secure

Title: Ancilia: Scalable Intelligent Video Surveillance for the Artificial Intelligence of Things. (arXiv:2301.03561v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03561
• Code URL: null
• Copy Paste: [[2301.03561] Ancilia: Scalable Intelligent Video Surveillance for the Artificial Intelligence of Things](http://arxiv.org/abs/2301.03561) #secure
• Summary:

  With the advancement of vision-based artificial intelligence, the proliferation of the Internet of Things connected cameras, and the increasing societal need for rapid and equitable security, the demand for accurate real-time intelligent surveillance has never been higher. This article presents Ancilia, an end-to-end scalable, intelligent video surveillance system for the Artificial Intelligence of Things. Ancilia brings state-of-the-art artificial intelligence to real-world surveillance applications while respecting ethical concerns and performing high-level cognitive tasks in real-time. Ancilia aims to revolutionize the surveillance landscape, to bring more effective, intelligent, and equitable security to the field, resulting in safer and more secure communities without requiring people to compromise their right to privacy.

Title: A Lightweight Blockchain and Fog-enabled Secure Remote Patient Monitoring System. (arXiv:2301.03551v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03551
• Code URL: null
• Copy Paste: [[2301.03551] A Lightweight Blockchain and Fog-enabled Secure Remote Patient Monitoring System](http://arxiv.org/abs/2301.03551) #secure
• Summary:

  IoT has enabled the rapid growth of smart remote healthcare applications. These IoT-based remote healthcare applications deliver fast and preventive medical services to patients at risk or with chronic diseases. However, ensuring data security and patient privacy while exchanging sensitive medical data among medical IoT devices is still a significant concern in remote healthcare applications. Altered or corrupted medical data may cause wrong treatment and create grave health issues for patients. Moreover, current remote medical applications' efficiency and response time need to be addressed and improved. Considering the need for secure and efficient patient care, this paper proposes a lightweight Blockchain-based and Fog-enabled remote patient monitoring system that provides a high level of security and efficient response time. Simulation results and security analysis show that the proposed lightweight blockchain architecture fits the resource-constrained IoT devices well and is secure against attacks. Moreover, the augmentation of Fog computing improved the responsiveness of the remote patient monitoring system by 40%.

security

Title: DRL-GAN: A Hybrid Approach for Binary and Multiclass Network Intrusion Detection. (arXiv:2301.03368v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03368
• Code URL: null
• Copy Paste: [[2301.03368] DRL-GAN: A Hybrid Approach for Binary and Multiclass Network Intrusion Detection](http://arxiv.org/abs/2301.03368) #security
• Summary:

  Our increasingly connected world continues to face an ever-growing amount of network-based attacks. Intrusion detection systems (IDS) are an essential security technology for detecting these attacks. Although numerous machine learning-based IDS have been proposed for the detection of malicious network traffic, the majority have difficulty properly detecting and classifying the more uncommon attack types. In this paper, we implement a novel hybrid technique using synthetic data produced by a Generative Adversarial Network (GAN) to use as input for training a Deep Reinforcement Learning (DRL) model. Our GAN model is trained with the NSL-KDD dataset for four attack categories as well as normal network flow. Ultimately, our findings demonstrate that training the DRL on specific synthetic datasets can result in better performance in correctly classifying minority classes over training on the true imbalanced dataset.

privacy

Title: STPrivacy: Spatio-Temporal Tubelet Sparsification and Anonymization for Privacy-preserving Action Recognition. (arXiv:2301.03046v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03046
• Code URL: null
• Copy Paste: [[2301.03046] STPrivacy: Spatio-Temporal Tubelet Sparsification and Anonymization for Privacy-preserving Action Recognition](http://arxiv.org/abs/2301.03046) #privacy
• Summary:

  Recently privacy-preserving action recognition (PPAR) has been becoming an appealing video understanding problem. Nevertheless, existing works focus on the frame-level (spatial) privacy preservation, ignoring the privacy leakage from a whole video and destroying the temporal continuity of actions. In this paper, we present a novel PPAR paradigm, i.e., performing privacy preservation from both spatial and temporal perspectives, and propose a STPrivacy framework. For the first time, our STPrivacy applies vision Transformers to PPAR and regards a video as a sequence of spatio-temporal tubelets, showing outstanding advantages over previous convolutional methods. Specifically, our STPrivacy adaptively treats privacy-containing tubelets in two different manners. The tubelets irrelevant to actions are directly abandoned, i.e., sparsification, and not published for subsequent tasks. In contrast, those highly involved in actions are anonymized, i.e., anonymization, to remove private information. These two transformation mechanisms are complementary and simultaneously optimized in our unified framework. Because there is no large-scale benchmarks, we annotate five privacy attributes for two of the most popular action recognition datasets, i.e., HMDB51 and UCF101, and conduct extensive experiments on them. Moreover, to verify the generalization ability of our STPrivacy, we further introduce a privacy-preserving facial expression recognition task and conduct experiments on a large-scale video facial attributes dataset, i.e., Celeb-VHQ. The thorough comparisons and visualization analysis demonstrate our significant superiority over existing works. The appendix contains more details and visualizations.

Title: Negative Results of Fusing Code and Documentation for Learning to Accurately Identify Sensitive Source and Sink Methods An Application to the Android Framework for Data Leak Detection. (arXiv:2301.03207v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03207
• Code URL: null
• Copy Paste: [[2301.03207] Negative Results of Fusing Code and Documentation for Learning to Accurately Identify Sensitive Source and Sink Methods An Application to the Android Framework for Data Leak Detection](http://arxiv.org/abs/2301.03207) #privacy
• Summary:

  Apps on mobile phones manipulate all sorts of data, including sensitive data, leading to privacy-related concerns. Recent regulations like the European GDPR provide rules for the processing of personal and sensitive data, like that no such data may be leaked without the consent of the user.

Researchers have proposed sophisticated approaches to track sensitive data within mobile apps, all of which rely on specific lists of sensitive source and sink API methods. The data flow analysis results greatly depend on these lists' quality. Previous approaches either used incomplete hand-written lists that quickly became outdated or relied on machine learning. The latter, however, leads to numerous false positives, as we show.

This paper introduces CoDoC, a tool that aims to revive the machine-learning approach to precisely identify privacy-related source and sink API methods. In contrast to previous approaches, CoDoC uses deep learning techniques and combines the source code with the documentation of API methods. Firstly, we propose novel definitions that clarify the concepts of sensitive source and sink methods. Secondly, based on these definitions, we build a new ground truth of Android methods representing sensitive source, sink, and neither (i.e., no source or sink) methods that will be used to train our classifier.

We evaluate CoDoC and show that, on our validation dataset, it achieves a precision, recall, and F1 score of 91% in 10-fold cross-validation, outperforming the state-of-the-art SuSi when used on the same dataset. However, similarly to existing tools, we show that in the wild, i.e., with unseen data, CoDoC performs poorly and generates many false positive results. Our findings, together with time-tested results of previous approaches, suggest that machine-learning models for abstract concepts such as privacy fail in practice despite good lab results.

