secure

security

Title: Detecting Images Generated by Diffusers. (arXiv:2303.05275v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05275
• Code URL: null
• Copy Paste: [[2303.05275] Detecting Images Generated by Diffusers](http://arxiv.org/abs/2303.05275) #security
• Summary:

  This paper explores the task of detecting images generated by text-to-image diffusion models. To evaluate this, we consider images generated from captions in the MSCOCO and Wikimedia datasets using two state-of-the-art models: Stable Diffusion and GLIDE. Our experiments show that it is possible to detect the generated images using simple Multi-Layer Perceptrons (MLPs), starting from features extracted by CLIP, or traditional Convolutional Neural Networks (CNNs). We also observe that models trained on images generated by Stable Diffusion can detect images generated by GLIDE relatively well, however, the reverse is not true. Lastly, we find that incorporating the associated textual information with the images rarely leads to significant improvement in detection results but that the type of subject depicted in the image can have a significant impact on performance. This work provides insights into the feasibility of detecting generated images, and has implications for security and privacy concerns in real-world applications.

Title: Prompt-Based Learning for Thread Structure Prediction in Cybersecurity Forums. (arXiv:2303.05400v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05400
• Code URL: null
• Copy Paste: [[2303.05400] Prompt-Based Learning for Thread Structure Prediction in Cybersecurity Forums](http://arxiv.org/abs/2303.05400) #security
• Summary:

  With recent trends indicating cyber crimes increasing in both frequency and cost, it is imperative to develop new methods that leverage data-rich hacker forums to assist in combating ever evolving cyber threats. Defining interactions within these forums is critical as it facilitates identifying highly skilled users, which can improve prediction of novel threats and future cyber attacks. We propose a method called Next Paragraph Prediction with Instructional Prompting (NPP-IP) to predict thread structures while grounded on the context around posts. This is the first time to apply an instructional prompting approach to the cybersecurity domain. We evaluate our NPP-IP with the Reddit dataset and Hacker Forums dataset that has posts and thread structures of real hacker forums' threads, and compare our method's performance with existing methods. The experimental evaluation shows that our proposed method can predict the thread structure significantly better than existing methods allowing for better social network prediction based on forum interactions.

Title: Automated Cyber Defence: A Review. (arXiv:2303.04926v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2303.04926
• Code URL: null
• Copy Paste: [[2303.04926] Automated Cyber Defence: A Review](http://arxiv.org/abs/2303.04926) #security
• Summary:

  Within recent times, cybercriminals have curated a variety of organised and resolute cyber attacks within a range of cyber systems, leading to consequential ramifications to private and governmental institutions. Current security-based automation and orchestrations focus on automating fixed purpose and hard-coded solutions, which are easily surpassed by modern-day cyber attacks. Research within Automated Cyber Defence will allow the development and enabling intelligence response by autonomously defending networked systems through sequential decision-making agents. This article comprehensively elaborates the developments within Automated Cyber Defence through a requirement analysis divided into two sub-areas, namely, automated defence and attack agents and Autonomous Cyber Operation (ACO) Gyms. The requirement analysis allows the comparison of automated agents and highlights the importance of ACO Gyms for their continual development. The requirement analysis is also used to critique ACO Gyms with an overall aim to develop them for deploying automated agents within real-world networked systems. Relevant future challenges were addressed from the overall analysis to accelerate development within the area of Automated Cyber Defence.

Title: Encryption with Quantum Public Keys. (arXiv:2303.05368v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2303.05368
• Code URL: null
• Copy Paste: [[2303.05368] Encryption with Quantum Public Keys](http://arxiv.org/abs/2303.05368) #security
• Summary:

  It is an important question to find constructions of quantum cryptographic protocols which rely on weaker computational assumptions than classical protocols. Recently, it has been shown that oblivious transfer and multi-party computation can be constructed from one-way functions, whereas this is impossible in the classical setting in a black-box way. In this work, we study the question of building quantum public-key encryption schemes from one-way functions and even weaker assumptions. Firstly, we revisit the definition of IND-CPA security to this setting. Then, we propose three schemes for quantum public-key encryption from one-way functions, pseudorandom function-like states with proof of deletion and pseudorandom function-like states, respectively.

privacy

Title: High Fidelity Synthetic Face Generation for Rosacea Skin Condition from Limited Data. (arXiv:2303.04839v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04839
• Code URL: https://github.com/thinkercache/stylegan2-ada-pytorch
• Copy Paste: [[2303.04839] High Fidelity Synthetic Face Generation for Rosacea Skin Condition from Limited Data](http://arxiv.org/abs/2303.04839) #privacy
• Summary:

  Similar to the majority of deep learning applications, diagnosing skin diseases using computer vision and deep learning often requires a large volume of data. However, obtaining sufficient data for particular types of facial skin conditions can be difficult due to privacy concerns. As a result, conditions like Rosacea are often understudied in computer-aided diagnosis. The limited availability of data for facial skin conditions has led to the investigation of alternative methods for computer-aided diagnosis. In recent years, Generative Adversarial Networks (GANs), mainly variants of StyleGANs, have demonstrated promising results in generating synthetic facial images. In this study, for the first time, a small dataset of Rosacea with 300 full-face images is utilized to further investigate the possibility of generating synthetic data. The preliminary experiments show how fine-tuning the model and varying experimental settings significantly affect the fidelity of the Rosacea features. It is demonstrated that $R_1$ Regularization strength helps achieve high-fidelity details. Additionally, this study presents qualitative evaluations of synthetic/generated faces by expert dermatologists and non-specialist participants. The quantitative evaluation is presented using a few validation metric(s). Furthermore a number of limitations and future directions are discussed. Code and generated dataset are available at: \url{https://github.com/thinkercache/stylegan2-ada-pytorch}

Title: NIFF: Alleviating Forgetting in Generalized Few-Shot Object Detection via Neural Instance Feature Forging. (arXiv:2303.04958v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04958
• Code URL: null
• Copy Paste: [[2303.04958] NIFF: Alleviating Forgetting in Generalized Few-Shot Object Detection via Neural Instance Feature Forging](http://arxiv.org/abs/2303.04958) #privacy
• Summary:

  Privacy and memory are two recurring themes in a broad conversation about the societal impact of AI. These concerns arise from the need for huge amounts of data to train deep neural networks. A promise of Generalized Few-shot Object Detection (G-FSOD), a learning paradigm in AI, is to alleviate the need for collecting abundant training samples of novel classes we wish to detect by leveraging prior knowledge from old classes (i.e., base classes). G-FSOD strives to learn these novel classes while alleviating catastrophic forgetting of the base classes. However, existing approaches assume that the base images are accessible, an assumption that does not hold when sharing and storing data is problematic. In this work, we propose the first data-free knowledge distillation (DFKD) approach for G-FSOD that leverages the statistics of the region of interest (RoI) features from the base model to forge instance-level features without accessing the base images. Our contribution is three-fold: (1) we design a standalone lightweight generator with (2) class-wise heads (3) to generate and replay diverse instance-level base features to the RoI head while finetuning on the novel data. This stands in contrast to standard DFKD approaches in image classification, which invert the entire network to generate base images. Moreover, we make careful design choices in the novel finetuning pipeline to regularize the model. We show that our approach can dramatically reduce the base memory requirements, all while setting a new standard for G-FSOD on the challenging MS-COCO and PASCAL-VOC benchmarks.

Title: Generative Model-Based Attack on Learnable Image Encryption for Privacy-Preserving Deep Learning. (arXiv:2303.05036v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05036
• Code URL: null
• Copy Paste: [[2303.05036] Generative Model-Based Attack on Learnable Image Encryption for Privacy-Preserving Deep Learning](http://arxiv.org/abs/2303.05036) #privacy
• Summary:

  In this paper, we propose a novel generative model-based attack on learnable image encryption methods proposed for privacy-preserving deep learning. Various learnable encryption methods have been studied to protect the sensitive visual information of plain images, and some of them have been investigated to be robust enough against all existing attacks. However, previous attacks on image encryption focus only on traditional cryptanalytic attacks or reverse translation models, so these attacks cannot recover any visual information if a block-scrambling encryption step, which effectively destroys global information, is applied. Accordingly, in this paper, generative models are explored to evaluate whether such models can restore sensitive visual information from encrypted images for the first time. We first point out that encrypted images have some similarity with plain images in the embedding space. By taking advantage of leaked information from encrypted images, we propose a guided generative model as an attack on learnable image encryption to recover personally identifiable visual information. We implement the proposed attack in two ways by utilizing two state-of-the-art generative models: a StyleGAN-based model and latent diffusion-based one. Experiments were carried out on the CelebA-HQ and ImageNet datasets. Results show that images reconstructed by the proposed method have perceptual similarities to plain images.

Title: RiDDLE: Reversible and Diversified De-identification with Latent Encryptor. (arXiv:2303.05171v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05171
• Code URL: https://github.com/ldz666666/riddle
• Copy Paste: [[2303.05171] RiDDLE: Reversible and Diversified De-identification with Latent Encryptor](http://arxiv.org/abs/2303.05171) #privacy
• Summary:

  This work presents RiDDLE, short for Reversible and Diversified De-identification with Latent Encryptor, to protect the identity information of people from being misused. Built upon a pre-learned StyleGAN2 generator, RiDDLE manages to encrypt and decrypt the facial identity within the latent space. The design of RiDDLE has three appealing properties. First, the encryption process is cipher-guided and hence allows diverse anonymization using different passwords. Second, the true identity can only be decrypted with the correct password, otherwise the system will produce another de-identified face to maintain the privacy. Third, both encryption and decryption share an efficient implementation, benefiting from a carefully tailored lightweight encryptor. Comparisons with existing alternatives confirm that our approach accomplishes the de-identification task with better quality, higher diversity, and stronger reversibility. We further demonstrate the effectiveness of RiDDLE in anonymizing videos. Code and models will be made publicly available.

Title: Understanding the Challenges and Opportunities of Pose-based Anomaly Detection. (arXiv:2303.05463v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05463
• Code URL: null
• Copy Paste: [[2303.05463] Understanding the Challenges and Opportunities of Pose-based Anomaly Detection](http://arxiv.org/abs/2303.05463) #privacy
• Summary:

  Pose-based anomaly detection is a video-analysis technique for detecting anomalous events or behaviors by examining human pose extracted from the video frames. Utilizing pose data alleviates privacy and ethical issues. Also, computation-wise, the complexity of pose-based models is lower than pixel-based approaches. However, it introduces more challenges, such as noisy skeleton data, losing important pixel information, and not having enriched enough features. These problems are exacerbated by a lack of anomaly detection datasets that are good enough representatives of real-world scenarios. In this work, we analyze and quantify the characteristics of two well-known video anomaly datasets to better understand the difficulties of pose-based anomaly detection. We take a step forward, exploring the discriminating power of pose and trajectory for video anomaly detection and their effectiveness based on context. We believe these experiments are beneficial for a better comprehension of pose-based anomaly detection and the datasets currently available. This will aid researchers in tackling the task of anomaly detection with a more lucid perspective, accelerating the development of robust models with better performance.

