secure

Title: Unconditionally Secure Non-malleable Secret Sharing and Circular External Difference Families. (arXiv:2305.09405v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09405
• Code URL: null
• Copy Paste: [[2305.09405] Unconditionally Secure Non-malleable Secret Sharing and Circular External Difference Families](http://arxiv.org/abs/2305.09405) #secure
• Summary:

  Various notions of non-malleable secret sharing schemes have been considered. In this paper, we review the existing work on non-malleable secret sharing and suggest a novel game-based definition. We provide a new construction of an unconditionally secure non-malleable threshold scheme with respect to a specified relation. To do so, we introduce a new type of algebraic manipulation detection (AMD) code and construct examples of new variations of external difference families, which are of independent combinatorial interest.

Title: Time for Change: How Clocks Break UWB Secure Ranging. (arXiv:2305.09433v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09433
• Code URL: null
• Copy Paste: [[2305.09433] Time for Change: How Clocks Break UWB Secure Ranging](http://arxiv.org/abs/2305.09433) #secure
• Summary:

  Due to its suitability for wireless ranging, Ultra-Wide Band (UWB) has gained traction over the past years. UWB chips have been integrated into consumer electronics and considered for security-relevant use cases, such as access control or contactless payments. However, several publications in the recent past have shown that it is difficult to protect the integrity of instance measurements on the physical layer. In this paper, we identify transceiver clock imperfections as a new, important parameter that has been widely ignored so far. We present Mix-Down and Stretch-and-Advance, two novel attacks against the current (IEEE 802.15.4z) and the upcoming (IEEE 802.15.4ab) UWB standard, respectively. We demonstrate Mix-Down on commercial chips and achieve distance reduction from 10 m to 0 m. For the Stretch-and-Advance attack, we show analytically that the current proposal of IEEE 802.15.4ab allows reductions of over 90 m. In order to prevent the attack, we propose and analyze an effective countermeasure.

Title: Secure compilation of rich smart contracts on poor UTXO blockchains. (arXiv:2305.09545v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09545
• Code URL: null
• Copy Paste: [[2305.09545] Secure compilation of rich smart contracts on poor UTXO blockchains](http://arxiv.org/abs/2305.09545) #secure
• Summary:

  Most blockchain platforms from Ethereum onwards render smart contracts as stateful reactive objects that update their state and transfer crypto-assets in response to transactions. In this way, they support the development of contracts in the imperative procedural paradigm, familiar to most programmers. A drawback of this design choice is that when a user submits a transaction, they cannot predict in which state it will be executed, exposing them to transaction-ordering attacks. The UTXO model is an alternative blockchain design that thwarts these attacks by requiring new transactions to spend past ones: since transactions have unique identifiers, reordering attacks are ineffective. Currently, the blockchains following the UTXO model either provide contracts with limited expressiveness (Bitcoin), or require complex run-time environments and unfamiliar programming abstractions (Cardano). We present a framework for smart contracts in the UTXO model, that allows expressive contracts to be securely executed by bare-bone UTXO blockchains with loop-free scripts enriched with covenants, and supports the familiar procedural programming style.

security

Title: Unlearnable Examples Give a False Sense of Security: Piercing through Unexploitable Data with Learnable Examples. (arXiv:2305.09241v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09241
• Code URL: null
• Copy Paste: [[2305.09241] Unlearnable Examples Give a False Sense of Security: Piercing through Unexploitable Data with Learnable Examples](http://arxiv.org/abs/2305.09241) #security
• Summary:

  Safeguarding data from unauthorized exploitation is vital for privacy and security, especially in recent rampant research in security breach such as adversarial/membership attacks. To this end, \textit{unlearnable examples} (UEs) have been recently proposed as a compelling protection, by adding imperceptible perturbation to data so that models trained on them cannot classify them accurately on original clean distribution. Unfortunately, we find UEs provide a false sense of security, because they cannot stop unauthorized users from utilizing other unprotected data to remove the protection, by turning unlearnable data into learnable again. Motivated by this observation, we formally define a new threat by introducing \textit{learnable unauthorized examples} (LEs) which are UEs with their protection removed. The core of this approach is a novel purification process that projects UEs onto the manifold of LEs. This is realized by a new joint-conditional diffusion model which denoises UEs conditioned on the pixel and perceptual similarity between UEs and LEs. Extensive experiments demonstrate that LE delivers state-of-the-art countering performance against both supervised UEs and unsupervised UEs in various scenarios, which is the first generalizable countermeasure to UEs across supervised learning and unsupervised learning.