Title: k-Means SubClustering: A Differentially Private Algorithm with Improved Clustering Quality. (arXiv:2301.02896v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.02896
• Code URL: null
• Copy Paste: [[2301.02896] k-Means SubClustering: A Differentially Private Algorithm with Improved Clustering Quality](http://arxiv.org/abs/2301.02896) #privacy
• Summary:

  In today's data-driven world, the sensitivity of information has been a significant concern. With this data and additional information on the person's background, one can easily infer an individual's private data. Many differentially private iterative algorithms have been proposed in interactive settings to protect an individual's privacy from these inference attacks. The existing approaches adapt the method to compute differentially private(DP) centroids by iterative Llyod's algorithm and perturbing the centroid with various DP mechanisms. These DP mechanisms do not guarantee convergence of differentially private iterative algorithms and degrade the quality of the cluster. Thus, in this work, we further extend the previous work on 'Differentially Private k-Means Clustering With Convergence Guarantee' by taking it as our baseline. The novelty of our approach is to sub-cluster the clusters and then select the centroid which has a higher probability of moving in the direction of the future centroid. At every Lloyd's step, the centroids are injected with the noise using the exponential DP mechanism. The results of the experiments indicate that our approach outperforms the current state-of-the-art method, i.e., the baseline algorithm, in terms of clustering quality while maintaining the same differential privacy requirements. The clustering quality significantly improved by 4.13 and 2.83 times than baseline for the Wine and Breast_Cancer dataset, respectively.

protect

Title: SFP: Providing System Call Flow Protection against Software and Fault Attacks. (arXiv:2301.02915v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.02915
• Code URL: null
• Copy Paste: [[2301.02915] SFP: Providing System Call Flow Protection against Software and Fault Attacks](http://arxiv.org/abs/2301.02915) #protect
• Summary:

  With the improvements in computing technologies, edge devices in the Internet-of-Things have become more complex. The enabler technology for these complex systems are powerful application core processors with operating system support, such as Linux. While the isolation of applications through the operating system increases the security, the interface to the kernel poses a new threat. Different attack vectors, including fault attacks and memory vulnerabilities, exploit the kernel interface to escalate privileges and take over the system.

In this work, we present SFP, a mechanism to protect the execution of system calls against software and fault attacks providing integrity to user-kernel transitions. SFP provides system call flow integrity by a two-step linking approach, which links the system call and its origin to the state of control-flow integrity. A second linking step within the kernel ensures that the right system call is executed in the kernel. Combining both linking steps ensures that only the correct system call is executed at the right location in the program and cannot be skipped. Furthermore, SFP provides dynamic CFI instrumentation and a new CFI checking policy at the edge of the kernel to verify the control-flow state of user programs before entering the kernel. We integrated SFP into FIPAC, a CFI protection scheme exploiting ARM pointer authentication. Our prototype is based on a custom LLVM-based toolchain with an instrumented runtime library combined with a custom Linux kernel to protect system calls. The evaluation of micro- and macrobenchmarks based on SPEC 2017 show an average runtime overhead of 1.9 % and 20.6 %, which is only an increase of 1.8 % over plain control-flow protection. This small impact on the performance shows the efficiency of SFP for protecting all system calls and providing integrity for the user-kernel transitions.

defense

Title: Deepfake CAPTCHA: A Method for Preventing Fake Calls. (arXiv:2301.03064v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03064
• Code URL: null
• Copy Paste: [[2301.03064] Deepfake CAPTCHA: A Method for Preventing Fake Calls](http://arxiv.org/abs/2301.03064) #defense
• Summary:

  Deep learning technology has made it possible to generate realistic content of specific individuals. These `deepfakes' can now be generated in real-time which enables attackers to impersonate people over audio and video calls. Moreover, some methods only need a few images or seconds of audio to steal an identity. Existing defenses perform passive analysis to detect fake content. However, with the rapid progress of deepfake quality, this may be a losing game.

In this paper, we propose D-CAPTCHA: an active defense against real-time deepfakes. The approach is to force the adversary into the spotlight by challenging the deepfake model to generate content which exceeds its capabilities. By doing so, passive detection becomes easier since the content will be distorted. In contrast to existing CAPTCHAs, we challenge the AI's ability to create content as opposed to its ability to classify content. In this work we focus on real-time audio deepfakes and present preliminary results on video.

In our evaluation we found that D-CAPTCHA outperforms state-of-the-art audio deepfake detectors with an accuracy of 91-100% depending on the challenge (compared to 71% without challenges). We also performed a study on 41 volunteers to understand how threatening current real-time deepfake attacks are. We found that the majority of the volunteers could not tell the difference between real and fake audio.

Title: In Defense of Structural Symbolic Representation for Video Event-Relation Prediction. (arXiv:2301.03410v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03410
• Code URL: null
• Copy Paste: [[2301.03410] In Defense of Structural Symbolic Representation for Video Event-Relation Prediction](http://arxiv.org/abs/2301.03410) #defense
• Summary:

  Understanding event relationships in videos requires a model to understand the underlying structures of events, i.e., the event type, the associated argument roles, and corresponding entities) along with factual knowledge needed for reasoning. Structural symbolic representation (SSR) based methods directly take event types and associated argument roles/entities as inputs to perform reasoning.

However, the state-of-the-art video event-relation prediction system shows the necessity of using continuous feature vectors from input videos; existing methods based solely on SSR inputs fail completely, event when given oracle event types and argument roles. In this paper, we conduct an extensive empirical analysis to answer the following questions: 1) why SSR-based method failed; 2) how to understand the evaluation setting of video event relation prediction properly; 3) how to uncover the potential of SSR-based methods. We first identify the failure of previous SSR-based video event prediction models to be caused by sub-optimal training settings. Surprisingly, we find that a simple SSR-based model with tuned hyperparameters can actually yield a 20\% absolute improvement in macro-accuracy over the state-of-the-art model. Then through qualitative and quantitative analysis, we show how evaluation that takes only video as inputs is currently unfeasible, and the reliance on oracle event information to obtain an accurate evaluation. Based on these findings, we propose to further contextualize the SSR-based model to an Event-Sequence Model and equip it with more factual knowledge through a simple yet effective way of reformulating external visual commonsense knowledge bases into an event-relation prediction pretraining dataset. The resultant new state-of-the-art model eventually establishes a 25\% Macro-accuracy performance boost.

attack

Title: RobArch: Designing Robust Architectures against Adversarial Attacks. (arXiv:2301.03110v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03110
• Code URL: https://github.com/shengyun-peng/robarch
• Copy Paste: [[2301.03110] RobArch: Designing Robust Architectures against Adversarial Attacks](http://arxiv.org/abs/2301.03110) #attack
• Summary:

  Adversarial Training is the most effective approach for improving the robustness of Deep Neural Networks (DNNs). However, compared to the large body of research in optimizing the adversarial training process, there are few investigations into how architecture components affect robustness, and they rarely constrain model capacity. Thus, it is unclear where robustness precisely comes from. In this work, we present the first large-scale systematic study on the robustness of DNN architecture components under fixed parameter budgets. Through our investigation, we distill 18 actionable robust network design guidelines that empower model developers to gain deep insights. We demonstrate these guidelines' effectiveness by introducing the novel Robust Architecture (RobArch) model that instantiates the guidelines to build a family of top-performing models across parameter capacities against strong adversarial attacks. RobArch achieves the new state-of-the-art AutoAttack accuracy on the RobustBench ImageNet leaderboard. The code is available at $\href{https://github.com/ShengYun-Peng/RobArch}{\text{this url}}$.

Title: A Continent-Wide Assessment of Cyber Vulnerability Across Africa. (arXiv:2301.03008v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03008
• Code URL: null
• Copy Paste: [[2301.03008] A Continent-Wide Assessment of Cyber Vulnerability Across Africa](http://arxiv.org/abs/2301.03008) #attack
• Summary:

  As the internet penetration rate in Africa increases, so does the proliferation of the Internet of Things (IoT) devices. Along with this growth in internet access is the risk of cyberattacks to vulnerable IoT devices mushrooming in the African cyberspace. One way to determine IoT vulnerabilities is to find open ports within Africa s cyberspace. Our research leverages Shodan search engine, a powerful tool for discovering IoT devices facing the public internet, to find open ports across Africa. We conduct an analysis of our findings, ranking countries from most to least vulnerable to cyberattack. We find that South Africa,Tunisia, Morocco, Egypt, and Nigeria are the five countries most susceptible to cyberattack on the continent. Further, 69.8% of devices having one of the five most commonly open internet ports have had past documented vulnerabilities. Following our analysis, we conclude with policy recommendations for both the public and private sector.

