A New Task and Dataset on Detecting Attacks on Human Rights Defenders
- URL: http://arxiv.org/abs/2306.17695v1
- Date: Fri, 30 Jun 2023 14:20:06 GMT
- Title: A New Task and Dataset on Detecting Attacks on Human Rights Defenders
- Authors: Shihao Ran, Di Lu, Joel Tetreault, Aoife Cahill, Alejandro Jaimes
- Abstract summary: We propose a new dataset for detecting Attacks on Human Rights Defenders (HRDsAttack) consisting of crowdsourced annotations on 500 online news articles.
The annotations include fine-grained information about the type and location of the attacks, as well as information about the victim(s)
We demonstrate the usefulness of the dataset by using it to train and evaluate baseline models on several sub-tasks to predict the annotated characteristics.
- Score: 68.45906430323156
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The ability to conduct retrospective analyses of attacks on human rights
defenders over time and by location is important for humanitarian organizations
to better understand historical or ongoing human rights violations and thus
better manage the global impact of such events. We hypothesize that NLP can
support such efforts by quickly processing large collections of news articles
to detect and summarize the characteristics of attacks on human rights
defenders. To that end, we propose a new dataset for detecting Attacks on Human
Rights Defenders (HRDsAttack) consisting of crowdsourced annotations on 500
online news articles. The annotations include fine-grained information about
the type and location of the attacks, as well as information about the
victim(s). We demonstrate the usefulness of the dataset by using it to train
and evaluate baseline models on several sub-tasks to predict the annotated
characteristics.
Related papers
- Long-Tailed Backdoor Attack Using Dynamic Data Augmentation Operations [50.1394620328318]
Existing backdoor attacks mainly focus on balanced datasets.
We propose an effective backdoor attack named Dynamic Data Augmentation Operation (D$2$AO)
Our method can achieve the state-of-the-art attack performance while preserving the clean accuracy.
arXiv Detail & Related papers (2024-10-16T18:44:22Z) - HumVI: A Multilingual Dataset for Detecting Violent Incidents Impacting Humanitarian Aid [6.0520837495927315]
HumVI is a dataset containing news articles in three languages (English, French, Arabic) containing instances of violent incidents categorized by the humanitarian sector they impact.
We provide benchmarks for the dataset, employing various deep learning architectures and techniques, including data augmentation and mask loss.
arXiv Detail & Related papers (2024-10-08T21:08:13Z) - Have You Poisoned My Data? Defending Neural Networks against Data Poisoning [0.393259574660092]
We propose a novel approach to detect and filter poisoned datapoints in the transfer learning setting.
We show that effective poisons can be successfully differentiated from clean points in the characteristic vector space.
Our evaluation shows that our proposal outperforms existing approaches in defense rate and final trained model performance.
arXiv Detail & Related papers (2024-03-20T11:50:16Z) - Optimal Zero-Shot Detector for Multi-Armed Attacks [30.906457338347447]
This paper explores a scenario in which a malicious actor employs a multi-armed attack strategy to manipulate data samples.
Our central objective is to protect the data by detecting any alterations to the input.
We derive an innovative information-theoretic defense approach that optimally aggregates the decisions made by these detectors.
arXiv Detail & Related papers (2024-02-24T13:08:39Z) - Avoid Adversarial Adaption in Federated Learning by Multi-Metric
Investigations [55.2480439325792]
Federated Learning (FL) facilitates decentralized machine learning model training, preserving data privacy, lowering communication costs, and boosting model performance through diversified data sources.
FL faces vulnerabilities such as poisoning attacks, undermining model integrity with both untargeted performance degradation and targeted backdoor attacks.
We define a new notion of strong adaptive adversaries, capable of adapting to multiple objectives simultaneously.
MESAS is the first defense robust against strong adaptive adversaries, effective in real-world data scenarios, with an average overhead of just 24.37 seconds.
arXiv Detail & Related papers (2023-06-06T11:44:42Z) - Re-thinking Data Availablity Attacks Against Deep Neural Networks [53.64624167867274]
In this paper, we re-examine the concept of unlearnable examples and discern that the existing robust error-minimizing noise presents an inaccurate optimization objective.
We introduce a novel optimization paradigm that yields improved protection results with reduced computational time requirements.
arXiv Detail & Related papers (2023-05-18T04:03:51Z) - Combating Informational Denial-of-Service (IDoS) Attacks: Modeling and
Mitigation of Attentional Human Vulnerability [28.570086492742046]
IDoS attacks deplete the cognition resources of human operators to prevent humans from identifying the real attacks hidden among feints.
This work aims to formally define IDoS attacks, quantify their consequences, and develop human-assistive security technologies to mitigate the severity level and risks of IDoS attacks.
arXiv Detail & Related papers (2021-08-04T05:09:32Z) - Detecting Cross-Modal Inconsistency to Defend Against Neural Fake News [57.9843300852526]
We introduce the more realistic and challenging task of defending against machine-generated news that also includes images and captions.
To identify the possible weaknesses that adversaries can exploit, we create a NeuralNews dataset composed of 4 different types of generated articles.
In addition to the valuable insights gleaned from our user study experiments, we provide a relatively effective approach based on detecting visual-semantic inconsistencies.
arXiv Detail & Related papers (2020-09-16T14:13:15Z) - Sampling Attacks: Amplification of Membership Inference Attacks by
Repeated Queries [74.59376038272661]
We introduce sampling attack, a novel membership inference technique that unlike other standard membership adversaries is able to work under severe restriction of no access to scores of the victim model.
We show that a victim model that only publishes the labels is still susceptible to sampling attacks and the adversary can recover up to 100% of its performance.
For defense, we choose differential privacy in the form of gradient perturbation during the training of the victim model as well as output perturbation at prediction time.
arXiv Detail & Related papers (2020-09-01T12:54:54Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.