secure

Title: Weak Equivalents for Nonlinear Filtering Functions. (arXiv:2208.04734v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2208.04734
• Code URL: null
• Copy Paste: [[2208.04734] Weak Equivalents for Nonlinear Filtering Functions](http://arxiv.org/abs/2208.04734)
• Summary:

  The application of a nonlinear filtering function to a Linear Feedback Shift Register (LFSR) is a general technique for designing pseudorandom sequence generators with cryptographic application. In this paper, we investigate the equivalence between different nonlinear filtering functions applied to distinct LFSRs. It is a well known fact that given a binary sequence generated from a pair (nonlinear filtering function, LFSR), the same sequence can be generated from any other LFSR of the same length by using another filtering function. However, until now no solution has been found for the problem of computing such an equivalent. This paper analyzes the specific case in which the reciprocal LFSR of a given register is used to generate an equivalent of the original nonlinear filtering function. The main advantage of the contribution is that weaker equivalents can be computed for any nonlinear filter, in the sense that such equivalents could be used to cryptanalyze apparently secure generators. Consequently, to evaluate the cryptographic resistance of a sequence generator, the weakest equivalent cipher should be determined and not only a particular instance.

security

Title: SDWPF: A Dataset for Spatial Dynamic Wind Power Forecasting Challenge at KDD Cup 2022. (arXiv:2208.04360v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04360
• Code URL: null
• Copy Paste: [[2208.04360] SDWPF: A Dataset for Spatial Dynamic Wind Power Forecasting Challenge at KDD Cup 2022](http://arxiv.org/abs/2208.04360)
• Summary:

  The variability of wind power supply can present substantial challenges to incorporating wind power into a grid system. Thus, Wind Power Forecasting (WPF) has been widely recognized as one of the most critical issues in wind power integration and operation. There has been an explosion of studies on wind power forecasting problems in the past decades. Nevertheless, how to well handle the WPF problem is still challenging, since high prediction accuracy is always demanded to ensure grid stability and security of supply. We present a unique Spatial Dynamic Wind Power Forecasting dataset: SDWPF, which includes the spatial distribution of wind turbines, as well as the dynamic context factors. Whereas, most of the existing datasets have only a small number of wind turbines without knowing the locations and context information of wind turbines at a fine-grained time scale. By contrast, SDWPF provides the wind power data of 134 wind turbines from a wind farm over half a year with their relative positions and internal statuses. We use this dataset to launch the Baidu KDD Cup 2022 to examine the limit of current WPF solutions. The dataset is released at https://aistudio.baidu.com/aistudio/competition/detail/152/0/datasets.

privacy

Title: Stronger Privacy Amplification by Shuffling for R\'enyi and Approximate Differential Privacy. (arXiv:2208.04591v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2208.04591
• Code URL: null
• Copy Paste: [[2208.04591] Stronger Privacy Amplification by Shuffling for R\'enyi and Approximate Differential Privacy](http://arxiv.org/abs/2208.04591)
• Summary:

  The shuffle model of differential privacy has gained significant interest as an intermediate trust model between the standard local and central models [EFMRTT19; CSUZZ19]. A key result in this model is that randomly shuffling locally randomized data amplifies differential privacy guarantees. Such amplification implies substantially stronger privacy guarantees for systems in which data is contributed anonymously [BEMMRLRKTS17].

In this work, we improve the state of the art privacy amplification by shuffling results both theoretically and numerically. Our first contribution is the first asymptotically optimal analysis of the R\'enyi differential privacy parameters for the shuffled outputs of LDP randomizers. Our second contribution is a new analysis of privacy amplification by shuffling. This analysis improves on the techniques of [FMT20] and leads to tighter numerical bounds in all parameter settings.

Title: Bottom-up Trust Registry in Self Sovereign Identity. (arXiv:2208.04624v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2208.04624
• Code URL: null
• Copy Paste: [[2208.04624] Bottom-up Trust Registry in Self Sovereign Identity](http://arxiv.org/abs/2208.04624)
• Summary:

  Self sovereign identity is a form of decentralised credential management. During credential verification, data exchange only happens between the data owner and the verifier without passing through any third parties. While this approach offers a privacy-centric solution, it poses a challenge. How do verifiers trust that the credential is vouched by a trusted source? More specifically, how do verifiers know that the issuer has the reputation or is authorised to issue the credential? In this paper, we propose a trust registry design that handles the aspect of human trust in self sovereign identity. We also introduce an incentivisation mechanism for the trust registry in order to motivate each stakeholder to participate actively and honestly.

