arxiv: 2605.03423 · v1 · submitted 2026-05-05 · 💻 cs.AI

Recognition: unknown

Adaptive Dual-Path Framework for Covert Semantic Communication

Xi Yu , Weicai Li , Lin Yin , Tiejun Lv

Authors on Pith no claims yet

Pith reviewed 2026-05-07 16:37 UTC · model grok-4.3

classification 💻 cs.AI

keywords covert semantic communicationdual-path frameworkGumbel-Softmaxcontrastive representation alignmentsemantic codingCityscapes datasetcommunication securityadaptive block selection

0 comments

The pith

A dual-path adaptive framework embeds covert data in semantic features to suppress attacker detection to near-random levels while improving task performance.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that an adaptive dual-path architecture can perform covert semantic communication by embedding hidden messages directly into task-specific semantic features rather than through signal-level superposition. It does this with an explicit path dedicated to the public task and a stego path that uses contrastive alignment to mix in the covert data, plus a Gumbel-Softmax mechanism for dynamic block selection based on task needs. Experiments on the Cityscapes dataset demonstrate that this yields both better results on the main semantic tasks and near-random detection rates by independently trained attackers at 56.12 percent accuracy. A sympathetic reader would care because it offers a method for secure hidden transmission that does not trade off against the utility of semantic communication systems.

Core claim

The authors claim that their adaptive dual-path framework for covert semantic communication integrates covert information transmission with task-oriented semantic coding by embedding covert data within task-specific features via semantic-level intrinsic encoding. The framework uses dual encoding paths—an Explicit path for public task execution and a Stego path that jointly encodes both through contrastive representation alignment—along with a Gumbel-Softmax enabled adaptive path selection. This multi-objective optimization ensures accurate semantic understanding and reliable covert transmission, with experimental results on the Cityscapes dataset showing the attacker's detection accuracy at

What carries the argument

Dual encoding paths with an Explicit path for public tasks and a Stego path for joint public-covert encoding via contrastive representation alignment, plus Gumbel-Softmax adaptive block selection.

If this is right

The method suppresses the attacker's detection accuracy to a near-random 56.12 percent on Cityscapes.
It maintains superior performance on primary semantic tasks compared to baselines.
It enables joint encoding of public and covert information at the semantic level without power-domain superposition.
The multi-objective optimization balances accurate semantic understanding with reliable covert transmission.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

This semantic-level embedding approach might extend to other datasets or dynamic wireless environments where task requirements shift rapidly.
If the concealment holds, similar dual-path designs could reduce dependence on traditional physical-layer security in broader communication systems.
The adaptive selection mechanism suggests potential for handling multiple simultaneous semantic tasks with embedded covert channels.
Future work could test whether jointly optimizing the attacker and defender changes the observed security margin.

Load-bearing premise

The assumption that an independently trained attacker is the strongest possible threat and that contrastive representation alignment sufficiently conceals the covert information without allowing detection by more sophisticated or adaptive methods.

What would settle it

Training an attacker with knowledge of the dual-path architecture or using advanced techniques like adversarial training against the contrastive alignment and checking whether detection accuracy on Cityscapes rises substantially above 56.12 percent.

Figures

Figures reproduced from arXiv: 2605.03423 by Lin Yin, Tiejun Lv, Weicai Li, Xi Yu.