Title: ChatGPT is on the horizon: Could a large language model be all we need for Intelligent Transportation?. (arXiv:2303.05382v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05382
• Code URL: null
• Copy Paste: [[2303.05382] ChatGPT is on the horizon: Could a large language model be all we need for Intelligent Transportation?](http://arxiv.org/abs/2303.05382) #privacy
• Summary:

  ChatGPT, developed by OpenAI, is one of the largest Large Language Models (LLM) with over 175 billion parameters. ChatGPT has demonstrated the impressive capabilities of LLM, particularly in the field of natural language processing (NLP). With the emergence of the discussion and application of LLM in various research or engineering domains, it is time to envision how LLM may revolutionize the way we approach intelligent transportation systems. This paper explores the future applications of LLM in addressing key transportation problems. By leveraging LLM and a cross-modal encoder, an intelligent system can handle traffic data from various modalities and execute transportation operations through a single LLM. NLP, combined with cross-modal processing, is investigated with its potential applications in transportation. To demonstrate this potential, a smartphone-based crash report auto-generation and analysis framework is presented as a use case. Despite the potential benefits, challenges related to data privacy, data quality, and model bias must be considered. Overall, the use of LLM in intelligent transport systems holds promise for more efficient, intelligent, and sustainable transportation systems that improve the lives of people around the world.

Title: Exploring Smart Commercial Building Occupants' Perceptions and Notification Preferences of Internet of Things Data Collection in the United States. (arXiv:2303.04955v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2303.04955
• Code URL: null
• Copy Paste: [[2303.04955] Exploring Smart Commercial Building Occupants' Perceptions and Notification Preferences of Internet of Things Data Collection in the United States](http://arxiv.org/abs/2303.04955) #privacy
• Summary:

  Data collection through the Internet of Things (IoT) devices, or smart devices, in commercial buildings enables possibilities for increased convenience and energy efficiency. However, such benefits face a large perceptual challenge when being implemented in practice, due to the different ways occupants working in the buildings understand and trust in the data collection. The semi-public, pervasive, and multi-modal nature of data collection in smart buildings points to the need to study occupants' understanding of data collection and notification preferences. We conduct an online study with 492 participants in the US who report working in smart commercial buildings regarding: 1) awareness and perception of data collection in smart commercial buildings, 2) privacy notification preferences, and 3) potential factors for privacy notification preferences. We find that around half of the participants are not fully aware of the data collection and use practices of IoT even though they notice the presence of IoT devices and sensors. We also discover many misunderstandings around different data practices. The majority of participants want to be notified of data practices in smart buildings, and they prefer push notifications to passive ones such as websites or physical signs. Surprisingly, mobile app notification, despite being a popular channel for smart homes, is the least preferred method for smart commercial buildings.

Title: FedREP: A Byzantine-Robust, Communication-Efficient and Privacy-Preserving Framework for Federated Learning. (arXiv:2303.05206v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05206
• Code URL: null
• Copy Paste: [[2303.05206] FedREP: A Byzantine-Robust, Communication-Efficient and Privacy-Preserving Framework for Federated Learning](http://arxiv.org/abs/2303.05206) #privacy
• Summary:

  Federated learning (FL) has recently become a hot research topic, in which Byzantine robustness, communication efficiency and privacy preservation are three important aspects. However, the tension among these three aspects makes it hard to simultaneously take all of them into account. In view of this challenge, we theoretically analyze the conditions that a communication compression method should satisfy to be compatible with existing Byzantine-robust methods and privacy-preserving methods. Motivated by the analysis results, we propose a novel communication compression method called consensus sparsification (ConSpar). To the best of our knowledge, ConSpar is the first communication compression method that is designed to be compatible with both Byzantine-robust methods and privacy-preserving methods. Based on ConSpar, we further propose a novel FL framework called FedREP, which is Byzantine-robust, communication-efficient and privacy-preserving. We theoretically prove the Byzantine robustness and the convergence of FedREP. Empirical results show that FedREP can significantly outperform communication-efficient privacy-preserving baselines. Furthermore, compared with Byzantine-robust communication-efficient baselines, FedREP can achieve comparable accuracy with the extra advantage of privacy preservation.

protect

Title: Using Positive Matching Contrastive Loss with Facial Action Units to mitigate bias in Facial Expression Recognition. (arXiv:2303.04896v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04896
• Code URL: null
• Copy Paste: [[2303.04896] Using Positive Matching Contrastive Loss with Facial Action Units to mitigate bias in Facial Expression Recognition](http://arxiv.org/abs/2303.04896) #protect
• Summary:

  Machine learning models automatically learn discriminative features from the data, and are therefore susceptible to learn strongly-correlated biases, such as using protected attributes like gender and race. Most existing bias mitigation approaches aim to explicitly reduce the model's focus on these protected features. In this work, we propose to mitigate bias by explicitly guiding the model's focus towards task-relevant features using domain knowledge, and we hypothesize that this can indirectly reduce the dependence of the model on spurious correlations it learns from the data. We explore bias mitigation in facial expression recognition systems using facial Action Units (AUs) as the task-relevant feature. To this end, we introduce Feature-based Positive Matching Contrastive Loss which learns the distances between the positives of a sample based on the similarity between their corresponding AU embeddings. We compare our approach with representative baselines and show that incorporating task-relevant features via our method can improve model fairness at minimal cost to classification performance.

defense

Title: Making a Computational Attorney. (arXiv:2303.05383v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05383
• Code URL: null
• Copy Paste: [[2303.05383] Making a Computational Attorney](http://arxiv.org/abs/2303.05383) #defense
• Summary:

  This "blue sky idea" paper outlines the opportunities and challenges in data mining and machine learning involving making a computational attorney -- an intelligent software agent capable of helping human lawyers with a wide range of complex high-level legal tasks such as drafting legal briefs for the prosecution or defense in court. In particular, we discuss what a ChatGPT-like Large Legal Language Model (L$^3$M) can and cannot do today, which will inspire researchers with promising short-term and long-term research objectives.

attack

Title: Decision-BADGE: Decision-based Adversarial Batch Attack with Directional Gradient Estimation. (arXiv:2303.04980v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04980
• Code URL: https://github.com/airlabkhu/decision-badge
• Copy Paste: [[2303.04980] Decision-BADGE: Decision-based Adversarial Batch Attack with Directional Gradient Estimation](http://arxiv.org/abs/2303.04980) #attack
• Summary:

  The vulnerability of deep neural networks to adversarial examples has led to the rise in the use of adversarial attacks. While various decision-based and universal attack methods have been proposed, none have attempted to create a decision-based universal adversarial attack. This research proposes Decision-BADGE, which uses random gradient-free optimization and batch attack to generate universal adversarial perturbations for decision-based attacks. Multiple adversarial examples are combined to optimize a single universal perturbation, and the accuracy metric is reformulated into a continuous Hamming distance form. The effectiveness of accuracy metric as a loss function is demonstrated and mathematically proven. The combination of Decision-BADGE and the accuracy loss function performs better than both score-based image-dependent attack and white-box universal attack methods in terms of attack time efficiency. The research also shows that Decision-BADGE can successfully deceive unseen victims and accurately target specific classes.

Title: Identification of Systematic Errors of Image Classifiers on Rare Subgroups. (arXiv:2303.05072v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05072
• Code URL: null
• Copy Paste: [[2303.05072] Identification of Systematic Errors of Image Classifiers on Rare Subgroups](http://arxiv.org/abs/2303.05072) #attack
• Summary:

  Despite excellent average-case performance of many image classifiers, their performance can substantially deteriorate on semantically coherent subgroups of the data that were under-represented in the training data. These systematic errors can impact both fairness for demographic minority groups as well as robustness and safety under domain shift. A major challenge is to identify such subgroups with subpar performance when the subgroups are not annotated and their occurrence is very rare. We leverage recent advances in text-to-image models and search in the space of textual descriptions of subgroups ("prompts") for subgroups where the target model has low performance on the prompt-conditioned synthesized data. To tackle the exponentially growing number of subgroups, we employ combinatorial testing. We denote this procedure as PromptAttack as it can be interpreted as an adversarial attack in a prompt space. We study subgroup coverage and identifiability with PromptAttack in a controlled setting and find that it identifies systematic errors with high accuracy. Thereupon, we apply PromptAttack to ImageNet classifiers and identify novel systematic errors on rare subgroups.

Title: Learning the Legibility of Visual Text Perturbations. (arXiv:2303.05077v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05077
• Code URL: https://github.com/dvsth/learning-legibility-2023
• Copy Paste: [[2303.05077] Learning the Legibility of Visual Text Perturbations](http://arxiv.org/abs/2303.05077) #attack
• Summary:

  Many adversarial attacks in NLP perturb inputs to produce visually similar strings ('ergo' $\rightarrow$ '$\epsilon$rgo') which are legible to humans but degrade model performance. Although preserving legibility is a necessary condition for text perturbation, little work has been done to systematically characterize it; instead, legibility is typically loosely enforced via intuitions around the nature and extent of perturbations. Particularly, it is unclear to what extent can inputs be perturbed while preserving legibility, or how to quantify the legibility of a perturbed string. In this work, we address this gap by learning models that predict the legibility of a perturbed string, and rank candidate perturbations based on their legibility. To do so, we collect and release \dataset, a human-annotated dataset comprising the legibility of visually perturbed text. Using this dataset, we build both text- and vision-based models which achieve up to $0.91$ F1 score in predicting whether an input is legible, and an accuracy of $0.86$ in predicting which of two given perturbations is more legible. Additionally, we discover that legible perturbations from the \dataset dataset are more effective at lowering the performance of NLP models than best-known attack strategies, suggesting that current models may be vulnerable to a broad range of perturbations beyond what is captured by existing visual attacks. Data, code, and models are available at https://github.com/dvsth/learning-legibility-2023.