Title: Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons. (arXiv:2301.03118v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03118
• Code URL: null
• Copy Paste: [[2301.03118] Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons](http://arxiv.org/abs/2301.03118) #attack
• Summary:

  In this paper we describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights (i.e., without using any additional training or optimization). These backdoors force the system to err only on specific persons which are preselected by the attacker. For example, we show how such a backdoored system can take any two images of a particular person and decide that they represent different persons (an anonymity attack), or take any two images of a particular pair of persons and decide that they represent the same person (a confusion attack), with almost no effect on the correctness of its decisions for other persons. Uniquely, we show that multiple backdoors can be independently installed by multiple attackers who may not be aware of each other's existence with almost no interference.

We have experimentally verified the attacks on a FaceNet-based facial recognition system, which achieves SOTA accuracy on the standard LFW dataset of $99.35\%$. When we tried to individually anonymize ten celebrities, the network failed to recognize two of their images as being the same person in $96.97\%$ to $98.29\%$ of the time. When we tried to confuse between the extremely different looking Morgan Freeman and Scarlett Johansson, for example, their images were declared to be the same person in $91.51 \%$ of the time. For each type of backdoor, we sequentially installed multiple backdoors with minimal effect on the performance of each one (for example, anonymizing all ten celebrities on the same model reduced the success rate for each celebrity by no more than $0.91\%$). In all of our experiments, the benign accuracy of the network on other persons was degraded by no more than $0.48\%$ (and in most cases, it remained above $99.30\%$).

Title: Efficient Attack Detection in IoT Devices using Feature Engineering-Less Machine Learning. (arXiv:2301.03532v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.03532
• Code URL: null
• Copy Paste: [[2301.03532] Efficient Attack Detection in IoT Devices using Feature Engineering-Less Machine Learning](http://arxiv.org/abs/2301.03532) #attack
• Summary:

  Through the generalization of deep learning, the research community has addressed critical challenges in the network security domain, like malware identification and anomaly detection. However, they have yet to discuss deploying them on Internet of Things (IoT) devices for day-to-day operations. IoT devices are often limited in memory and processing power, rendering the compute-intensive deep learning environment unusable. This research proposes a way to overcome this barrier by bypassing feature engineering in the deep learning pipeline and using raw packet data as input. We introduce a feature engineering-less machine learning (ML) process to perform malware detection on IoT devices. Our proposed model, "Feature engineering-less-ML (FEL-ML)," is a lighter-weight detection algorithm that expends no extra computations on "engineered" features. It effectively accelerates the low-powered IoT edge. It is trained on unprocessed byte-streams of packets. Aside from providing better results, it is quicker than traditional feature-based methods. FEL-ML facilitates resource-sensitive network traffic security with the added benefit of eliminating the significant investment by subject matter experts in feature engineering.

robust

Title: Multiclass Semantic Segmentation to Identify Anatomical Sub-Regions of Brain and Measure Neuronal Health in Parkinson's Disease. (arXiv:2301.02925v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.02925
• Code URL: null
• Copy Paste: [[2301.02925] Multiclass Semantic Segmentation to Identify Anatomical Sub-Regions of Brain and Measure Neuronal Health in Parkinson's Disease](http://arxiv.org/abs/2301.02925) #robust
• Summary:

  Automated segmentation of anatomical sub-regions with high precision has become a necessity to enable the quantification and characterization of cells/ tissues in histology images. Currently, a machine learning model to analyze sub-anatomical regions of the brain to analyze 2D histological images is not available. The scientists rely on manually segmenting anatomical sub-regions of the brain which is extremely time-consuming and prone to labeler-dependent bias. One of the major challenges in accomplishing such a task is the lack of high-quality annotated images that can be used to train a generic artificial intelligence model. In this study, we employed a UNet-based architecture, compared model performance with various combinations of encoders, image sizes, and sample selection techniques. Additionally, to increase the sample set we resorted to data augmentation which provided data diversity and robust learning. In this study, we trained our best fit model on approximately one thousand annotated 2D brain images stained with Nissl/ Haematoxylin and Tyrosine Hydroxylase enzyme (TH, indicator of dopaminergic neuron viability). The dataset comprises of different animal studies enabling the model to be trained on different datasets. The model effectively is able to detect two sub-regions compacta (SNCD) and reticulata (SNr) in all the images. In spite of limited training data, our best model achieves a mean intersection over union (IOU) of 79% and a mean dice coefficient of 87%. In conclusion, the UNet-based model with EffiecientNet as an encoder outperforms all other encoders, resulting in a first of its kind robust model for multiclass segmentation of sub-brain regions in 2D images.

Title: DeepMatcher: A Deep Transformer-based Network for Robust and Accurate Local Feature Matching. (arXiv:2301.02993v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.02993
• Code URL: https://github.com/XT-1997/DeepMatcher
• Copy Paste: [[2301.02993] DeepMatcher: A Deep Transformer-based Network for Robust and Accurate Local Feature Matching](http://arxiv.org/abs/2301.02993) #robust
• Summary:

  Local feature matching between images remains a challenging task, especially in the presence of significant appearance variations, e.g., extreme viewpoint changes. In this work, we propose DeepMatcher, a deep Transformer-based network built upon our investigation of local feature matching in detector-free methods. The key insight is that local feature matcher with deep layers can capture more human-intuitive and simpler-to-match features. Based on this, we propose a Slimming Transformer (SlimFormer) dedicated for DeepMatcher, which leverages vector-based attention to model relevance among all keypoints and achieves long-range context aggregation in an efficient and effective manner. A relative position encoding is applied to each SlimFormer so as to explicitly disclose relative distance information, further improving the representation of keypoints. A layer-scale strategy is also employed in each SlimFormer to enable the network to assimilate message exchange from the residual block adaptively, thus allowing it to simulate the human behaviour that humans can acquire different matching cues each time they scan an image pair. To facilitate a better adaption of the SlimFormer, we introduce a Feature Transition Module (FTM) to ensure a smooth transition in feature scopes with different receptive fields. By interleaving the self- and cross-SlimFormer multiple times, DeepMatcher can easily establish pixel-wise dense matches at coarse level. Finally, we perceive the match refinement as a combination of classification and regression problems and design Fine Matches Module to predict confidence and offset concurrently, thereby generating robust and accurate matches. Experimentally, we show that DeepMatcher significantly outperforms the state-of-the-art methods on several benchmarks, demonstrating the superior matching capability of DeepMatcher.

Title: Equivalence of Two Expressions of Principal Line. (arXiv:2301.03039v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03039
• Code URL: null
• Copy Paste: [[2301.03039] Equivalence of Two Expressions of Principal Line](http://arxiv.org/abs/2301.03039) #robust
• Summary:

  Geometry-based camera calibration using principal line is more precise and robust than calibration using optimization approaches; therefore, several researches try to re-derive the principal line from different views of 2D projective geometry to increase alternatives of the calibration process. In this report, algebraical equivalence of two expressions of principal line, one derived w.r.t homography and the other using for two sets of orthogonal vanishing points, is proved. Moreover, the extension of the second expression to incorporate infinite vanishing point is carried out with simple mathematics.

Title: Learning the Relation between Similarity Loss and Clustering Loss in Self-Supervised Learning. (arXiv:2301.03041v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03041
• Code URL: null
• Copy Paste: [[2301.03041] Learning the Relation between Similarity Loss and Clustering Loss in Self-Supervised Learning](http://arxiv.org/abs/2301.03041) #robust
• Summary:

  Self-supervised learning enables networks to learn discriminative features from massive data itself. Most state-of-the-art methods maximize the similarity between two augmentations of one image based on contrastive learning. By utilizing the consistency of two augmentations, the burden of manual annotations can be freed. Contrastive learning exploits instance-level information to learn robust features. However, the learned information is probably confined to different views of the same instance. In this paper, we attempt to leverage the similarity between two distinct images to boost representation in self-supervised learning. In contrast to instance-level information, the similarity between two distinct images may provide more useful information. Besides, we analyze the relation between similarity loss and feature-level cross-entropy loss. These two losses are essential for most deep learning methods. However, the relation between these two losses is not clear. Similarity loss helps obtain instance-level representation, while feature-level cross-entropy loss helps mine the similarity between two distinct images. We provide theoretical analyses and experiments to show that a suitable combination of these two losses can get state-of-the-art results.