**Figure 2.** Figure 2: Framework of the encoding and decoding process. The Explicit path view at source ↗

**Figure 3.** Figure 3: Comprehensive covertness evaluation under varying SNR conditions. view at source ↗

**Figure 6.** Figure 6: Feature distribution visualization of the Base Model 1. view at source ↗

**Figure 4.** Figure 4: Task performance of different models under varying SNR conditions. view at source ↗

**Figure 5.** Figure 5: Feature distribution visualization of the proposed model training. view at source ↗

**Figure 8.** Figure 8: Feature distribution of training with a random policy path. view at source ↗

**Figure 11.** Figure 11: Trade-off analysis between public and covert tasks under varying view at source ↗

**Figure 12.** Figure 12: Visualization of the Select-or-Skip policy in the encoder blocks, i.e., view at source ↗

**Figure 13.** Figure 13: Training convergence analysis. The x-axis represents training steps, and the y-axis represents the task error. (a) Segmentation error on the Explicit Path (Public Baseline). (b) Segmentation error on the Stego Path, showing that embedding covert data has minimal impact on public task convergence. (c) Absolute error of depth prediction (Covert Task), demonstrating stable convergence. [17] Y. Hu, S. Han, Y.… view at source ↗

read the original abstract

This paper proposes a novel adaptive dual-path framework for covert semantic communication (SemCom), which integrates covert information transmission with task-oriented semantic coding. Unlike conventional covert communication methods that embed hidden messages through power-domain signal superposition, our framework embeds covert data within task-specific features via semantic-level intrinsic encoding. This new architecture introduces dual encoding paths with adaptive block selection: an Explicit path for public task execution and a Stego path that jointly encodes both public and covert information through contrastive representation alignment. A Gumbel-Softmax enabled adaptive path selection mechanism dynamically activates network blocks based on task require- ments. We formulate a multi-objective optimization framework that simultaneously ensures accurate semantic understanding and reliable covert transmission. We rigorously evaluate our framework's security against a powerful, independently trained attacker. Experimental results on the Cityscapes dataset demon- strate a state-of-the-art level of covertness: our method suppresses the attacker's detection accuracy to a near-random guessing level of 56.12%. This robust security is achieved while simultaneously maintaining superior performance on the primary semantic tasks compared to the baselines.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper puts forward a dual-path semantic encoder with Gumbel-Softmax block selection and contrastive alignment to hide covert data, but the security result depends on testing only a fixed, non-adaptive attacker.

read the letter

The main point is a concrete architecture that runs an explicit path for the public semantic task alongside a stego path that folds in covert information through contrastive representation alignment, then uses Gumbel-Softmax to pick blocks on the fly. That specific combination of adaptive selection and joint encoding is the new piece relative to prior semantic communication work. The Cityscapes experiments give a clear number: attacker detection at 56 percent while the main task stays ahead of the baselines. That is useful data for anyone building task-oriented wireless systems that also need some privacy layer. The multi-objective loss and the path-selection mechanism are laid out plainly enough to follow. The evaluation is run on a standard dataset with reported performance on both the covert and primary objectives, which is better than many framework papers that stop at architecture diagrams. The soft spot is the security claim. The attacker is trained separately and does not see the dual-path structure during its own training. Nothing in the abstract or the reported results shows tests against an adaptive attacker that knows the architecture or is optimized jointly against both paths. If that stronger threat model raises detection accuracy, the “near-random guessing” result shrinks. The free parameters for loss weights and Gumbel temperature are also left without sensitivity checks in the visible material, so it is hard to know how brittle the 56 percent figure is. This is aimed at researchers working on semantic communication and covert channels in AI-driven wireless networks. A reader who needs a working example of adaptive dual-path encoding plus concrete numbers on Cityscapes will get something usable from it. The paper has enough experimental grounding and a focused claim to deserve a serious referee rather than a desk reject, even though the security evaluation will need tightening.

Referee Report

2 major / 2 minor

Summary. The paper proposes a novel adaptive dual-path framework for covert semantic communication that combines an explicit path for standard task-oriented semantic coding with a stego path that embeds covert information through contrastive representation alignment. It introduces Gumbel-Softmax-based adaptive block selection and a multi-objective optimization to balance semantic task performance with covert transmission security. On the Cityscapes dataset, the framework is reported to achieve superior semantic task results while reducing an independently trained attacker's detection accuracy to 56.12%, presented as near-random and state-of-the-art covertness.

