secure

security

Title: Two-stream Multi-dimensional Convolutional Network for Real-time Violence Detection. (arXiv:2211.04255v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04255
• Code URL: null
• Copy Paste: [[2211.04255] Two-stream Multi-dimensional Convolutional Network for Real-time Violence Detection](http://arxiv.org/abs/2211.04255)
• Summary:

  The increasing number of surveillance cameras and security concerns have made automatic violent activity detection from surveillance footage an active area for research. Modern deep learning methods have achieved good accuracy in violence detection and proved to be successful because of their applicability in intelligent surveillance systems. However, the models are computationally expensive and large in size because of their inefficient methods for feature extraction. This work presents a novel architecture for violence detection called Two-stream Multi-dimensional Convolutional Network (2s-MDCN), which uses RGB frames and optical flow to detect violence. Our proposed method extracts temporal and spatial information independently by 1D, 2D, and 3D convolutions. Despite combining multi-dimensional convolutional networks, our models are lightweight and efficient due to reduced channel capacity, yet they learn to extract meaningful spatial and temporal information. Additionally, combining RGB frames and optical flow yields 2.2% more accuracy than a single RGB stream. Regardless of having less complexity, our models obtained state-of-the-art accuracy of 89.7% on the largest violence detection benchmark dataset.

Title: A Hypergraph-Based Machine Learning Ensemble Network Intrusion Detection System. (arXiv:2211.03933v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.03933
• Code URL: null
• Copy Paste: [[2211.03933] A Hypergraph-Based Machine Learning Ensemble Network Intrusion Detection System](http://arxiv.org/abs/2211.03933)
• Summary:

  Network intrusion detection systems (NIDS) to detect malicious attacks continues to meet challenges. NIDS are vulnerable to auto-generated port scan infiltration attempts and NIDS are often developed offline, resulting in a time lag to prevent the spread of infiltration to other parts of a network. To address these challenges, we use hypergraphs to capture evolving patterns of port scan attacks via the set of internet protocol addresses and destination ports, thereby deriving a set of hypergraph-based metrics to train a robust and resilient ensemble machine learning (ML) NIDS that effectively monitors and detects port scanning activities and adversarial intrusions while evolving intelligently in real-time. Through the combination of (1) intrusion examples, (2) NIDS update rules, (3) attack threshold choices to trigger NIDS retraining requests, and (4) production environment with no prior knowledge of the nature of network traffic 40 scenarios were auto-generated to evaluate the ML ensemble NIDS comprising three tree-based models. Results show that under the model settings of an Update-ALL-NIDS rule (namely, retrain and update all the three models upon the same NIDS retraining request) the proposed ML ensemble NIDS produced the best results with nearly 100% detection performance throughout the simulation, exhibiting robustness in the complex dynamics of the simulated cyber-security scenario.

privacy

Title: CoNMix for Source-free Single and Multi-target Domain Adaptation. (arXiv:2211.03876v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.03876
• Code URL: null
• Copy Paste: [[2211.03876] CoNMix for Source-free Single and Multi-target Domain Adaptation](http://arxiv.org/abs/2211.03876)
• Summary:

  This work introduces the novel task of Source-free Multi-target Domain Adaptation and proposes adaptation framework comprising of \textbf{Co}nsistency with \textbf{N}uclear-Norm Maximization and \textbf{Mix}Up knowledge distillation (\textit{CoNMix}) as a solution to this problem.

The main motive of this work is to solve for Single and Multi target Domain Adaptation (SMTDA) for the source-free paradigm, which enforces a constraint where the labeled source data is not available during target adaptation due to various privacy-related restrictions on data sharing. The source-free approach leverages target pseudo labels, which can be noisy, to improve the target adaptation. We introduce consistency between label preserving augmentations and utilize pseudo label refinement methods to reduce noisy pseudo labels. Further, we propose novel MixUp Knowledge Distillation (MKD) for better generalization on multiple target domains using various source-free STDA models.

We also show that the Vision Transformer (VT) backbone gives better feature representation with improved domain transferability and class discriminability. Our proposed framework achieves the state-of-the-art (SOTA) results in various paradigms of source-free STDA and MTDA settings on popular domain adaptation datasets like Office-Home, Office-Caltech, and DomainNet. Project Page: https://sites.google.com/view/conmix-vcl

Title: Privacy Meets Explainability: A Comprehensive Impact Benchmark. (arXiv:2211.04110v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04110
• Code URL: null
• Copy Paste: [[2211.04110] Privacy Meets Explainability: A Comprehensive Impact Benchmark](http://arxiv.org/abs/2211.04110)
• Summary:

  Since the mid-10s, the era of Deep Learning (DL) has continued to this day, bringing forth new superlatives and innovations each year. Nevertheless, the speed with which these innovations translate into real applications lags behind this fast pace. Safety-critical applications, in particular, underlie strict regulatory and ethical requirements which need to be taken care of and are still active areas of debate. eXplainable AI (XAI) and privacy-preserving machine learning (PPML) are both crucial research fields, aiming at mitigating some of the drawbacks of prevailing data-hungry black-box models in DL. Despite brisk research activity in the respective fields, no attention has yet been paid to their interaction. This work is the first to investigate the impact of private learning techniques on generated explanations for DL-based models. In an extensive experimental analysis covering various image and time series datasets from multiple domains, as well as varying privacy techniques, XAI methods, and model architectures, the effects of private training on generated explanations are studied. The findings suggest non-negligible changes in explanations through the introduction of privacy. Apart from reporting individual effects of PPML on XAI, the paper gives clear recommendations for the choice of techniques in real applications. By unveiling the interdependencies of these pivotal technologies, this work is a first step towards overcoming the remaining hurdles for practically applicable AI in safety-critical domains.

Title: Lessons Learned: Surveying the Practicality of Differential Privacy in the Industry. (arXiv:2211.03898v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.03898
• Code URL: null
• Copy Paste: [[2211.03898] Lessons Learned: Surveying the Practicality of Differential Privacy in the Industry](http://arxiv.org/abs/2211.03898)
• Summary:

  Since its introduction in 2006, differential privacy has emerged as a predominant statistical tool for quantifying data privacy in academic works. Yet despite the plethora of research and open-source utilities that have accompanied its rise, with limited exceptions, differential privacy has failed to achieve widespread adoption in the enterprise domain. Our study aims to shed light on the fundamental causes underlying this academic-industrial utilization gap through detailed interviews of 24 privacy practitioners across 9 major companies. We analyze the results of our survey to provide key findings and suggestions for companies striving to improve privacy protection in their data workflows and highlight the necessary and missing requirements of existing differential privacy tools, with the goal of guiding researchers working towards the broader adoption of differential privacy. Our findings indicate that analysts suffer from lengthy bureaucratic processes for requesting access to sensitive data, yet once granted, only scarcely-enforced privacy policies stand between rogue practitioners and misuse of private information. We thus argue that differential privacy can significantly improve the processes of requesting and conducting data exploration across silos, and conclude that with a few of the improvements suggested herein, the practical use of differential privacy across the enterprise is within striking distance.