Title: Cursive Caption Text Detection in Videos. (arXiv:2301.03164v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03164
• Code URL: null
• Copy Paste: [[2301.03164] Cursive Caption Text Detection in Videos](http://arxiv.org/abs/2301.03164) #robust
• Summary:

  Textual content appearing in videos represents an interesting index for semantic retrieval of videos (from archives), generation of alerts (live streams) as well as high level applications like opinion mining and content summarization. One of the key components of such systems is the detection of textual content in video frames and the same makes the subject of our present study. This paper presents a robust technique for detection of textual content appearing in video frames. More specifically we target text in cursive script taking Urdu text as a case study. Detection of textual regions in video frames is carried out by fine-tuning object detectors based on deep convolutional neural networks for the specific case of text detection. Since it is common to have videos with caption text in multiple-scripts, cursive text is distinguished from Latin text using a script-identification module. Finally, detection and script identification are combined in a single end-to-end trainable system. Experiments on a comprehensive dataset of around 11,000 video frames report an F-measure of 0.91.

Title: Few-shot Semantic Segmentation with Support-induced Graph Convolutional Network. (arXiv:2301.03194v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03194
• Code URL: null
• Copy Paste: [[2301.03194] Few-shot Semantic Segmentation with Support-induced Graph Convolutional Network](http://arxiv.org/abs/2301.03194) #robust
• Summary:

  Few-shot semantic segmentation (FSS) aims to achieve novel objects segmentation with only a few annotated samples and has made great progress recently. Most of the existing FSS models focus on the feature matching between support and query to tackle FSS. However, the appearance variations between objects from the same category could be extremely large, leading to unreliable feature matching and query mask prediction. To this end, we propose a Support-induced Graph Convolutional Network (SiGCN) to explicitly excavate latent context structure in query images. Specifically, we propose a Support-induced Graph Reasoning (SiGR) module to capture salient query object parts at different semantic levels with a Support-induced GCN. Furthermore, an instance association (IA) module is designed to capture high-order instance context from both support and query instances. By integrating the proposed two modules, SiGCN can learn rich query context representation, and thus being more robust to appearance variations. Extensive experiments on PASCAL-5i and COCO-20i demonstrate that our SiGCN achieves state-of-the-art performance.

Title: HyRSM++: Hybrid Relation Guided Temporal Set Matching for Few-shot Action Recognition. (arXiv:2301.03330v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03330
• Code URL: https://github.com/alibaba-mmai-research/hyrsmplusplus
• Copy Paste: [[2301.03330] HyRSM++: Hybrid Relation Guided Temporal Set Matching for Few-shot Action Recognition](http://arxiv.org/abs/2301.03330) #robust
• Summary:

  Recent attempts mainly focus on learning deep representations for each video individually under the episodic meta-learning regime and then performing temporal alignment to match query and support videos. However, they still suffer from two drawbacks: (i) learning individual features without considering the entire task may result in limited representation capability, and (ii) existing alignment strategies are sensitive to noises and misaligned instances. To handle the two limitations, we propose a novel Hybrid Relation guided temporal Set Matching (HyRSM++) approach for few-shot action recognition. The core idea of HyRSM++ is to integrate all videos within the task to learn discriminative representations and involve a robust matching technique. To be specific, HyRSM++ consists of two key components, a hybrid relation module and a temporal set matching metric. Given the basic representations from the feature extractor, the hybrid relation module is introduced to fully exploit associated relations within and cross videos in an episodic task and thus can learn task-specific embeddings. Subsequently, in the temporal set matching metric, we carry out the distance measure between query and support videos from a set matching perspective and design a Bi-MHM to improve the resilience to misaligned instances. In addition, we explicitly exploit the temporal coherence in videos to regularize the matching process. Furthermore, we extend the proposed HyRSM++ to deal with the more challenging semi-supervised few-shot action recognition and unsupervised few-shot action recognition tasks. Experimental results on multiple benchmarks demonstrate that our method achieves state-of-the-art performance under various few-shot settings. The source code is available at https://github.com/alibaba-mmai-research/HyRSMPlusPlus.

Title: REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a Service. (arXiv:2301.02905v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2301.02905
• Code URL: null
• Copy Paste: [[2301.02905] REaaS: Enabling Adversarially Robust Downstream Classifiers via Robust Encoder as a Service](http://arxiv.org/abs/2301.02905) #robust
• Summary:

  Encoder as a service is an emerging cloud service. Specifically, a service provider first pre-trains an encoder (i.e., a general-purpose feature extractor) via either supervised learning or self-supervised learning and then deploys it as a cloud service API. A client queries the cloud service API to obtain feature vectors for its training/testing inputs when training/testing its classifier (called downstream classifier). A downstream classifier is vulnerable to adversarial examples, which are testing inputs with carefully crafted perturbation that the downstream classifier misclassifies. Therefore, in safety and security critical applications, a client aims to build a robust downstream classifier and certify its robustness guarantees against adversarial examples.

What APIs should the cloud service provide, such that a client can use any certification method to certify the robustness of its downstream classifier against adversarial examples while minimizing the number of queries to the APIs? How can a service provider pre-train an encoder such that clients can build more certifiably robust downstream classifiers? We aim to answer the two questions in this work. For the first question, we show that the cloud service only needs to provide two APIs, which we carefully design, to enable a client to certify the robustness of its downstream classifier with a minimal number of queries to the APIs. For the second question, we show that an encoder pre-trained using a spectral-norm regularization term enables clients to build more robust downstream classifiers.

Title: Reducing Over-smoothing in Graph Neural Networks Using Relational Embeddings. (arXiv:2301.02924v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.02924
• Code URL: null
• Copy Paste: [[2301.02924] Reducing Over-smoothing in Graph Neural Networks Using Relational Embeddings](http://arxiv.org/abs/2301.02924) #robust
• Summary:

  Graph Neural Networks (GNNs) have achieved a lot of success with graph-structured data. However, it is observed that the performance of GNNs does not improve (or even worsen) as the number of layers increases. This effect has known as over-smoothing, which means that the representations of the graph nodes of different classes would become indistinguishable when stacking multiple layers. In this work, we propose a new simple, and efficient method to alleviate the effect of the over-smoothing problem in GNNs by explicitly using relations between node embeddings. Experiments on real-world datasets demonstrate that utilizing node embedding relations makes GNN models such as Graph Attention Network more robust to over-smoothing and achieves better performance with deeper GNNs. Our method can be used in combination with other methods to give the best performance. GNN applications are endless and depend on the user's objective and the type of data that they possess. Solving over-smoothing issues can potentially improve the performance of models on all these tasks.

Title: AI Maintenance: A Robustness Perspective. (arXiv:2301.03052v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03052
• Code URL: null
• Copy Paste: [[2301.03052] AI Maintenance: A Robustness Perspective](http://arxiv.org/abs/2301.03052) #robust
• Summary:

  With the advancements in machine learning (ML) methods and compute resources, artificial intelligence (AI) empowered systems are becoming a prevailing technology. However, current AI technology such as deep learning is not flawless. The significantly increased model complexity and data scale incur intensified challenges when lacking trustworthiness and transparency, which could create new risks and negative impacts. In this paper, we carve out AI maintenance from the robustness perspective. We start by introducing some highlighted robustness challenges in the AI lifecycle and motivating AI maintenance by making analogies to car maintenance. We then propose an AI model inspection framework to detect and mitigate robustness risks. We also draw inspiration from vehicle autonomy to define the levels of AI robustness automation. Our proposal for AI maintenance facilitates robustness assessment, status tracking, risk scanning, model hardening, and regulation throughout the AI lifecycle, which is an essential milestone toward building sustainable and trustworthy AI ecosystems.