Significance. If the security evaluation holds under stronger threat models, the work could advance covert semantic communication by shifting from power-domain superposition to semantic-level intrinsic encoding within task features. The integration of contrastive alignment for concealment and adaptive path selection offers a concrete architecture with specific performance numbers on Cityscapes, providing a useful baseline for future secure SemCom research. The experimental focus on both primary task metrics and attacker detection is a strength.

major comments (2)

[§5] §5 (Experimental Results, security evaluation subsection): The headline claim of 'robust security' and 'state-of-the-art level of covertness' rests on suppressing an independently trained attacker's detection accuracy to 56.12%. However, the manuscript does not report results against adaptive attackers that have white-box access to the dual-path architecture or are trained jointly to exploit the contrastive alignment in the stego path. This is load-bearing for the central security claim, as the fixed-attacker setup may allow the framework to overfit to that specific threat model.
[§4] §4 (Multi-objective optimization formulation): The optimization includes free parameters for the loss weights balancing semantic accuracy, covert transmission, and contrastive alignment, plus the Gumbel-Softmax temperature. The manuscript should include sensitivity analysis or ablation showing how variations in these parameters affect the reported 56.12% detection figure and task performance, to substantiate that the covertness is not an artifact of post-hoc tuning.

minor comments (2)

[Abstract] Abstract: Typographical artifacts from line breaks appear as 'require- ments' and 'demon- strate'; these should be corrected for readability.
[Abstract and §5] The abstract and experimental sections lack explicit mention of data splits, error bars on the 56.12% figure, or full baseline implementation details, which would improve reproducibility even if not central to the claims.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive comments, which help clarify the scope of our security claims and the robustness of our optimization. We address each major comment below, indicating the revisions we will incorporate to strengthen the manuscript.

read point-by-point responses

Referee: §5 (Experimental Results, security evaluation subsection): The headline claim of 'robust security' and 'state-of-the-art level of covertness' rests on suppressing an independently trained attacker's detection accuracy to 56.12%. However, the manuscript does not report results against adaptive attackers that have white-box access to the dual-path architecture or are trained jointly to exploit the contrastive alignment in the stego path. This is load-bearing for the central security claim, as the fixed-attacker setup may allow the framework to overfit to that specific threat model.

Authors: We agree that the evaluated threat model is limited to an independently trained attacker and that stronger adaptive or white-box attacks would provide a more comprehensive assessment. Our current evaluation follows the standard practice in covert communication literature, where the attacker is trained separately without access to the transmitter's internal parameters or joint optimization. This setup reflects a realistic scenario in which the covert framework is not fully exposed. Nevertheless, we acknowledge that the 56.12% detection result may not generalize to all possible attacks. In the revision, we will add a dedicated limitations subsection discussing adaptive attack scenarios, including potential joint training of the attacker to exploit the contrastive alignment. We will also moderate the language around 'robust security' and 'state-of-the-art covertness' to explicitly tie these claims to the independent-attacker model while outlining future directions for stronger threat models. revision: yes
Referee: §4 (Multi-objective optimization formulation): The optimization includes free parameters for the loss weights balancing semantic accuracy, covert transmission, and contrastive alignment, plus the Gumbel-Softmax temperature. The manuscript should include sensitivity analysis or ablation showing how variations in these parameters affect the reported 56.12% detection figure and task performance, to substantiate that the covertness is not an artifact of post-hoc tuning.

Authors: We appreciate this observation regarding the hyperparameters in the multi-objective loss and the Gumbel-Softmax temperature. These parameters were selected via validation-set performance to balance the primary semantic tasks with covert transmission objectives. To demonstrate that the reported covertness is not an artifact of specific tuning, we will include an expanded ablation study in the revised manuscript. This will report results for a range of loss-weight combinations and temperature values, showing their effects on both semantic segmentation metrics (e.g., mIoU on Cityscapes) and attacker detection accuracy. The added analysis will substantiate the stability of the 56.12% detection figure within reasonable parameter ranges. revision: yes

Circularity Check

0 steps flagged

No significant circularity detected; framework and security evaluation are self-contained

full rationale

The paper introduces a dual-path encoder with contrastive alignment and Gumbel-Softmax selection, then reports an experimental security result (56.12% attacker detection on Cityscapes) obtained by training an independent attacker. No load-bearing step reduces the architecture, optimization, or measured covertness to a self-definition, a fitted parameter renamed as a prediction, or a self-citation chain; the multi-objective loss and external evaluation benchmark remain independent of the claimed outcomes.