Title: Presentation Attack Detection with Advanced CNN Models for Noncontact-based Fingerprint Systems. (arXiv:2303.05459v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05459
• Code URL: null
• Copy Paste: [[2303.05459] Presentation Attack Detection with Advanced CNN Models for Noncontact-based Fingerprint Systems](http://arxiv.org/abs/2303.05459) #attack
• Summary:

  Touch-based fingerprint biometrics is one of the most popular biometric modalities with applications in several fields. Problems associated with touch-based techniques such as the presence of latent fingerprints and hygiene issues due to many people touching the same surface motivated the community to look for non-contact-based solutions. For the last few years, contactless fingerprint systems are on the rise and in demand because of the ability to turn any device with a camera into a fingerprint reader. Yet, before we can fully utilize the benefit of noncontact-based methods, the biometric community needs to resolve a few concerns such as the resiliency of the system against presentation attacks. One of the major obstacles is the limited publicly available data sets with inadequate spoof and live data. In this publication, we have developed a Presentation attack detection (PAD) dataset of more than 7500 four-finger images and more than 14,000 manually segmented single-fingertip images, and 10,000 synthetic fingertips (deepfakes). The PAD dataset was collected from six different Presentation Attack Instruments (PAI) of three different difficulty levels according to FIDO protocols, with five different types of PAI materials, and different smartphone cameras with manual focusing. We have utilized DenseNet-121 and NasNetMobile models and our proposed dataset to develop PAD algorithms and achieved PAD accuracy of Attack presentation classification error rate (APCER) 0.14\% and Bonafide presentation classification error rate (BPCER) 0.18\%. We have also reported the test results of the models against unseen spoof types to replicate uncertain real-world testing scenarios.

robust

Title: The Casual Conversations v2 Dataset. (arXiv:2303.04838v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04838
• Code URL: null
• Copy Paste: [[2303.04838] The Casual Conversations v2 Dataset](http://arxiv.org/abs/2303.04838) #robust
• Summary:

  This paper introduces a new large consent-driven dataset aimed at assisting in the evaluation of algorithmic bias and robustness of computer vision and audio speech models in regards to 11 attributes that are self-provided or labeled by trained annotators. The dataset includes 26,467 videos of 5,567 unique paid participants, with an average of almost 5 videos per person, recorded in Brazil, India, Indonesia, Mexico, Vietnam, Philippines, and the USA, representing diverse demographic characteristics. The participants agreed for their data to be used in assessing fairness of AI models and provided self-reported age, gender, language/dialect, disability status, physical adornments, physical attributes and geo-location information, while trained annotators labeled apparent skin tone using the Fitzpatrick Skin Type and Monk Skin Tone scales, and voice timbre. Annotators also labeled for different recording setups and per-second activity annotations.

Title: MetaMorph: Learning Metamorphic Image Transformation With Appearance Changes. (arXiv:2303.04849v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04849
• Code URL: null
• Copy Paste: [[2303.04849] MetaMorph: Learning Metamorphic Image Transformation With Appearance Changes](http://arxiv.org/abs/2303.04849) #robust
• Summary:

  This paper presents a novel predictive model, MetaMorph, for metamorphic registration of images with appearance changes (i.e., caused by brain tumors). In contrast to previous learning-based registration methods that have little or no control over appearance-changes, our model introduces a new regularization that can effectively suppress the negative effects of appearance changing areas. In particular, we develop a piecewise regularization on the tangent space of diffeomorphic transformations (also known as initial velocity fields) via learned segmentation maps of abnormal regions. The geometric transformation and appearance changes are treated as joint tasks that are mutually beneficial. Our model MetaMorph is more robust and accurate when searching for an optimal registration solution under the guidance of segmentation, which in turn improves the segmentation performance by providing appropriately augmented training labels. We validate MetaMorph on real 3D human brain tumor magnetic resonance imaging (MRI) scans. Experimental results show that our model outperforms the state-of-the-art learning-based registration models. The proposed MetaMorph has great potential in various image-guided clinical interventions, e.g., real-time image-guided navigation systems for tumor removal surgery.

Title: O2RNet: Occluder-Occludee Relational Network for Robust Apple Detection in Clustered Orchard Environments. (arXiv:2303.04884v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04884
• Code URL: null
• Copy Paste: [[2303.04884] O2RNet: Occluder-Occludee Relational Network for Robust Apple Detection in Clustered Orchard Environments](http://arxiv.org/abs/2303.04884) #robust
• Summary:

  Automated apple harvesting has attracted significant research interest in recent years due to its potential to revolutionize the apple industry, addressing the issues of shortage and high costs in labor. One key technology to fully enable efficient automated harvesting is accurate and robust apple detection, which is challenging due to complex orchard environments that involve varying lighting conditions and foliage/branch occlusions. Furthermore, clustered apples are common in the orchard, which brings additional challenges as the clustered apples may be identified as one apple. This will cause issues in localization for subsequent robotic operations. In this paper, we present the development of a novel deep learning-based apple detection framework, Occluder-Occludee Relational Network (O2RNet), for robust detection of apples in such clustered environments. This network exploits the occuluder-occludee relationship modeling head by introducing a feature expansion structure to enable the combination of layered traditional detectors to split clustered apples and foliage occlusions. More specifically, we collect a comprehensive apple orchard image dataset under different lighting conditions (overcast, front lighting, and back lighting) with frequent apple occlusions. We then develop a novel occlusion-aware network for apple detection, in which a feature expansion structure is incorporated into the convolutional neural networks to extract additional features generated by the original network for occluded apples. Comprehensive evaluations are performed, which show that the developed O2RNet outperforms state-of-the-art models with a higher accuracy of 94\% and a higher F1-score of 0.88 on apple detection.

Title: Deformer: Dynamic Fusion Transformer for Robust Hand Pose Estimation. (arXiv:2303.04991v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04991
• Code URL: null
• Copy Paste: [[2303.04991] Deformer: Dynamic Fusion Transformer for Robust Hand Pose Estimation](http://arxiv.org/abs/2303.04991) #robust
• Summary:

  Accurately estimating 3D hand pose is crucial for understanding how humans interact with the world. Despite remarkable progress, existing methods often struggle to generate plausible hand poses when the hand is heavily occluded or blurred. In videos, the movements of the hand allow us to observe various parts of the hand that may be occluded or blurred in a single frame. To adaptively leverage the visual clue before and after the occlusion or blurring for robust hand pose estimation, we propose the Deformer: a framework that implicitly reasons about the relationship between hand parts within the same image (spatial dimension) and different timesteps (temporal dimension). We show that a naive application of the transformer self-attention mechanism is not sufficient because motion blur or occlusions in certain frames can lead to heavily distorted hand features and generate imprecise keys and queries. To address this challenge, we incorporate a Dynamic Fusion Module into Deformer, which predicts the deformation of the hand and warps the hand mesh predictions from nearby frames to explicitly support the current frame estimation. Furthermore, we have observed that errors are unevenly distributed across different hand parts, with vertices around fingertips having disproportionately higher errors than those around the palm. We mitigate this issue by introducing a new loss function called maxMSE that automatically adjusts the weight of every vertex to focus the model on critical hand parts. Extensive experiments show that our method significantly outperforms state-of-the-art methods by 10%, and is more robust to occlusions (over 14%).

Title: Rethinking Visual Prompt Learning as Masked Visual Token Modeling. (arXiv:2303.04998v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04998
• Code URL: null
• Copy Paste: [[2303.04998] Rethinking Visual Prompt Learning as Masked Visual Token Modeling](http://arxiv.org/abs/2303.04998) #robust
• Summary:

  Prompt learning has achieved great success in efficiently exploiting large-scale pre-trained models in natural language processing (NLP). It reformulates the downstream tasks as the generative pre-training ones, thus narrowing down the gap between them and improving the performance stably. However, when transferring it to the vision area, current visual prompt learning methods are all designed on discriminative pre-trained models, and there is also a lack of careful design to unify the forms of pre-training and downstream tasks. To explore prompt learning on the generative pre-trained visual model as well as keeping the task consistency, we propose Visual Prompt learning as masked visual Token Modeling (VPTM) to transform the downstream visual classification into the pre-trained masked visual token prediction. In addition, we develop the prototypical verbalizer for mapping the predicted visual token with implicit semantics to explicit downstream labels. To our best knowledge, VPTM is the first visual prompt method on the generative pre-trained visual model, and the first to achieve consistency between pre-training and downstream visual classification by task reformulation. Experiments show that VPTM outperforms other visual prompt methods and achieves excellent efficiency. Moreover, the task consistency of VPTM contributes to the robustness against prompt location, prompt length and prototype dimension, and could be deployed uniformly.

Title: Towards Robust Image-in-Audio Deep Steganography. (arXiv:2303.05007v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2303.05007
• Code URL: https://github.com/migamic/pixinwav2
• Copy Paste: [[2303.05007] Towards Robust Image-in-Audio Deep Steganography](http://arxiv.org/abs/2303.05007) #robust
• Summary:

  The field of steganography has experienced a surge of interest due to the recent advancements in AI-powered techniques, particularly in the context of multimodal setups that enable the concealment of signals within signals of a different nature. The primary objectives of all steganographic methods are to achieve perceptual transparency, robustness, and large embedding capacity - which often present conflicting goals that classical methods have struggled to reconcile. This paper extends and enhances an existing image-in-audio deep steganography method by focusing on improving its robustness. The proposed enhancements include modifications to the loss function, utilization of the Short-Time Fourier Transform (STFT), introduction of redundancy in the encoding process for error correction, and buffering of additional information in the pixel subconvolution operation. The results demonstrate that our approach outperforms the existing method in terms of robustness and perceptual transparency.

Title: Smooth and Stepwise Self-Distillation for Object Detection. (arXiv:2303.05015v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05015
• Code URL: null
• Copy Paste: [[2303.05015] Smooth and Stepwise Self-Distillation for Object Detection](http://arxiv.org/abs/2303.05015) #robust
• Summary:

  Distilling the structured information captured in feature maps has contributed to improved results for object detection tasks, but requires careful selection of baseline architectures and substantial pre-training. Self-distillation addresses these limitations and has recently achieved state-of-the-art performance for object detection despite making several simplifying architectural assumptions. Building on this work, we propose Smooth and Stepwise Self-Distillation (SSSD) for object detection. Our SSSD architecture forms an implicit teacher from object labels and a feature pyramid network backbone to distill label-annotated feature maps using Jensen-Shannon distance, which is smoother than distillation losses used in prior work. We additionally add a distillation coefficient that is adaptively configured based on the learning rate. We extensively benchmark SSSD against a baseline and two state-of-the-art object detector architectures on the COCO dataset by varying the coefficients and backbone and detector networks. We demonstrate that SSSD achieves higher average precision in most experimental settings, is robust to a wide range of coefficients, and benefits from our stepwise distillation procedure.

Title: Distortion-Disentangled Contrastive Learning. (arXiv:2303.05066v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05066
• Code URL: null
• Copy Paste: [[2303.05066] Distortion-Disentangled Contrastive Learning](http://arxiv.org/abs/2303.05066) #robust
• Summary:

  Self-supervised learning is well known for its remarkable performance in representation learning and various downstream computer vision tasks. Recently, Positive-pair-Only Contrastive Learning (POCL) has achieved reliable performance without the need to construct positive-negative training sets. It reduces memory requirements by lessening the dependency on the batch size. The POCL method typically uses a single loss function to extract the distortion invariant representation (DIR) which describes the proximity of positive-pair representations affected by different distortions. This loss function implicitly enables the model to filter out or ignore the distortion variant representation (DVR) affected by different distortions. However, existing POCL methods do not explicitly enforce the disentanglement and exploitation of the actually valuable DVR. In addition, these POCL methods have been observed to be sensitive to augmentation strategies. To address these limitations, we propose a novel POCL framework named Distortion-Disentangled Contrastive Learning (DDCL) and a Distortion-Disentangled Loss (DDL). Our approach is the first to explicitly disentangle and exploit the DVR inside the model and feature stream to improve the overall representation utilization efficiency, robustness and representation ability. Experiments carried out demonstrate the superiority of our framework to Barlow Twins and Simsiam in terms of convergence, representation quality, and robustness on several benchmark datasets.