Title: BQ-NCO: Bisimulation Quotienting for Generalizable Neural Combinatorial Optimization. (arXiv:2301.03313v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03313
• Code URL: null
• Copy Paste: [[2301.03313] BQ-NCO: Bisimulation Quotienting for Generalizable Neural Combinatorial Optimization](http://arxiv.org/abs/2301.03313) #robust
• Summary:

  Despite the success of Neural Combinatorial Optimization methods for end-to-end heuristic learning, out-of-distribution generalization remains a challenge. In this paper, we present a novel formulation of combinatorial optimization (CO) problems as Markov Decision Processes (MDPs) that effectively leverages symmetries of the CO problems to improve out-of-distribution robustness. Starting from the standard MDP formulation of constructive heuristics, we introduce a generic transformation based on bisimulation quotienting (BQ) in MDPs. This transformation allows to reduce the state space by accounting for the intrinsic symmetries of the CO problem and facilitates the MDP solving. We illustrate our approach on the Traveling Salesman, Capacitated Vehicle Routing and Knapsack Problems. We present a BQ reformulation of these problems and introduce a simple attention-based policy network that we train by imitation of (near) optimal solutions for small instances from a single distribution. We obtain new state-of-the-art generalization results for instances with up to 1000 nodes from synthetic and realistic benchmarks that vary both in size and node distributions.

Title: Topologically Regularized Data Embeddings. (arXiv:2301.03338v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03338
• Code URL: https://github.com/aida-ugent/topoembedding
• Copy Paste: [[2301.03338] Topologically Regularized Data Embeddings](http://arxiv.org/abs/2301.03338) #robust
• Summary:

  Unsupervised representation learning methods are widely used for gaining insight into high-dimensional, unstructured, or structured data. In some cases, users may have prior topological knowledge about the data, such as a known cluster structure or the fact that the data is known to lie along a tree- or graph-structured topology. However, generic methods to ensure such structure is salient in the low-dimensional representations are lacking. This negatively impacts the interpretability of low-dimensional embeddings, and plausibly downstream learning tasks. To address this issue, we introduce topological regularization: a generic approach based on algebraic topology to incorporate topological prior knowledge into low-dimensional embeddings. We introduce a class of topological loss functions, and show that jointly optimizing an embedding loss with such a topological loss function as a regularizer yields embeddings that reflect not only local proximities but also the desired topological structure. We include a self-contained overview of the required foundational concepts in algebraic topology, and provide intuitive guidance on how to design topological loss functions for a variety of shapes, such as clusters, cycles, and bifurcations. We empirically evaluate the proposed approach on computational efficiency, robustness, and versatility in combination with linear and non-linear dimensionality reduction and graph embedding methods.

biometric

Title: Advancing 3D finger knuckle recognition via deep feature learning. (arXiv:2301.02934v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.02934
• Code URL: https://github.com/kevinhmcheng/deep-3d-finger-knuckle2
• Copy Paste: [[2301.02934] Advancing 3D finger knuckle recognition via deep feature learning](http://arxiv.org/abs/2301.02934) #biometric
• Summary:

  Contactless 3D finger knuckle patterns have emerged as an effective biometric identifier due to its discriminativeness, visibility from a distance, and convenience. Recent research has developed a deep feature collaboration network which simultaneously incorporates intermediate features from deep neural networks with multiple scales. However, this approach results in a large feature dimension, and the trained classification layer is required for comparing probe samples, which limits the introduction of new classes. This paper advances this approach by investigating the possibility of learning a discriminative feature vector with the least possible dimension for representing 3D finger knuckle images. Experimental results are presented using a publicly available 3D finger knuckle images database with comparisons to popular deep learning architectures and the state-of-the-art 3D finger knuckle recognition methods. The proposed approach offers outperforming results in classification and identification tasks under the more practical feature comparison scenario, i.e., using the extracted deep feature instead of the trained classification layer for comparing probe samples. More importantly, this approach can offer 99% reduction in the size of feature templates, which is highly attractive for deploying biometric systems in the real world. Experiments are also performed using other two public biometric databases with similar patterns to ascertain the effectiveness and generalizability of our proposed approach.

Title: Seamless Multimodal Biometrics for Continuous Personalised Wellbeing Monitoring. (arXiv:2301.03045v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03045
• Code URL: null
• Copy Paste: [[2301.03045] Seamless Multimodal Biometrics for Continuous Personalised Wellbeing Monitoring](http://arxiv.org/abs/2301.03045) #biometric
• Summary:

  Artificially intelligent perception is increasingly present in the lives of every one of us. Vehicles are no exception, (...) In the near future, pattern recognition will have an even stronger role in vehicles, as self-driving cars will require automated ways to understand what is happening around (and within) them and act accordingly. (...) This doctoral work focused on advancing in-vehicle sensing through the research of novel computer vision and pattern recognition methodologies for both biometrics and wellbeing monitoring. The main focus has been on electrocardiogram (ECG) biometrics, a trait well-known for its potential for seamless driver monitoring. Major efforts were devoted to achieving improved performance in identification and identity verification in off-the-person scenarios, well-known for increased noise and variability. Here, end-to-end deep learning ECG biometric solutions were proposed and important topics were addressed such as cross-database and long-term performance, waveform relevance through explainability, and interlead conversion. Face biometrics, a natural complement to the ECG in seamless unconstrained scenarios, was also studied in this work. The open challenges of masked face recognition and interpretability in biometrics were tackled in an effort to evolve towards algorithms that are more transparent, trustworthy, and robust to significant occlusions. Within the topic of wellbeing monitoring, improved solutions to multimodal emotion recognition in groups of people and activity/violence recognition in in-vehicle scenarios were proposed. At last, we also proposed a novel way to learn template security within end-to-end models, dismissing additional separate encryption processes, and a self-supervised learning approach tailored to sequential data, in order to ensure data security and optimal performance. (...)

steal

extraction

Title: Lightweight Salient Object Detection in Optical Remote Sensing Images via Semantic Matching and Edge Alignment. (arXiv:2301.02778v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.02778
• Code URL: https://github.com/mathlee/seanet
• Copy Paste: [[2301.02778] Lightweight Salient Object Detection in Optical Remote Sensing Images via Semantic Matching and Edge Alignment](http://arxiv.org/abs/2301.02778) #extraction
• Summary:

  Recently, relying on convolutional neural networks (CNNs), many methods for salient object detection in optical remote sensing images (ORSI-SOD) are proposed. However, most methods ignore the huge parameters and computational cost brought by CNNs, and only a few pay attention to the portability and mobility. To facilitate practical applications, in this paper, we propose a novel lightweight network for ORSI-SOD based on semantic matching and edge alignment, termed SeaNet. Specifically, SeaNet includes a lightweight MobileNet-V2 for feature extraction, a dynamic semantic matching module (DSMM) for high-level features, an edge self-alignment module (ESAM) for low-level features, and a portable decoder for inference. First, the high-level features are compressed into semantic kernels. Then, semantic kernels are used to activate salient object locations in two groups of high-level features through dynamic convolution operations in DSMM. Meanwhile, in ESAM, cross-scale edge information extracted from two groups of low-level features is self-aligned through L2 loss and used for detail enhancement. Finally, starting from the highest-level features, the decoder infers salient objects based on the accurate locations and fine details contained in the outputs of the two modules. Extensive experiments on two public datasets demonstrate that our lightweight SeaNet not only outperforms most state-of-the-art lightweight methods but also yields comparable accuracy with state-of-the-art conventional methods, while having only 2.76M parameters and running with 1.7G FLOPs for 288x288 inputs. Our code and results are available at https://github.com/MathLee/SeaNet.