Title: Towards Measuring The Fungibility and Anonymity of Cryptocurrencies. (arXiv:2211.04259v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.04259
• Code URL: null
• Copy Paste: [[2211.04259] Towards Measuring The Fungibility and Anonymity of Cryptocurrencies](http://arxiv.org/abs/2211.04259)
• Summary:

  Cryptocurrencies aim to replicate physical cash in the digital realm while removing centralized middlemen. Decentralization is achieved by the blockchain, a permanent public ledger that contains a record of every transaction. The public ledger ensures transparency, which enables public verifiability but harms fungibility and anonymity. Even though cryptocurrencies attracted millions of users in the last decade with their total market cap reaching approximately one trillion USD, their anonymity guarantees are poorly understood. Indeed, previous notions of privacy, anonymity, and fungibility for cryptocurrencies are either non-quantitative or inapplicable, e.g., computationally hard to measure. In this work, we put forward a formal framework to measure the fungibility and anonymity of cryptocurrencies, allowing us to quantitatively reason about the mixing characteristics of cryptocurrencies and the privacy-enhancing technologies built on top of them. Our methods apply absorbing Markov chains combined with Shannon entropy. To the best of our knowledge, our work is the first to assess the fungibility of cryptocurrencies. Among other results, we find that in the studied one-week interval, the Bitcoin network, on average, provided comparable but quantifiably more fungibility than the Ethereum network.

Title: Private Set Generation with Discriminative Information. (arXiv:2211.04446v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.04446
• Code URL: https://github.com/dingfanchen/private-set
• Copy Paste: [[2211.04446] Private Set Generation with Discriminative Information](http://arxiv.org/abs/2211.04446)
• Summary:

  Differentially private data generation techniques have become a promising solution to the data privacy challenge -- it enables sharing of data while complying with rigorous privacy guarantees, which is essential for scientific progress in sensitive domains. Unfortunately, restricted by the inherent complexity of modeling high-dimensional distributions, existing private generative models are struggling with the utility of synthetic samples.

In contrast to existing works that aim at fitting the complete data distribution, we directly optimize for a small set of samples that are representative of the distribution under the supervision of discriminative information from downstream tasks, which is generally an easier task and more suitable for private training. Our work provides an alternative view for differentially private generation of high-dimensional data and introduces a simple yet effective method that greatly improves the sample utility of state-of-the-art approaches.

Title: A Penalty Based Method for Communication-Efficient Decentralized Bilevel Programming. (arXiv:2211.04088v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04088
• Code URL: null
• Copy Paste: [[2211.04088] A Penalty Based Method for Communication-Efficient Decentralized Bilevel Programming](http://arxiv.org/abs/2211.04088)
• Summary:

  Bilevel programming has recently received attention in the literature, due to a wide range of applications, including reinforcement learning and hyper-parameter optimization. However, it is widely assumed that the underlying bilevel optimization problem is solved either by a single machine or in the case of multiple machines connected in a star-shaped network, i.e., federated learning setting. The latter approach suffers from a high communication cost on the central node (e.g., parameter server) and exhibits privacy vulnerabilities. Hence, it is of interest to develop methods that solve bilevel optimization problems in a communication-efficient decentralized manner. To that end, this paper introduces a penalty function based decentralized algorithm with theoretical guarantees for this class of optimization problems. Specifically, a distributed alternating gradient-type algorithm for solving consensus bilevel programming over a decentralized network is developed. A key feature of the proposed algorithm is to estimate the hyper-gradient of the penalty function via decentralized computation of matrix-vector products and few vector communications, which is then integrated within our alternating algorithm to give the finite-time convergence analysis under different convexity assumptions. Owing to the generality of this complexity analysis, our result yields convergence rates for a wide variety of consensus problems including minimax and compositional optimization. Empirical results on both synthetic and real datasets demonstrate that the proposed method works well in practice.

protect

defense

attack

Title: Preserving Semantics in Textual Adversarial Attacks. (arXiv:2211.04205v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04205
• Code URL: https://github.com/davidherel/semantics-preserving-encoder
• Copy Paste: [[2211.04205] Preserving Semantics in Textual Adversarial Attacks](http://arxiv.org/abs/2211.04205)
• Summary:

  Adversarial attacks in NLP challenge the way we look at language models. The goal of this kind of adversarial attack is to modify the input text to fool a classifier while maintaining the original meaning of the text. Although most existing adversarial attacks claim to fulfill the constraint of semantics preservation, careful scrutiny shows otherwise. We show that the problem lies in the text encoders used to determine the similarity of adversarial examples, specifically in the way they are trained. Unsupervised training methods make these encoders more susceptible to problems with antonym recognition. To overcome this, we introduce a simple, fully supervised sentence embedding technique called Semantics-Preserving-Encoder (SPE). The results show that our solution minimizes the variation in the meaning of the adversarial examples generated. It also significantly improves the overall quality of adversarial examples, as confirmed by human evaluators. Furthermore, it can be used as a component in any existing attack to speed up its execution while maintaining similar attack success.

Title: NaturalAdversaries: Can Naturalistic Adversaries Be as Effective as Artificial Adversaries?. (arXiv:2211.04364v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04364
• Code URL: null
• Copy Paste: [[2211.04364] NaturalAdversaries: Can Naturalistic Adversaries Be as Effective as Artificial Adversaries?](http://arxiv.org/abs/2211.04364)
• Summary:

  While a substantial body of prior work has explored adversarial example generation for natural language understanding tasks, these examples are often unrealistic and diverge from the real-world data distributions. In this work, we introduce a two-stage adversarial example generation framework (NaturalAdversaries), for designing adversaries that are effective at fooling a given classifier and demonstrate natural-looking failure cases that could plausibly occur during in-the-wild deployment of the models.

At the first stage a token attribution method is used to summarize a given classifier's behaviour as a function of the key tokens in the input. In the second stage a generative model is conditioned on the key tokens from the first stage. NaturalAdversaries is adaptable to both black-box and white-box adversarial attacks based on the level of access to the model parameters. Our results indicate these adversaries generalize across domains, and offer insights for future research on improving robustness of neural text classification models.

Title: Inferring Class Label Distribution of Training Data from Classifiers: An Accuracy-Augmented Meta-Classifier Attack. (arXiv:2211.04157v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04157
• Code URL: null
• Copy Paste: [[2211.04157] Inferring Class Label Distribution of Training Data from Classifiers: An Accuracy-Augmented Meta-Classifier Attack](http://arxiv.org/abs/2211.04157)
• Summary:

  Property inference attacks against machine learning (ML) models aim to infer properties of the training data that are unrelated to the primary task of the model, and have so far been formulated as binary decision problems, i.e., whether or not the training data have a certain property. However, in industrial and healthcare applications, the proportion of labels in the training data is quite often also considered sensitive information. In this paper we introduce a new type of property inference attack that unlike binary decision problems in literature, aim at inferring the class label distribution of the training data from parameters of ML classifier models. We propose a method based on \emph{shadow training} and a \emph{meta-classifier} trained on the parameters of the shadow classifiers augmented with the accuracy of the classifiers on auxiliary data. We evaluate the proposed approach for ML classifiers with fully connected neural network architectures. We find that the proposed \emph{meta-classifier} attack provides a maximum relative improvement of $52\%$ over state of the art.