Title: Survey of Malware Analysis through Control Flow Graph using Machine Learning. (arXiv:2305.08993v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.08993
• Code URL: null
• Copy Paste: [[2305.08993] Survey of Malware Analysis through Control Flow Graph using Machine Learning](http://arxiv.org/abs/2305.08993) #security
• Summary:

  Malware is a significant threat to the security of computer systems and networks which requires sophisticated techniques to analyze the behavior and functionality for detection. Traditional signature-based malware detection methods have become ineffective in detecting new and unknown malware due to their rapid evolution. One of the most promising techniques that can overcome the limitations of signature-based detection is to use control flow graphs (CFGs). CFGs leverage the structural information of a program to represent the possible paths of execution as a graph, where nodes represent instructions and edges represent control flow dependencies. Machine learning (ML) algorithms are being used to extract these features from CFGs and classify them as malicious or benign. In this survey, we aim to review some state-of-the-art methods for malware detection through CFGs using ML, focusing on the different ways of extracting, representing, and classifying. Specifically, we present a comprehensive overview of different types of CFG features that have been used as well as different ML algorithms that have been applied to CFG-based malware detection. We provide an in-depth analysis of the challenges and limitations of these approaches, as well as suggest potential solutions to address some open problems and promising future directions for research in this field.

Title: A Review of Data-driven Approaches for Malicious Website Detection. (arXiv:2305.09084v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09084
• Code URL: null
• Copy Paste: [[2305.09084] A Review of Data-driven Approaches for Malicious Website Detection](http://arxiv.org/abs/2305.09084) #security
• Summary:

  The detection of malicious websites has become a critical issue in cybersecurity. Therefore, this paper offers a comprehensive review of data-driven methods for detecting malicious websites. Traditional approaches and their limitations are discussed, followed by an overview of data-driven approaches. The paper establishes the data-feature-model-extension pipeline and the latest research developments of data-driven approaches, including data preprocessing, feature extraction, model construction and technology extension. Specifically, this paper compares methods using deep learning models proposed in recent years. Furthermore, the paper follows the data-feature-model-extension pipeline to discuss the challenges together with some future directions of data-driven methods in malicious website detection.

Title: Security Evaluation of Thermal Covert-channels on SmartSSDs. (arXiv:2305.09115v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09115
• Code URL: null
• Copy Paste: [[2305.09115] Security Evaluation of Thermal Covert-channels on SmartSSDs](http://arxiv.org/abs/2305.09115) #security
• Summary:

  Continued expansion of cloud computing offerings now includes SmartSSDs. A SmartSSD is a solid-state disk (SSD) augmented with an FPGA. Through public cloud providers, it is now possible to rent on-demand virtual machines enabled with SmartSSDs. Because of the FPGA component of the SmartSSD, cloud users who access the SmartSSD can instantiate custom circuits within the FPGA. This includes possibly malicious circuits for measurement of power and temperature. Normally, cloud users have no remote access to power and temperature data, but with SmartSSDs they could abuse the FPGA component to learn this information. This paper shows for the first time that heat generated by a cloud user accessing the SSD component of the SmartSSD and the resulting temperature increase, can be measured by a different cloud user accessing the FPGA component of the same SmartSSD by using the ring oscillators circuits to measure temperature. The thermal state remains elevated for a few minutes after the SSD is heated up and can be measured from the FPGA side by a subsequent user for up to a few minutes after the SSD heating is done. Further, in a future multi-tenant SmartSSD setting, the thermal changes can be measured in parallel if one user controls the SSD and the other the FPGA. Based on this temporal thermal state of the SmartSSD, a novel thermal communication channel is demonstrated for the first time.

Title: Security Enhancement of Quantum Noise Stream Cipher Based on Probabilistic Constellation Shaping. (arXiv:2305.09152v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09152
• Code URL: null
• Copy Paste: [[2305.09152] Security Enhancement of Quantum Noise Stream Cipher Based on Probabilistic Constellation Shaping](http://arxiv.org/abs/2305.09152) #security
• Summary:

  We propose a QNSC pre-coding scheme based on probabilistic shaping of the basis, to reduce the probability of ciphertext bits that are easier to be intercepted. Experiment results show this scheme can improve the security performance by 100% in terms of Eve's cipher text BER.