Title: STELLA: Sparse Taint Analysis for Enclave Leakage Detection. (arXiv:2208.04719v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2208.04719
• Code URL: null
• Copy Paste: [[2208.04719] STELLA: Sparse Taint Analysis for Enclave Leakage Detection](http://arxiv.org/abs/2208.04719)
• Summary:

  Intel SGX (Software Guard Extension) is a promising TEE (trusted execution environment) technique that can protect programs running in user space from being maliciously accessed by the host operating system. Although it provides hardware access control and memory encryption, the actual effectiveness also depends on the quality of the software. In particular, improper implementation of a code snippet running inside the enclave may still leak private data due to the invalid use of pointers. This paper serves as a first attempt to study the privacy leakage issues of enclave code and proposes a novel static sparse taint analysis approach to detect them. We first summarize five common patterns of leakage code. Based on these patterns, our approach performs forward analysis to recognize all taint sinks and then employs a backward approach to detect leakages. Finally, we have conducted experiments with several open-source enclave programs and found 78 vulnerabilities previously unknown in 13 projects.

Title: Combining Variational Modeling with Partial Gradient Perturbation to Prevent Deep Gradient Leakage. (arXiv:2208.04767v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04767
• Code URL: null
• Copy Paste: [[2208.04767] Combining Variational Modeling with Partial Gradient Perturbation to Prevent Deep Gradient Leakage](http://arxiv.org/abs/2208.04767)
• Summary:

  Exploiting gradient leakage to reconstruct supposedly private training data, gradient inversion attacks are an ubiquitous threat in collaborative learning of neural networks. To prevent gradient leakage without suffering from severe loss in model performance, recent work proposed a PRivacy EnhanCing mODulE (PRECODE) based on variational modeling as extension for arbitrary model architectures. In this work, we investigate the effect of PRECODE on gradient inversion attacks to reveal its underlying working principle. We show that variational modeling induces stochasticity on PRECODE's and its subsequent layers' gradients that prevents gradient attacks from convergence. By purposefully omitting those stochastic gradients during attack optimization, we formulate an attack that can disable PRECODE's privacy preserving effects. To ensure privacy preservation against such targeted attacks, we propose PRECODE with Partial Perturbation (PPP), as strategic combination of variational modeling and partial gradient perturbation. We conduct an extensive empirical study on four seminal model architectures and two image classification datasets. We find all architectures to be prone to gradient leakage, which can be prevented by PPP. In result, we show that our approach requires less gradient perturbation to effectively preserve privacy without harming model performance.

protect

defense

attack

Title: Multi-target Tracking of Zebrafish based on Particle Filter. (arXiv:2208.04553v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04553
• Code URL: null
• Copy Paste: [[2208.04553] Multi-target Tracking of Zebrafish based on Particle Filter](http://arxiv.org/abs/2208.04553)
• Summary:

  Zebrafish is an excellent model organism, which has been widely used in the fields of biological experiments, drug screening, and swarm intelligence. In recent years, there are a large number of techniques for tracking of zebrafish involved in the study of behaviors, which makes it attack much attention of scientists from many fields. Multi-target tracking of zebrafish is still facing many challenges. The high mobility and uncertainty make it difficult to predict its motion; the similar appearances and texture features make it difficult to establish an appearance model; it is even hard to link the trajectories because of the frequent occlusion. In this paper, we use particle filter to approximate the uncertainty of the motion. Firstly, by analyzing the motion characteristics of zebrafish, we establish an efficient hybrid motion model to predict its positions; then we establish an appearance model based on the predicted positions to predict the postures of every targets, meanwhile weigh the particles by comparing the difference of predicted pose and observation pose ; finally, we get the optimal position of single zebrafish through the weighted position, and use the joint particle filter to process trajectory linking of multiple zebrafish.

robust

Title: Rethinking Robust Representation Learning Under Fine-grained Noisy Faces. (arXiv:2208.04352v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04352
• Code URL: null
• Copy Paste: [[2208.04352] Rethinking Robust Representation Learning Under Fine-grained Noisy Faces](http://arxiv.org/abs/2208.04352)
• Summary:

  Learning robust feature representation from large-scale noisy faces stands out as one of the key challenges in high-performance face recognition. Recent attempts have been made to cope with this challenge by alleviating the intra-class conflict and inter-class conflict. However, the unconstrained noise type in each conflict still makes it difficult for these algorithms to perform well. To better understand this, we reformulate the noise type of each class in a more fine-grained manner as N-identities|K^C-clusters. Different types of noisy faces can be generated by adjusting the values of \nkc. Based on this unified formulation, we found that the main barrier behind the noise-robust representation learning is the flexibility of the algorithm under different N, K, and C. For this potential problem, we propose a new method, named Evolving Sub-centers Learning~(ESL), to find optimal hyperplanes to accurately describe the latent space of massive noisy faces. More specifically, we initialize M sub-centers for each class and ESL encourages it to be automatically aligned to N-identities|K^C-clusters faces via producing, merging, and dropping operations. Images belonging to the same identity in noisy faces can effectively converge to the same sub-center and samples with different identities will be pushed away. We inspect its effectiveness with an elaborate ablation study on the synthetic noisy dataset with different N, K, and C. Without any bells and whistles, ESL can achieve significant performance gains over state-of-the-art methods on large-scale noisy faces

Title: Contrast-Phys: Unsupervised Video-based Remote Physiological Measurement via Spatiotemporal Contrast. (arXiv:2208.04378v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04378
• Code URL: https://github.com/zhaodongsun/contrast-phys
• Copy Paste: [[2208.04378] Contrast-Phys: Unsupervised Video-based Remote Physiological Measurement via Spatiotemporal Contrast](http://arxiv.org/abs/2208.04378)
• Summary:

  Video-based remote physiological measurement utilizes face videos to measure the blood volume change signal, which is also called remote photoplethysmography (rPPG). Supervised methods for rPPG measurements achieve state-of-the-art performance. However, supervised rPPG methods require face videos and ground truth physiological signals for model training. In this paper, we propose an unsupervised rPPG measurement method that does not require ground truth signals for training. We use a 3DCNN model to generate multiple rPPG signals from each video in different spatiotemporal locations and train the model with a contrastive loss where rPPG signals from the same video are pulled together while those from different videos are pushed away. We test on five public datasets, including RGB videos and NIR videos. The results show that our method outperforms the previous unsupervised baseline and achieves accuracies very close to the current best supervised rPPG methods on all five datasets. Furthermore, we also demonstrate that our approach can run at a much faster speed and is more robust to noises than the previous unsupervised baseline. Our code is available at https://github.com/zhaodongsun/contrast-phys.

Title: Bayesian Pseudo Labels: Expectation Maximization for Robust and Efficient Semi-Supervised Segmentation. (arXiv:2208.04435v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04435
• Code URL: https://github.com/moucheng2017/emssl
• Copy Paste: [[2208.04435] Bayesian Pseudo Labels: Expectation Maximization for Robust and Efficient Semi-Supervised Segmentation](http://arxiv.org/abs/2208.04435)
• Summary:

  This paper concerns pseudo labelling in segmentation. Our contribution is fourfold. Firstly, we present a new formulation of pseudo-labelling as an Expectation-Maximization (EM) algorithm for clear statistical interpretation. Secondly, we propose a semi-supervised medical image segmentation method purely based on the original pseudo labelling, namely SegPL. We demonstrate SegPL is a competitive approach against state-of-the-art consistency regularisation based methods on semi-supervised segmentation on a 2D multi-class MRI brain tumour segmentation task and a 3D binary CT lung vessel segmentation task. The simplicity of SegPL allows less computational cost comparing to prior methods. Thirdly, we demonstrate that the effectiveness of SegPL may originate from its robustness against out-of-distribution noises and adversarial attacks. Lastly, under the EM framework, we introduce a probabilistic generalisation of SegPL via variational inference, which learns a dynamic threshold for pseudo labelling during the training. We show that SegPL with variational inference can perform uncertainty estimation on par with the gold-standard method Deep Ensemble.

Title: SBPF: Sensitiveness Based Pruning Framework For Convolutional Neural Network On Image Classification. (arXiv:2208.04588v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04588
• Code URL: null
• Copy Paste: [[2208.04588] SBPF: Sensitiveness Based Pruning Framework For Convolutional Neural Network On Image Classification](http://arxiv.org/abs/2208.04588)
• Summary:

  Pruning techniques are used comprehensively to compress convolutional neural networks (CNNs) on image classification. However, the majority of pruning methods require a well pre-trained model to provide useful supporting parameters, such as C1-norm, BatchNorm value and gradient information, which may lead to inconsistency of filter evaluation if the parameters of the pre-trained model are not well optimized. Therefore, we propose a sensitiveness based method to evaluate the importance of each layer from the perspective of inference accuracy by adding extra damage for the original model. Because the performance of the accuracy is determined by the distribution of parameters across all layers rather than individual parameter, the sensitiveness based method will be robust to update of parameters. Namely, we can obtain similar importance evaluation of each convolutional layer between the imperfect-trained and fully trained models. For VGG-16 on CIFAR-10, even when the original model is only trained with 50 epochs, we can get same evaluation of layer importance as the results when the model is trained fully. Then we will remove filters proportional from each layer by the quantified sensitiveness. Our sensitiveness based pruning framework is verified efficiently on VGG-16, a customized Conv-4 and ResNet-18 with CIFAR-10, MNIST and CIFAR-100, respectively.