Title: Contrastive Model Adaptation for Cross-Condition Robustness in Semantic Segmentation. (arXiv:2303.05194v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05194
• Code URL: https://github.com/brdav/cma
• Copy Paste: [[2303.05194] Contrastive Model Adaptation for Cross-Condition Robustness in Semantic Segmentation](http://arxiv.org/abs/2303.05194) #robust
• Summary:

  Standard unsupervised domain adaptation methods adapt models from a source to a target domain using labeled source data and unlabeled target data jointly. In model adaptation, on the other hand, access to the labeled source data is prohibited, i.e., only the source-trained model and unlabeled target data are available. We investigate normal-to-adverse condition model adaptation for semantic segmentation, whereby image-level correspondences are available in the target domain. The target set consists of unlabeled pairs of adverse- and normal-condition street images taken at GPS-matched locations. Our method -- CMA -- leverages such image pairs to learn condition-invariant features via contrastive learning. In particular, CMA encourages features in the embedding space to be grouped according to their condition-invariant semantic content and not according to the condition under which respective inputs are captured. To obtain accurate cross-domain semantic correspondences, we warp the normal image to the viewpoint of the adverse image and leverage warp-confidence scores to create robust, aggregated features. With this approach, we achieve state-of-the-art semantic segmentation performance for model adaptation on several normal-to-adverse adaptation benchmarks, such as ACDC and Dark Zurich. We also evaluate CMA on a newly procured adverse-condition generalization benchmark and report favorable results compared to standard unsupervised domain adaptation methods, despite the comparative handicap of CMA due to source data inaccessibility. Code is available at https://github.com/brdav/cma.

Title: Revisiting Rotation Averaging: Uncertainties and Robust Losses. (arXiv:2303.05195v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05195
• Code URL: https://github.com/zhangganlin/globalsfmpy
• Copy Paste: [[2303.05195] Revisiting Rotation Averaging: Uncertainties and Robust Losses](http://arxiv.org/abs/2303.05195) #robust
• Summary:

  In this paper, we revisit the rotation averaging problem applied in global Structure-from-Motion pipelines. We argue that the main problem of current methods is the minimized cost function that is only weakly connected with the input data via the estimated epipolar geometries.We propose to better model the underlying noise distributions by directly propagating the uncertainty from the point correspondences into the rotation averaging. Such uncertainties are obtained for free by considering the Jacobians of two-view refinements. Moreover, we explore integrating a variant of the MAGSAC loss into the rotation averaging problem, instead of using classical robust losses employed in current frameworks. The proposed method leads to results superior to baselines, in terms of accuracy, on large-scale public benchmarks. The code is public. https://github.com/zhangganlin/GlobalSfMpy

Title: Taming Contrast Maximization for Learning Sequential, Low-latency, Event-based Optical Flow. (arXiv:2303.05214v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05214
• Code URL: null
• Copy Paste: [[2303.05214] Taming Contrast Maximization for Learning Sequential, Low-latency, Event-based Optical Flow](http://arxiv.org/abs/2303.05214) #robust
• Summary:

  Event cameras have recently gained significant traction since they open up new avenues for low-latency and low-power solutions to complex computer vision problems. To unlock these solutions, it is necessary to develop algorithms that can leverage the unique nature of event data. However, the current state-of-the-art is still highly influenced by the frame-based literature, and usually fails to deliver on these promises. In this work, we take this into consideration and propose a novel self-supervised learning pipeline for the sequential estimation of event-based optical flow that allows for the scaling of the models to high inference frequencies. At its core, we have a continuously-running stateful neural model that is trained using a novel formulation of contrast maximization that makes it robust to nonlinearities and varying statistics in the input events. Results across multiple datasets confirm the effectiveness of our method, which establishes a new state of the art in terms of accuracy for approaches trained or optimized without ground truth.

Title: BaDLAD: A Large Multi-Domain Bengali Document Layout Analysis Dataset. (arXiv:2303.05325v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05325
• Code URL: https://github.com/anon-user-for-web/badlad
• Copy Paste: [[2303.05325] BaDLAD: A Large Multi-Domain Bengali Document Layout Analysis Dataset](http://arxiv.org/abs/2303.05325) #robust
• Summary:

  While strides have been made in deep learning based Bengali Optical Character Recognition (OCR) in the past decade, the absence of large Document Layout Analysis (DLA) datasets has hindered the application of OCR in document transcription, e.g., transcribing historical documents and newspapers. Moreover, rule-based DLA systems that are currently being employed in practice are not robust to domain variations and out-of-distribution layouts. To this end, we present the first multidomain large Bengali Document Layout Analysis Dataset: BaDLAD. This dataset contains 33,695 human annotated document samples from six domains - i) books and magazines, ii) public domain govt. documents, iii) liberation war documents, iv) newspapers, v) historical newspapers, and vi) property deeds, with 710K polygon annotations for four unit types: text-box, paragraph, image, and table. Through preliminary experiments benchmarking the performance of existing state-of-the-art deep learning architectures for English DLA, we demonstrate the efficacy of our dataset in training deep learning based Bengali document digitization models.

Title: FaceXHuBERT: Text-less Speech-driven E(X)pressive 3D Facial Animation Synthesis Using Self-Supervised Speech Representation Learning. (arXiv:2303.05416v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05416
• Code URL: https://github.com/galib360/facexhubert
• Copy Paste: [[2303.05416] FaceXHuBERT: Text-less Speech-driven E(X)pressive 3D Facial Animation Synthesis Using Self-Supervised Speech Representation Learning](http://arxiv.org/abs/2303.05416) #robust
• Summary:

  This paper presents FaceXHuBERT, a text-less speech-driven 3D facial animation generation method that allows to capture personalized and subtle cues in speech (e.g. identity, emotion and hesitation). It is also very robust to background noise and can handle audio recorded in a variety of situations (e.g. multiple people speaking). Recent approaches employ end-to-end deep learning taking into account both audio and text as input to generate facial animation for the whole face. However, scarcity of publicly available expressive audio-3D facial animation datasets poses a major bottleneck. The resulting animations still have issues regarding accurate lip-synching, expressivity, person-specific information and generalizability. We effectively employ self-supervised pretrained HuBERT model in the training process that allows us to incorporate both lexical and non-lexical information in the audio without using a large lexicon. Additionally, guiding the training with a binary emotion condition and speaker identity distinguishes the tiniest subtle facial motion. We carried out extensive objective and subjective evaluation in comparison to ground-truth and state-of-the-art work. A perceptual user study demonstrates that our approach produces superior results with respect to the realism of the animation 78% of the time in comparison to the state-of-the-art. In addition, our method is 4 times faster eliminating the use of complex sequential models such as transformers. We strongly recommend watching the supplementary video before reading the paper. We also provide the implementation and evaluation codes with a GitHub repository link.

Title: Spawrious: A Benchmark for Fine Control of Spurious Correlation Biases. (arXiv:2303.05470v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05470
• Code URL: https://github.com/aengusl/spawrious
• Copy Paste: [[2303.05470] Spawrious: A Benchmark for Fine Control of Spurious Correlation Biases](http://arxiv.org/abs/2303.05470) #robust
• Summary:

  The problem of spurious correlations (SCs) arises when a classifier relies on non-predictive features that happen to be correlated with the labels in the training data. For example, a classifier may misclassify dog breeds based on the background of dog images. This happens when the backgrounds are correlated with other breeds in the training data, leading to misclassifications during test time. Previous SC benchmark datasets suffer from varying issues, e.g., over-saturation or only containing one-to-one (O2O) SCs, but no many-to-many (M2M) SCs arising between groups of spurious attributes and classes. In this paper, we present Spawrious-{O2O, M2M}-{Easy, Medium, Hard}, an image classification benchmark suite containing spurious correlations among different dog breeds and background locations. To create this dataset, we employ a text-to-image model to generate photo-realistic images, and an image captioning model to filter out unsuitable ones. The resulting dataset is of high quality, containing approximately 152,000 images. Our experimental results demonstrate that state-of-the-art group robustness methods struggle with Spawrious, most notably on the Hard-splits with $<60\%$ accuracy. By examining model misclassifications, we detect reliances on spurious backgrounds, demonstrating that our dataset provides a significant challenge to drive future research.

Title: Open-world Instance Segmentation: Top-down Learning with Bottom-up Supervision. (arXiv:2303.05503v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05503
• Code URL: null
• Copy Paste: [[2303.05503] Open-world Instance Segmentation: Top-down Learning with Bottom-up Supervision](http://arxiv.org/abs/2303.05503) #robust
• Summary:

  Many top-down architectures for instance segmentation achieve significant success when trained and tested on pre-defined closed-world taxonomy. However, when deployed in the open world, they exhibit notable bias towards seen classes and suffer from significant performance drop. In this work, we propose a novel approach for open world instance segmentation called bottom-Up and top-Down Open-world Segmentation (UDOS) that combines classical bottom-up segmentation algorithms within a top-down learning framework. UDOS first predicts parts of objects using a top-down network trained with weak supervision from bottom-up segmentations. The bottom-up segmentations are class-agnostic and do not overfit to specific taxonomies. The part-masks are then fed into affinity-based grouping and refinement modules to predict robust instance-level segmentations. UDOS enjoys both the speed and efficiency from the top-down architectures and the generalization ability to unseen categories from bottom-up supervision. We validate the strengths of UDOS on multiple cross-category as well as cross-dataset transfer tasks from 5 challenging datasets including MS-COCO, LVIS, ADE20k, UVO and OpenImages, achieving significant improvements over state-of-the-art across the board. Our code and models are available on our project page.

Title: PAC-NeRF: Physics Augmented Continuum Neural Radiance Fields for Geometry-Agnostic System Identification. (arXiv:2303.05512v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05512
• Code URL: null
• Copy Paste: [[2303.05512] PAC-NeRF: Physics Augmented Continuum Neural Radiance Fields for Geometry-Agnostic System Identification](http://arxiv.org/abs/2303.05512) #robust
• Summary:

  Existing approaches to system identification (estimating the physical parameters of an object) from videos assume known object geometries. This precludes their applicability in a vast majority of scenes where object geometries are complex or unknown. In this work, we aim to identify parameters characterizing a physical system from a set of multi-view videos without any assumption on object geometry or topology. To this end, we propose "Physics Augmented Continuum Neural Radiance Fields" (PAC-NeRF), to estimate both the unknown geometry and physical parameters of highly dynamic objects from multi-view videos. We design PAC-NeRF to only ever produce physically plausible states by enforcing the neural radiance field to follow the conservation laws of continuum mechanics. For this, we design a hybrid Eulerian-Lagrangian representation of the neural radiance field, i.e., we use the Eulerian grid representation for NeRF density and color fields, while advecting the neural radiance fields via Lagrangian particles. This hybrid Eulerian-Lagrangian representation seamlessly blends efficient neural rendering with the material point method (MPM) for robust differentiable physics simulation. We validate the effectiveness of our proposed framework on geometry and physical parameter estimation over a vast range of materials, including elastic bodies, plasticine, sand, Newtonian and non-Newtonian fluids, and demonstrate significant performance gain on most tasks.