Axiom & Free-Parameter Ledger

2 free parameters · 2 axioms · 0 invented entities

The central claim rests on standard deep learning assumptions and optimization techniques; abstract provides insufficient detail to enumerate all hyperparameters or training choices, but no new physical entities or ad-hoc axioms are introduced beyond the proposed architecture.

free parameters (2)

multi-objective loss weights
Weights balancing semantic task accuracy against covert transmission reliability are required for the optimization framework but not numerically specified.
Gumbel-Softmax temperature
Temperature parameter controls the differentiability of adaptive path selection and is a tunable hyperparameter in the mechanism.

axioms (2)

domain assumption Neural networks can learn task-specific and covert-aligned representations via contrastive loss
Invoked in the design of the stego path for joint encoding without explicit separation.
standard math Gumbel-Softmax provides a differentiable approximation to discrete block selection
Used to enable end-to-end training of the adaptive path selection mechanism.

pith-pipeline@v0.9.0 · 5484 in / 1586 out tokens · 76030 ms · 2026-05-07T16:37:23.481233+00:00 · methodology

Review history (2 revisions) →

discussion (0)

Reference graph

Works this paper leans on

51 extracted references · 4 canonical work pages · 2 internal anchors

[1]

Rethinking wireless communication security in semantic internet of things,

H. Du, J. Wang, D. Niyato, J. Kang, Z. Xiong, X. Shen, and D. I. Kim, “Rethinking wireless communication security in semantic internet of things,” IEEE Wireless Commun. , vol. 30, no. 3, pp. 36–43, Jun. 2023

2023
[2]

Beyond transmitting bits: Context, seman- tics, and task-oriented communications,

D. Gündüz, Z. Qin, I. E. Aguerri, H. S. Dhillon, Z. Y ang, A. Y ener, K. K. Wong, and C.-B. Chae, “Beyond transmitting bits: Context, seman- tics, and task-oriented communications,” IEEE J. Sel. Areas Commun. , vol. 41, no. 1, pp. 5–41, Jan. 2023

2023
[3]

Deep joint source- channel coding for wireless image transmission,

E. Bourtsoulatze, D. B. Kurka, and D. Gündüz, “Deep joint source- channel coding for wireless image transmission,” IEEE Trans. Cogn. Commun. Netw., vol. 5, no. 3, pp. 567–579, May 2019

2019
[4]

Semantics-empowered communications: A tutorial-cum-survey,

Z. Lu, R. Li, K. Lu, X. Chen, E. Hossain, Z. Zhao, and H. Zhang, “Semantics-empowered communications: A tutorial-cum-survey,” IEEE Commun. Surv. Tutor ., vol. 26, no. 1, pp. 41–79, Jan. 2024

2024
[5]

Secure semantic communications: Fundamentals and challenges,

Z. Y ang, M. Chen, G. Li, Y . Y ang, and Z. Zhang, “Secure semantic communications: Fundamentals and challenges,” IEEE Netw. , vol. 38, no. 6, pp. 513–520, Nov. 2024

2024
[6]

Covert communications: A comprehensive survey,

X. Chen, J. An, Z. Xiong, C. Xing, N. Zhao, F. R. Y u, and A. Nal- lanathan, “Covert communications: A comprehensive survey,” IEEE Commun. Surv. Tutor ., vol. 25, no. 2, pp. 1173–1198, Apr. 2023

2023
[7]