Title: Spoofing Attack Detection in the Physical Layer with Commutative Neural Networks. (arXiv:2211.04269v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04269
• Code URL: null
• Copy Paste: [[2211.04269] Spoofing Attack Detection in the Physical Layer with Commutative Neural Networks](http://arxiv.org/abs/2211.04269)
• Summary:

  In a spoofing attack, an attacker impersonates a legitimate user to access or tamper with data intended for or produced by the legitimate user. In wireless communication systems, these attacks may be detected by relying on features of the channel and transmitter radios. In this context, a popular approach is to exploit the dependence of the received signal strength (RSS) at multiple receivers or access points with respect to the spatial location of the transmitter. Existing schemes rely on long-term estimates, which makes it difficult to distinguish spoofing from movement of a legitimate user. This limitation is here addressed by means of a deep neural network that implicitly learns the distribution of pairs of short-term RSS vector estimates. The adopted network architecture imposes the invariance to permutations of the input (commutativity) that the decision problem exhibits. The merits of the proposed algorithm are corroborated on a data set that we collected.

Title: Physics-Constrained Backdoor Attacks on Power System Fault Localization. (arXiv:2211.04445v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.04445
• Code URL: null
• Copy Paste: [[2211.04445] Physics-Constrained Backdoor Attacks on Power System Fault Localization](http://arxiv.org/abs/2211.04445)
• Summary:

  The advances in deep learning (DL) techniques have the potential to deliver transformative technological breakthroughs to numerous complex tasks in modern power systems that suffer from increasing uncertainty and nonlinearity. However, the vulnerability of DL has yet to be thoroughly explored in power system tasks under various physical constraints. This work, for the first time, proposes a novel physics-constrained backdoor poisoning attack, which embeds the undetectable attack signal into the learned model and only performs the attack when it encounters the corresponding signal. The paper illustrates the proposed attack on the real-time fault line localization application. Furthermore, the simulation results on the 68-bus power system demonstrate that DL-based fault line localization methods are not robust to our proposed attack, indicating that backdoor poisoning attacks pose real threats to DL implementations in power systems. The proposed attack pipeline can be easily generalized to other power system tasks.

Title: Fairness-aware Regression Robust to Adversarial Attacks. (arXiv:2211.04449v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.04449
• Code URL: null
• Copy Paste: [[2211.04449] Fairness-aware Regression Robust to Adversarial Attacks](http://arxiv.org/abs/2211.04449)
• Summary:

  In this paper, we take a first step towards answering the question of how to design fair machine learning algorithms that are robust to adversarial attacks. Using a minimax framework, we aim to design an adversarially robust fair regression model that achieves optimal performance in the presence of an attacker who is able to add a carefully designed adversarial data point to the dataset or perform a rank-one attack on the dataset. By solving the proposed nonsmooth nonconvex-nonconcave minimax problem, the optimal adversary as well as the robust fairness-aware regression model are obtained. For both synthetic data and real-world datasets, numerical results illustrate that the proposed adversarially robust fair models have better performance on poisoned datasets than other fair machine learning models in both prediction accuracy and group-based fairness measure.

robust

Title: ShaSTA: Modeling Shape and Spatio-Temporal Affinities for 3D Multi-Object Tracking. (arXiv:2211.03919v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.03919
• Code URL: null
• Copy Paste: [[2211.03919] ShaSTA: Modeling Shape and Spatio-Temporal Affinities for 3D Multi-Object Tracking](http://arxiv.org/abs/2211.03919)
• Summary:

  Multi-object tracking is a cornerstone capability of any robotic system. Most approaches follow a tracking-by-detection paradigm. However, within this framework, detectors function in a low precision-high recall regime, ensuring a low number of false-negatives while producing a high rate of false-positives. This can negatively affect the tracking component by making data association and track lifecycle management more challenging. Additionally, false-negative detections due to difficult scenarios like occlusions can negatively affect tracking performance. Thus, we propose a method that learns shape and spatio-temporal affinities between consecutive frames to better distinguish between true-positive and false-positive detections and tracks, while compensating for false-negative detections. Our method provides a probabilistic matching of detections that leads to robust data association and track lifecycle management. We quantitatively evaluate our method through ablative experiments and on the nuScenes tracking benchmark where we achieve state-of-the-art results. Our method not only estimates accurate, high-quality tracks but also decreases the overall number of false-positive and false-negative tracks. Please see our project website for source code and demo videos: sites.google.com/view/shasta-3d-mot/home.

Title: ReLoc: A Restoration-Assisted Framework for Robust Image Tampering Localization. (arXiv:2211.03930v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.03930
• Code URL: https://github.com/zhuangpeiyu/reloc
• Copy Paste: [[2211.03930] ReLoc: A Restoration-Assisted Framework for Robust Image Tampering Localization](http://arxiv.org/abs/2211.03930)
• Summary:

  With the spread of tampered images, locating the tampered regions in digital images has drawn increasing attention. The existing image tampering localization methods, however, suffer from severe performance degradation when the tampered images are subjected to some post-processing, as the tampering traces would be distorted by the post-processing operations. The poor robustness against post-processing has become a bottleneck for the practical applications of image tampering localization techniques. In order to address this issue, this paper proposes a novel restoration-assisted framework for image tampering localization (ReLoc). The ReLoc framework mainly consists of an image restoration module and a tampering localization module. The key idea of ReLoc is to use the restoration module to recover a high-quality counterpart of the distorted tampered image, such that the distorted tampering traces can be re-enhanced, facilitating the tampering localization module to identify the tampered regions. To achieve this, the restoration module is optimized not only with the conventional constraints on image visual quality but also with a forensics-oriented objective function. Furthermore, the restoration module and the localization module are trained alternately, which can stabilize the training process and is beneficial for improving the performance. The proposed framework is evaluated by fighting against JPEG compression, the most commonly used post-processing. Extensive experimental results show that ReLoc can significantly improve the robustness against JPEG compression. The restoration module in a well-trained ReLoc model is transferable. Namely, it is still effective when being directly deployed with another tampering localization module.

Title: Understanding the Role of Mixup in Knowledge Distillation: \An Empirical Study. (arXiv:2211.03946v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.03946
• Code URL: null
• Copy Paste: [[2211.03946] Understanding the Role of Mixup in Knowledge Distillation: \\An Empirical Study](http://arxiv.org/abs/2211.03946)
• Summary:

  Mixup is a popular data augmentation technique based on creating new samples by linear interpolation between two given data samples, to improve both the generalization and robustness of the trained model. Knowledge distillation (KD), on the other hand, is widely used for model compression and transfer learning, which involves using a larger network's implicit knowledge to guide the learning of a smaller network. At first glance, these two techniques seem very different, however, we found that ``smoothness" is the connecting link between the two and is also a crucial attribute in understanding KD's interplay with mixup. Although many mixup variants and distillation methods have been proposed, much remains to be understood regarding the role of a mixup in knowledge distillation. In this paper, we present a detailed empirical study on various important dimensions of compatibility between mixup and knowledge distillation. We also scrutinize the behavior of the networks trained with a mixup in the light of knowledge distillation through extensive analysis, visualizations, and comprehensive experiments on image classification. Finally, based on our findings, we suggest improved strategies to guide the student network to enhance its effectiveness. Additionally, the findings of this study provide insightful suggestions to researchers and practitioners that commonly use techniques from KD. Our code is available at https://github.com/hchoi71/MIX-KD.