Title: Let's Get Personal: Personal Questions Improve SocialBot Performance in the Alexa Prize. (arXiv:2303.04953v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.04953
• Code URL: null
• Copy Paste: [[2303.04953] Let's Get Personal: Personal Questions Improve SocialBot Performance in the Alexa Prize](http://arxiv.org/abs/2303.04953) #robust
• Summary:

  There has been an increased focus on creating conversational open-domain dialogue systems in the spoken dialogue community. Unlike traditional dialogue systems, these conversational systems cannot assume any specific information need or domain restrictions, i.e., the only inherent goal is to converse with the user on an unknown set of topics. While massive improvements in Natural Language Understanding (NLU) and the growth of available knowledge resources can partially support a robust conversation, these conversations generally lack the rapport between two humans that know each other. We developed a robust open-domain conversational system, Athena, that real Amazon Echo users access and evaluate at scale in the context of the Alexa Prize competition. We experiment with methods intended to increase intimacy between Athena and the user by heuristically developing a rule-based user model that personalizes both the current and subsequent conversations and evaluating specific personal opinion question strategies in A/B studies. Our results show a statistically significant positive impact on perceived conversation quality and length when employing these strategies.

Title: Early Warning Signals of Social Instabilities in Twitter Data. (arXiv:2303.05401v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05401
• Code URL: null
• Copy Paste: [[2303.05401] Early Warning Signals of Social Instabilities in Twitter Data](http://arxiv.org/abs/2303.05401) #robust
• Summary:

  The goal of this project is to create and study novel techniques to identify early warning signals for socially disruptive events, like riots, wars, or revolutions using only publicly available data on social media. Such techniques need to be robust enough to work on real-time data: to achieve this goal we propose a topological approach together with more standard BERT models. Indeed, topology-based algorithms, being provably stable against deformations and noise, seem to work well in low-data regimes. The general idea is to build a binary classifier that predicts if a given tweet is related to a disruptive event or not. The results indicate that the persistent-gradient approach is stable and even more performant than deep-learning-based anomaly detection algorithms. We also benchmark the generalisability of the methodology against out-of-samples tasks, with very promising results.

Title: Certifiable Robustness for Naive Bayes Classifiers. (arXiv:2303.04811v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.04811
• Code URL: null
• Copy Paste: [[2303.04811] Certifiable Robustness for Naive Bayes Classifiers](http://arxiv.org/abs/2303.04811) #robust
• Summary:

  Data cleaning is crucial but often laborious in most machine learning (ML) applications. However, task-agnostic data cleaning is sometimes unnecessary if certain inconsistencies in the dirty data will not affect the prediction of ML models to the test points. A test point is certifiably robust for an ML classifier if the prediction remains the same regardless of which (among exponentially many) cleaned dataset it is trained on.

In this paper, we study certifiable robustness for the Naive Bayes classifier (NBC) on dirty datasets with missing values. We present (i) a linear time algorithm in the number of entries in the dataset that decides whether a test point is certifiably robust for NBC, (ii) an algorithm that counts for each label, the number of cleaned datasets on which the NBC can be trained to predict that label, and (iii) an efficient optimal algorithm that poisons a clean dataset by inserting the minimum number of missing values such that a test point is not certifiably robust for NBC. We prove that (iv) poisoning a clean dataset such that multiple test points become certifiably non-robust is NP-hard for any dataset with at least three features. Our experiments demonstrate that our algorithms for the decision and data poisoning problems achieve up to $19.5\times$ and $3.06\times$ speed-up over the baseline algorithms across different real-world datasets.

Title: Efficient Certified Training and Robustness Verification of Neural ODEs. (arXiv:2303.05246v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05246
• Code URL: https://github.com/eth-sri/gains
• Copy Paste: [[2303.05246] Efficient Certified Training and Robustness Verification of Neural ODEs](http://arxiv.org/abs/2303.05246) #robust
• Summary:

  Neural Ordinary Differential Equations (NODEs) are a novel neural architecture, built around initial value problems with learned dynamics which are solved during inference. Thought to be inherently more robust against adversarial perturbations, they were recently shown to be vulnerable to strong adversarial attacks, highlighting the need for formal guarantees. However, despite significant progress in robustness verification for standard feed-forward architectures, the verification of high dimensional NODEs remains an open problem. In this work, we address this challenge and propose GAINS, an analysis framework for NODEs combining three key ideas: (i) a novel class of ODE solvers, based on variable but discrete time steps, (ii) an efficient graph representation of solver trajectories, and (iii) a novel abstraction algorithm operating on this graph representation. Together, these advances enable the efficient analysis and certified training of high-dimensional NODEs, by reducing the runtime from an intractable $O(\exp(d)+\exp(T))$ to ${O}(d+T^2 \log^2T)$ in the dimensionality $d$ and integration time $T$. In an extensive evaluation on computer vision (MNIST and FMNIST) and time-series forecasting (PHYSIO-NET) problems, we demonstrate the effectiveness of both our certified training and verification methods.

Title: Greener yet Powerful: Taming Large Code Generation Models with Quantization. (arXiv:2303.05378v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05378
• Code URL: null
• Copy Paste: [[2303.05378] Greener yet Powerful: Taming Large Code Generation Models with Quantization](http://arxiv.org/abs/2303.05378) #robust
• Summary:

  ML-powered code generation aims to assist developers to write code in a more productive manner, by intelligently generating code blocks based on natural language prompts. Recently, large pretrained deep learning models have substantially pushed the boundary of code generation and achieved impressive performance. Despite their great power, the huge number of model parameters poses a significant threat to adapting them in a regular software development environment, where a developer might use a standard laptop or mid-size server to develop her code. Such large models incur significant resource usage (in terms of memory, latency, and dollars) as well as carbon footprint.

Model compression is a promising approach to address these challenges. Several techniques are proposed to compress large pretrained models typically used for vision or textual data. Out of many available compression techniques, we identified that quantization is mostly applicable for code generation task as it does not require significant retraining cost. As quantization represents model parameters with lower-bit integer (e.g., int8), the model size and runtime latency would both benefit from such int representation. We extensively study the impact of quantized model on code generation tasks across different dimension: (i) resource usage and carbon footprint, (ii) accuracy, and (iii) robustness. To this end, through systematic experiments we find a recipe of quantization technique that could run even a $6$B model in a regular laptop without significant accuracy or robustness degradation. We further found the recipe is readily applicable to code summarization task as well.

Title: Efficient Testable Learning of Halfspaces with Adversarial Label Noise. (arXiv:2303.05485v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05485
• Code URL: null
• Copy Paste: [[2303.05485] Efficient Testable Learning of Halfspaces with Adversarial Label Noise](http://arxiv.org/abs/2303.05485) #robust
• Summary:

  We give the first polynomial-time algorithm for the testable learning of halfspaces in the presence of adversarial label noise under the Gaussian distribution. In the recently introduced testable learning model, one is required to produce a tester-learner such that if the data passes the tester, then one can trust the output of the robust learner on the data. Our tester-learner runs in time $\poly(d/\eps)$ and outputs a halfspace with misclassification error $O(\opt)+\eps$, where $\opt$ is the 0-1 error of the best fitting halfspace. At a technical level, our algorithm employs an iterative soft localization technique enhanced with appropriate testers to ensure that the data distribution is sufficiently similar to a Gaussian.

biometric

Title: GaitEditer: Attribute Editing for Gait Representation Learning. (arXiv:2303.05076v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05076
• Code URL: https://github.com/shiqiyu/opengait
• Copy Paste: [[2303.05076] GaitEditer: Attribute Editing for Gait Representation Learning](http://arxiv.org/abs/2303.05076) #biometric
• Summary:

  Gait pattern is a promising biometric for applications, as it can be captured from a distance without requiring individual cooperation. Nevertheless, existing gait datasets typically suffer from limited diversity, with indoor datasets requiring participants to walk along a fixed route in a restricted setting, and outdoor datasets containing only few walking sequences per subject. Prior generative methods have attempted to mitigate these limitations by building virtual gait datasets. They primarily focus on manipulating a single, specific gait attribute (e.g., viewpoint or carrying), and require the supervised data pairs for training, thus lacking the flexibility and diversity for practical usage. In contrast, our GaitEditer can act as an online module to edit a broad range of gait attributes, such as pants, viewpoint, and even age, in an unsupervised manner, which current gait generative methods struggle with. Additionally, GaitEidter also finely preserves both temporal continuity and identity characteristics in generated gait sequences. Experiments show that GaitEditer provides extensive knowledge for clothing-invariant and view-invariant gait representation learning under various challenging scenarios. The source code will be available.

steal

extraction

Title: Text-Visual Prompting for Efficient 2D Temporal Video Grounding. (arXiv:2303.04995v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04995
• Code URL: null
• Copy Paste: [[2303.04995] Text-Visual Prompting for Efficient 2D Temporal Video Grounding](http://arxiv.org/abs/2303.04995) #extraction
• Summary:

  In this paper, we study the problem of temporal video grounding (TVG), which aims to predict the starting/ending time points of moments described by a text sentence within a long untrimmed video. Benefiting from fine-grained 3D visual features, the TVG techniques have achieved remarkable progress in recent years. However, the high complexity of 3D convolutional neural networks (CNNs) makes extracting dense 3D visual features time-consuming, which calls for intensive memory and computing resources. Towards efficient TVG, we propose a novel text-visual prompting (TVP) framework, which incorporates optimized perturbation patterns (that we call 'prompts') into both visual inputs and textual features of a TVG model. In sharp contrast to 3D CNNs, we show that TVP allows us to effectively co-train vision encoder and language encoder in a 2D TVG model and improves the performance of crossmodal feature fusion using only low-complexity sparse 2D visual features. The proposed prompts also compensate for the lack of spatiotemporal information in 2D CNNs for visual feature extraction. Further, we propose a TemporalDistance IoU (TDIoU) loss for efficient learning of TVG. Last but not least, extensive experiments on two benchmark datasets, Charades-STA and ActivityNet Captions datasets, empirically show that the proposed TVP significantly boosts the performance of 2D TVG (e.g., 9.79% improvement in Charades-STA and 30.77% improvement in ActivityNet Captions) and achieves 5x inference acceleration over TVG of using 3D visual features. Code and model will be released.