Multi- agent reinforcement learning for covert semantic communications over wireless networks,

Y . Wang, Y . Hu, Z. Y ang, W. Saad, K.-K. Wong, and S. Cui, “Multi- agent reinforcement learning for covert semantic communications over wireless networks,” in Proc. IEEE Int. Conf. Acoust. Speech Signal Process., Jun. 2023, pp. 1–5

2023
[8]

Covert semantic communi- cation with ﬁnite blocklength,

S. Hu, S. Y an, X. Zhou, F. Shu, and J. Li, “Covert semantic communi- cation with ﬁnite blocklength,” IEEE Wireless Commun. Lett. , vol. 12, no. 4, pp. 689–693, Apr. 2023

2023
[9]

Covert uav data transmission via semantic communication: A drl-driven joint position and power optimization method,

Y . Wang, Y . Hu, H. Du, T. Luo, D. Niyato, H. Kang, and Z. Kang, “Covert uav data transmission via semantic communication: A drl-driven joint position and power optimization method,” IEEE Internet Things J. , vol. 11, no. 15, pp. 25 776–25 790, Aug. 2024

2024
[10]

Multi-agent rein- forcement learning for covert semantic communications over wireless networks,

Y . Wang, Y . Hu, H. Du, T. Luo, and D. Niyato, “Multi-agent rein- forcement learning for covert semantic communications over wireless networks,” IEEE Trans. V eh. Technol. , vol. 73, no. 2, pp. 2626–2641, Feb. 2024

2024
[11]

Secret agent radio: Covert communication through dirty constellations,

A. Dutta, D. Saha, D. Grunwald, and D. Sicker, “Secret agent radio: Covert communication through dirty constellations,” in Proc. Int. Work- shop Inf. Hiding , 2013, pp. 160–175

2013
[12]

Embedding covert information in broadcast communications,

K. S. K. Arumugam and M. R. Bloch, “Embedding covert information in broadcast communications,” IEEE Trans. Inf. F orensics Secur ., vol. 14, no. 10, pp. 2787–2801, 2019

2019
[13]

Biologically inspired covert underwater acoustic communication by mimicking dolphin whistles,

S. Liu, T. Ma, G. Qiao, L. Ma, and Y . Yin, “Biologically inspired covert underwater acoustic communication by mimicking dolphin whistles,” Appl. Acoust. , vol. 120, pp. 120–128, 2017

2017
[14]

Sad thug: Structural anomaly detection for transmissions of high-value information using graphics,

J. P . Chapman, “Sad thug: Structural anomaly detection for transmissions of high-value information using graphics,” in Proc. 27th USENIX Security Symp. (USENIX Security) , Aug. 2018, pp. 1147–1164

2018
[15]

Covert communication with time uncertainty in time-critical wireless networks,

X. Lu, S. Y an, W. Y ang, M. Li, and D. W. K. Ng, “Covert communication with time uncertainty in time-critical wireless networks,” IEEE Trans. Wirel. Commun., vol. 22, no. 2, pp. 1116–1129, Feb. 2023

2023
[16]

Covert communication over asynchronous channels with timing advantage,

V . Dani, V . Ramaiyan, and D. Jalihal, “Covert communication over asynchronous channels with timing advantage,” in Proc. IEEE Inf. Theory Workshop (ITW) , Oct. 2021, pp. 1–6. 15 0 2 4 Training Step ×10 4 0.5 0.6 0.7 0.8seg_error (a) Public Task 0 2 4 Training Step ×10 4 0.5 0.6 0.7seg_ste_error (b) Public Task (Stego) 0 2 4 Training Step ×10 4 0.025 0.03...

