to detect, classify, and mitigate textual gender bias. We also conduct experiments with state-of-the-art language models to provide baselines. To our best knowledge, CORGI-PM is the first sentence-level Chinese corpus for gender bias probing and mitigation.

preprint2023arXiv

Optimal Decoy Resource Allocation for Proactive Defense in Probabilistic Attack Graphs

This paper investigates the problem of synthesizing proactive defense systems in which the defender can allocate deceptive targets and modify the cost of actions for the attacker who aims to compromise security assets in this system. We model the interaction of the attacker and the system using a formal security model -- a probabilistic attack graph. By allocating fake targets/decoys, the defender aims to distract the attacker from compromising true targets. By increasing the cost of some attack actions, the defender aims to discourage the attacker from committing to certain policies and thereby improve the defense. To optimize the defense given limited decoy resources and operational constraints, we formulate the synthesis problem as a bi-level optimization problem, while the defender designs the system, in anticipation of the attacker's best response given that the attacker has disinformation about the system due to the use of deception. Though the general formulation with bi-level optimization is NP-hard, we show that under certain assumptions, the problem can be transformed into a constrained optimization problem. We proposed an algorithm to approximately solve this constrained optimization problem using a novel incentive-design method for projected gradient ascent. We demonstrate the effectiveness of the proposed method using extensive numerical experiments.

preprint2022arXiv

A Multi-Agent Reinforcement Learning Approach For Safe and Efficient Behavior Planning Of Connected Autonomous Vehicles

The recent advancements in wireless technology enable connected autonomous vehicles (CAVs) to gather information about their environment by vehicle-to-vehicle (V2V) communication. In this work, we design an information-sharing-based multi-agent reinforcement learning (MARL) framework for CAVs, to take advantage of the extra information when making decisions to improve traffic efficiency and safety. The safe actor-critic algorithm we propose has two new techniques: the truncated Q-function and safe action mapping. The truncated Q-function utilizes the shared information from neighboring CAVs such that the joint state and action spaces of the Q-function do not grow in our algorithm for a large-scale CAV system. We prove the bound of the approximation error between the truncated-Q and global Q-functions. The safe action mapping provides a provable safety guarantee for both the training and execution based on control barrier functions. Using the CARLA simulator for experiments, we show that our approach can improve the CAV system's efficiency in terms of average velocity and comfort under different CAV ratios and different traffic densities. We also show that our approach avoids the execution of unsafe actions and always maintains a safe distance from other vehicles. We construct an obstacle-at-corner scenario to show that the shared vision can help CAVs to observe obstacles earlier and take action to avoid traffic jams.

preprint2022arXiv

CoCon: A Self-Supervised Approach for Controlled Text Generation

Pretrained Transformer-based language models (LMs) display remarkable natural language generation capabilities. With their immense potential, controlling text generation of such LMs is getting attention. While there are studies that seek to control high-level attributes (such as sentiment and topic) of generated text, there is still a lack of more precise control over its content at the word- and phrase-level. Here, we propose Content-Conditioner (CoCon) to control an LM's output text with a content input, at a fine-grained level. In our self-supervised approach, the CoCon block learns to help the LM complete a partially-observed text sequence by conditioning with content inputs that are withheld from the LM. Through experiments, we show that CoCon can naturally incorporate target content into generated texts and control high-level text attributes in a zero-shot manner.

preprint2022arXiv

On Almost-Sure Intention Deception Planning that Exploits Imperfect Observers

Intention deception involves computing a strategy which deceives the opponent into a wrong belief about the agent's intention or objective. This paper studies a class of probabilistic planning problems with intention deception and investigates how a defender's limited sensing modality can be exploited by an attacker to achieve its attack objective almost surely (with probability one) while hiding its intention. In particular, we model the attack planning in a stochastic system modeled as a Markov decision process (MDP). The attacker is to reach some target states while avoiding unsafe states in the system and knows that his behavior is monitored by a defender with partial observations. Given partial state observations for the defender, we develop qualitative intention deception planning algorithms that construct attack strategies to play against an action-visible defender and an action-invisible defender, respectively. The synthesized attack strategy not only ensures the attack objective is satisfied almost surely but also deceives the defender into believing that the observed behavior is generated by a normal/legitimate user and thus failing to detect the presence of an attack. We show the proposed algorithms are correct and complete and illustrate the deceptive planning methods with examples.