Title: Lifelong-MonoDepth: Lifelong Learning for Multi-Domain Monocular Metric Depth Estimation. (arXiv:2303.05050v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05050
• Code URL: null
• Copy Paste: [[2303.05050] Lifelong-MonoDepth: Lifelong Learning for Multi-Domain Monocular Metric Depth Estimation](http://arxiv.org/abs/2303.05050) #extraction
• Summary:

  In recent years, monocular depth estimation (MDE) has gained significant progress in a data-driven learning fashion. Previous methods can infer depth maps for specific domains based on the paradigm of single-domain or joint-domain training with mixed data. However, they suffer from low scalability to new domains. In reality, target domains often dynamically change or increase, raising the requirement of incremental multi-domain/task learning. In this paper, we seek to enable lifelong learning for MDE, which performs cross-domain depth learning sequentially, to achieve high plasticity on a new domain and maintain good stability on original domains. To overcome significant domain gaps and enable scale-aware depth prediction, we design a lightweight multi-head framework that consists of a domain-shared encoder for feature extraction and domain-specific predictors for metric depth estimation. Moreover, given an input image, we propose an efficient predictor selection approach that automatically identifies the corresponding predictor for depth inference. Through extensive numerical studies, we show that the proposed method can achieve good efficiency, stability, and plasticity, leading the benchmarks by 8% to 15%.

Title: Blind deblurring of hyperspectral document images. (arXiv:2303.05130v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05130
• Code URL: null
• Copy Paste: [[2303.05130] Blind deblurring of hyperspectral document images](http://arxiv.org/abs/2303.05130) #extraction
• Summary:

  Most computer vision and machine learning-based approaches for historical document analysis are tailored to grayscale or RGB images and thus, mostly exploit their spatial information. Multispectral (MS) and hyperspectral (HS) images contain, next to the spatial information, much richer spectral information than RGB images (usually spreading beyond the visible spectral range) that can facilitate more effective feature extraction, more accurate classification and recognition, and thus, improved analysis. Although utilization of rich spectral information can improve historical document analysis tremendously, there are still some potential limitations of HS imagery such as camera-induced noise and blur that require a carefully designed preprocessing step. Here, we propose novel blind HS image deblurring methods tailored to document images. We exploit a low-rank property of HS images (i.e., by projecting an HS image to a lower dimensional subspace) and utilize a text tailor image prior to performing a PSF estimation and deblurring of subspace components. The preliminary results show that the proposed approach gives good results over all spectral bands, removing successfully image artefacts introduced by blur and noise and significantly increasing the number of bands that can be used in further analysis.

Title: 3D wind field profiles from hyperspectral sounders: revisiting optic-flow from a meteorological perspective. (arXiv:2303.05154v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05154
• Code URL: null
• Copy Paste: [[2303.05154] 3D wind field profiles from hyperspectral sounders: revisiting optic-flow from a meteorological perspective](http://arxiv.org/abs/2303.05154) #extraction
• Summary:

  In this work, we present an efficient optic flow algorithm for the extraction of vertically resolved 3D atmospheric motion vector (AMV) fields from incomplete hyperspectral image data measures by infrared sounders. The model at the heart of the energy to be minimized is consistent with atmospheric dynamics, incorporating ingredients of thermodynamics, hydrostatic equilibrium and statistical turbulence. Modern optimization techniques are deployed to design a low-complexity solver for the energy minimization problem, which is non-convex, non-differentiable, high-dimensional and subject to physical constraints. In particular, taking advantage of the alternate direction of multipliers methods (ADMM), we show how to split the original high-dimensional problem into a recursion involving a set of standard and tractable optic-flow sub-problems. By comparing with the ground truth provided by the operational numerical simulation of the European Centre for Medium-Range Weather Forecasts (ECMWF), we show that the performance of the proposed method is superior to state-of-the-art optical flow algorithms in the context of real infrared atmospheric sounding interferometer (IASI) observations.

Title: GPGait: Generalized Pose-based Gait Recognition. (arXiv:2303.05234v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05234
• Code URL: null
• Copy Paste: [[2303.05234] GPGait: Generalized Pose-based Gait Recognition](http://arxiv.org/abs/2303.05234) #extraction
• Summary:

  Recent works on pose-based gait recognition have demonstrated the potential of using such simple information to achieve results comparable to silhouette-based methods. However, the generalization ability of pose-based methods on different datasets is undesirably inferior to that of silhouette-based ones, which has received little attention but hinders the application of these methods in real-world scenarios. To improve the generalization ability of pose-based methods across datasets, we propose a Generalized Pose-based Gait recognition (GPGait) framework. First, a Human-Oriented Transformation (HOT) and a series of Human-Oriented Descriptors (HOD) are proposed to obtain a unified pose representation with discriminative multi-features. Then, given the slight variations in the unified representation after HOT and HOD, it becomes crucial for the network to extract local-global relationships between the keypoints. To this end, a Part-Aware Graph Convolutional Network (PAGCN) is proposed to enable efficient graph partition and local-global spatial feature extraction. Experiments on four public gait recognition datasets, CASIA-B, OUMVLP-Pose, Gait3D and GREW, show that our model demonstrates better and more stable cross-domain capabilities compared to existing skeleton-based methods, achieving comparable recognition results to silhouette-based ones. The code will be released.

Title: ICL-D3IE: In-Context Learning with Diverse Demonstrations Updating for Document Information Extraction. (arXiv:2303.05063v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05063
• Code URL: null
• Copy Paste: [[2303.05063] ICL-D3IE: In-Context Learning with Diverse Demonstrations Updating for Document Information Extraction](http://arxiv.org/abs/2303.05063) #extraction
• Summary:

  Large language models (LLMs), such as GPT-3 and ChatGPT, have demonstrated remarkable results in various natural language processing (NLP) tasks with in-context learning, which involves inference based on a few demonstration examples. Despite their successes in NLP tasks, no investigation has been conducted to assess the ability of LLMs to perform document information extraction (DIE) using in-context learning. Applying LLMs to DIE poses two challenges: the modality and task gap. To this end, we propose a simple but effective in-context learning framework called ICL-D3IE, which enables LLMs to perform DIE with different types of demonstration examples. Specifically, we extract the most difficult and distinct segments from hard training documents as hard demonstrations for benefiting all test instances. We design demonstrations describing relationships that enable LLMs to understand positional relationships. We introduce formatting demonstrations for easy answer extraction. Additionally, the framework improves diverse demonstrations by updating them iteratively. Our experiments on three widely used benchmark datasets demonstrate that the ICL-D3IE framework enables GPT-3/ChatGPT to achieve superior performance when compared to previous pre-trained methods fine-tuned with full training in both the in-distribution (ID) setting and in the out-of-distribution (OOD) setting.

Title: Dynamic Multi-View Fusion Mechanism For Chinese Relation Extraction. (arXiv:2303.05082v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05082
• Code URL: null
• Copy Paste: [[2303.05082] Dynamic Multi-View Fusion Mechanism For Chinese Relation Extraction](http://arxiv.org/abs/2303.05082) #extraction
• Summary:

  Recently, many studies incorporate external knowledge into character-level feature based models to improve the performance of Chinese relation extraction. However, these methods tend to ignore the internal information of the Chinese character and cannot filter out the noisy information of external knowledge. To address these issues, we propose a mixture-of-view-experts framework (MoVE) to dynamically learn multi-view features for Chinese relation extraction. With both the internal and external knowledge of Chinese characters, our framework can better capture the semantic information of Chinese characters. To demonstrate the effectiveness of the proposed framework, we conduct extensive experiments on three real-world datasets in distinct domains. Experimental results show consistent and significant superiority and robustness of our proposed framework. Our code and dataset will be released at: https://gitee.com/tmg-nudt/multi-view-of-expert-for-chineserelation-extraction

Title: Extracting Accurate Materials Data from Research Papers with Conversational Language Models and Prompt Engineering -- Example of ChatGPT. (arXiv:2303.05352v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05352
• Code URL: null
• Copy Paste: [[2303.05352] Extracting Accurate Materials Data from Research Papers with Conversational Language Models and Prompt Engineering -- Example of ChatGPT](http://arxiv.org/abs/2303.05352) #extraction
• Summary:

  There has been a growing effort to replace hand extraction of data from research papers with automated data extraction based on natural language processing (NLP), language models (LMs), and recently, large language models (LLMs). Although these methods enable efficient extraction of data from large sets of research papers, they require a significant amount of up-front effort, expertise, and coding. In this work we propose the ChatExtract method that can fully automate very accurate data extraction with essentially no initial effort or background using an advanced conversational LLM (or AI). ChatExtract consists of a set of engineered prompts applied to a conversational LLM that both identify sentences with data, extract data, and assure its correctness through a series of follow-up questions. These follow-up questions address a critical challenge associated with LLMs - their tendency to provide factually inaccurate responses. ChatExtract can be applied with any conversational LLMs and yields very high quality data extraction. In tests on materials data we find precision and recall both over 90% from the best conversational LLMs, likely rivaling or exceeding human accuracy in many cases. We demonstrate that the exceptional performance is enabled by the information retention in a conversational model combined with purposeful redundancy and introducing uncertainty through follow-up prompts. These results suggest that approaches similar to ChatExtract, due to their simplicity, transferability and accuracy are likely to replace other methods of data extraction in the near future.

Title: German BERT Model for Legal Named Entity Recognition. (arXiv:2303.05388v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05388
• Code URL: null
• Copy Paste: [[2303.05388] German BERT Model for Legal Named Entity Recognition](http://arxiv.org/abs/2303.05388) #extraction
• Summary:

  The use of BERT, one of the most popular language models, has led to improvements in many Natural Language Processing (NLP) tasks. One such task is Named Entity Recognition (NER) i.e. automatic identification of named entities such as location, person, organization, etc. from a given text. It is also an important base step for many NLP tasks such as information extraction and argumentation mining. Even though there is much research done on NER using BERT and other popular language models, the same is not explored in detail when it comes to Legal NLP or Legal Tech. Legal NLP applies various NLP techniques such as sentence similarity or NER specifically on legal data. There are only a handful of models for NER tasks using BERT language models, however, none of these are aimed at legal documents in German. In this paper, we fine-tune a popular BERT language model trained on German data (German BERT) on a Legal Entity Recognition (LER) dataset. To make sure our model is not overfitting, we performed a stratified 10-fold cross-validation. The results we achieve by fine-tuning German BERT on the LER dataset outperform the BiLSTM-CRF+ model used by the authors of the same LER dataset. Finally, we make the model openly available via HuggingFace.