Title: A Multi-Client Searchable Encryption Scheme for IoT Environment. (arXiv:2305.09221v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09221
• Code URL: null
• Copy Paste: [[2305.09221] A Multi-Client Searchable Encryption Scheme for IoT Environment](http://arxiv.org/abs/2305.09221) #security
• Summary:

  The proliferation of connected devices through Internet connectivity presents both opportunities for smart applications and risks to security and privacy. It is vital to proactively address these concerns to fully leverage the potential of the Internet of Things. IoT services where one data owner serves multiple clients, like smart city transportation, smart building management and healthcare can offer benefits but also bring cybersecurity and data privacy risks. For example, in healthcare, a hospital may collect data from medical devices and make it available to multiple clients such as researchers and pharmaceutical companies. This data can be used to improve medical treatments and research but if not protected, it can also put patients' personal information at risk. To ensure the benefits of these services, it is important to implement proper security and privacy measures. In this paper, we propose a symmetric searchable encryption scheme with dynamic updates on a database that has a single owner and multiple clients for IoT environments. Our proposed scheme supports both forward and backward privacy. Additionally, our scheme supports a decentralized storage environment in which data owners can outsource data across multiple servers or even across multiple service providers to improve security and privacy. Further, it takes a minimum amount of effort and costs to revoke a client's access to our system at any time. The performance and formal security analyses of the proposed scheme show that our scheme provides better functionality, and security and is more efficient in terms of computation and storage than the closely related works.

Title: A SKG Security Challenge: Indoor SKG Under an On-The-Shoulder Eavesdropping Attack. (arXiv:2305.09251v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09251
• Code URL: null
• Copy Paste: [[2305.09251] A SKG Security Challenge: Indoor SKG Under an On-The-Shoulder Eavesdropping Attack](http://arxiv.org/abs/2305.09251) #security
• Summary:

  Physical layer security (PLS) is seen as the means to enhance physical layer trustworthiness in 6G. This work provides a proof-of-concept for one of the most mature PLS technologies, i.e., secret key generation (SKG) from wireless fading coefficients during the channel's coherence time. As opposed to other works, where only specific parts of the protocol are typically investigated, here, we implement the full SKG chain in four indoor experimental campaigns. In detail, we consider two legitimate nodes, who use the wireless channel to extract secret keys and a malicious node placed in the immediate vicinity of one of them, who acts as a passive eavesdropper. To estimate the final SKG rate we evaluate the conditional min-entropy by taking into account all information available to the eavesdropper. Finally, we use this paper to announce the first ever physical layer security challenge, mirroring practices in cryptography. We call the community to scrutinize the presented results and try to ``break'' our SKG implementation. To this end, we provide, i) the full dataset observed by the eavesdroppers and all algorithms used, ii) $20$ blocks of $16-$byte long ciphertexts, encrypted using AES-256 with $20$ distilled secret keys, and, iii) all codes and software used in our SKG implementation. An attack will be considered successful if any part(s) of the plaintext are successfully retrieved.

Title: Challenges with the Application of Cyber Security for Airworthiness (CSA) in Real-World Contexts. (arXiv:2305.09261v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09261
• Code URL: null
• Copy Paste: [[2305.09261] Challenges with the Application of Cyber Security for Airworthiness (CSA) in Real-World Contexts](http://arxiv.org/abs/2305.09261) #security
• Summary:

  The ever increasing push towards reliance upon computerised technology in commercial, general, and military aerospace brings with it an increasing amount of potential cyber hazards and attacks. Consequently, the variety of attack vectors is greater than ever. Recognized Good Practice standards such as DO 326A and ED 202A attempt to address this by providing guidelines for cyber security on in-service aircraft, though implementation work for such initiatives is still in early stages. From previous work on in service aircraft, the authors have determined that one of the key challenges is that of the retrospective application of new regulations to existing designs. This can present significant requirements for time, money, and Suitably Qualified and Experienced Personnel resource, things which are often in already limited supply in military environments. The authors have previously explored efficient ways of approaching compliance, with promising results. There is still the need to consider this retroactivity challenge in tandem with other key factors affecting the application of CSA, in order to determine any more potential mitigating actions that could lower the barrier to effective and efficient implementation of secure approaches in the air domain. This work explores the interrelated challenges surrounding real-world applications of CSA and the beginnings of how these may be overcome.