preprint2022arXiv

Opportunistic Qualitative Planning in Stochastic Systems with Preferences over Temporal Logic Objectives

Preferences play a key role in determining what goals/constraints to satisfy when not all constraints can be satisfied simultaneously. In this work, we study preference-based planning in a stochastic system modeled as a Markov decision process, subject to a possible incomplete preference over temporally extended goals. Our contributions are three folds: First, we introduce a preference language to specify preferences over temporally extended goals. Second, we define a novel automata-theoretic model to represent the preorder induced by given preference relation. The automata representation of preferences enables us to develop a preference-based planning algorithm for stochastic systems. Finally, we show how to synthesize opportunistic strategies that achieves an outcome that improves upon the current satisfiable outcome, with positive probability or with probability one, in a stochastic system. We illustrate our solution approaches using a robot motion planning example.

preprint2022arXiv

Patient-specific mean teacher UNet for enhancing PET image and low-dose PET reconstruction on RefleXion X1 biology-guided radiotherapy system

The RefleXion X1 is the first biology-guided radiotherapy (BgRT) system. Its dual 90-degree PET detector collects fewer pair production events compared to a full-ring diagnostic PET system. In the proposed BgRT workflow, a short scan is acquired before treatment delivery to ensure image quality and consistency. The shorter scan time, a quarter of the simulation scan time, also leads to fewer coincidence events and hence reduced image quality. In this study, we proposed a patient-specific mean teacher UNet (MT-UNet) to enhance PET image quality and low-dose PET reconstruction on RefleXion X1. PET/CT scans of nine cancer patients were acquired using RefleXion X1. Every patient had one simulation scan. Five patients had additional scans acquired during the first and the final treatment fractions. Treatment scans were acquired using the same imaging protocol as the simulation scan. For each scan, we reconstructed a full-dose image and evenly split coincidence events into four sessions to reconstruct four quarter-dose PET images. For each patient, our proposed MT-UNet was trained using quarter-dose and full-dose images of the simulation scan. For the image quality enhancement task, we applied nine trained MT-UNets to full-dose simulation PET images of the nine patients to generate enhanced images, respectively. The enhanced images were compared with the original full-dose images using CNR and SNR. For the low-dose image reconstruction task, we applied five trained MT-UNets to ten quarter-dose treatment images of five patients to predict full-dose images, respectively. The predicted and ground truth full-dose images were compared using SSIM and PSNR. We also trained and evaluated patient-specific UNets for model comparison. Our proposed patient-specific MT-UNet achieved better performance in improving the quality of RefleXion low-dose and full-dose images compared to the patient-specific UNet.

preprint2022arXiv

Unifying Likelihood-free Inference with Black-box Optimization and Beyond

Black-box optimization formulations for biological sequence design have drawn recent attention due to their promising potential impact on the pharmaceutical industry. In this work, we propose to unify two seemingly distinct worlds: likelihood-free inference and black-box optimization, under one probabilistic framework. In tandem, we provide a recipe for constructing various sequence design methods based on this framework. We show how previous optimization approaches can be "reinvented" in our framework, and further propose new probabilistic black-box optimization algorithms. Extensive experiments on sequence design application illustrate the benefits of the proposed methodology.

preprint2021arXiv

Beyond Fully-Connected Layers with Quaternions: Parameterization of Hypercomplex Multiplications with $1/n$ Parameters