Title: RRSR:Reciprocal Reference-based Image Super-Resolution with Progressive Feature Alignment and Selection. (arXiv:2211.04203v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04203
• Code URL: null
• Copy Paste: [[2211.04203] RRSR:Reciprocal Reference-based Image Super-Resolution with Progressive Feature Alignment and Selection](http://arxiv.org/abs/2211.04203)
• Summary:

  Reference-based image super-resolution (RefSR) is a promising SR branch and has shown great potential in overcoming the limitations of single image super-resolution. While previous state-of-the-art RefSR methods mainly focus on improving the efficacy and robustness of reference feature transfer, it is generally overlooked that a well reconstructed SR image should enable better SR reconstruction for its similar LR images when it is referred to as. Therefore, in this work, we propose a reciprocal learning framework that can appropriately leverage such a fact to reinforce the learning of a RefSR network. Besides, we deliberately design a progressive feature alignment and selection module for further improving the RefSR task. The newly proposed module aligns reference-input images at multi-scale feature spaces and performs reference-aware feature selection in a progressive manner, thus more precise reference features can be transferred into the input features and the network capability is enhanced. Our reciprocal learning paradigm is model-agnostic and it can be applied to arbitrary RefSR models. We empirically show that multiple recent state-of-the-art RefSR models can be consistently improved with our reciprocal learning paradigm. Furthermore, our proposed model together with the reciprocal learning strategy sets new state-of-the-art performances on multiple benchmarks.

Title: Learning Spatio-Temporal Model of Disease Progression with NeuralODEs from Longitudinal Volumetric Data. (arXiv:2211.04234v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04234
• Code URL: null
• Copy Paste: [[2211.04234] Learning Spatio-Temporal Model of Disease Progression with NeuralODEs from Longitudinal Volumetric Data](http://arxiv.org/abs/2211.04234)
• Summary:

  Robust forecasting of the future anatomical changes inflicted by an ongoing disease is an extremely challenging task that is out of grasp even for experienced healthcare professionals. Such a capability, however, is of great importance since it can improve patient management by providing information on the speed of disease progression already at the admission stage, or it can enrich the clinical trials with fast progressors and avoid the need for control arms by the means of digital twins. In this work, we develop a deep learning method that models the evolution of age-related disease by processing a single medical scan and providing a segmentation of the target anatomy at a requested future point in time. Our method represents a time-invariant physical process and solves a large-scale problem of modeling temporal pixel-level changes utilizing NeuralODEs. In addition, we demonstrate the approaches to incorporate the prior domain-specific constraints into our method and define temporal Dice loss for learning temporal objectives. To evaluate the applicability of our approach across different age-related diseases and imaging modalities, we developed and tested the proposed method on the datasets with 967 retinal OCT volumes of 100 patients with Geographic Atrophy, and 2823 brain MRI volumes of 633 patients with Alzheimer's Disease. For Geographic Atrophy, the proposed method outperformed the related baseline models in the atrophy growth prediction. For Alzheimer's Disease, the proposed method demonstrated remarkable performance in predicting the brain ventricle changes induced by the disease, achieving the state-of-the-art result on TADPOLE challenge.

Title: Containminated Images Recovery by Implementing Non-negative Matrix Factorisation. (arXiv:2211.04247v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04247
• Code URL: null
• Copy Paste: [[2211.04247] Containminated Images Recovery by Implementing Non-negative Matrix Factorisation](http://arxiv.org/abs/2211.04247)
• Summary:

  Non-negative matrix factorisation (NMF) has been widely used to address the problem of corrupted data in images. The standard NMF algorithm minimises the Euclidean distance between the data matrix and the factorised approximation. Although this method has demonstrated good results, because it employs the squared error of each data point, the standard NMF algorithm is sensitive to outliers. In this paper, we theoretically analyse the robustness of the standard NMF, HCNMF and L2,1-NMF algorithms, and implement sets of experiments to show the robustness on real datasets, namely ORL and Extended YaleB. Our work demonstrates that different amounts of iterations are required for each algorithm to converge. Given the high computational complexity of these algorithms, our final models such as HCNMF and L2,1-NMF model do not successfully converge within the iteration parameters of this paper. Nevertheless, the experimental results still demonstrate the robustness of the aforementioned algorithms to some extent.

Title: Sequential Transformer for End-to-End Person Search. (arXiv:2211.04323v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04323
• Code URL: null
• Copy Paste: [[2211.04323] Sequential Transformer for End-to-End Person Search](http://arxiv.org/abs/2211.04323)
• Summary:

  Person Search aims to simultaneously localize and recognize a target person from realistic and uncropped gallery images. One major challenge of person search comes from the contradictory goals of the two sub-tasks, i.e., person detection focuses on finding the commonness of all persons so as to distinguish persons from the background, while person re-identification (re-ID) focuses on the differences among different persons. In this paper, we propose a novel Sequential Transformer (SeqTR) for end-to-end person search to deal with this challenge. Our SeqTR contains a detection transformer and a novel re-ID transformer that sequentially addresses detection and re-ID tasks. The re-ID transformer comprises the self-attention layer that utilizes contextual information and the cross-attention layer that learns local fine-grained discriminative features of the human body. Moreover, the re-ID transformer is shared and supervised by multi-scale features to improve the robustness of learned person representations. Extensive experiments on two widely-used person search benchmarks, CUHK-SYSU and PRW, show that our proposed SeqTR not only outperforms all existing person search methods with a 59.3% mAP on PRW but also achieves comparable performance to the state-of-the-art results with an mAP of 94.8% on CUHK-SYSU.

Title: Multi-Stage Based Feature Fusion of Multi-Modal Data for Human Activity Recognition. (arXiv:2211.04331v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04331
• Code URL: null
• Copy Paste: [[2211.04331] Multi-Stage Based Feature Fusion of Multi-Modal Data for Human Activity Recognition](http://arxiv.org/abs/2211.04331)
• Summary:

  To properly assist humans in their needs, human activity recognition (HAR) systems need the ability to fuse information from multiple modalities. Our hypothesis is that multimodal sensors, visual and non-visual tend to provide complementary information, addressing the limitations of other modalities. In this work, we propose a multi-modal framework that learns to effectively combine features from RGB Video and IMU sensors, and show its robustness for MMAct and UTD-MHAD datasets. Our model is trained in two-stage, where in the first stage, each input encoder learns to effectively extract features, and in the second stage, learns to combine these individual features. We show significant improvements of 22% and 11% compared to video only and IMU only setup on UTD-MHAD dataset, and 20% and 12% on MMAct datasets. Through extensive experimentation, we show the robustness of our model on zero shot setting, and limited annotated data setting. We further compare with state-of-the-art methods that use more input modalities and show that our method outperforms significantly on the more difficult MMact dataset, and performs comparably in UTD-MHAD dataset.