Title: Generative models-based data labeling for deep networks regression: application to seed maturity estimation from UAV multispectral images. (arXiv:2208.04611v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04611
• Code URL: null
• Copy Paste: [[2208.04611] Generative models-based data labeling for deep networks regression: application to seed maturity estimation from UAV multispectral images](http://arxiv.org/abs/2208.04611)
• Summary:

  Monitoring seed maturity is an increasing challenge in agriculture due to climate change and more restrictive practices. Seeds monitoring in the field is essential to optimize the farming process and to guarantee yield quality through high germination. Traditional methods are based on limited sampling in the field and analysis in laboratory. Moreover, they are time consuming and only allow monitoring sub-sections of the crop field. This leads to a lack of accuracy on the condition of the crop as a whole due to intra-field heterogeneities. Multispectral imagery by UAV allows uniform scan of fields and better capture of crop maturity information. On the other hand, deep learning methods have shown tremendous potential in estimating agronomic parameters, especially maturity. However, they require large labeled datasets. Although large sets of aerial images are available, labeling them with ground truth is a tedious, if not impossible task. In this paper, we propose a method for estimating parsley seed maturity using multispectral UAV imagery, with a new approach for automatic data labeling. This approach is based on parametric and non-parametric models to provide weak labels. We also consider the data acquisition protocol and the performance evaluation of the different steps of the method. Results show good performance, and the non-parametric kernel density estimator model can improve neural network generalization when used as a labeling method, leading to more robust and better performing deep neural models.

Title: RDA: Reciprocal Distribution Alignment for Robust SSL. (arXiv:2208.04619v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04619
• Code URL: https://github.com/njuyued/rda4robustssl
• Copy Paste: [[2208.04619] RDA: Reciprocal Distribution Alignment for Robust SSL](http://arxiv.org/abs/2208.04619)
• Summary:

  In this work, we propose Reciprocal Distribution Alignment (RDA) to address semi-supervised learning (SSL), which is a hyperparameter-free framework that is independent of confidence threshold and works with both the matched (conventionally) and the mismatched class distributions. Distribution mismatch is an often overlooked but more general SSL scenario where the labeled and the unlabeled data do not fall into the identical class distribution. This may lead to the model not exploiting the labeled data reliably and drastically degrade the performance of SSL methods, which could not be rescued by the traditional distribution alignment. In RDA, we enforce a reciprocal alignment on the distributions of the predictions from two classifiers predicting pseudo-labels and complementary labels on the unlabeled data. These two distributions, carrying complementary information, could be utilized to regularize each other without any prior of class distribution. Moreover, we theoretically show that RDA maximizes the input-output mutual information. Our approach achieves promising performance in SSL under a variety of scenarios of mismatched distributions, as well as the conventional matched SSL setting. Our code is available at: https://github.com/NJUyued/RDA4RobustSSL.

Title: Choose qualified instructor for university based on rule-based weighted expert system. (arXiv:2208.04657v1 [cs.AI])

• Paper URL: http://arxiv.org/abs/2208.04657
• Code URL: null
• Copy Paste: [[2208.04657] Choose qualified instructor for university based on rule-based weighted expert system](http://arxiv.org/abs/2208.04657)
• Summary:

  Near the entire university faculty directors must select some qualified professors for respected courses in each academic semester. In this sense, factors such as teaching experience, academic training, competition, etc. are considered. This work is usually done by experts, such as faculty directors, which is time consuming. Up to now, several semi-automatic systems have been proposed to assist heads. In this article, a fully automatic rule-based expert system is developed. The proposed expert system consists of three main stages. First, the knowledge of human experts is entered and designed as a decision tree. In the second step, an expert system is designed based on the provided rules of the generated decision tree. In the third step, an algorithm is proposed to weight the results of the tree based on the quality of the experts. To improve the performance of the expert system, a majority voting algorithm is developed as a post-process step to select the qualified trainer who satisfies the most expert decision tree for each course. The quality of the proposed expert system is evaluated using real data from Iranian universities. The calculated accuracy rate is 85.55, demonstrating the robustness and accuracy of the proposed system. The proposed system has little computational complexity compared to related efficient works. Also, simple implementation and transparent box are other features of the proposed system.