Recent works have demonstrated reasonable success of representation learning in hypercomplex space. Specifically, "fully-connected layers with Quaternions" (4D hypercomplex numbers), which replace real-valued matrix multiplications in fully-connected layers with Hamilton products of Quaternions, both enjoy parameter savings with only 1/4 learnable parameters and achieve comparable performance in various applications. However, one key caveat is that hypercomplex space only exists at very few predefined dimensions (4D, 8D, and 16D). This restricts the flexibility of models that leverage hypercomplex multiplications. To this end, we propose parameterizing hypercomplex multiplications, allowing models to learn multiplication rules from data regardless of whether such rules are predefined. As a result, our method not only subsumes the Hamilton product, but also learns to operate on any arbitrary nD hypercomplex space, providing more architectural flexibility using arbitrarily $1/n$ learnable parameters compared with the fully-connected layer counterpart. Experiments of applications to the LSTM and Transformer models on natural language inference, machine translation, text style transfer, and subject verb agreement demonstrate architectural flexibility and effectiveness of the proposed approach.

preprint2021arXiv

MentalBERT: Publicly Available Pretrained Language Models for Mental Healthcare

Mental health is a critical issue in modern society, and mental disorders could sometimes turn to suicidal ideation without adequate treatment. Early detection of mental disorders and suicidal ideation from social content provides a potential way for effective social intervention. Recent advances in pretrained contextualized language representations have promoted the development of several domain-specific pretrained models and facilitated several downstream applications. However, there are no existing pretrained language models for mental healthcare. This paper trains and release two pretrained masked language models, i.e., MentalBERT and MentalRoBERTa, to benefit machine learning for the mental healthcare research community. Besides, we evaluate our trained domain-specific models and several variants of pretrained language models on several mental disorder detection benchmarks and demonstrate that language representations pretrained in the target domain improve the performance of mental health detection tasks.

preprint2020arXiv

A novel 3D multi-path DenseNet for improving automatic segmentation of glioblastoma on pre-operative multi-modal MR images

Convolutional neural networks have achieved excellent results in automatic medical image segmentation. In this study, we proposed a novel 3D multi-path DenseNet for generating the accurate glioblastoma (GBM) tumor contour from four multi-modal pre-operative MR images. We hypothesized that the multi-path architecture could achieve more accurate segmentation than a single-path architecture. 258 GBM patients were included in this study. Each patient had four MR images (T1-weighted, contrast-enhanced T1-weighted, T2-weighted, and FLAIR) and the manually segmented tumor contour. We built a 3D multi-path DenseNet that could be trained to generate the corresponding GBM tumor contour from the four MR images. A 3D single-path DenseNet was also built for comparison. Both DenseNets were based on the encoder-decoder architecture. All four images were concatenated and fed into a single encoder path in the single-path DenseNet, while each input image had its own encoder path in the multi-path DenseNet. The patient cohort was randomly split into a training set of 180 patients, a validation set of 39 patients, and a testing set of 39 patients. Model performance was evaluated using the Dice similarity coefficient (DSC), average surface distance (ASD), and 95% Hausdorff distance (HD95%). Wilcoxon signed-rank tests were conducted to examine the model differences. The single-path DenseNet achieved a DSC of 0.911$\pm$0.060, ASD of 1.3$\pm$0.7 mm, and HD95% of 5.2$\pm$7.1 mm, while the multi-path DenseNet achieved a DSC of 0.922$\pm$0.041, ASD of 1.1$\pm$0.5 mm, and HD95% of 3.9$\pm$3.3 mm. The p-values of all Wilcoxon signed-rank tests were less than 0.05. Both 3D DenseNets generated GBM tumor contours in good agreement with the manually segmented contours from multi-modal MR images. The multi-path DenseNet achieved more accurate tumor segmentation than the single-path DenseNet.

preprint2020arXiv

A Receding-Horizon MDP Approach for Performance Evaluation of Moving Target Defense in Networks

In this paper, we study the problem of assessing the effectiveness of a proactive defense-by-detection policy with a network-based moving target defense. We model the network system using a probabilistic attack graph--a graphical security model. Given a network system with a proactive defense strategy, an intelligent attacker needs to perform reconnaissance repeatedly to learn about the locations of intrusion detection systems and re-plan optimally to reach the target while avoiding detection. To compute the attacker's strategy for security evaluation, we develop a receding-horizon planning algorithm using a risk-sensitive Markov decision process with a time-varying reward function. Finally, we implement both defense and attack strategies in a synthetic network and analyze how the frequency of network randomization and the number of detection systems can influence the success rate of the attacker. This study provides insights for designing proactive defense strategies against online and multi-stage attacks by a resourceful attacker.