Title: Parameter and Data Efficient Continual Pre-training for Robustness to Dialectal Variance in Arabic. (arXiv:2211.03966v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.03966
• Code URL: null
• Copy Paste: [[2211.03966] Parameter and Data Efficient Continual Pre-training for Robustness to Dialectal Variance in Arabic](http://arxiv.org/abs/2211.03966)
• Summary:

  The use of multilingual language models for tasks in low and high-resource languages has been a success story in deep learning. In recent times, Arabic has been receiving widespread attention on account of its dialectal variance. While prior research studies have tried to adapt these multilingual models for dialectal variants of Arabic, it still remains a challenging problem owing to the lack of sufficient monolingual dialectal data and parallel translation data of such dialectal variants. It remains an open problem on whether the limited dialectical data can be used to improve the models trained in Arabic on its dialectal variants. First, we show that multilingual-BERT (mBERT) incrementally pretrained on Arabic monolingual data takes less training time and yields comparable accuracy when compared to our custom monolingual Arabic model and beat existing models (by an avg metric of +$6.41$). We then explore two continual pre-training methods -- (1) using small amounts of dialectical data for continual finetuning and (2) parallel Arabic to English data and a Translation Language Modeling loss function. We show that both approaches help improve performance on dialectal classification tasks ($+4.64$ avg. gain) when used on monolingual models.

Title: Unsupervised Domain Adaptation for Sparse Retrieval by Filling Vocabulary and Word Frequency Gaps. (arXiv:2211.03988v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.03988
• Code URL: null
• Copy Paste: [[2211.03988] Unsupervised Domain Adaptation for Sparse Retrieval by Filling Vocabulary and Word Frequency Gaps](http://arxiv.org/abs/2211.03988)
• Summary:

  IR models using a pretrained language model significantly outperform lexical approaches like BM25. In particular, SPLADE, which encodes texts to sparse vectors, is an effective model for practical use because it shows robustness to out-of-domain datasets. However, SPLADE still struggles with exact matching of low-frequency words in training data. In addition, domain shifts in vocabulary and word frequencies deteriorate the IR performance of SPLADE. Because supervision data are scarce in the target domain, addressing the domain shifts without supervision data is necessary. This paper proposes an unsupervised domain adaptation method by filling vocabulary and word-frequency gaps. First, we expand a vocabulary and execute continual pretraining with a masked language model on a corpus of the target domain. Then, we multiply SPLADE-encoded sparse vectors by inverse document frequency weights to consider the importance of documents with lowfrequency words. We conducted experiments using our method on datasets with a large vocabulary gap from a source domain. We show that our method outperforms the present stateof-the-art domain adaptation method. In addition, our method achieves state-of-the-art results, combined with BM25.

Title: Robust Unstructured Knowledge Access in Conversational Dialogue with ASR Errors. (arXiv:2211.03990v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.03990
• Code URL: https://github.com/yctam/dstc10_track2_task2
• Copy Paste: [[2211.03990] Robust Unstructured Knowledge Access in Conversational Dialogue with ASR Errors](http://arxiv.org/abs/2211.03990)
• Summary:

  Performance of spoken language understanding (SLU) can be degraded with automatic speech recognition (ASR) errors. We propose a novel approach to improve SLU robustness by randomly corrupting clean training text with an ASR error simulator, followed by self-correcting the errors and minimizing the target classification loss in a joint manner. In the proposed error simulator, we leverage confusion networks generated from an ASR decoder without human transcriptions to generate a variety of error patterns for model training. We evaluate our approach on the DSTC10 challenge targeted for knowledge-grounded task-oriented conversational dialogues with ASR errors. Experimental results show the effectiveness of our proposed approach, boosting the knowledge-seeking turn detection (KTD) F1 significantly from 0.9433 to 0.9904. Knowledge cluster classification is boosted from 0.7924 to 0.9333 in Recall@1. After knowledge document re-ranking, our approach shows significant improvement in all knowledge selection metrics, from 0.7358 to 0.7806 in Recall@1, from 0.8301 to 0.9333 in Recall@5, and from 0.7798 to 0.8460 in MRR@5 on the test set. In the recent DSTC10 evaluation, our approach demonstrates significant improvement in knowledge selection, boosting Recall@1 from 0.495 to 0.7144 compared to the official baseline. Our source code is released in GitHub https://github.com/yctam/dstc10_track2_task2.git.

Title: ATCO2 corpus: A Large-Scale Dataset for Research on Automatic Speech Recognition and Natural Language Understanding of Air Traffic Control Communications. (arXiv:2211.04054v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04054
• Code URL: null
• Copy Paste: [[2211.04054] ATCO2 corpus: A Large-Scale Dataset for Research on Automatic Speech Recognition and Natural Language Understanding of Air Traffic Control Communications](http://arxiv.org/abs/2211.04054)
• Summary:

  Personal assistants, automatic speech recognizers and dialogue understanding systems are becoming more critical in our interconnected digital world. A clear example is air traffic control (ATC) communications. ATC aims at guiding aircraft and controlling the airspace in a safe and optimal manner. These voice-based dialogues are carried between an air traffic controller (ATCO) and pilots via very-high frequency radio channels. In order to incorporate these novel technologies into ATC (low-resource domain), large-scale annotated datasets are required to develop the data-driven AI systems. Two examples are automatic speech recognition (ASR) and natural language understanding (NLU). In this paper, we introduce the ATCO2 corpus, a dataset that aims at fostering research on the challenging ATC field, which has lagged behind due to lack of annotated data. The ATCO2 corpus covers 1) data collection and pre-processing, 2) pseudo-annotations of speech data, and 3) extraction of ATC-related named entities. The ATCO2 corpus is split into three subsets. 1) ATCO2-test-set corpus contains 4 hours of ATC speech with manual transcripts and a subset with gold annotations for named-entity recognition (callsign, command, value). 2) The ATCO2-PL-set corpus consists of 5281 hours of unlabeled ATC data enriched with automatic transcripts from an in-domain speech recognizer, contextual information, speaker turn information, signal-to-noise ratio estimate and English language detection score per sample. Both available for purchase through ELDA at this http URL 3) The ATCO2-test-set-1h corpus is a one-hour subset from the original test set corpus, that we are offering for free at https://www.atco2.org/data. We expect the ATCO2 corpus will foster research on robust ASR and NLU not only in the field of ATC communications but also in the general research community.

Title: ConsPrompt: Easily Exploiting Contrastive Samples for Few-shot Prompt Learning. (arXiv:2211.04118v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04118
• Code URL: null
• Copy Paste: [[2211.04118] ConsPrompt: Easily Exploiting Contrastive Samples for Few-shot Prompt Learning](http://arxiv.org/abs/2211.04118)
• Summary:

  Prompt learning recently become an effective linguistic tool to motivate the PLMs' knowledge on few-shot-setting tasks. However, studies have shown the lack of robustness still exists in prompt learning, since suitable initialization of continuous prompt and expert-first manual prompt are essential in fine-tuning process. What is more, human also utilize their comparative ability to motivate their existing knowledge for distinguishing different examples. Motivated by this, we explore how to use contrastive samples to strengthen prompt learning. In detail, we first propose our model ConsPrompt combining with prompt encoding network, contrastive sampling module, and contrastive scoring module. Subsequently, two sampling strategies, similarity-based and label-based strategies, are introduced to realize differential contrastive learning. The effectiveness of proposed ConsPrompt is demonstrated in five different few-shot learning tasks and shown the similarity-based sampling strategy is more effective than label-based in combining contrastive learning. Our results also exhibits the state-of-the-art performance and robustness in different few-shot settings, which proves that the ConsPrompt could be assumed as a better knowledge probe to motivate PLMs.