Title: Deep Patch Visual Odometry. (arXiv:2208.04726v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04726
• Code URL: https://github.com/princeton-vl/dpvo
• Copy Paste: [[2208.04726] Deep Patch Visual Odometry](http://arxiv.org/abs/2208.04726)
• Summary:

  We propose Deep Patch Visual Odometry (DPVO), a new deep learning system for monocular Visual Odometry (VO). DPVO is accurate and robust while running at 2x-5x real-time speeds on a single RTX-3090 GPU using only 4GB of memory. We perform evaluation on standard benchmarks and outperform all prior work (classical or learned) in both accuracy and speed. Code is available at https://github.com/princeton-vl/DPVO.

Title: TSRFormer: Table Structure Recognition with Transformers. (arXiv:2208.04921v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04921
• Code URL: null
• Copy Paste: [[2208.04921] TSRFormer: Table Structure Recognition with Transformers](http://arxiv.org/abs/2208.04921)
• Summary:

  We present a new table structure recognition (TSR) approach, called TSRFormer, to robustly recognizing the structures of complex tables with geometrical distortions from various table images. Unlike previous methods, we formulate table separation line prediction as a line regression problem instead of an image segmentation problem and propose a new two-stage DETR based separator prediction approach, dubbed \textbf{Sep}arator \textbf{RE}gression \textbf{TR}ansformer (SepRETR), to predict separation lines from table images directly. To make the two-stage DETR framework work efficiently and effectively for the separation line prediction task, we propose two improvements: 1) A prior-enhanced matching strategy to solve the slow convergence issue of DETR; 2) A new cross attention module to sample features from a high-resolution convolutional feature map directly so that high localization accuracy is achieved with low computational cost. After separation line prediction, a simple relation network based cell merging module is used to recover spanning cells. With these new techniques, our TSRFormer achieves state-of-the-art performance on several benchmark datasets, including SciTSR, PubTabNet and WTW. Furthermore, we have validated the robustness of our approach to tables with complex structures, borderless cells, large blank spaces, empty or spanning cells as well as distorted or even curved shapes on a more challenging real-world in-house dataset.

Title: Thai Wav2Vec2.0 with CommonVoice V8. (arXiv:2208.04799v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2208.04799
• Code URL: null
• Copy Paste: [[2208.04799] Thai Wav2Vec2](http://arxiv.org/abs/2208.04799)
• Summary:

  Recently, Automatic Speech Recognition (ASR), a system that converts audio into text, has caught a lot of attention in the machine learning community. Thus, a lot of publicly available models were released in HuggingFace. However, most of these ASR models are available in English; only a minority of the models are available in Thai. Additionally, most of the Thai ASR models are closed-sourced, and the performance of existing open-sourced models lacks robustness. To address this problem, we train a new ASR model on a pre-trained XLSR-Wav2Vec model with the Thai CommonVoice corpus V8 and train a trigram language model to boost the performance of our ASR model. We hope that our models will be beneficial to individuals and the ASR community in Thailand.

Title: Robust Machine Learning for Malware Detection over Time. (arXiv:2208.04838v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2208.04838
• Code URL: null
• Copy Paste: [[2208.04838] Robust Machine Learning for Malware Detection over Time](http://arxiv.org/abs/2208.04838)
• Summary:

  The presence and persistence of Android malware is an on-going threat that plagues this information era, and machine learning technologies are now extensively used to deploy more effective detectors that can block the majority of these malicious programs. However, these algorithms have not been developed to pursue the natural evolution of malware, and their performances significantly degrade over time because of such concept-drift. Currently, state-of-the-art techniques only focus on detecting the presence of such drift, or they address it by relying on frequent updates of models. Hence, there is a lack of knowledge regarding the cause of the concept drift, and ad-hoc solutions that can counter the passing of time are still under-investigated. In this work, we commence to address these issues as we propose (i) a drift-analysis framework to identify which characteristics of data are causing the drift, and (ii) SVM-CB, a time-aware classifier that leverages the drift-analysis information to slow down the performance drop. We highlight the efficacy of our contribution by comparing its degradation over time with a state-of-the-art classifier, and we show that SVM-CB better withstands the distribution changes that naturally characterize the malware domain. We conclude by discussing the limitations of our approach and how our contribution can be taken as a first step towards more time-resistant classifiers that not only tackle, but also understand the concept drift that affects data.

