References of "Ghamizi, Salah 50034675"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailEvasion Attack STeganography: Turning Vulnerability Of Machine Learning ToAdversarial Attacks Into A Real-world Application
Ghamizi, Salah UL; Cordy, Maxime UL; Papadakis, Mike UL et al

in Proceedings of International Conference on Computer Vision 2021 (2021)

Evasion Attacks have been commonly seen as a weakness of Deep Neural Networks. In this paper, we flip the paradigm and envision this vulnerability as a useful application. We propose EAST, a new ... [more ▼]

Evasion Attacks have been commonly seen as a weakness of Deep Neural Networks. In this paper, we flip the paradigm and envision this vulnerability as a useful application. We propose EAST, a new steganography and watermarking technique based on multi-label targeted evasion attacks. Our results confirm that our embedding is elusive; it not only passes unnoticed by humans, steganalysis methods, and machine-learning detectors. In addition, our embedding is resilient to soft and aggressive image tampering (87% recovery rate under jpeg compression). EAST outperforms existing deep-learning-based steganography approaches with images that are 70% denser and 73% more robust and supports multiple datasets and architectures. [less ▲]

Detailed reference viewed: 127 (21 UL)
Full Text
Peer Reviewed
See detailRequirements And Threat Models of Adversarial Attacks and Robustness of Chest X-ray classification
Ghamizi, Salah UL; Cordy, Maxime UL; Papadakis, Mike UL et al

E-print/Working paper (2021)

Vulnerability to adversarial attacks is a well-known weakness of Deep Neural Networks. While most of the studies focus on natural images with standardized benchmarks like ImageNet and CIFAR, little ... [more ▼]

Vulnerability to adversarial attacks is a well-known weakness of Deep Neural Networks. While most of the studies focus on natural images with standardized benchmarks like ImageNet and CIFAR, little research has considered real world applications, in particular in the medical domain. Our research shows that, contrary to previous claims, robustness of chest x-ray classification is much harder to evaluate and leads to very different assessments based on the dataset, the architecture and robustness metric. We argue that previous studies did not take into account the peculiarity of medical diagnosis, like the co-occurrence of diseases, the disagreement of labellers (domain experts), the threat model of the attacks and the risk implications for each successful attack. In this paper, we discuss the methodological foundations, review the pitfalls and best practices, and suggest new methodological considerations for evaluating the robustness of chest xray classification models. Our evaluation on 3 datasets, 7 models, and 18 diseases is the largest evaluation of robustness of chest x-ray classification models. We believe our findings will provide reliable guidelines for realistic evaluation and improvement of the robustness of machine learning models for medical diagnosis. [less ▲]

Detailed reference viewed: 88 (10 UL)
Full Text
See detailAdversarial Robustness in Multi-Task Learning: Promises and Illusions
Ghamizi, Salah UL; Cordy, Maxime UL; Papadakis, Mike UL et al

E-print/Working paper (2021)

Vulnerability to adversarial attacks is a well-known weakness of Deep Neural networks. While most of the studies focus on single-task neural networks with computer vision datasets, very little research ... [more ▼]

Vulnerability to adversarial attacks is a well-known weakness of Deep Neural networks. While most of the studies focus on single-task neural networks with computer vision datasets, very little research has considered complex multi-task models that are common in real applications. In this paper, we evaluate the design choices that impact the robustness of multi-task deep learning networks. We provide evidence that blindly adding auxiliary tasks, or weighing the tasks provides a false sense of robustness. Thereby, we tone down the claim made by previous research and study the different factors which may affect robustness. In particular, we show that the choice of the task to incorporate in the loss function are important factors that can be leveraged to yield more robust models. [less ▲]

Detailed reference viewed: 85 (1 UL)
Full Text
Peer Reviewed
See detailData-driven simulation and optimization for covid-19 exit strategies
Ghamizi, Salah UL; Rwemalika, Renaud UL; Cordy, Maxime UL et al

in Ghamizi, Salah; Rwemalika, Renaud; Cordy, Maxime (Eds.) et al Data-driven simulation and optimization for covid-19 exit strategies (2020, August)

The rapid spread of the Coronavirus SARS-2 is a major challenge that led almost all governments worldwide to take drastic measures to respond to the tragedy. Chief among those measures is the massive ... [more ▼]

The rapid spread of the Coronavirus SARS-2 is a major challenge that led almost all governments worldwide to take drastic measures to respond to the tragedy. Chief among those measures is the massive lockdown of entire countries and cities, which beyond its global economic impact has created some deep social and psychological tensions within populations. While the adopted mitigation measures (including the lockdown) have generally proven useful, policymakers are now facing a critical question: how and when to lift the mitigation measures? A carefully-planned exit strategy is indeed necessary to recover from the pandemic without risking a new outbreak. Classically, exit strategies rely on mathematical modeling to predict the effect of public health interventions. Such models are unfortunately known to be sensitive to some key parameters, which are usually set based on rules-of-thumb.In this paper, we propose to augment epidemiological forecasting with actual data-driven models that will learn to fine-tune predictions for different contexts (e.g., per country). We have therefore built a pandemic simulation and forecasting toolkit that combines a deep learning estimation of the epidemiological parameters of the disease in order to predict the cases and deaths, and a genetic algorithm component searching for optimal trade-offs/policies between constraints and objectives set by decision-makers.Replaying pandemic evolution in various countries, we experimentally show that our approach yields predictions with much lower error rates than pure epidemiological models in 75% of the cases and achieves a 95% R² score when the learning is transferred and tested on unseen countries. When used for forecasting, this approach provides actionable insights into the impact of individual measures and strategies. [less ▲]