Title: Robust Manifold Nonnegative Tucker Factorization for Tensor Data Representation. (arXiv:2211.03934v1 [cs.AI])

• Paper URL: http://arxiv.org/abs/2211.03934
• Code URL: null
• Copy Paste: [[2211.03934] Robust Manifold Nonnegative Tucker Factorization for Tensor Data Representation](http://arxiv.org/abs/2211.03934)
• Summary:

  Nonnegative Tucker Factorization (NTF) minimizes the euclidean distance or Kullback-Leibler divergence between the original data and its low-rank approximation which often suffers from grossly corruptions or outliers and the neglect of manifold structures of data. In particular, NTF suffers from rotational ambiguity, whose solutions with and without rotation transformations are equally in the sense of yielding the maximum likelihood. In this paper, we propose three Robust Manifold NTF algorithms to handle outliers by incorporating structural knowledge about the outliers. They first applies a half-quadratic optimization algorithm to transform the problem into a general weighted NTF where the weights are influenced by the outliers. Then, we introduce the correntropy induced metric, Huber function and Cauchy function for weights respectively, to handle the outliers. Finally, we introduce a manifold regularization to overcome the rotational ambiguity of NTF. We have compared the proposed method with a number of representative references covering major branches of NTF on a variety of real-world image databases. Experimental results illustrate the effectiveness of the proposed method under two evaluation metrics (accuracy and nmi).

Title: The Technological Emergence of AutoML: A Survey of Performant Software and Applications in the Context of Industry. (arXiv:2211.04148v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04148
• Code URL: null
• Copy Paste: [[2211.04148] The Technological Emergence of AutoML: A Survey of Performant Software and Applications in the Context of Industry](http://arxiv.org/abs/2211.04148)
• Summary:

  With most technical fields, there exists a delay between fundamental academic research and practical industrial uptake. Whilst some sciences have robust and well-established processes for commercialisation, such as the pharmaceutical practice of regimented drug trials, other fields face transitory periods in which fundamental academic advancements diffuse gradually into the space of commerce and industry. For the still relatively young field of Automated/Autonomous Machine Learning (AutoML/AutonoML), that transitory period is under way, spurred on by a burgeoning interest from broader society. Yet, to date, little research has been undertaken to assess the current state of this dissemination and its uptake. Thus, this review makes two primary contributions to knowledge around this topic. Firstly, it provides the most up-to-date and comprehensive survey of existing AutoML tools, both open-source and commercial. Secondly, it motivates and outlines a framework for assessing whether an AutoML solution designed for real-world application is 'performant'; this framework extends beyond the limitations of typical academic criteria, considering a variety of stakeholder needs and the human-computer interactions required to service them. Thus, additionally supported by an extensive assessment and comparison of academic and commercial case-studies, this review evaluates mainstream engagement with AutoML in the early 2020s, identifying obstacles and opportunities for accelerating future uptake.

Title: EEG-Fest: Few-shot based Attention Network for Driver's Vigilance Estimation with EEG Signals. (arXiv:2211.03878v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.03878
• Code URL: null
• Copy Paste: [[2211.03878] EEG-Fest: Few-shot based Attention Network for Driver's Vigilance Estimation with EEG Signals](http://arxiv.org/abs/2211.03878)
• Summary:

  A lack of driver's vigilance is the main cause of most vehicle crashes. Electroencephalography(EEG) has been reliable and efficient tool for drivers' drowsiness estimation. Even though previous studies have developed accurate and robust driver's vigilance detection algorithms, these methods are still facing challenges on following areas: (a) small sample size training, (b) anomaly signal detection, and (c) subject-independent classification. In this paper, we propose a generalized few-shot model, namely EEG-Fest, to improve aforementioned drawbacks. The EEG-Fest model can (a) classify the query sample's drowsiness with a few samples, (b) identify whether a query sample is anomaly signals or not, and (c) achieve subject independent classification. The proposed algorithm achieves state-of-the-art results on the SEED-VIG dataset and the SADT dataset. The accuracy of the drowsy class achieves 92% and 94% for 1-shot and 5-shot support samples in the SEED-VIG dataset, and 62% and 78% for 1-shot and 5-shot support samples in the SADT dataset.

biometric

steal

extraction

Title: When & How to Transfer with Transfer Learning. (arXiv:2211.04347v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2211.04347
• Code URL: https://github.com/hpai-bsc/tl-tradeoff
• Copy Paste: [[2211.04347] When & How to Transfer with Transfer Learning](http://arxiv.org/abs/2211.04347)
• Summary:

  In deep learning, transfer learning (TL) has become the de facto approach when dealing with image related tasks. Visual features learnt for one task have been shown to be reusable for other tasks, improving performance significantly. By reusing deep representations, TL enables the use of deep models in domains with limited data availability, limited computational resources and/or limited access to human experts. Domains which include the vast majority of real-life applications. This paper conducts an experimental evaluation of TL, exploring its trade-offs with respect to performance, environmental footprint, human hours and computational requirements. Results highlight the cases were a cheap feature extraction approach is preferable, and the situations where an expensive fine-tuning effort may be worth the added cost. Finally, a set of guidelines on the use of TL are proposed.

Title: Active Relation Discovery: Towards General and Label-aware Open Relation Extraction. (arXiv:2211.04215v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04215
• Code URL: null
• Copy Paste: [[2211.04215] Active Relation Discovery: Towards General and Label-aware Open Relation Extraction](http://arxiv.org/abs/2211.04215)
• Summary:

  Open Relation Extraction (OpenRE) aims to discover novel relations from open domains. Previous OpenRE methods mainly suffer from two problems: (1) Insufficient capacity to discriminate between known and novel relations. When extending conventional test settings to a more general setting where test data might also come from seen classes, existing approaches have a significant performance decline. (2) Secondary labeling must be performed before practical application. Existing methods cannot label human-readable and meaningful types for novel relations, which is urgently required by the downstream tasks. To address these issues, we propose the Active Relation Discovery (ARD) framework, which utilizes relational outlier detection for discriminating known and novel relations and involves active learning for labeling novel relations. Extensive experiments on three real-world datasets show that ARD significantly outperforms previous state-of-the-art methods on both conventional and our proposed general OpenRE settings. The source code and datasets will be available for reproducibility.

Title: Review of coreference resolution in English and Persian. (arXiv:2211.04428v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04428
• Code URL: null
• Copy Paste: [[2211.04428] Review of coreference resolution in English and Persian](http://arxiv.org/abs/2211.04428)
• Summary:

  Coreference resolution (CR) is one of the most challenging areas of natural language processing. This task seeks to identify all textual references to the same real-world entity. Research in this field is divided into coreference resolution and anaphora resolution. Due to its application in textual comprehension and its utility in other tasks such as information extraction systems, document summarization, and machine translation, this field has attracted considerable interest. Consequently, it has a significant effect on the quality of these systems. This article reviews the existing corpora and evaluation metrics in this field. Then, an overview of the coreference algorithms, from rule-based methods to the latest deep learning techniques, is provided. Finally, coreference resolution and pronoun resolution systems in Persian are investigated.