Title: CGI-Stereo: Accurate and Real-Time Stereo Matching via Context and Geometry Interaction. (arXiv:2301.02789v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.02789
• Code URL: null
• Copy Paste: [[2301.02789] CGI-Stereo: Accurate and Real-Time Stereo Matching via Context and Geometry Interaction](http://arxiv.org/abs/2301.02789) #extraction
• Summary:

  In this paper, we propose CGI-Stereo, a novel neural network architecture that can concurrently achieve real-time performance, state-of-the-art accuracy, and strong generalization ability. The core of our CGI-Stereo is a Context and Geometry Fusion (CGF) block which adaptively fuses context and geometry information for more accurate and efficient cost aggregation and meanwhile provides feedback to feature learning to guide more effective contextual feature extraction. The proposed CGF can be easily embedded into many existing stereo matching networks, such as PSMNet, GwcNet and ACVNet. The resulting networks are improved in accuracy by a large margin. Specially, the model which integrates our CGF with ACVNet could rank 1st on the KITTI 2012 leaderboard among all the published methods. We further propose an informative and concise cost volume, named Attention Feature Volume (AFV), which exploits a correlation volume as attention weights to filter a feature volume. Based on CGF and AFV, the proposed CGI-Stereo outperforms all other published real-time methods on KITTI benchmarks and shows better generalization ability than other real-time methods. The code is available at https://github.com/gangweiX/CGI-Stereo.

Title: HRTransNet: HRFormer-Driven Two-Modality Salient Object Detection. (arXiv:2301.03036v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03036
• Code URL: https://github.com/liuzywen/hrtransnet
• Copy Paste: [[2301.03036] HRTransNet: HRFormer-Driven Two-Modality Salient Object Detection](http://arxiv.org/abs/2301.03036) #extraction
• Summary:

  The High-Resolution Transformer (HRFormer) can maintain high-resolution representation and share global receptive fields. It is friendly towards salient object detection (SOD) in which the input and output have the same resolution. However, two critical problems need to be solved for two-modality SOD. One problem is two-modality fusion. The other problem is the HRFormer output's fusion. To address the first problem, a supplementary modality is injected into the primary modality by using global optimization and an attention mechanism to select and purify the modality at the input level. To solve the second problem, a dual-direction short connection fusion module is used to optimize the output features of HRFormer, thereby enhancing the detailed representation of objects at the output level. The proposed model, named HRTransNet, first introduces an auxiliary stream for feature extraction of supplementary modality. Then, features are injected into the primary modality at the beginning of each multi-resolution branch. Next, HRFormer is applied to achieve forwarding propagation. Finally, all the output features with different resolutions are aggregated by intra-feature and inter-feature interactive transformers. Application of the proposed model results in impressive improvement for driving two-modality SOD tasks, e.g., RGB-D, RGB-T, and light field SOD.https://github.com/liuzywen/HRTransNet

Title: Instance Segmentation Based Graph Extraction for Handwritten Circuit Diagram Images. (arXiv:2301.03155v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03155
• Code URL: null
• Copy Paste: [[2301.03155] Instance Segmentation Based Graph Extraction for Handwritten Circuit Diagram Images](http://arxiv.org/abs/2301.03155) #extraction
• Summary:

  Handwritten circuit diagrams from educational scenarios or historic sources usually exist on analogue media. For deriving their functional principles or flaws automatically, they need to be digitized, extracting their electrical graph. Recently, the base technologies for automated pipelines facilitating this process shifted from computer vision to machine learning. This paper describes an approach for extracting both the electrical components (including their terminals and describing texts) as well their interconnections (including junctions and wire hops) by the means of instance segmentation and keypoint extraction. Consequently, the resulting graph extraction process consists of a simple two-step process of model inference and trivial geometric keypoint matching. The dataset itself, its preparation, model training and post-processing are described and publicly available.

Title: Structure-Informed Shadow Removal Networks. (arXiv:2301.03182v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03182
• Code URL: null
• Copy Paste: [[2301.03182] Structure-Informed Shadow Removal Networks](http://arxiv.org/abs/2301.03182) #extraction
• Summary:

  Shadow removal is a fundamental task in computer vision. Despite the success, existing deep learning-based shadow removal methods still produce images with shadow remnants. These shadow remnants typically exist in homogeneous regions with low intensity values, making them untraceable in the existing image-to-image mapping paradigm. We observe from our experiments that shadows mainly degrade object colors at the image structure level (in which humans perceive object outlines filled with continuous colors). Hence, in this paper, we propose to remove shadows at the image structure level. Based on this idea, we propose a novel structure-informed shadow removal network (StructNet) to leverage the image structure information to address the shadow remnant problem. Specifically, StructNet first reconstructs the structure information of the input image without shadows and then uses the restored shadow-free structure prior to guiding the image-level shadow removal. StructNet contains two main novel modules: (1) a mask-guided shadow-free extraction (MSFE) module to extract image structural features in a non-shadow to shadow directional manner, and (2) a multi-scale feature & residual aggregation (MFRA) module to leverage the shadow-free structure information to regularize feature consistency. In addition, we also propose to extend StructNet to exploit multi-level structure information (MStructNet), to further boost the shadow removal performance with minimum computational overheads. Extensive experiments on three shadow removal benchmarks demonstrate that our method outperforms existing shadow removal methods, and our StructNet can be integrated with existing methods to boost their performances further.

Title: A Specific Task-oriented Semantic Image Communication System for substation patrol inspection. (arXiv:2301.03331v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03331
• Code URL: null
• Copy Paste: [[2301.03331] A Specific Task-oriented Semantic Image Communication System for substation patrol inspection](http://arxiv.org/abs/2301.03331) #extraction
• Summary:

  Intelligent inspection robots are widely used in substation patrol inspection, which can help check potential safety hazards by patrolling the substation and sending back scene images. However, when patrolling some marginal areas with weak signal, the scene images cannot be sucessfully transmissted to be used for hidden danger elimination, which greatly reduces the quality of robots'daily work. To solve such problem, a Specific Task-oriented Semantic Communication System for Imag-STSCI is designed, which involves the semantic features extraction, transmission, restoration and enhancement to get clearer images sent by intelligent robots under weak signals. Inspired by that only some specific details of the image are needed in such substation patrol inspection task, we proposed a new paradigm of semantic enhancement in such specific task to ensure the clarity of key semantic information when facing a lower bit rate or a low signal-to-noise ratio situation. Across the reality-based simulation, experiments show our STSCI can generally surpass traditional image-compression-based and channel-codingbased or other semantic communication system in the substation patrol inspection task with a lower bit rate even under a low signal-to-noise ratio situation.

Title: Removing Non-Stationary Knowledge From Pre-Trained Language Models for Entity-Level Sentiment Classification in Finance. (arXiv:2301.03136v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2301.03136
• Code URL: null
• Copy Paste: [[2301.03136] Removing Non-Stationary Knowledge From Pre-Trained Language Models for Entity-Level Sentiment Classification in Finance](http://arxiv.org/abs/2301.03136) #extraction
• Summary:

  Extraction of sentiment signals from news text, stock message boards, and business reports, for stock movement prediction, has been a rising field of interest in finance. Building upon past literature, the most recent works attempt to better capture sentiment from sentences with complex syntactic structures by introducing aspect-level sentiment classification (ASC). Despite the growing interest, however, fine-grained sentiment analysis has not been fully explored in non-English literature due to the shortage of annotated finance-specific data. Accordingly, it is necessary for non-English languages to leverage datasets and pre-trained language models (PLM) of different domains, languages, and tasks to best their performance. To facilitate finance-specific ASC research in the Korean language, we build KorFinASC, a Korean aspect-level sentiment classification dataset for finance consisting of 12,613 human-annotated samples, and explore methods of intermediate transfer learning. Our experiments indicate that past research has been ignorant towards the potentially wrong knowledge of financial entities encoded during the training phase, which has overestimated the predictive power of PLMs. In our work, we use the term "non-stationary knowledge'' to refer to information that was previously correct but is likely to change, and present "TGT-Masking'', a novel masking pattern to restrict PLMs from speculating knowledge of the kind. Finally, through a series of transfer learning with TGT-Masking applied we improve 22.63% of classification accuracy compared to standalone models on KorFinASC.