preprint2020arXiv

A Theory of Hypergames on Graphs for Synthesizing Dynamic Cyber Defense with Deception

In this chapter, we present an approach using formal methods to synthesize reactive defense strategy in a cyber network, equipped with a set of decoy systems. We first generalize formal graphical security models--attack graphs--to incorporate defender's countermeasures in a game-theoretic model, called an attack-defend game on graph. This game captures the dynamic interactions between the defender and the attacker and their defense/attack objectives in formal logic. Then, we introduce a class of hypergames to model asymmetric information created by decoys in the attacker-defender interactions. Given qualitative security specifications in formal logic, we show that the solution concepts from hypergames and reactive synthesis in formal methods can be extended to synthesize effective dynamic defense strategy using cyber deception. The strategy takes the advantages of the misperception of the attacker to ensure security specification is satisfied, which may not be satisfiable when the information is symmetric.

preprint2020arXiv

Deceptive Labeling: Hypergames on Graphs for Stealthy Deception

With the increasing sophistication of attacks on cyber-physical systems, deception has emerged as an effective tool to improve system security and safety by obfuscating the attacker's perception. In this paper, we present a solution to the deceptive game in which a control agent is to satisfy a Boolean objective specified by a co-safe temporal logic formula in the presence of an adversary. The agent intentionally introduces asymmetric information to create payoff misperception, which manifests as the misperception of the labeling function in the game model. Thus, the adversary is unable to accurately determine which logical formula is satisfied by a given outcome of the game. We introduce a model called hypergame on graph to capture the asymmetrical information with one-sided payoff misperception. Based on this model, we present the solution of such a hypergame and use the solution to synthesize stealthy deceptive strategies. Specifically, deceptive sure winning and deceptive almost-sure winning strategies are developed by reducing the hypergame to a two-player game and one-player stochastic game with reachability objectives. A running example is introduced to demonstrate the game model and the solution concept used for strategy synthesis.

preprint2020arXiv

Dynamic Hypergames for Synthesis of Deceptive Strategies with Temporal Logic Objectives

In this paper, we study the use of deception for strategic planning in adversarial environments. We model the interaction between the agent (player 1) and the adversary (player 2) as a two-player concurrent game in which the adversary has incomplete information about the agent's task specification in temporal logic. During the online interaction, the adversary can infer the agent's intention from observations and adapt its strategy so as to prevent the agent from satisfying the task. To plan against such an adaptive opponent, the agent must leverage its knowledge about the adversary's incomplete information to influence the behavior of the opponent, and thereby being deceptive. To synthesize a deceptive strategy, we introduce a class of hypergame models that capture the interaction between the agent and its adversary given asymmetric, incomplete information. A hypergame is a hierarchy of games, perceived differently by the agent and its adversary. We develop the solution concept of this class of hypergames and show that the subjectively rationalizable strategy for the agent is deceptive and maximizes the probability of satisfying the task in temporal logic. This deceptive strategy is obtained by modeling the opponent evolving perception of the interaction and integrating the opponent model into proactive planning. Following the deceptive strategy, the agent chooses actions to influence the game history as well as to manipulate the adversary's perception so that it takes actions that benefit the goal of the agent. We demonstrate the correctness of our deceptive planning algorithm using robot motion planning examples with temporal logic objectives and design a detection mechanism to notify the agent of potential errors in modeling of the adversary's behavior.

preprint2020arXiv

Feature Lenses: Plug-and-play Neural Modules for Transformation-Invariant Visual Representations