Title: SLATE: A Sequence Labeling Approach for Task Extraction from Free-form Inked Content. (arXiv:2211.04454v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04454
• Code URL: https://github.com/slateauthors/slate
• Copy Paste: [[2211.04454] SLATE: A Sequence Labeling Approach for Task Extraction from Free-form Inked Content](http://arxiv.org/abs/2211.04454)
• Summary:

  We present SLATE, a sequence labeling approach for extracting tasks from free-form content such as digitally handwritten (or "inked") notes on a virtual whiteboard. Our approach allows us to create a single, low-latency model to simultaneously perform sentence segmentation and classification of these sentences into task/non-task sentences. SLATE greatly outperforms a baseline two-model (sentence segmentation followed by classification model) approach, achieving a task F1 score of 84.4\%, a sentence segmentation (boundary similarity) score of 88.4% and three times lower latency compared to the baseline. Furthermore, we provide insights into tackling challenges of performing NLP on the inking domain. We release both our code and dataset for this novel task.

membership infer

federate

Title: The Interpolated MVU Mechanism For Communication-efficient Private Federated Learning. (arXiv:2211.03942v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.03942
• Code URL: null
• Copy Paste: [[2211.03942] The Interpolated MVU Mechanism For Communication-efficient Private Federated Learning](http://arxiv.org/abs/2211.03942)
• Summary:

  We consider private federated learning (FL), where a server aggregates differentially private gradient updates from a large number of clients in order to train a machine learning model. The main challenge is balancing privacy with both classification accuracy of the learned model as well as the amount of communication between the clients and server. In this work, we build on a recently proposed method for communication-efficient private FL -- the MVU mechanism -- by introducing a new interpolation mechanism that can accommodate a more efficient privacy analysis. The result is the new Interpolated MVU mechanism that provides SOTA results on communication-efficient private FL on a variety of datasets.

Title: FLock: Defending Malicious Behaviors in Federated Learning with Blockchain. (arXiv:2211.04344v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2211.04344
• Code URL: null
• Copy Paste: [[2211.04344] FLock: Defending Malicious Behaviors in Federated Learning with Blockchain](http://arxiv.org/abs/2211.04344)
• Summary:

  Federated learning (FL) is a promising way to allow multiple data owners (clients) to collaboratively train machine learning models without compromising data privacy. Yet, existing FL solutions usually rely on a centralized aggregator for model weight aggregation, while assuming clients are honest. Even if data privacy can still be preserved, the problem of single-point failure and data poisoning attack from malicious clients remains unresolved. To tackle this challenge, we propose to use distributed ledger technology (DLT) to achieve FLock, a secure and reliable decentralized Federated Learning system built on blockchain. To guarantee model quality, we design a novel peer-to-peer (P2P) review and reward/slash mechanism to detect and deter malicious clients, powered by on-chain smart contracts. The reward/slash mechanism, in addition, serves as incentives for participants to honestly upload and review model parameters in the FLock system. FLock thus improves the performance and the robustness of FL systems in a fully P2P manner.

Title: FedGrad: Optimisation in Decentralised Machine Learning. (arXiv:2211.04254v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04254
• Code URL: null
• Copy Paste: [[2211.04254] FedGrad: Optimisation in Decentralised Machine Learning](http://arxiv.org/abs/2211.04254)
• Summary:

  Federated Learning is a machine learning paradigm where we aim to train machine learning models in a distributed fashion. Many clients/edge devices collaborate with each other to train a single model on the central. Clients do not share their own datasets with each other, decoupling computation and data on the same device. In this paper, we propose yet another adaptive federated optimization method and some other ideas in the field of federated learning. We also perform experiments using these methods and showcase the improvement in the overall performance of federated learning.

Title: FED-CD: Federated Causal Discovery from Interventional and Observational Data. (arXiv:2211.03846v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.03846
• Code URL: null
• Copy Paste: [[2211.03846] FED-CD: Federated Causal Discovery from Interventional and Observational Data](http://arxiv.org/abs/2211.03846)
• Summary:

  Causal discovery, the inference of causal relations from data, is a core task of fundamental importance in all scientific domains, and several new machine learning methods for addressing the causal discovery problem have been proposed recently. However, existing machine learning methods for causal discovery typically require that the data used for inference is pooled and available in a centralized location. In many domains of high practical importance, such as in healthcare, data is only available at local data-generating entities (e.g. hospitals in the healthcare context), and cannot be shared across entities due to, among others, privacy and regulatory reasons. In this work, we address the problem of inferring causal structure - in the form of a directed acyclic graph (DAG) - from a distributed data set that contains both observational and interventional data in a privacy-preserving manner by exchanging updates instead of samples. To this end, we introduce a new federated framework, FED-CD, that enables the discovery of global causal structures both when the set of intervened covariates is the same across decentralized entities, and when the set of intervened covariates are potentially disjoint. We perform a comprehensive experimental evaluation on synthetic data that demonstrates that FED-CD enables effective aggregation of decentralized data for causal discovery without direct sample sharing, even when the contributing distributed data sets cover disjoint sets of interventions. Effective methods for causal discovery in distributed data sets could significantly advance scientific discovery and knowledge sharing in important settings, for instance, healthcare, in which sharing of data across local sites is difficult or prohibited.

Title: Federated Learning Using Three-Operator ADMM. (arXiv:2211.04152v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04152
• Code URL: null
• Copy Paste: [[2211.04152] Federated Learning Using Three-Operator ADMM](http://arxiv.org/abs/2211.04152)
• Summary:

  Federated learning (FL) has emerged as an instance of distributed machine learning paradigm that avoids the transmission of data generated on the users' side. Although data are not transmitted, edge devices have to deal with limited communication bandwidths, data heterogeneity, and straggler effects due to the limited computational resources of users' devices. A prominent approach to overcome such difficulties is FedADMM, which is based on the classical two-operator consensus alternating direction method of multipliers (ADMM). The common assumption of FL algorithms, including FedADMM, is that they learn a global model using data only on the users' side and not on the edge server. However, in edge learning, the server is expected to be near the base station and have direct access to rich datasets. In this paper, we argue that leveraging the rich data on the edge server is much more beneficial than utilizing only user datasets. Specifically, we show that the mere application of FL with an additional virtual user node representing the data on the edge server is inefficient. We propose FedTOP-ADMM, which generalizes FedADMM and is based on a three-operator ADMM-type technique that exploits a smooth cost function on the edge server to learn a global model parallel to the edge devices. Our numerical experiments indicate that FedTOP-ADMM has substantial gain up to 33\% in communication efficiency to reach a desired test accuracy with respect to FedADMM, including a virtual user on the edge server.

Title: Centaur: Federated Learning for Constrained Edge Devices. (arXiv:2211.04175v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04175
• Code URL: null
• Copy Paste: [[2211.04175] Centaur: Federated Learning for Constrained Edge Devices](http://arxiv.org/abs/2211.04175)
• Summary:

  Federated learning (FL) on deep neural networks facilitates new applications at the edge, especially for wearable and Internet-of-Thing devices. Such devices capture a large and diverse amount of data, but they have memory, compute, power, and connectivity constraints which hinder their participation in FL. We propose Centaur, a multitier FL framework, enabling ultra-constrained devices to efficiently participate in FL on large neural nets. Centaur combines two major ideas: (i) a data selection scheme to choose a portion of samples that accelerates the learning, and (ii) a partition-based training algorithm that integrates both constrained and powerful devices owned by the same user. Evaluations, on four benchmark neural nets and three datasets, show that Centaur gains ~10% higher accuracy than local training on constrained devices with ~58% energy saving on average. Our experimental results also demonstrate the superior efficiency of Centaur when dealing with imbalanced data, client participation heterogeneity, and various network connection probabilities.