Title: Active Learning for Abstractive Text Summarization. (arXiv:2301.03252v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2301.03252
• Code URL: null
• Copy Paste: [[2301.03252] Active Learning for Abstractive Text Summarization](http://arxiv.org/abs/2301.03252) #extraction
• Summary:

  Construction of human-curated annotated datasets for abstractive text summarization (ATS) is very time-consuming and expensive because creating each instance requires a human annotator to read a long document and compose a shorter summary that would preserve the key information relayed by the original document. Active Learning (AL) is a technique developed to reduce the amount of annotation required to achieve a certain level of machine learning model performance. In information extraction and text classification, AL can reduce the amount of labor up to multiple times. Despite its potential for aiding expensive annotation, as far as we know, there were no effective AL query strategies for ATS. This stems from the fact that many AL strategies rely on uncertainty estimation, while as we show in our work, uncertain instances are usually noisy, and selecting them can degrade the model performance compared to passive annotation. We address this problem by proposing the first effective query strategy for AL in ATS based on diversity principles. We show that given a certain annotation budget, using our strategy in AL annotation helps to improve the model performance in terms of ROUGE and consistency scores. Additionally, we analyze the effect of self-learning and show that it can further increase the performance of the model.

Title: Universal Information Extraction as Unified Semantic Matching. (arXiv:2301.03282v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2301.03282
• Code URL: null
• Copy Paste: [[2301.03282] Universal Information Extraction as Unified Semantic Matching](http://arxiv.org/abs/2301.03282) #extraction
• Summary:

  The challenge of information extraction (IE) lies in the diversity of label schemas and the heterogeneity of structures. Traditional methods require task-specific model design and rely heavily on expensive supervision, making them difficult to generalize to new schemas. In this paper, we decouple IE into two basic abilities, structuring and conceptualizing, which are shared by different tasks and schemas. Based on this paradigm, we propose to universally model various IE tasks with Unified Semantic Matching (USM) framework, which introduces three unified token linking operations to model the abilities of structuring and conceptualizing. In this way, USM can jointly encode schema and input text, uniformly extract substructures in parallel, and controllably decode target structures on demand. Empirical evaluation on 4 IE tasks shows that the proposed method achieves state-of-the-art performance under the supervised experiments and shows strong generalization ability in zero/few-shot transfer settings.

Title: Modeling Label Semantics Improves Activity Recognition. (arXiv:2301.03462v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03462
• Code URL: null
• Copy Paste: [[2301.03462] Modeling Label Semantics Improves Activity Recognition](http://arxiv.org/abs/2301.03462) #extraction
• Summary:

  Human activity recognition (HAR) aims to classify sensory time series into different activities, with wide applications in activity tracking, healthcare, human computer interaction, etc. Existing HAR works improve recognition performance by designing more complicated feature extraction methods, but they neglect the label semantics by simply treating labels as integer IDs. We find that many activities in the current HAR datasets have shared label names, e.g., "open door" and "open fridge", "walk upstairs" and "walk downstairs". Through some exploratory analysis, we find that such shared structure in activity names also maps to similarity in the input features. To this end, we design a sequence-to-sequence framework to decode the label name semantics rather than classifying labels as integer IDs. Our proposed method decomposes learning activities into learning shared tokens ("open", "walk"), which is easier than learning the joint distribution ("open fridge", "walk upstairs") and helps transfer learning to activities with insufficient data samples. For datasets originally without shared tokens in label names, we also offer an automated method, using OpenAI's ChatGPT, to generate shared actions and objects. Extensive experiments on seven HAR benchmark datasets demonstrate the state-of-the-art performance of our method. We also show better performance in the long-tail activity distribution settings and few-shot settings.

membership infer

federate

Title: Why Batch Normalization Damage Federated Learning on Non-IID Data?. (arXiv:2301.02982v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.02982
• Code URL: https://github.com/wangyanmeng/fedtan
• Copy Paste: [[2301.02982] Why Batch Normalization Damage Federated Learning on Non-IID Data?](http://arxiv.org/abs/2301.02982) #federate
• Summary:

  As a promising distributed learning paradigm, federated learning (FL) involves training deep neural network (DNN) models at the network edge while protecting the privacy of the edge clients. To train a large-scale DNN model, batch normalization (BN) has been regarded as a simple and effective means to accelerate the training and improve the generalization capability. However, recent findings indicate that BN can significantly impair the performance of FL in the presence of non-i.i.d. data. While several FL algorithms have been proposed to address this issue, their performance still falls significantly when compared to the centralized scheme. Furthermore, none of them have provided a theoretical explanation of how the BN damages the FL convergence. In this paper, we present the first convergence analysis to show that under the non-i.i.d. data, the mismatch between the local and global statistical parameters in BN causes the gradient deviation between the local and global models, which, as a result, slows down and biases the FL convergence. In view of this, we develop a new FL algorithm that is tailored to BN, called FedTAN, which is capable of achieving robust FL performance under a variety of data distributions via iterative layer-wise parameter aggregation. Comprehensive experimental results demonstrate the superiority of the proposed FedTAN over existing baselines for training BN-based DNN models.

Title: AnycostFL: Efficient On-Demand Federated Learning over Heterogeneous Edge Devices. (arXiv:2301.03062v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03062
• Code URL: null
• Copy Paste: [[2301.03062] AnycostFL: Efficient On-Demand Federated Learning over Heterogeneous Edge Devices](http://arxiv.org/abs/2301.03062) #federate
• Summary:

  In this work, we investigate the challenging problem of on-demand federated learning (FL) over heterogeneous edge devices with diverse resource constraints. We propose a cost-adjustable FL framework, named AnycostFL, that enables diverse edge devices to efficiently perform local updates under a wide range of efficiency constraints. To this end, we design the model shrinking to support local model training with elastic computation cost, and the gradient compression to allow parameter transmission with dynamic communication overhead. An enhanced parameter aggregation is conducted in an element-wise manner to improve the model performance. Focusing on AnycostFL, we further propose an optimization design to minimize the global training loss with personalized latency and energy constraints. By revealing the theoretical insights of the convergence analysis, personalized training strategies are deduced for different devices to match their locally available resources. Experiment results indicate that, when compared to the state-of-the-art efficient FL algorithms, our learning framework can reduce up to 1.9 times of the training latency and energy consumption for realizing a reasonable global testing accuracy. Moreover, the results also demonstrate that, our approach significantly improves the converged global accuracy.

fair

Title: Fair Multi-Exit Framework for Facial Attribute Classification. (arXiv:2301.02989v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.02989
• Code URL: null
• Copy Paste: [[2301.02989] Fair Multi-Exit Framework for Facial Attribute Classification](http://arxiv.org/abs/2301.02989) #fair
• Summary:

  Fairness has become increasingly pivotal in facial recognition. Without bias mitigation, deploying unfair AI would harm the interest of the underprivileged population. In this paper, we observe that though the higher accuracy that features from the deeper layer of a neural networks generally offer, fairness conditions deteriorate as we extract features from deeper layers. This phenomenon motivates us to extend the concept of multi-exit framework. Unlike existing works mainly focusing on accuracy, our multi-exit framework is fairness-oriented, where the internal classifiers are trained to be more accurate and fairer. During inference, any instance with high confidence from an internal classifier is allowed to exit early. Moreover, our framework can be applied to most existing fairness-aware frameworks. Experiment results show that the proposed framework can largely improve the fairness condition over the state-of-the-art in CelebA and UTK Face datasets.