Title: EFI: A Toolbox for Feature Importance Fusion and Interpretation in Python. (arXiv:2208.04343v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04343
• Code URL: null
• Copy Paste: [[2208.04343] EFI: A Toolbox for Feature Importance Fusion and Interpretation in Python](http://arxiv.org/abs/2208.04343)
• Summary:

  This paper presents an open-source Python toolbox called Ensemble Feature Importance (EFI) to provide machine learning (ML) researchers, domain experts, and decision makers with robust and accurate feature importance quantification and more reliable mechanistic interpretation of feature importance for prediction problems using fuzzy sets. The toolkit was developed to address uncertainties in feature importance quantification and lack of trustworthy feature importance interpretation due to the diverse availability of machine learning algorithms, feature importance calculation methods, and dataset dependencies. EFI merges results from multiple machine learning models with different feature importance calculation approaches using data bootstrapping and decision fusion techniques, such as mean, majority voting and fuzzy logic. The main attributes of the EFI toolbox are: (i) automatic optimisation of ML algorithms, (ii) automatic computation of a set of feature importance coefficients from optimised ML algorithms and feature importance calculation techniques, (iii) automatic aggregation of importance coefficients using multiple decision fusion techniques, and (iv) fuzzy membership functions that show the importance of each feature to the prediction task. The key modules and functions of the toolbox are described, and a simple example of their application is presented using the popular Iris dataset.

Title: Controlled Sparsity via Constrained Optimization or: How I Learned to Stop Tuning Penalties and Love Constraints. (arXiv:2208.04425v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04425
• Code URL: https://github.com/gallego-posada/constrained_sparsity
• Copy Paste: [[2208.04425] Controlled Sparsity via Constrained Optimization or: How I Learned to Stop Tuning Penalties and Love Constraints](http://arxiv.org/abs/2208.04425)
• Summary:

  The performance of trained neural networks is robust to harsh levels of pruning. Coupled with the ever-growing size of deep learning models, this observation has motivated extensive research on learning sparse models. In this work, we focus on the task of controlling the level of sparsity when performing sparse learning. Existing methods based on sparsity-inducing penalties involve expensive trial-and-error tuning of the penalty factor, thus lacking direct control of the resulting model sparsity. In response, we adopt a constrained formulation: using the gate mechanism proposed by Louizos et al. (2018), we formulate a constrained optimization problem where sparsification is guided by the training objective and the desired sparsity target in an end-to-end fashion. Experiments on CIFAR-10/100, TinyImageNet, and ImageNet using WideResNet and ResNet{18, 50} models validate the effectiveness of our proposal and demonstrate that we can reliably achieve pre-determined sparsity targets without compromising on predictive performance.

Title: E2EG: End-to-End Node Classification Using Graph Topology and Text-based Node Attributes. (arXiv:2208.04609v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04609
• Code URL: null
• Copy Paste: [[2208.04609] E2EG: End-to-End Node Classification Using Graph Topology and Text-based Node Attributes](http://arxiv.org/abs/2208.04609)
• Summary:

  Node classification utilizing text-based node attributes has many real-world applications, ranging from prediction of paper topics in academic citation graphs to classification of user characteristics in social media networks. State-of-the-art node classification frameworks, such as GIANT, use a two-stage pipeline: first embedding the text attributes of graph nodes then feeding the resulting embeddings into a node classification model. In this paper, we eliminate these two stages and instead develop an end-to-end node classification model that builds upon GIANT, called End-to-End-GIANT (E2EG). The tandem utilization of a main and an auxiliary classification objectives in our approach results in a more robust model, thus enabling the BERT backbone to be switched out for a distilled encoder with a 25% - 40% reduction in the number of parameters. Moreover, the end-to-end nature of the model increases ease of use, as it avoids the need of chaining multiple models for node classification. Compared to a GIANT+MLP baseline on the ogbn-arxiv and ogbn-products datasets, our model is able to obtain slightly better accuracy in the transductive setting (+0.5%), while reducing model training time by up to 40%. Our model is also applicable in the inductive setting, outperforming GIANT+MLP by up to +2.23%.

biometric

steal

extraction

Title: Speaker-adaptive Lip Reading with User-dependent Padding. (arXiv:2208.04498v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2208.04498
• Code URL: null
• Copy Paste: [[2208.04498] Speaker-adaptive Lip Reading with User-dependent Padding](http://arxiv.org/abs/2208.04498)
• Summary:

  Lip reading aims to predict speech based on lip movements alone. As it focuses on visual information to model the speech, its performance is inherently sensitive to personal lip appearances and movements. This makes the lip reading models show degraded performance when they are applied to unseen speakers due to the mismatch between training and testing conditions. Speaker adaptation technique aims to reduce this mismatch between train and test speakers, thus guiding a trained model to focus on modeling the speech content without being intervened by the speaker variations. In contrast to the efforts made in audio-based speech recognition for decades, the speaker adaptation methods have not well been studied in lip reading. In this paper, to remedy the performance degradation of lip reading model on unseen speakers, we propose a speaker-adaptive lip reading method, namely user-dependent padding. The user-dependent padding is a speaker-specific input that can participate in the visual feature extraction stage of a pre-trained lip reading model. Therefore, the lip appearances and movements information of different speakers can be considered during the visual feature encoding, adaptively for individual speakers. Moreover, the proposed method does not need 1) any additional layers, 2) to modify the learned weights of the pre-trained model, and 3) the speaker label of train data used during pre-train. It can directly adapt to unseen speakers by learning the user-dependent padding only, in a supervised or unsupervised manner. Finally, to alleviate the speaker information insufficiency in public lip reading databases, we label the speaker of a well-known audio-visual database, LRW, and design an unseen-speaker lip reading scenario named LRW-ID.

membership infer

federate

Title: Learning-Based Client Selection for Federated Learning Services Over Wireless Networks with Constrained Monetary Budgets. (arXiv:2208.04322v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04322
• Code URL: null
• Copy Paste: [[2208.04322] Learning-Based Client Selection for Federated Learning Services Over Wireless Networks with Constrained Monetary Budgets](http://arxiv.org/abs/2208.04322)
• Summary:

  We investigate a data quality-aware dynamic client selection problem for multiple federated learning (FL) services in a wireless network, where each client has dynamic datasets for the simultaneous training of multiple FL services and each FL service demander has to pay for the clients with constrained monetary budgets. The problem is formalized as a non-cooperative Markov game over the training rounds. A multi-agent hybrid deep reinforcement learning-based algorithm is proposed to optimize the joint client selection and payment actions, while avoiding action conflicts. Simulation results indicate that our proposed algorithm can significantly improve the training performance.

Title: EAFL: Towards Energy-Aware Federated Learning on Battery-Powered Edge Devices. (arXiv:2208.04505v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04505
• Code URL: null
• Copy Paste: [[2208.04505] EAFL: Towards Energy-Aware Federated Learning on Battery-Powered Edge Devices](http://arxiv.org/abs/2208.04505)
• Summary:

  Federated learning (FL) is a newly emerged branch of AI that facilitates edge devices to collaboratively train a global machine learning model without centralizing data and with privacy by default. However, despite the remarkable advancement, this paradigm comes with various challenges. Specifically, in large-scale deployments, client heterogeneity is the norm which impacts training quality such as accuracy, fairness, and time. Moreover, energy consumption across these battery-constrained devices is largely unexplored and a limitation for wide-adoption of FL. To address this issue, we develop EAFL, an energy-aware FL selection method that considers energy consumption to maximize the participation of heterogeneous target devices. \scheme is a power-aware training algorithm that cherry-picks clients with higher battery levels in conjunction with its ability to maximize the system efficiency. Our design jointly minimizes the time-to-accuracy and maximizes the remaining on-device battery levels. \scheme improves the testing model accuracy by up to 85\% and decreases the drop-out of clients by up to 2.45$\times$.

Title: Application of federated learning in manufacturing. (arXiv:2208.04664v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04664
• Code URL: null
• Copy Paste: [[2208.04664] Application of federated learning in manufacturing](http://arxiv.org/abs/2208.04664)
• Summary:

  A vast amount of data is created every minute, both in the private sector and industry. Whereas it is often easy to get hold of data in the private entertainment sector, in the industrial production environment it is much more difficult due to laws, preservation of intellectual property, and other factors. However, most machine learning methods require a data source that is sufficient in terms of quantity and quality. A suitable way to bring both requirements together is federated learning where learning progress is aggregated, but everyone remains the owner of their data. Federate learning was first proposed by Google researchers in 2016 and is used for example in the improvement of Google's keyboard Gboard. In contrast to billions of android users, comparable machinery is only used by few companies. This paper examines which other constraints prevail in production and which federated learning approaches can be considered as a result.