Title: Your Identity is Your Behavior -- Continuous User Authentication based on Machine Learning and Touch Dynamics. (arXiv:2305.09482v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09482
• Code URL: null
• Copy Paste: [[2305.09482] Your Identity is Your Behavior -- Continuous User Authentication based on Machine Learning and Touch Dynamics](http://arxiv.org/abs/2305.09482) #security
• Summary:

  The aim of this research paper is to look into the use of continuous authentication with mobile touch dynamics, using three different algorithms: Neural Network, Extreme Gradient Boosting, and Support Vector Machine. Mobile devices are constantly increasing in popularity in the world, today smartphone subscriptions have surpassed 6 billion. Mobile touch dynamics refer to the distinct patterns of how a user interacts with their mobile device, this includes factors such as touch pressure, swipe speed, and touch duration. Continuous authentication refers to the process of continuously verifying a user's identity while they are using a device, rather than just at the initial login. This research used a dataset of touch dynamics collected from 40 subjects using the LG V30+. The participants played four mobile games, PUBG, Diep.io, Slither, and Minecraft, for 10 minutes each game. The three algorithms were trained and tested on the extracted dataset, and their performance was evaluated based on metrics such as accuracy, precision, false negative rate, and false positive rate. The results of the research showed that all three algorithms were able to effectively classify users based on their individual touch dynamics, with accuracy ranging from 80% to 95%. The Neural Network algorithm performed the best, achieving the highest accuracy and precision scores, followed closely by XGBoost and SVC. The data shows that continuous authentication using mobile touch dynamics has the potential to be a useful method for enhancing security and reducing the risk of unauthorized access to personal devices. This research also notes the importance of choosing the correct algorithm for a given dataset and use case, as different algorithms may have varying levels of performance depending on the specific task.

Title: HiNoVa: A Novel Open-Set Detection Method for Automating RF Device Authentication. (arXiv:2305.09594v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09594
• Code URL: null
• Copy Paste: [[2305.09594] HiNoVa: A Novel Open-Set Detection Method for Automating RF Device Authentication](http://arxiv.org/abs/2305.09594) #security
• Summary:

  New capabilities in wireless network security have been enabled by deep learning, which leverages patterns in radio frequency (RF) data to identify and authenticate devices. Open-set detection is an area of deep learning that identifies samples captured from new devices during deployment that were not part of the training set. Past work in open-set detection has mostly been applied to independent and identically distributed data such as images. In contrast, RF signal data present a unique set of challenges as the data forms a time series with non-linear time dependencies among the samples. We introduce a novel open-set detection approach based on the patterns of the hidden state values within a Convolutional Neural Network (CNN) Long Short-Term Memory (LSTM) model. Our approach greatly improves the Area Under the Precision-Recall Curve on LoRa, Wireless-WiFi, and Wired-WiFi datasets, and hence, can be used successfully to monitor and control unauthorized network access of wireless devices.

privacy

Title: Trustworthy Privacy-preserving Hierarchical Ensemble and Federated Learning in Healthcare 4.0 with Blockchain. (arXiv:2305.09209v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09209
• Code URL: null
• Copy Paste: [[2305.09209] Trustworthy Privacy-preserving Hierarchical Ensemble and Federated Learning in Healthcare 4](http://arxiv.org/abs/2305.09209) #privacy
• Summary:

  The advancement of Internet and Communication Technologies (ICTs) has led to the era of Industry 4.0. This shift is followed by healthcare industries creating the term Healthcare 4.0. In Healthcare 4.0, the use of IoT-enabled medical imaging devices for early disease detection has enabled medical practitioners to increase healthcare institutions' quality of service. However, Healthcare 4.0 is still lagging in Artificial Intelligence and big data compared to other Industry 4.0 due to data privacy concerns. In addition, institutions' diverse storage and computing capabilities restrict institutions from incorporating the same training model structure. This paper presents a secure multi-party computation-based ensemble federated learning with blockchain that enables heterogeneous models to collaboratively learn from healthcare institutions' data without violating users' privacy. Blockchain properties also allow the party to enjoy data integrity without trust in a centralized server while also providing each healthcare institution with auditability and version control capability.

Title: Privacy-Preserving Ensemble Infused Enhanced Deep Neural Network Framework for Edge Cloud Convergence. (arXiv:2305.09224v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09224
• Code URL: null
• Copy Paste: [[2305.09224] Privacy-Preserving Ensemble Infused Enhanced Deep Neural Network Framework for Edge Cloud Convergence](http://arxiv.org/abs/2305.09224) #privacy
• Summary:

  We propose a privacy-preserving ensemble infused enhanced Deep Neural Network (DNN) based learning framework in this paper for Internet-of-Things (IoT), edge, and cloud convergence in the context of healthcare. In the convergence, edge server is used for both storing IoT produced bioimage and hosting DNN algorithm for local model training. The cloud is used for ensembling local models. The DNN-based training process of a model with a local dataset suffers from low accuracy, which can be improved by the aforementioned convergence and Ensemble Learning. The ensemble learning allows multiple participants to outsource their local model for producing a generalized final model with high accuracy. Nevertheless, Ensemble Learning elevates the risk of leaking sensitive private data from the final model. The proposed framework presents a Differential Privacy-based privacy-preserving DNN with Transfer Learning for a local model generation to ensure minimal loss and higher efficiency at edge server. We conduct several experiments to evaluate the performance of our proposed framework.