Convolutional Neural Networks (CNNs) are known to be brittle under various image transformations, including rotations, scalings, and changes of lighting conditions. We observe that the features of a transformed image are drastically different from the ones of the original image. To make CNNs more invariant to transformations, we propose "Feature Lenses", a set of ad-hoc modules that can be easily plugged into a trained model (referred to as the "host model"). Each individual lens reconstructs the original features given the features of a transformed image under a particular transformation. These lenses jointly counteract feature distortions caused by various transformations, thus making the host model more robust without retraining. By only updating lenses, the host model is freed from iterative updating when facing new transformations absent in the training data; as feature semantics are preserved, downstream applications, such as classifiers and detectors, automatically gain robustness without retraining. Lenses are trained in a self-supervised fashion with no annotations, by minimizing a novel "Top-K Activation Contrast Loss" between lens-transformed features and original features. Evaluated on ImageNet, MNIST-rot, and CIFAR-10, Feature Lenses show clear advantages over baseline methods.

preprint2020arXiv

Interactive Machine Comprehension with Information Seeking Agents

Existing machine reading comprehension (MRC) models do not scale effectively to real-world applications like web-level information retrieval and question answering (QA). We argue that this stems from the nature of MRC datasets: most of these are static environments wherein the supporting documents and all necessary information are fully observed. In this paper, we propose a simple method that reframes existing MRC datasets as interactive, partially observable environments. Specifically, we "occlude" the majority of a document's text and add context-sensitive commands that reveal "glimpses" of the hidden text to a model. We repurpose SQuAD and NewsQA as an initial case study, and then show how the interactive corpora can be used to train a model that seeks relevant information through sequential decision making. We believe that this setting can contribute in scaling models to web-level QA scenarios.

preprint2020arXiv

Jacobian Adversarially Regularized Networks for Robustness

Adversarial examples are crafted with imperceptible perturbations with the intent to fool neural networks. Against such attacks, adversarial training and its variants stand as the strongest defense to date. Previous studies have pointed out that robust models that have undergone adversarial training tend to produce more salient and interpretable Jacobian matrices than their non-robust counterparts. A natural question is whether a model trained with an objective to produce salient Jacobian can result in better robustness. This paper answers this question with affirmative empirical results. We propose Jacobian Adversarially Regularized Networks (JARN) as a method to optimize the saliency of a classifier's Jacobian by adversarially regularizing the model's Jacobian to resemble natural training images. Image classifiers trained with JARN show improved robust accuracy compared to standard models on the MNIST, SVHN and CIFAR-10 datasets, uncovering a new angle to boost robustness without using adversarial training examples.

preprint2020arXiv

Learning to Locomote with Deep Neural-Network and CPG-based Control in a Soft Snake Robot

In this paper, we present a new locomotion control method for soft robot snakes. Inspired by biological snakes, our control architecture is composed of two key modules: A deep reinforcement learning (RL) module for achieving adaptive goal-tracking behaviors with changing goals, and a central pattern generator (CPG) system with Matsuoka oscillators for generating stable and diverse locomotion patterns. The two modules are interconnected into a closed-loop system: The RL module, analogizing the locomotion region located in the midbrain of vertebrate animals, regulates the input to the CPG system given state feedback from the robot. The output of the CPG system is then translated into pressure inputs to pneumatic actuators of the soft snake robot. Based on the fact that the oscillation frequency and wave amplitude of the Matsuoka oscillator can be independently controlled under different time scales, we further adapt the option-critic framework to improve the learning performance measured by optimality and data efficiency. The performance of the proposed controller is experimentally validated with both simulated and real soft snake robots.

preprint2020arXiv

RikiNet: Reading Wikipedia Pages for Natural Question Answering

Reading long documents to answer open-domain questions remains challenging in natural language understanding. In this paper, we introduce a new model, called RikiNet, which reads Wikipedia pages for natural question answering. RikiNet contains a dynamic paragraph dual-attention reader and a multi-level cascaded answer predictor. The reader dynamically represents the document and question by utilizing a set of complementary attention mechanisms. The representations are then fed into the predictor to obtain the span of the short answer, the paragraph of the long answer, and the answer type in a cascaded manner. On the Natural Questions (NQ) dataset, a single RikiNet achieves 74.3 F1 and 57.9 F1 on long-answer and short-answer tasks. To our best knowledge, it is the first single model that outperforms the single human performance. Furthermore, an ensemble RikiNet obtains 76.1 F1 and 61.3 F1 on long-answer and short-answer tasks, achieving the best performance on the official NQ leaderboard