fair

Title: Patient-Specific Game-Based Transfer Method for Parkinson's Disease Severity Prediction. (arXiv:2208.04315v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04315
• Code URL: null
• Copy Paste: [[2208.04315] Patient-Specific Game-Based Transfer Method for Parkinson's Disease Severity Prediction](http://arxiv.org/abs/2208.04315)
• Summary:

  Dysphonia is one of the early symptoms of Parkinson's disease (PD). Most existing methods use feature selection methods to find the optimal subset of voice features for all PD patients to improve the prediction performance. Few have considered the heterogeneity between patients, which implies the need to provide specific prediction models for different patients. However, building this prediction model for each patient faces the challenge of small sample size, which makes it lack generalization ability. Instance transfer is an effective way to make up for this deficiency. Therefore, this paper proposes a patient-specific game-based transfer (PSGT) method for PD severity prediction. First, a selection mechanism is used to select PD patients with similar disease trends to the target patient from the source domain, which greatly reduces the scope of instance transfer and reduces the risk of negative transfer. Then, the contribution of the transferred subjects and their instances to the disease estimation of the target subject is fairly evaluated by the Shapley value, which improves the interpretability of the method. Next, the proportion of valid instances is determined according to the contribution of transferred subjects, and the instances with higher contribution are transferred based on this proportion to further reduce the difference between the transferred instance subset and the target subject. Finally, the selected subset of instances is added to the training set of the target subject, and the extended data is fed into the random forest to improve the performance of the PD severity prediction method. Parkinson's telemonitoring dataset is used to evaluate the feasibility and effectiveness. Experiment results show that the proposed PSGT method has better performance in both prediction error and stability over compared methods.

interpretability

Title: More Interpretable Graph Similarity Computation via Maximum Common Subgraph Inference. (arXiv:2208.04580v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2208.04580
• Code URL: null
• Copy Paste: [[2208.04580] More Interpretable Graph Similarity Computation via Maximum Common Subgraph Inference](http://arxiv.org/abs/2208.04580)
• Summary:

  Graph similarity measurement, which computes the distance/similarity between two graphs, arises in various graph-related tasks. Recent learning-based methods lack interpretability, as they directly transform interaction information between two graphs into one hidden vector and then map it to similarity. To cope with this problem, this study proposes a more interpretable end-to-end paradigm for graph similarity learning, named Similarity Computation via Maximum Common Subgraph Inference (INFMCS). Our critical insight into INFMCS is the strong correlation between similarity score and Maximum Common Subgraph (MCS). We implicitly infer MCS to obtain the normalized MCS size, with the supervision information being only the similarity score during training. To capture more global information, we also stack some vanilla transformer encoder layers with graph convolution layers and propose a novel permutation-invariant node Positional Encoding. The entire model is quite simple yet effective. Comprehensive experiments demonstrate that INFMCS consistently outperforms state-of-the-art baselines for graph-graph classification and regression tasks. Ablation experiments verify the effectiveness of the proposed computation paradigm and other components. Also, visualization and statistics of results reveal the interpretability of INFMCS.

exlainability

watermark

Title: DeepHider: A Multi-module and Invisibility Watermarking Scheme for Language Model. (arXiv:2208.04676v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2208.04676
• Code URL: null
• Copy Paste: [[2208.04676] DeepHider: A Multi-module and Invisibility Watermarking Scheme for Language Model](http://arxiv.org/abs/2208.04676)
• Summary:

  With the rapid development of natural language processing (NLP) technology, NLP models have shown great economic value in business. However, the owner's models are vulnerable to the threat of pirated redistribution, which breaks the symmetry relationship between model owners and consumers. Therefore, a model protection mechanism is needed to keep the symmetry from being broken. Currently, language model protection schemes based on black-box verification perform poorly in terms of invisibility of trigger samples, which are easily detected by humans or anomaly detectors and thus prevent verification. To solve this problem, this paper proposes a trigger sample of the triggerless mode for ownership verification. In addition, a thief may replace the classification module for a watermarked model to satisfy its specific classification task and remove the watermark present in the model. Therefore, this paper further proposes a new threat of replacing the model classification module and performing global fine-tuning of the model, and successfully verifies the model ownership through a white-box approach. Meanwhile, we use the properties of blockchain such as tamper-proof and traceability to prevent the ownership statement of thieves. Experiments show that the proposed scheme successfully verifies ownership with 100% watermark verification accuracy without affecting the original performance of the model, and has strong robustness and low False trigger rate.