Browsing by Author "Azizi, Ahmadreza"

Now showing 1 - 3 of 3
  • Thumbnail Image
    CS5604 Fall 2017 Classification Team Submission
    Azizi, Ahmadreza; Mulchandani, Deepika; Naik, Amit; Ngo, Khai; Patil, Suraj; Vezvaee, Arian; Yang, Robin (Virginia Tech, 2018-01-03)
    This project submission includes the work of the 'Classification' team of the CS5604 'Information Storage and Retrieval' course of Fall 2017 towards the GETAR project. Classification of the GETAR data would allow users to analyze, visualize, and explore content related to crises, disasters, human rights, inequality, population growth, shootings, violence, etc. Binary classification models were trained for different events for both tweet and webpage collections. Word2Vec was used as the feature selection technique and the Word2Vec model was trained on the entire corpus available. Logistic Regression was used as our classification technique. As part of this submission, we detail our classification framework and the experiments that we conducted. We also give an insight into the challenges we faced, how we overcame those challenges, and also what we learned in the process. We also provide the code that we implemented and the models that were built to classify 1,562,215 tweets and 4,366 webpages.
  • Thumbnail Image
    Defending Against Trojan Attacks on Neural Network-based Language Models
    Azizi, Ahmadreza (Virginia Tech, 2020-05-15)
    Backdoor (Trojan) attacks are a major threat to the security of deep neural network (DNN) models. They are created by an attacker who adds a certain pattern to a portion of given training dataset, causing the DNN model to misclassify any inputs that contain the pattern. These infected classifiers are called Trojan models and the added pattern is referred to as the trigger. In image domain, a trigger can be a patch of pixel values added to the images and in text domain, it can be a set of words. In this thesis, we propose Trojan-Miner (T-Miner), a defense scheme against such backdoor attacks on text classification deep learning models. The goal of T-Miner is to detect whether a given classifier is a Trojan model or not. To create T-Miner , our approach is based on a sequence-to-sequence text generation model. T-Miner uses feedback from the suspicious (test) classifier to perturb input sentences such that their resulting class label is changed. These perturbations can be different for each of the inputs. T-Miner thus extracts the perturbations to determine whether they include any backdoor trigger and correspondingly flag the suspicious classifier as a Trojan model. We evaluate T-Miner on three text classification datasets: Yelp Restaurant Reviews, Twitter Hate Speech, and Rotten Tomatoes Movie Reviews. To illustrate the effectiveness of T-Miner, we evaluate it on attack models over text classifiers. Hence, we build a set of clean classifiers with no trigger in their training datasets and also using several trigger phrases, we create a set of Trojan models. Then, we compute how many of these models are correctly marked by T-Miner. We show that our system is able to detect trojan and clean models with 97% overall accuracy over 400 classifiers. Finally, we discuss the robustness of T-Miner in the case that the attacker knows T-Miner framework and wants to use this knowledge to weaken T-Miner performance. To this end, we propose four different scenarios for the attacker and report the performance of T-Miner under these new attack methods.
  • Thumbnail Image
    Study of Critical Phenomena with Monte Carlo and Machine Learning Techniques
    Azizi, Ahmadreza (Virginia Tech, 2020-07-08)
    Dynamical properties of non-equilibrium systems, similar to equilibrium ones, have been shown to obey robust time scaling laws which have enriched the concept of physical universality classes. In the first part of this Dissertation, we present the results of our investigations of some of the critical dynamical properties of systems belonging to the Voter or the Directed Percolation (DP) universality class. To be more precise, we focus on the aging properties of two-state and three-state Potts models with absorbing states and we determine temporal scaling of autocorrelation and autoresponse functions. We propose a novel microscopic model which exhibits non-equilibrium critical points belonging to the Voter, DP and Ising Universality classes. We argue that our model has properties similar to the Generalized Voter Model (GVM) in its Langevin description. Finally, we study the time evolution of the width of interfaces separating different absorbing states. The second part of this Dissertation is devoted to the applications of Machine Learning models in physical systems. First, we show that a trained Convolutional Neural Network (CNN) using configurations from the Ising model with conserved magnetization is able to find the location of the critical point. Second, using as our training dataset configurations of Ising models with conserved or non-conserved magnetization obtained in importance sampling Monte Carlo simulations, we investigate the physical properties of configurations generated by the Restricted Boltzmann Machine (RBM) model. The first part of this research was sponsored by the US Army Research Office and was accomplished under Grant Number W911NF-17-1-0156. The second part of this work was supported by the United States National Science Foundation through grant DMR-1606814.