preprint2020arXiv

Role-Wise Data Augmentation for Knowledge Distillation

Knowledge Distillation (KD) is a common method for transferring the ``knowledge'' learned by one machine learning model (the \textit{teacher}) into another model (the \textit{student}), where typically, the teacher has a greater capacity (e.g., more parameters or higher bit-widths). To our knowledge, existing methods overlook the fact that although the student absorbs extra knowledge from the teacher, both models share the same input data -- and this data is the only medium by which the teacher's knowledge can be demonstrated. Due to the difference in model capacities, the student may not benefit fully from the same data points on which the teacher is trained. On the other hand, a human teacher may demonstrate a piece of knowledge with individualized examples adapted to a particular student, for instance, in terms of her cultural background and interests. Inspired by this behavior, we design data augmentation agents with distinct roles to facilitate knowledge distillation. Our data augmentation agents generate distinct training data for the teacher and student, respectively. We find empirically that specially tailored data points enable the teacher's knowledge to be demonstrated more effectively to the student. We compare our approach with existing KD methods on training popular neural architectures and demonstrate that role-wise data augmentation improves the effectiveness of KD over strong prior approaches. The code for reproducing our results can be found at https://github.com/bigaidream-projects/role-kd

preprint2020arXiv

Secure-by-synthesis network with active deception and temporal logic specifications

This paper is concerned with the synthesis of strategies in network systems with active cyber deception. Active deception in a network employs decoy systems and other defenses to conduct defensive planning against the intrusion of malicious attackers who have been confirmed by sensing systems. In this setting, the defender's objective is to ensure the satisfaction of security properties specified in temporal logic formulas. We formulate the problem of deceptive planning with decoy systems and other defenses as a two-player games with asymmetrical information and Boolean payoffs in temporal logic. We use level-2 hypergame with temporal logic objectives to capture the incomplete/incorrect knowledge of the attacker about the network system as a payoff misperception. The true payoff function is private information of the defender. Then, we extend the solution concepts of $omega$-regular games to analyze the attacker's rational strategy given her incomplete information. By generalizing the solution of level-2 hypergame in the normal form to extensive form, we extend the solutions of games with safe temporal logic objectives to decide whether the defender can ensure security properties to be satisfied with probability one, given any possible strategy that is perceived to be rational by the attacker. Further, we use the solution of games with co-safe (reachability) temporal logic objectives to determine whether the defender can engage the attacker, by directing the attacker to a high-fidelity honeypot. The effectiveness of the proposed synthesis methods is illustrated with synthetic network systems with honeypots.

preprint2020arXiv

Synthesis of Deceptive Strategies in Reachability Games with Action Misperception

We consider a class of two-player turn-based zero-sum games on graphs with reachability objectives, known as reachability games, where the objective of Player 1 (P1) is to reach a set of goal states, and that of Player 2 (P2) is to prevent this. In particular, we consider the case where the players have asymmetric information about each other's action capabilities: P2 starts with an incomplete information (misperception) about P1's action set, and updates the misperception when P1 uses an action previously unknown to P2. When P1 is made aware of P2's misperception, the key question is whether P1 can control P2's perception so as to deceive P2 into selecting actions to P1's advantage? We show that there might exist a deceptive winning strategy for P1 that ensures P1's objective is achieved with probability one from a state otherwise losing for P1, had the information being symmetric and complete. We present three key results: First, we introduce a dynamic hypergame model to capture the reachability game with evolving misperception of P2. Second, we present a fixed-point algorithm to compute the Deceptive Almost-Sure Winning (DASW) region and DASW strategy. Finally, we show that DASW strategy is at least as powerful as Almost-Sure Winning (ASW) strategy in the game in which P1 does not account for P2's misperception. We illustrate our algorithm using a robot motion planning in an adversarial environment.

preprint2019arXiv

Deep Learning-based Radiomic Features for Improving Neoadjuvant Chemoradiation Response Prediction in Locally Advanced Rectal Cancer