Title: Depression Detection Using Digital Traces on Social Media: A Knowledge-aware Deep Learning Approach. (arXiv:2303.05389v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05389
• Code URL: null
• Copy Paste: [[2303.05389] Depression Detection Using Digital Traces on Social Media: A Knowledge-aware Deep Learning Approach](http://arxiv.org/abs/2303.05389) #extraction
• Summary:

  Depression is a common disease worldwide. It is difficult to diagnose and continues to be underdiagnosed. Because depressed patients constantly share their symptoms, major life events, and treatments on social media, researchers are turning to user-generated digital traces on social media for depression detection. Such methods have distinct advantages in combating depression because they can facilitate innovative approaches to fight depression and alleviate its social and economic burden. However, most existing studies lack effective means to incorporate established medical domain knowledge in depression detection or suffer from feature extraction difficulties that impede greater performance. Following the design science research paradigm, we propose a Deep Knowledge-aware Depression Detection (DKDD) framework to accurately detect social media users at risk of depression and explain the critical factors that contribute to such detection. Extensive empirical studies with real-world data demonstrate that, by incorporating domain knowledge, our method outperforms existing state-of-the-art methods. Our work has significant implications for IS research in knowledge-aware machine learning, digital traces utilization, and NLP research in IS. Practically, by providing early detection and explaining the critical factors, DKDD can supplement clinical depression screening and enable large-scale evaluations of a population's mental health status.

membership infer

federate

Title: Memory-adaptive Depth-wise Heterogenous Federated Learning. (arXiv:2303.04887v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.04887
• Code URL: null
• Copy Paste: [[2303.04887] Memory-adaptive Depth-wise Heterogenous Federated Learning](http://arxiv.org/abs/2303.04887) #federate
• Summary:

  Federated learning is a promising paradigm that allows multiple clients to collaboratively train a model without sharing the local data. However, the presence of heterogeneous devices in federated learning, such as mobile phones and IoT devices with varying memory capabilities, would limit the scale and hence the performance of the model could be trained. The mainstream approaches to address memory limitations focus on width-slimming techniques, where different clients train subnetworks with reduced widths locally and then the server aggregates the subnetworks. The global model produced from these methods suffers from performance degradation due to the negative impact of the actions taken to handle the varying subnetwork widths in the aggregation phase. In this paper, we introduce a memory-adaptive depth-wise learning solution in FL called FeDepth, which adaptively decomposes the full model into blocks according to the memory budgets of each client and trains blocks sequentially to obtain a full inference model. Our method outperforms state-of-the-art approaches, achieving 5% and more than 10% improvements in top-1 accuracy on CIFAR-10 and CIFAR-100, respectively. We also demonstrate the effectiveness of depth-wise fine-tuning on ViT. Our findings highlight the importance of memory-aware techniques for federated learning with heterogeneous devices and the success of depth-wise training strategy in improving the global model's performance.

Title: Model-Agnostic Federated Learning. (arXiv:2303.04906v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.04906
• Code URL: null
• Copy Paste: [[2303.04906] Model-Agnostic Federated Learning](http://arxiv.org/abs/2303.04906) #federate
• Summary:

  Since its debut in 2016, Federated Learning (FL) has been tied to the inner workings of Deep Neural Networks (DNNs). On the one hand, this allowed its development and widespread use as DNNs proliferated. On the other hand, it neglected all those scenarios in which using DNNs is not possible or advantageous. The fact that most current FL frameworks only allow training DNNs reinforces this problem. To address the lack of FL solutions for non-DNN-based use cases, we propose MAFL (Model-Agnostic Federated Learning). MAFL marries a model-agnostic FL algorithm, AdaBoost.F, with an open industry-grade FL framework: Intel OpenFL. MAFL is the first FL system not tied to any specific type of machine learning model, allowing exploration of FL scenarios beyond DNNs and trees. We test MAFL from multiple points of view, assessing its correctness, flexibility and scaling properties up to 64 nodes. We optimised the base software achieving a 5.5x speedup on a standard FL scenario. MAFL is compatible with x86-64, ARM-v8, Power and RISC-V.

Title: Semi-Federated Learning for Collaborative Intelligence in Massive IoT Networks. (arXiv:2303.05048v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05048
• Code URL: https://github.com/niwanli/semifl_iot
• Copy Paste: [[2303.05048] Semi-Federated Learning for Collaborative Intelligence in Massive IoT Networks](http://arxiv.org/abs/2303.05048) #federate
• Summary:

  Implementing existing federated learning in massive Internet of Things (IoT) networks faces critical challenges such as imbalanced and statistically heterogeneous data and device diversity. To this end, we propose a semi-federated learning (SemiFL) framework to provide a potential solution for the realization of intelligent IoT. By seamlessly integrating the centralized and federated paradigms, our SemiFL framework shows high scalability in terms of the number of IoT devices even in the presence of computing-limited sensors. Furthermore, compared to traditional learning approaches, the proposed SemiFL can make better use of distributed data and computing resources, due to the collaborative model training between the edge server and local devices. Simulation results show the effectiveness of our SemiFL framework for massive IoT networks. The code can be found at https://github.com/niwanli/SemiFL_IoT.

fair

Title: R-Tuning: Regularized Prompt Tuning in Open-Set Scenarios. (arXiv:2303.05122v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05122
• Code URL: null
• Copy Paste: [[2303.05122] R-Tuning: Regularized Prompt Tuning in Open-Set Scenarios](http://arxiv.org/abs/2303.05122) #fair
• Summary:

  In realistic open-set scenarios where labels of a part of testing data are totally unknown, current prompt methods on vision-language (VL) models always predict the unknown classes as the downstream training classes. The exhibited label bias causes difficulty in the open set recognition (OSR), by which an image should be correctly predicted as one of the known classes or the unknown one. To learn prompts in open-set scenarios, we propose the Regularized prompt Tuning (R-Tuning) to mitigate the label bias. It introduces open words from the WordNet to extend the range of words forming the prompt texts from only closed-set label words to more. Thus, prompts are tuned in a simulated open-set scenario. Besides, inspired by the observation that classifying directly on large datasets causes a much higher false positive rate than on small datasets, we propose the Combinatorial Tuning and Testing (CTT) strategy for improving performance. CTT decomposes R-Tuning on large datasets as multiple independent group-wise tuning on fewer classes, then makes comprehensive predictions by selecting the optimal sub-prompt. For fair comparisons, we construct new baselines for OSR based on VL models, especially for prompt methods. Our method achieves the best results on datasets with various scales. Extensive ablation studies validate the effectiveness of our method.

Title: Unsupervised Language agnostic WER Standardization. (arXiv:2303.05046v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2303.05046
• Code URL: null
• Copy Paste: [[2303.05046] Unsupervised Language agnostic WER Standardization](http://arxiv.org/abs/2303.05046) #fair
• Summary:

  Word error rate (WER) is a standard metric for the evaluation of Automated Speech Recognition (ASR) systems. However, WER fails to provide a fair evaluation of human perceived quality in presence of spelling variations, abbreviations, or compound words arising out of agglutination. Multiple spelling variations might be acceptable based on locale/geography, alternative abbreviations, borrowed words, and transliteration of code-mixed words from a foreign language to the target language script. Similarly, in case of agglutination, often times the agglutinated, as well as the split forms, are acceptable. Previous work handled this problem by using manually identified normalization pairs and applying them to both the transcription and the hypothesis before computing WER. In this paper, we propose an automatic WER normalization system consisting of two modules: spelling normalization and segmentation normalization. The proposed system is unsupervised and language agnostic, and therefore scalable. Experiments with ASR on 35K utterances across four languages yielded an average WER reduction of 13.28%. Human judgements of these automatically identified normalization pairs show that our WER-normalized evaluation is highly consistent with the perceived quality of ASR output.

interpretability

explainability

Title: X-Pruner: eXplainable Pruning for Vision Transformers. (arXiv:2303.04935v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.04935
• Code URL: null
• Copy Paste: [[2303.04935] X-Pruner: eXplainable Pruning for Vision Transformers](http://arxiv.org/abs/2303.04935) #explainability
• Summary:

  Recently vision transformer models have become prominent models for a range of tasks. These models, however, usually suffer from intensive computational costs, making them impractical for deployment on edge platforms. Recent studies have proposed to prune transformers in a series of criteria, such as magnitude-based, gradient-based, and mask-based. However, previous works rely heavily on hand-crafted rules and may involve time-consuming retraining or searching. As a result, measuring weight importance in an automatic and efficient way remains an open problem. To solve this problem, we propose a novel explainable pruning framework dubbed X-Pruner, by considering the explainability of the pruning criterion. Inspired by the model explanation, we propose to assign an explainability-aware mask for each prunable unit, which measures the unit's contribution to predicting every class and is fully differentiable. Then, to preserve the most informative units, we rank all units based on the absolute sum of their explainability-aware masks and using this ranking to prune enough units to meet the target resource constraint. To verify and evaluate our method, we apply the X-Pruner on representative transformer models including the DeiT and Swin Transformer. Comprehensive simulation results demonstrate that the proposed X-Pruner outperforms the state-of-the-art black-box methods with significantly reduced computational costs and slight performance degradation.

watermark

Title: Mark My Words: Dangers of Watermarked Images in ImageNet. (arXiv:2303.05498v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05498
• Code URL: null
• Copy Paste: [[2303.05498] Mark My Words: Dangers of Watermarked Images in ImageNet](http://arxiv.org/abs/2303.05498) #watermark
• Summary:

  The utilization of pre-trained networks, especially those trained on ImageNet, has become a common practice in Computer Vision. However, prior research has indicated that a significant number of images in the ImageNet dataset contain watermarks, making pre-trained networks susceptible to learning artifacts such as watermark patterns within their latent spaces. In this paper, we aim to assess the extent to which popular pre-trained architectures display such behavior and to determine which classes are most affected. Additionally, we examine the impact of watermarks on the extracted features. Contrary to the popular belief that the Chinese logographic watermarks impact the "carton" class only, our analysis reveals that a variety of ImageNet classes, such as "monitor", "broom", "apron" and "safe" rely on spurious correlations. Finally, we propose a simple approach to mitigate this issue in fine-tuned networks by ignoring the encodings from the feature-extractor layer of ImageNet pre-trained networks that are most susceptible to watermark imprints.

diffusion

Title: DiffusionDepth: Diffusion Denoising Approach for Monocular Depth Estimation. (arXiv:2303.05021v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05021
• Code URL: https://github.com/duanyiqun/diffusiondepth
• Copy Paste: [[2303.05021] DiffusionDepth: Diffusion Denoising Approach for Monocular Depth Estimation](http://arxiv.org/abs/2303.05021) #diffusion
• Summary:

  Monocular depth estimation is a challenging task that predicts the pixel-wise depth from a single 2D image. Current methods typically model this problem as a regression or classification task. We propose DiffusionDepth, a new approach that reformulates monocular depth estimation as a denoising diffusion process. It learns an iterative denoising process to `denoise' random depth distribution into a depth map with the guidance of monocular visual conditions. The process is performed in the latent space encoded by a dedicated depth encoder and decoder. Instead of diffusing ground truth (GT) depth, the model learns to reverse the process of diffusing the refined depth of itself into random depth distribution. This self-diffusion formulation overcomes the difficulty of applying generative models to sparse GT depth scenarios. The proposed approach benefits this task by refining depth estimation step by step, which is superior for generating accurate and highly detailed depth maps. Experimental results on KITTI and NYU-Depth-V2 datasets suggest that a simple yet efficient diffusion approach could reach state-of-the-art performance in both indoor and outdoor scenarios with acceptable inference time.