2021
[17]

Extension of the covert perfor- mance evaluation system for underwater spread spectrum communica- tion,

Y . Hu, S. Han, Y . Zhang, and J. Du, “Extension of the covert perfor- mance evaluation system for underwater spread spectrum communica- tion,” in Proc. Int. Conf. Electron. Inf. Eng. Comput. Technol. (EIECT) , Nov. 2023

2023
[18]

Bionic covert hydroacoustic spread spectrum communication based on improved adaptive ﬁltering algorithm,

J. Du, Y . Zhang, Y . Hu, and S. Han, “Bionic covert hydroacoustic spread spectrum communication based on improved adaptive ﬁltering algorithm,” in Proc. Int. Conf. Neural Netw. Inf. Commun. Eng. (NNICE), Jan. 2024

2024
[19]

Multi-antenna covert communications in random wireless networks,

T.-X. Zheng, H.-M. Wang, D. W. K. Ng, and J. Y uan, “Multi-antenna covert communications in random wireless networks,” IEEE Trans. Wirel. Commun., vol. 18, no. 3, pp. 1974–1987, Mar. 2019

1974
[20]

Intelligent reﬂecting surface- assisted multi-antenna covert communications: Joint active and passive beamforming optimization,

C. Wang, Z. Li, J. Shi, and D. W. K. Ng, “Intelligent reﬂecting surface- assisted multi-antenna covert communications: Joint active and passive beamforming optimization,” IEEE Trans. Commun. , vol. 69, no. 6, pp. 3984–4000, Jun. 2021

2021
[21]

Covert communi- cation achieved by a greedy relay in wireless networks,

J. Hu, S. Y an, X. Zhou, F. Shu, J. Li, and J. Wang, “Covert communi- cation achieved by a greedy relay in wireless networks,” IEEE Trans. Wirel. Commun., vol. 17, no. 7, pp. 4766–4779, Jul. 2018

2018
[22]

Delay-constrained covert communica- tions with a full-duplex receiver,

F. Shu, T. Xu, J. Hu, and S. Y an, “Delay-constrained covert communica- tions with a full-duplex receiver,” IEEE Wireless Commun. Lett. , vol. 8, no. 3, pp. 813–816, Jun. 2019

2019
[23]

Covert communication in downlink noma systems with random transmit power,

L. Tao, W. Y ang, S. Y an, D. Niyato, Y .-C. Liang, and X. Y ou, “Covert communication in downlink noma systems with random transmit power,” IEEE Wireless Commun. Lett., vol. 9, no. 11, pp. 2000–2004, Nov. 2020

2000
[24]

Joint optimization of beamforming and noise injection for covert downlink transmissions in cell-free internet of things networks,

J. Xing, J. Li, Z. Li, and D. W. K. Ng, “Joint optimization of beamforming and noise injection for covert downlink transmissions in cell-free internet of things networks,” IEEE Internet Things J. , vol. 11, no. 6, pp. 10 525–10 536, Mar. 2024

2024
[25]

Latency minimization in covert communication enabled federated learning network,

T. T. V . Nguyen, N. C. Luong, S. Feng, D. T. Hoang, D. Niyato, and D. I. Kim, “Latency minimization in covert communication enabled federated learning network,” IEEE Trans. V eh. Technol., vol. 70, no. 12, pp. 13 447–13 452, Dec. 2021

2021
[26]

Covert wireless commu- nication against jamming-assisted proactive detection,

B. Che, H. Shi, Z. Li, Y . Wu, and L. Y ang, “Covert wireless commu- nication against jamming-assisted proactive detection,” IEEE Wireless Commun. Lett. , vol. 12, no. 8, pp. 1304–1308, Aug. 2023

2023
[27]

Semantic communication approach for multi-task image transmission,

Z. Zhang, Y . Zhou, Y . Hu, G. Zhang, and D. W. K. Ng, “Semantic communication approach for multi-task image transmission,” in Proc. IEEE 96th V eh. Technol. Conf. (VTC2022-Fall) , Sep. 2022, pp. 1–2

2022
[28]

Image semantic communications: An extended rate-distortion theory based scheme,

W. Tong, Z. Wang, M. Li, Q. Pei, and F. R. Y u, “Image semantic communications: An extended rate-distortion theory based scheme,” in Proc. IEEE Globecom Workshops (GC Wkshps) , Dec. 2022, pp. 1723– 1728