Radiomic features achieve promising results in cancer diagnosis, treatment response prediction, and survival prediction. Our goal is to compare the handcrafted (explicitly designed) and deep learning (DL)-based radiomic features extracted from pre-treatment diffusion-weighted magnetic resonance images (DWIs) for predicting neoadjuvant chemoradiation treatment (nCRT) response in patients with locally advanced rectal cancer (LARC). 43 patients receiving nCRT were included. All patients underwent DWIs before nCRT and total mesorectal excision surgery 6-12 weeks after completion of nCRT. Gross tumor volume (GTV) contours were drawn by an experienced radiation oncologist on DWIs. The patient-cohort was split into the responder group (n=22) and the non-responder group (n=21) based on the post-nCRT response assessed by postoperative pathology, MRI or colonoscopy. Handcrafted and DL-based features were extracted from the apparent diffusion coefficient (ADC) map of the DWI using conventional computer-aided diagnosis methods and a pre-trained convolution neural network, respectively. Least absolute shrinkage and selection operator (LASSO)-logistic regression models were constructed using extracted features for predicting treatment response. The model performance was evaluated with repeated 20 times stratified 4-fold cross-validation using receiver operating characteristic (ROC) curves and compared using the corrected resampled t-test. The model built with handcrafted features achieved the mean area under the ROC curve (AUC) of 0.64, while the one built with DL-based features yielded the mean AUC of 0.73. The corrected resampled t-test on AUC showed P-value < 0.05. DL-based features extracted from pre-treatment DWIs achieved significantly better classification performance compared with handcrafted features for predicting nCRT response in patients with LARC.

preprint2019arXiv

Generation of abdominal synthetic CTs from 0.35T MR images using generative adversarial networks for MR-only liver radiotherapy

Electron density maps must be accurately estimated to achieve valid dose calculation in MR-only radiotherapy. The goal of this study is to assess whether two deep learning models, the conditional generative adversarial network (cGAN) and the cycle-consistent generative adversarial network (cycleGAN), can generate accurate abdominal synthetic CT (sCT) images from 0.35T MR images for MR-only liver radiotherapy. A retrospective study was performed using CT images and 0.35T MR images of 12 patients with liver (n=8) and non-liver abdominal (n=4) cancer. CT images were deformably registered to the corresponding MR images to generate deformed CT (dCT) images for treatment planning. Both cGAN and cycleGAN were trained using MR and dCT transverse slices. Four-fold cross-validation testing was conducted to generate sCT images for all patients. The HU prediction accuracy was evaluated by voxel-wise similarity metric between each dCT and sCT image for all 12 patients. dCT-based and sCT-based dose distributions were compared using gamma and dose-volume histogram (DVH) metric analysis for 8 liver patients. sCTcycleGAN achieved the average mean absolute error (MAE) of 94.1 HU, while sCTcGAN achieved 89.8 HU. In both models, the average gamma passing rates within all volumes of interest were higher than 95% using a 2%, 2 mm criterion, and 99% using a 3%, 3 mm criterion. The average differences in the mean dose and DVH metrics were within +/-0.6% for the planning target volume and within +/-0.15% for evaluated organs in both models. Results demonstrated that abdominal sCT images generated by both cGAN and cycleGAN achieved accurate dose calculation for 8 liver radiotherapy plans. sCTcGAN images had smaller average MAE and achieved better dose calculation accuracy than sCTcyleGAN images. More abdominal patients will be enrolled in the future to further evaluate two models.

preprint2019arXiv

Opportunistic Synthesis in Reactive Games under Information Asymmetry

Reactive synthesis is a class of methods to construct a provably-correct control system, referred to as a robot, with respect to a temporal logic specification in the presence of a dynamic and uncontrollable environment. This is achieved by modeling the interaction between the robot and its environment as a two-player zero-sum game. However, existing reactive synthesis methods assume both players to have complete information, which is not the case in many strategic interactions. In this paper, we use a variant of hypergames to model the interaction between the robot and its environment; which has incomplete information about the specification of the robot. This model allows us to identify a subset of game states from where the robot can leverage the asymmetrical information to achieve a better outcome, which is not possible if both players have symmetrical and complete information. We then introduce a novel method of opportunistic synthesis by defining a Markov Decision Process (MDP) using the hypergame under temporal logic specifications. When the environment plays some stochastic strategy in its perceived sure-winning and sure-losing regions of the game, we show that by following the opportunistic strategy, the robot is ensured to only improve the outcome of the game - measured by satisfaction of sub-specifications - whenever an opportunity becomes available. We demonstrate the correctness and optimality of this method using a robot motion planning example in the presence of an adversary.