Title: Unifying Layout Generation with a Decoupled Diffusion Model. (arXiv:2303.05049v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05049
• Code URL: null
• Copy Paste: [[2303.05049] Unifying Layout Generation with a Decoupled Diffusion Model](http://arxiv.org/abs/2303.05049) #diffusion
• Summary:

  Layout generation aims to synthesize realistic graphic scenes consisting of elements with different attributes including category, size, position, and between-element relation. It is a crucial task for reducing the burden on heavy-duty graphic design works for formatted scenes, e.g., publications, documents, and user interfaces (UIs). Diverse application scenarios impose a big challenge in unifying various layout generation subtasks, including conditional and unconditional generation. In this paper, we propose a Layout Diffusion Generative Model (LDGM) to achieve such unification with a single decoupled diffusion model. LDGM views a layout of arbitrary missing or coarse element attributes as an intermediate diffusion status from a completed layout. Since different attributes have their individual semantics and characteristics, we propose to decouple the diffusion processes for them to improve the diversity of training samples and learn the reverse process jointly to exploit global-scope contexts for facilitating generation. As a result, our LDGM can generate layouts either from scratch or conditional on arbitrary available attributes. Extensive qualitative and quantitative experiments demonstrate our proposed LDGM outperforms existing layout generation models in both functionality and performance.

Title: MaskDiff: Modeling Mask Distribution with Diffusion Probabilistic Model for Few-Shot Instance Segmentation. (arXiv:2303.05105v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05105
• Code URL: null
• Copy Paste: [[2303.05105] MaskDiff: Modeling Mask Distribution with Diffusion Probabilistic Model for Few-Shot Instance Segmentation](http://arxiv.org/abs/2303.05105) #diffusion
• Summary:

  Few-shot instance segmentation extends the few-shot learning paradigm to the instance segmentation task, which tries to segment instance objects from a query image with a few annotated examples of novel categories. Conventional approaches have attempted to address the task via prototype learning, known as point estimation. However, this mechanism is susceptible to noise and suffers from bias due to a significant scarcity of data. To overcome the disadvantages of the point estimation mechanism, we propose a novel approach, dubbed MaskDiff, which models the underlying conditional distribution of a binary mask, which is conditioned on an object region and $K$-shot information. Inspired by augmentation approaches that perturb data with Gaussian noise for populating low data density regions, we model the mask distribution with a diffusion probabilistic model. In addition, we propose to utilize classifier-free guided mask sampling to integrate category information into the binary mask generation process. Without bells and whistles, our proposed method consistently outperforms state-of-the-art methods on both base and novel classes of the COCO dataset while simultaneously being more stable than existing methods.

Title: Cones: Concept Neurons in Diffusion Models for Customized Generation. (arXiv:2303.05125v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05125
• Code URL: https://github.com/johanan528/cones
• Copy Paste: [[2303.05125] Cones: Concept Neurons in Diffusion Models for Customized Generation](http://arxiv.org/abs/2303.05125) #diffusion
• Summary:

  Human brains respond to semantic features of presented stimuli with different neurons. It is then curious whether modern deep neural networks admit a similar behavior pattern. Specifically, this paper finds a small cluster of neurons in a diffusion model corresponding to a particular subject. We call those neurons the concept neurons. They can be identified by statistics of network gradients to a stimulation connected with the given subject. The concept neurons demonstrate magnetic properties in interpreting and manipulating generation results. Shutting them can directly yield the related subject contextualized in different scenes. Concatenating multiple clusters of concept neurons can vividly generate all related concepts in a single image. A few steps of further fine-tuning can enhance the multi-concept capability, which may be the first to manage to generate up to four different subjects in a single image. For large-scale applications, the concept neurons are environmentally friendly as we only need to store a sparse cluster of int index instead of dense float32 values of the parameters, which reduces storage consumption by 90\% compared with previous subject-driven generation methods. Extensive qualitative and quantitative studies on diverse scenarios show the superiority of our method in interpreting and manipulating diffusion models.

Title: Brain-Diffuser: Natural scene reconstruction from fMRI signals using generative latent diffusion. (arXiv:2303.05334v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05334
• Code URL: null
• Copy Paste: [[2303.05334] Brain-Diffuser: Natural scene reconstruction from fMRI signals using generative latent diffusion](http://arxiv.org/abs/2303.05334) #diffusion
• Summary:

  In neural decoding research, one of the most intriguing topics is the reconstruction of perceived natural images based on fMRI signals. Previous studies have succeeded in re-creating different aspects of the visuals, such as low-level properties (shape, texture, layout) or high-level features (category of objects, descriptive semantics of scenes) but have typically failed to reconstruct these properties together for complex scene images. Generative AI has recently made a leap forward with latent diffusion models capable of generating high-complexity images. Here, we investigate how to take advantage of this innovative technology for brain decoding. We present a two-stage scene reconstruction framework called Brain-Diffuser''. In the first stage, starting from fMRI signals, we reconstruct images that capture low-level properties and overall layout using a VDVAE (Very Deep Variational Autoencoder) model. In the second stage, we use the image-to-image framework of a latent diffusion model (Versatile Diffusion) conditioned on predicted multimodal (text and visual) features, to generate final reconstructed images. On the publicly available Natural Scenes Dataset benchmark, our method outperforms previous models both qualitatively and quantitatively. When applied to synthetic fMRI patterns generated from individual ROI (region-of-interest) masks, our trained model creates compellingROI-optimal'' scenes consistent with neuroscientific knowledge. Thus, the proposed methodology can have an impact on both applied (e.g. brain-computer interface) and fundamental neuroscience.

Title: 3DGen: Triplane Latent Diffusion for Textured Mesh Generation. (arXiv:2303.05371v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05371
• Code URL: null
• Copy Paste: [[2303.05371] 3DGen: Triplane Latent Diffusion for Textured Mesh Generation](http://arxiv.org/abs/2303.05371) #diffusion
• Summary:

  Latent diffusion models for image generation have crossed a quality threshold which enabled them to achieve mass adoption. Recently, a series of works have made advancements towards replicating this success in the 3D domain, introducing techniques such as point cloud VAE, triplane representation, neural implicit surfaces and differentiable rendering based training. We take another step along this direction, combining these developments in a two-step pipeline consisting of 1) a triplane VAE which can learn latent representations of textured meshes and 2) a conditional diffusion model which generates the triplane features. For the first time this architecture allows conditional and unconditional generation of high quality textured or untextured 3D meshes across multiple diverse categories in a few seconds on a single GPU. It outperforms previous work substantially on image-conditioned and unconditional generation on mesh quality as well as texture generation. Furthermore, we demonstrate the scalability of our model to large datasets for increased quality and diversity. We will release our code and trained models.

Title: Scaling up GANs for Text-to-Image Synthesis. (arXiv:2303.05511v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2303.05511
• Code URL: null
• Copy Paste: [[2303.05511] Scaling up GANs for Text-to-Image Synthesis](http://arxiv.org/abs/2303.05511) #diffusion
• Summary:

  The recent success of text-to-image synthesis has taken the world by storm and captured the general public's imagination. From a technical standpoint, it also marked a drastic change in the favored architecture to design generative image models. GANs used to be the de facto choice, with techniques like StyleGAN. With DALL-E 2, auto-regressive and diffusion models became the new standard for large-scale generative models overnight. This rapid shift raises a fundamental question: can we scale up GANs to benefit from large datasets like LAION? We find that na\"Ively increasing the capacity of the StyleGAN architecture quickly becomes unstable. We introduce GigaGAN, a new GAN architecture that far exceeds this limit, demonstrating GANs as a viable option for text-to-image synthesis. GigaGAN offers three major advantages. First, it is orders of magnitude faster at inference time, taking only 0.13 seconds to synthesize a 512px image. Second, it can synthesize high-resolution images, for example, 16-megapixel pixels in 3.66 seconds. Finally, GigaGAN supports various latent space editing applications such as latent interpolation, style mixing, and vector arithmetic operations.

Title: A classification of S-boxes generated by Orthogonal Cellular Automata. (arXiv:2303.05228v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2303.05228
• Code URL: https://github.com/rymoah/orthogonal-ca-sboxes
• Copy Paste: [[2303.05228] A classification of S-boxes generated by Orthogonal Cellular Automata](http://arxiv.org/abs/2303.05228) #diffusion
• Summary:

  Most of the approaches published in the literature to construct S-boxes via Cellular Automata (CA) work by either iterating a finite CA for several time steps, or by a one-shot application of the global rule. The main characteristic that brings together these works is that they employ a single CA rule to define the vectorial Boolean function of the S-box. In this work, we explore a different direction for the design of S-boxes that leverages on Orthogonal CA (OCA), i.e. pairs of CA rules giving rise to orthogonal Latin squares. The motivation stands on the facts that an OCA pair already defines a bijective transformation, and moreover the orthogonality property of the resulting Latin squares ensures a minimum amount of diffusion. We exhaustively enumerate all S-boxes generated by OCA pairs of diameter $4 \le d \le 6$, and measure their nonlinearity. Interestingly, we observe that for $d=4$ and $d=5$ all S-boxes are linear, despite the underlying CA local rules being nonlinear. The smallest nonlinear S-boxes emerges for $d=6$, but their nonlinearity is still too low to be used in practice. Nonetheless, we unearth an interesting structure of linear OCA S-boxes, proving that their Linear Components Space (LCS) is itself the image of a linear CA, or equivalently a polynomial code. We finally classify all linear OCA S-boxes in terms of their generator polynomials.

Title: Restoration based Generative Models. (arXiv:2303.05456v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2303.05456
• Code URL: null
• Copy Paste: [[2303.05456] Restoration based Generative Models](http://arxiv.org/abs/2303.05456) #diffusion
• Summary:

  Denoising diffusion models (DDMs) have recently attracted increasing attention by showing impressive synthesis quality. DDMs are built on a diffusion process that pushes data to the noise distribution and the models learn to denoise. In this paper, we establish the interpretation of DDMs in terms of image restoration (IR). Integrating IR literature allows us to use an alternative objective and diverse forward processes, not confining to the diffusion process. By imposing prior knowledge on the loss function grounded on MAP-based estimation, we eliminate the need for the expensive sampling of DDMs. Also, we propose a multi-scale training, which improves the performance compared to the diffusion process, by taking advantage of the flexibility of the forward process. Experimental results demonstrate that our model improves the quality and efficiency of both training and inference. Furthermore, we show the applicability of our model to inverse problems. We believe that our framework paves the way for designing a new type of flexible general generative model.