2022
[29]

A multi-task semantic communication system for natural language processing,

Y . Sheng, G. Zhang, Q. Hu, Y . Cai, and G. Y u, “A multi-task semantic communication system for natural language processing,” in Proc. IEEE 96th V eh. Technol. Conf. (VTC2022-Fall), Sep. 2022, pp. 1–5

2022
[30]

Scalable multi-task semantic communication system with feature importance ranking,

J. Hu, F. Hu, S. Han, and L. Liu, “Scalable multi-task semantic communication system with feature importance ranking,” in Proc. IEEE Int. Conf. Acoust. Speech Signal Process. (ICASSP) , Jun. 2023, pp. 1–5

2023
[31]

A uniﬁed multi-task semantic communication system for multimodal data,

G. Zhang, Q. Hu, Z. Qin, Y . Cai, and G. Y u, “A uniﬁed multi-task semantic communication system for multimodal data,” IEEE Trans. Commun., vol. 72, no. 7, pp. 3938–3953, Jul. 2024

2024
[32]

Privacy-aware communication over a wiretap channel with generative networks,

E. Erdemir, T. Hamza, and D. Gündüz, “Privacy-aware communication over a wiretap channel with generative networks,” in Proc. IEEE Int. Conf. Acoust. Speech Signal Process. , May 2022, pp. 2989–2993

2022
[33]

Adversarial networks for secure wireless communications,

T. Marchioro, N. Laurenti, and D. Gündüz, “Adversarial networks for secure wireless communications,” in Proc. IEEE Int. Conf. Acoust. Speech Signal Process. , May 2020, pp. 8748–8752

2020
[34]

Deep joint encryption and source-channel coding: An image privacy protection approach,

J. Xu, B. Ai, W. Chen, A. Y ang, P . Sun, and M. Rodrigues, “Deep joint encryption and source-channel coding: An image privacy protection approach,” arXiv preprint arXiv:2111.03234 , Nov. 2021

work page arXiv 2021
[35]

Deep joint source-channel and encryption coding: Secure semantic communications,

T.-Y . Tung and D. Gündüz, “Deep joint source-channel and encryption coding: Secure semantic communications,” in Proc. IEEE Int. Conf. Commun., May 2023, pp. 5620–5625

2023
[36]

Disentangled in- formation bottleneck guided privacy-protective joint source and channel coding for image transmission,

L. Sun, Y . Y ang, M. Chen, W. Saad, and H. V . Poor, “Disentangled in- formation bottleneck guided privacy-protective joint source and channel coding for image transmission,” IEEE Trans. Commun. , vol. 72, no. 11, pp. 6992–7005, Nov. 2024

2024
[37]

Mitigating information leakage in image representations: A maximum entropy approach,

P . C. Roy and V . N. Boddeti, “Mitigating information leakage in image representations: A maximum entropy approach,” in Proc. IEEE Conf. Comput. Vis. Pattern Recog. (CVPR) , Jun. 2019, pp. 2586–2594

2019
[38]

An overview of information-theoretic security and privacy: Metrics, limits and applications,

M. Bloch, O. Günlü, A. Y ener, F. Oggier, H. V . Poor, L. Sankar, and R. F. Schaefer, “An overview of information-theoretic security and privacy: Metrics, limits and applications,” IEEE J. Sel. Areas Inf. Theory , vol. 2, no. 1, pp. 5–22, Mar. 2021

2021
[39]

Embedding covert information in broadcast communications,

K. S. K. Arumugam and M. R. Bloch, “Embedding covert information in broadcast communications,” IEEE Trans. Inf. F orensics Secur ., vol. 14, no. 10, pp. 2787–2801, Oct. 2019

2019
[40]