preprint2019arXiv

Topological Approximate Dynamic Programming under Temporal Logic Constraints

In this paper, we develop a Topological Approximate Dynamic Programming (TADP) method for planningin stochastic systems modeled as Markov Decision Processesto maximize the probability of satisfying high-level systemspecifications expressed in Linear Temporal Logic (LTL). Ourmethod includes two steps: First, we propose to decompose theplanning problem into a sequence of sub-problems based on thetopological property of the task automaton which is translatedfrom the LTL constraints. Second, we extend a model-freeapproximate dynamic programming method for value iterationto solve, in an order reverse to a causal dependency of valuefunctions, one for each state in the task automaton. Particularly,we show that the complexity of the TADP does not growpolynomially with the size of the product Markov DecisionProcess (MDP). The correctness and efficiency of the algorithmare demonstrated using a robotic motion planning example.

Jie Fu

Quick read

Decide how to stay connected

How to connect with this researcher

Open a focused conversation when the fit is right

See the researcher in context

Building this graph slice

29 published item(s)

FedFDP: Fairness-Aware Federated Learning with Differential Privacy

When Do Graph Neural Networks Help with Node Classification? Investigating the Impact of Homophily Principle on Node Distinguishability

CORGI-PM: A Chinese Corpus For Gender Bias Probing and Mitigation

Optimal Decoy Resource Allocation for Proactive Defense in Probabilistic Attack Graphs

A Multi-Agent Reinforcement Learning Approach For Safe and Efficient Behavior Planning Of Connected Autonomous Vehicles

CoCon: A Self-Supervised Approach for Controlled Text Generation

On Almost-Sure Intention Deception Planning that Exploits Imperfect Observers

Opportunistic Qualitative Planning in Stochastic Systems with Preferences over Temporal Logic Objectives

Patient-specific mean teacher UNet for enhancing PET image and low-dose PET reconstruction on RefleXion X1 biology-guided radiotherapy system

Unifying Likelihood-free Inference with Black-box Optimization and Beyond

Beyond Fully-Connected Layers with Quaternions: Parameterization of Hypercomplex Multiplications with $1/n$ Parameters

MentalBERT: Publicly Available Pretrained Language Models for Mental Healthcare

A novel 3D multi-path DenseNet for improving automatic segmentation of glioblastoma on pre-operative multi-modal MR images

A Receding-Horizon MDP Approach for Performance Evaluation of Moving Target Defense in Networks

A Theory of Hypergames on Graphs for Synthesizing Dynamic Cyber Defense with Deception

Deceptive Labeling: Hypergames on Graphs for Stealthy Deception

Dynamic Hypergames for Synthesis of Deceptive Strategies with Temporal Logic Objectives

Feature Lenses: Plug-and-play Neural Modules for Transformation-Invariant Visual Representations

Interactive Machine Comprehension with Information Seeking Agents

Jacobian Adversarially Regularized Networks for Robustness

Learning to Locomote with Deep Neural-Network and CPG-based Control in a Soft Snake Robot

RikiNet: Reading Wikipedia Pages for Natural Question Answering

Role-Wise Data Augmentation for Knowledge Distillation

Secure-by-synthesis network with active deception and temporal logic specifications

Synthesis of Deceptive Strategies in Reachability Games with Action Misperception

Deep Learning-based Radiomic Features for Improving Neoadjuvant Chemoradiation Response Prediction in Locally Advanced Rectal Cancer

Generation of abdominal synthetic CTs from 0.35T MR images using generative adversarial networks for MR-only liver radiotherapy

Opportunistic Synthesis in Reactive Games under Information Asymmetry

Topological Approximate Dynamic Programming under Temporal Logic Constraints