Title: Clustered Federated Learning based on Nonconvex Pairwise Fusion. (arXiv:2211.04218v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04218
• Code URL: null
• Copy Paste: [[2211.04218] Clustered Federated Learning based on Nonconvex Pairwise Fusion](http://arxiv.org/abs/2211.04218)
• Summary:

  This study investigates clustered federated learning (FL), one of the formulations of FL with non-i.i.d. data, where the devices are partitioned into clusters and each cluster optimally fits its data with a localized model. We propose a novel clustered FL framework, which applies a nonconvex penalty to pairwise differences of parameters. This framework can automatically identify clusters without a priori knowledge of the number of clusters and the set of devices in each cluster. To implement the proposed framework, we develop a novel clustered FL method called FPFC. Advancing from the standard ADMM, our method is implemented in parallel, updates only a subset of devices at each communication round, and allows each participating device to perform a variable amount of work. This greatly reduces the communication cost while simultaneously preserving privacy, making it practical for FL. We also propose a new warmup strategy for hyperparameter tuning under FL settings and consider the asynchronous variant of FPFC (asyncFPFC). Theoretically, we provide convergence guarantees of FPFC for general nonconvex losses and establish the statistical convergence rate under a linear model with squared loss. Our extensive experiments demonstrate the advantages of FPFC over existing methods.

fair

Title: Bridging Fairness and Environmental Sustainability in Natural Language Processing. (arXiv:2211.04256v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04256
• Code URL: null
• Copy Paste: [[2211.04256] Bridging Fairness and Environmental Sustainability in Natural Language Processing](http://arxiv.org/abs/2211.04256)
• Summary:

  Fairness and environmental impact are important research directions for the sustainable development of artificial intelligence. However, while each topic is an active research area in natural language processing (NLP), there is a surprising lack of research on the interplay between the two fields. This lacuna is highly problematic, since there is increasing evidence that an exclusive focus on fairness can actually hinder environmental sustainability, and vice versa. In this work, we shed light on this crucial intersection in NLP by (1) investigating the efficiency of current fairness approaches through surveying example methods for reducing unfair stereotypical bias from the literature, and (2) evaluating a common technique to reduce energy consumption (and thus environmental impact) of English NLP models, knowledge distillation (KD), for its impact on fairness. In this case study, we evaluate the effect of important KD factors, including layer and dimensionality reduction, with respect to: (a) performance on the distillation task (natural language inference and semantic similarity prediction), and (b) multiple measures and dimensions of stereotypical bias (e.g., gender bias measured via the Word Embedding Association Test). Our results lead us to clarify current assumptions regarding the effect of KD on unfair bias: contrary to other findings, we show that KD can actually decrease model fairness.

Title: Reinforcement Learning with Stepwise Fairness Constraints. (arXiv:2211.03994v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.03994
• Code URL: null
• Copy Paste: [[2211.03994] Reinforcement Learning with Stepwise Fairness Constraints](http://arxiv.org/abs/2211.03994)
• Summary:

  AI methods are used in societally important settings, ranging from credit to employment to housing, and it is crucial to provide fairness in regard to algorithmic decision making. Moreover, many settings are dynamic, with populations responding to sequential decision policies. We introduce the study of reinforcement learning (RL) with stepwise fairness constraints, requiring group fairness at each time step. Our focus is on tabular episodic RL, and we provide learning algorithms with strong theoretical guarantees in regard to policy optimality and fairness violation. Our framework provides useful tools to study the impact of fairness constraints in sequential settings and brings up new challenges in RL.

interpretability

Title: Much Easier Said Than Done: Falsifying the Causal Relevance of Linear Decoding Methods. (arXiv:2211.04367v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2211.04367
• Code URL: null
• Copy Paste: [[2211.04367] Much Easier Said Than Done: Falsifying the Causal Relevance of Linear Decoding Methods](http://arxiv.org/abs/2211.04367)
• Summary:

  Linear classifier probes are frequently utilized to better understand how neural networks function. Researchers have approached the problem of determining unit importance in neural networks by probing their learned, internal representations. Linear classifier probes identify highly selective units as the most important for network function. Whether or not a network actually relies on high selectivity units can be tested by removing them from the network using ablation. Surprisingly, when highly selective units are ablated they only produce small performance deficits, and even then only in some cases. In spite of the absence of ablation effects for selective neurons, linear decoding methods can be effectively used to interpret network function, leaving their effectiveness a mystery. To falsify the exclusive role of selectivity in network function and resolve this contradiction, we systematically ablate groups of units in subregions of activation space. Here, we find a weak relationship between neurons identified by probes and those identified by ablation. More specifically, we find that an interaction between selectivity and the average activity of the unit better predicts ablation performance deficits for groups of units in AlexNet, VGG16, MobileNetV2, and ResNet101. Linear decoders are likely somewhat effective because they overlap with those units that are causally important for network function. Interpretability methods could be improved by focusing on causally important units.

Title: Proactive Detractor Detection Framework Based on Message-Wise Sentiment Analysis Over Customer Support Interactions. (arXiv:2211.03923v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.03923
• Code URL: null
• Copy Paste: [[2211.03923] Proactive Detractor Detection Framework Based on Message-Wise Sentiment Analysis Over Customer Support Interactions](http://arxiv.org/abs/2211.03923)
• Summary:

  In this work, we propose a framework relying solely on chat-based customer support (CS) interactions for predicting the recommendation decision of individual users. For our case study, we analyzed a total number of 16.4k users and 48.7k customer support conversations within the financial vertical of a large e-commerce company in Latin America. Consequently, our main contributions and objectives are to use Natural Language Processing (NLP) to assess and predict the recommendation behavior where, in addition to using static sentiment analysis, we exploit the predictive power of each user's sentiment dynamics. Our results show that, with respective feature interpretability, it is possible to predict the likelihood of a user to recommend a product or service, based solely on the message-wise sentiment evolution of their CS conversations in a fully automated way.

Title: What Knowledge Is Needed? Towards Explainable Memory for kNN-MT Domain Adaptation. (arXiv:2211.04052v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2211.04052
• Code URL: null
• Copy Paste: [[2211.04052] What Knowledge Is Needed? Towards Explainable Memory for kNN-MT Domain Adaptation](http://arxiv.org/abs/2211.04052)
• Summary:

  kNN-MT presents a new paradigm for domain adaptation by building an external datastore, which usually saves all target language token occurrences in the parallel corpus. As a result, the constructed datastore is usually large and possibly redundant. In this paper, we investigate the interpretability issue of this approach: what knowledge does the NMT model need? We propose the notion of local correctness (LAC) as a new angle, which describes the potential translation correctness for a single entry and for a given neighborhood. Empirical study shows that our investigation successfully finds the conditions where the NMT model could easily fail and need related knowledge. Experiments on six diverse target domains and two language-pairs show that pruning according to local correctness brings a light and more explainable memory for kNN-MT domain adaptation.

exlainability

watermark