Learning-based power control for secure covert semantic communication,

Y . Liu, J. Wen, G. Nan, Q. Cui, and X. Tao, “Learning-based power control for secure covert semantic communication,” arXiv preprint arXiv:2407.07475, Jul. 2024

work page arXiv 2024
[41]

Covert and reliable semantic communication against cross-layer privacy inference over wireless edge networks,

R. Xu, J. Xie, J. Hu, and Y . Wang, “Covert and reliable semantic communication against cross-layer privacy inference over wireless edge networks,” in Proc. IEEE Wireless Commun. Netw. Conf. (WCNC) , Apr. 2024, pp. 1–6

2024
[42]

Landscape more secure than portrait? zooming into the directionality of digital images with security implications,

B. Lorch and R. Böhme, “Landscape more secure than portrait? zooming into the directionality of digital images with security implications,” in Proc. 33rd USENIX Security Symp. (USENIX Security) , Aug. 2024, pp. 6903–6920

2024
[43]

Adashare: Learning what to share for efﬁcient deep multi-task learning,

X. Sun, R. Panda, R. Feris, and K. Saenko, “Adashare: Learning what to share for efﬁcient deep multi-task learning,” in Adv. Neural Inf. Process. Syst., Nov. 2020, pp. 1–13

2020
[44]

Categorical Reparameterization with Gumbel-Softmax

E. Jang, S. Gu, and B. Poole, “Categorical reparameterization with gumbel-softmax,” arXiv preprint arXiv:1611.01144 , Aug. 2017

work page internal anchor Pith review arXiv 2017
[45]

The cityscapes dataset for semantic urban scene understanding,

M. Cordts, M. Omran, S. Ramos, T. Rehfeld, M. Enzweiler, R. Benen- son, U. Franke, S. Roth, and B. Schiele, “The cityscapes dataset for semantic urban scene understanding,” in Proc. IEEE Conf. Comput. Vis. Pattern Recognit. (CVPR) , Jun. 2016, pp. 3213–3223

2016
[46]

Deep residual learning for image recognition,

K. He, X. Zhang, S. Ren, and J. Sun, “Deep residual learning for image recognition,” in Proc. IEEE/CVF Conf. Comput. Vis. Pattern Recognit. (CVPR), Jun. 2016, pp. 770–778

2016
[47]

Deep learning hierarchical representations for image steganalysis,

J. Y e, J. Ni, and Y . Yi, “Deep learning hierarchical representations for image steganalysis,” IEEE Trans. Inf. F orensics Secur ., vol. 12, no. 11, pp. 2545–2557, Nov. 2017

2017
[48]

Adam: A Method for Stochastic Optimization

D. P . Kingma and J. Ba, “Adam: A method for stochastic optimization,” arXiv preprint arXiv:1412.6980 , Dec. 2014

work page internal anchor Pith review arXiv 2014
[49]

Stochastic estimation of the maximum of a regression function,

J. Kiefer and J. Wolfowitz, “Stochastic estimation of the maximum of a regression function,” Ann. Math. Stat. , vol. 23, no. 3, pp. 462–466, Sep. 1952. 16

1952
[50]

Genran: Genfusion-guided reversible anonymization network for face privacy preserving,

R. Wang, L. Gu, J. Li, J. Wang, J. Sun, and W. Wan, “Genran: Genfusion-guided reversible anonymization network for face privacy preserving,” Inf. Fusion , vol. 113, pp. 103–120, Sep. 2025

2025
[51]

Multilevel feature transmission in dynamic channels: A semantic knowledge base and deep-reinforcement-learning-enabled approach,

L. Y an, Z. Qin, R. Zhang, Y . Li, and G. Y . Li, “Multilevel feature transmission in dynamic channels: A semantic knowledge base and deep-reinforcement-learning-enabled approach,” IEEE Internet Things J., vol. 10, no. 16, pp. 14 599–14 612, 2023. Xi Yu (Graduate Student Member, IEEE) received the B.E. degree in communication engineering from Beijing Univ...

2023