Detailed reference viewed: 115 (14 UL)
Full Text
Peer Reviewed
See detailSearch-based adversarial testing and improvement of constrained credit scoring systems
Ghamizi, Salah UL; Cordy, Maxime UL; Gubri, Martin UL et al

in ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE '20), November 8-13, 2020 (2020)

Detailed reference viewed: 113 (23 UL)
Full Text
Peer Reviewed
See detailFeatureNET: Diversity-driven Generation of Deep Learning Models
Ghamizi, Salah UL; Cordy, Maxime UL; Papadakis, Mike UL et al

in International Conference on Software Engineering (ICSE) (2020)

Detailed reference viewed: 59 (7 UL)
Full Text
See detailPandemic Simulation and Forecasting of exit strategies:Convergence of Machine Learning and EpidemiologicalModels
Ghamizi, Salah UL; Rwemalika, Renaud UL; Cordy, Maxime UL et al

Report (2020)

The COVID-19 pandemic has created a public health emergency unprecedented in this century. The lack ofaccurate knowledge regarding the outcomes of the virus has made it challenging for policymakers to ... [more ▼]

The COVID-19 pandemic has created a public health emergency unprecedented in this century. The lack ofaccurate knowledge regarding the outcomes of the virus has made it challenging for policymakers to decideon appropriate countermeasures to mitigate its impact on society, in particular the public health and the veryhealthcare system.While the mitigation strategies (including the lockdown) are getting lifted, understanding the current im-pacts of the outbreak remains challenging. This impedes any analysis and scheduling of measures requiredfor the different countries to recover from the pandemic without risking a new outbreak.Therefore, we propose a novel approach to build realistic data-driven pandemic simulation and forecastingmodels to support policymakers. Our models allow the investigation of mitigation/recovery measures andtheir impact. Thereby, they enable appropriate planning of those measures, with the aim to optimize theirsocietal benefits.Our approach relies on a combination of machine learning and classical epidemiological models, circum-venting the respective limitations of these techniques to allow a policy-making based on established knowl-edge, yet driven by factual data, and tailored to each country’s specific context. [less ▲]

Detailed reference viewed: 232 (20 UL)
Full Text
Peer Reviewed
See detailAdversarial Embedding: A robust and elusive Steganography and Watermarking technique
Ghamizi, Salah UL; Cordy, Maxime UL; Papadakis, Mike UL et al

Scientific Conference (2020)

We propose adversarial embedding, a new steganography and watermarking technique that embeds secret information within images. The key idea of our method is to use deep neural networks for image ... [more ▼]

We propose adversarial embedding, a new steganography and watermarking technique that embeds secret information within images. The key idea of our method is to use deep neural networks for image classification and adversarial attacks to embed secret information within images. Thus, we use the attacks to embed an encoding of the message within images and the related deep neural network outputs to extract it. The key properties of adversarial attacks (invisible perturbations, nontransferability, resilience to tampering) offer guarantees regarding the confidentiality and the integrity of the hidden messages. We empirically evaluate adversarial embedding using more than 100 models and 1,000 messages. Our results confirm that our embedding passes unnoticed by both humans and steganalysis methods, while at the same time impedes illicit retrieval of the message (less than 13% recovery rate when the interceptor has some knowledge about our model), and is resilient to soft and (to some extent) aggressive image tampering (up to 100% recovery rate under jpeg compression). We further develop our method by proposing a new type of adversarial attack which improves the embedding density (amount of hidden information) of our method to up to 10 bits per pixel. [less ▲]

Detailed reference viewed: 406 (42 UL)
Full Text
Peer Reviewed
See detailAutomated Search for Configurations of Deep Neural Network Architectures
Ghamizi, Salah UL; Cordy, Maxime UL; Papadakis, Mike UL et al

in Automated Search for Configurations of Convolutional Neural Network Architectures (2019)

Deep Neural Networks (DNNs) are intensively used to solve a wide variety of complex problems. Although powerful, such systems require manual configuration and tuning. To this end, we view DNNs as ... [more ▼]

Deep Neural Networks (DNNs) are intensively used to solve a wide variety of complex problems. Although powerful, such systems require manual configuration and tuning. To this end, we view DNNs as configurable systems and propose an end-to-end framework that allows the configuration, evaluation and automated search for DNN architectures. Therefore, our contribution is threefold. First, we model the variability of DNN architectures with a Feature Model (FM) that generalizes over existing architectures. Each valid configuration of the FM corresponds to a valid DNN model that can be built and trained. Second, we implement, on top of Tensorflow, an automated procedure to deploy, train and evaluate the performance of a configured model. Third, we propose a method to search for configurations and demonstrate that it leads to good DNN models. We evaluate our method by applying it on image classification tasks (MNIST, CIFAR-10) and show that, with limited amount of computation and training, our method can identify high-performing architectures (with high accuracy). We also demonstrate that we outperform existing state-of-the-art architectures handcrafted by ML researchers. Our FM and framework have been released to support replication and future research. [less ▲]

Detailed reference viewed: 188 (36 UL)