Title: A review of clustering models in educational data science towards fairness-aware learning. (arXiv:2301.03421v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03421
• Code URL: null
• Copy Paste: [[2301.03421] A review of clustering models in educational data science towards fairness-aware learning](http://arxiv.org/abs/2301.03421) #fair
• Summary:

  Ensuring fairness is essential for every education system. Machine learning is increasingly supporting the education system and educational data science (EDS) domain, from decision support to educational activities and learning analytics. However, the machine learning-based decisions can be biased because the algorithms may generate the results based on students' protected attributes such as race or gender. Clustering is an important machine learning technique to explore student data in order to support the decision-maker, as well as support educational activities, such as group assignments. Therefore, ensuring high-quality clustering models along with satisfying fairness constraints are important requirements. This chapter comprehensively surveys clustering models and their fairness in EDS. We especially focus on investigating the fair clustering models applied in educational activities. These models are believed to be practical tools for analyzing students' data and ensuring fairness in EDS.

interpretability

Title: Grokking modular arithmetic. (arXiv:2301.02679v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.02679
• Code URL: null
• Copy Paste: [[2301.02679] Grokking modular arithmetic](http://arxiv.org/abs/2301.02679) #interpretability
• Summary:

  We present a simple neural network that can learn modular arithmetic tasks and exhibits a sudden jump in generalization known as ``grokking''. Concretely, we present (i) fully-connected two-layer networks that exhibit grokking on various modular arithmetic tasks under vanilla gradient descent with the MSE loss function in the absence of any regularization; (ii) evidence that grokking modular arithmetic corresponds to learning specific feature maps whose structure is determined by the task; (iii) analytic expressions for the weights -- and thus for the feature maps -- that solve a large class of modular arithmetic tasks; and (iv) evidence that these feature maps are also found by vanilla gradient descent as well as AdamW, thereby establishing complete interpretability of the representations learnt by the network.

explainability

Title: AI2: The next leap toward native language based and explainable machine learning framework. (arXiv:2301.03391v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03391
• Code URL: null
• Copy Paste: [[2301.03391] AI2: The next leap toward native language based and explainable machine learning framework](http://arxiv.org/abs/2301.03391) #explainability
• Summary:

  The machine learning frameworks flourished in the last decades, allowing artificial intelligence to get out of academic circles to be applied to enterprise domains. This field has significantly advanced, but there is still some meaningful improvement to reach the subsequent expectations. The proposed framework, named AI$^{2}$, uses a natural language interface that allows a non-specialist to benefit from machine learning algorithms without necessarily knowing how to program with a programming language. The primary contribution of the AI$^{2}$ framework allows a user to call the machine learning algorithms in English, making its interface usage easier. The second contribution is greenhouse gas (GHG) awareness. It has some strategies to evaluate the GHG generated by the algorithm to be called and to propose alternatives to find a solution without executing the energy-intensive algorithm. Another contribution is a preprocessing module that helps to describe and to load data properly. Using an English text-based chatbot, this module guides the user to define every dataset so that it can be described, normalized, loaded and divided appropriately. The last contribution of this paper is about explainability. For decades, the scientific community has known that machine learning algorithms imply the famous black-box problem. Traditional machine learning methods convert an input into an output without being able to justify this result. The proposed framework explains the algorithm's process with the proper texts, graphics and tables. The results, declined in five cases, present usage applications from the user's English command to the explained output. Ultimately, the AI$^{2}$ framework represents the next leap toward native language-based, human-oriented concerns about machine learning framework.

Title: Explaining Graph Neural Networks via Non-parametric Subgraph Matching. (arXiv:2301.02780v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.02780
• Code URL: null
• Copy Paste: [[2301.02780] Explaining Graph Neural Networks via Non-parametric Subgraph Matching](http://arxiv.org/abs/2301.02780) #explainability
• Summary:

  The great success in graph neural networks (GNNs) provokes the question about explainability: Which fraction of the input graph is the most determinant of the prediction? Particularly, parametric explainers prevail in existing approaches because of their stronger capability to decipher the black-box (i.e., the target GNN). In this paper, based on the observation that graphs typically share some joint motif patterns, we propose a novel non-parametric subgraph matching framework, dubbed MatchExplainer, to explore explanatory subgraphs. It couples the target graph with other counterpart instances and identifies the most crucial joint substructure by minimizing the node corresponding-based distance. Moreover, we note that present graph sampling or node-dropping methods usually suffer from the false positive sampling problem. To ameliorate that issue, we design a new augmentation paradigm named MatchDrop. It takes advantage of MatchExplainer to fix the most informative portion of the graph and merely operates graph augmentations on the rest less informative part. We conduct extensive experiments on both synthetic and real-world datasets and show the effectiveness of our MatchExplainer by outperforming all parametric baselines with significant margins. Additional results also demonstrate that our MatchDrop is a general scheme to be equipped with GNNs for enhanced performance.

Title: XDQN: Inherently Interpretable DQN through Mimicking. (arXiv:2301.03043v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03043
• Code URL: null
• Copy Paste: [[2301.03043] XDQN: Inherently Interpretable DQN through Mimicking](http://arxiv.org/abs/2301.03043) #explainability
• Summary:

  Although deep reinforcement learning (DRL) methods have been successfully applied in challenging tasks, their application in real-world operational settings is challenged by methods' limited ability to provide explanations. Among the paradigms for explainability in DRL is the interpretable box design paradigm, where interpretable models substitute inner constituent models of the DRL method, thus making the DRL method "inherently" interpretable. In this paper we explore this paradigm and we propose XDQN, an explainable variation of DQN, which uses an interpretable policy model trained through mimicking. XDQN is challenged in a complex, real-world operational multi-agent problem, where agents are independent learners solving congestion problems. Specifically, XDQN is evaluated in three MARL scenarios, pertaining to the demand-capacity balancing problem of air traffic management. XDQN achieves performance similar to that of DQN, while its abilities to provide global models' interpretations and interpretations of local decisions are demonstrated.

watermark

diffusion

Title: Diffused Heads: Diffusion Models Beat GANs on Talking-Face Generation. (arXiv:2301.03396v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2301.03396
• Code URL: null
• Copy Paste: [[2301.03396] Diffused Heads: Diffusion Models Beat GANs on Talking-Face Generation](http://arxiv.org/abs/2301.03396) #diffusion
• Summary:

  Talking face generation has historically struggled to produce head movements and natural facial expressions without guidance from additional reference videos. Recent developments in diffusion-based generative models allow for more realistic and stable data synthesis and their performance on image and video generation has surpassed that of other generative models. In this work, we present an autoregressive diffusion model that requires only one identity image and audio sequence to generate a video of a realistic talking human head. Our solution is capable of hallucinating head movements, facial expressions, such as blinks, and preserving a given background. We evaluate our model on two different datasets, achieving state-of-the-art results on both of them.

Title: Generative Time Series Forecasting with Diffusion, Denoise, and Disentanglement. (arXiv:2301.03028v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2301.03028
• Code URL: https://github.com/paddlepaddle/paddlespatial
• Copy Paste: [[2301.03028] Generative Time Series Forecasting with Diffusion, Denoise, and Disentanglement](http://arxiv.org/abs/2301.03028) #diffusion
• Summary:

  Time series forecasting has been a widely explored task of great importance in many applications. However, it is common that real-world time series data are recorded in a short time period, which results in a big gap between the deep model and the limited and noisy time series. In this work, we propose to address the time series forecasting problem with generative modeling and propose a bidirectional variational auto-encoder (BVAE) equipped with diffusion, denoise, and disentanglement, namely D3VAE. Specifically, a coupled diffusion probabilistic model is proposed to augment the time series data without increasing the aleatoric uncertainty and implement a more tractable inference process with BVAE. To ensure the generated series move toward the true target, we further propose to adapt and integrate the multiscale denoising score matching into the diffusion process for time series forecasting. In addition, to enhance the interpretability and stability of the prediction, we treat the latent variable in a multivariate manner and disentangle them on top of minimizing total correlation. Extensive experiments on synthetic and real-world data show that D3VAE outperforms competitive algorithms with remarkable margins. Our implementation is available at https://github.com/PaddlePaddle/PaddleSpatial/tree/main/research/D3VAE.