Expeditious MicroVM SnapStart in PM via Augmented Hypervisor

In the era of cloud computing, the industry has embraced snapshotting as a technique to tackle cold starts and efficiently manage numerous short-lived functions. Traditional methods often stumble on ‘page faults,’ disruptions that occur when the memory required is not immediately accessible. This talk introduces PASS, a cutting-edge system that leverages byte-addressable persistent memory (PMEM) for cost-effective and highly concurrent execution of MicroVM SnapStart. PASS functions as a PMEM-aware augmented hypervisor in the user space, revolutionizing MicroVM memory restoration. In this talk, we will discuss how PASS stands as a beacon of innovation, promising to revolutionize cloud function execution. Attendees will gain insights into the challenges faced by existing solutions and how PASS addresses them through its novel approach, ultimately paving the way for more efficient and scalable cloud computing environments.

Data Augmentation Algorithm for Class-Imbalanced Node Classification

Graph neural networks (GNNs) have achieved great success in node classification tasks. However, existing GNNs naturally bias towards the majority classes with more labelled data and ignore those minority classes with relatively few labelled ones. The traditional techniques often resort over sampling methods, but they may cause overfitting problem. More recently, some works propose to synthesize additional nodes for minority classes from the labelled nodes, however, there is no any guarantee if those generated nodes really stand for the corresponding minority classes. In fact, improperly synthesized nodes may result in insufficient generalization of the algorithm. To resolve the problem, in this paper we seek to automatically augment the minority classes from the massive unlabelled nodes of the graph. Specifically, we propose \textit{GraphSR}, a novel self-training strategy to augment the minority classes with significant diversity of unlabelled nodes, which is based on a Similarity-based selection module and a Reinforcement Learning (RL) selection module. The first module finds a subset of unlabelled nodes which are most similar to those labelled minority nodes, and the second one further determines the representative and reliable nodes from the subset via RL technique. Furthermore, the RL-based module can adaptively determine the sampling scale according to current training data. This strategy is general and can be easily combined with different GNNs models. Our experiments demonstrate the proposed approach outperforms the state-of-the-art baselines on various class-imbalanced datasets.

Adversarial Examples and its Applications to Privacy Protection

While Deep Neural Networks (DNNs) have achieved tremendous success in various image processing tasks such as classification, segmentation, denoising, and more, they are vulnerable when applied to Adversarial Examples (AEs). AEs are manipulated images that deceive the model by adding perturbations to normal images, capable of aiding in the detection and enhancement of DNNs’ robustness. Numerous methods for generating AEs have emerged, but in the practical black-box setting where attackers lack access to DNNs’ architecture, parameters or even training datasets, they can only obtain prediction scores or labels of images by querying the DNN. Current state-of-the-art black-box attack methods still face challenges with excessive query counts and relatively low attack success rate (ASR). In this talk, I will introduce our proposed algorithm aimed at enhancing the query efficiency and ASR of black-box attack methods. Additionally, I will discuss two other approaches we have designed for image privacy protection using AEs. One improves the accuracy of privacy-preserving image classification while allowing for ciphertext recovery under authorized access. The other allows human recognition of images while preventing DNNs from extracting image information, regardless of whether images are transmitted over online social networks