Title: Private Everlasting Prediction. (arXiv:2305.09579v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09579
• Code URL: null
• Copy Paste: [[2305.09579] Private Everlasting Prediction](http://arxiv.org/abs/2305.09579) #privacy
• Summary:

  A private learner is trained on a sample of labeled points and generates a hypothesis that can be used for predicting the labels of newly sampled points while protecting the privacy of the training set [Kasiviswannathan et al., FOCS 2008]. Research uncovered that private learners may need to exhibit significantly higher sample complexity than non-private learners as is the case with, e.g., learning of one-dimensional threshold functions [Bun et al., FOCS 2015, Alon et al., STOC 2019].

We explore prediction as an alternative to learning. Instead of putting forward a hypothesis, a predictor answers a stream of classification queries. Earlier work has considered a private prediction model with just a single classification query [Dwork and Feldman, COLT 2018]. We observe that when answering a stream of queries, a predictor must modify the hypothesis it uses over time, and, furthermore, that it must use the queries for this modification, hence introducing potential privacy risks with respect to the queries themselves.

We introduce private everlasting prediction taking into account the privacy of both the training set and the (adaptively chosen) queries made to the predictor. We then present a generic construction of private everlasting predictors in the PAC model. The sample complexity of the initial training sample in our construction is quadratic (up to polylog factors) in the VC dimension of the concept class. Our construction allows prediction for all concept classes with finite VC dimension, and in particular threshold functions with constant size initial training sample, even when considered over infinite domains, whereas it is known that the sample complexity of privately learning threshold functions must grow as a function of the domain size and hence is impossible for infinite domains.

Title: Learning from Aggregated Data: Curated Bags versus Random Bags. (arXiv:2305.09557v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09557
• Code URL: null
• Copy Paste: [[2305.09557] Learning from Aggregated Data: Curated Bags versus Random Bags](http://arxiv.org/abs/2305.09557) #privacy
• Summary:

  Protecting user privacy is a major concern for many machine learning systems that are deployed at scale and collect from a diverse set of population. One way to address this concern is by collecting and releasing data labels in an aggregated manner so that the information about a single user is potentially combined with others. In this paper, we explore the possibility of training machine learning models with aggregated data labels, rather than individual labels. Specifically, we consider two natural aggregation procedures suggested by practitioners: curated bags where the data points are grouped based on common features and random bags where the data points are grouped randomly in bag of similar sizes. For the curated bag setting and for a broad range of loss functions, we show that we can perform gradient-based learning without any degradation in performance that may result from aggregating data. Our method is based on the observation that the sum of the gradients of the loss function on individual data examples in a curated bag can be computed from the aggregate label without the need for individual labels. For the random bag setting, we provide a generalization risk bound based on the Rademacher complexity of the hypothesis class and show how empirical risk minimization can be regularized to achieve the smallest risk bound. In fact, in the random bag setting, there is a trade-off between size of the bag and the achievable error rate as our bound indicates. Finally, we conduct a careful empirical study to confirm our theoretical findings. In particular, our results suggest that aggregate learning can be an effective method for preserving user privacy while maintaining model accuracy.

protect

Title: Measuring Implicit Bias Using SHAP Feature Importance and Fuzzy Cognitive Maps. (arXiv:2305.09399v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09399
• Code URL: https://github.com/LisaKouts/Implicit_bias_FCMs/tree/main/Code_IntelliSys2023_submission
• Copy Paste: [[2305.09399] Measuring Implicit Bias Using SHAP Feature Importance and Fuzzy Cognitive Maps](http://arxiv.org/abs/2305.09399) #protect
• Summary:

  In this paper, we integrate the concepts of feature importance with implicit bias in the context of pattern classification. This is done by means of a three-step methodology that involves (i) building a classifier and tuning its hyperparameters, (ii) building a Fuzzy Cognitive Map model able to quantify implicit bias, and (iii) using the SHAP feature importance to active the neural concepts when performing simulations. The results using a real case study concerning fairness research support our two-fold hypothesis. On the one hand, it is illustrated the risks of using a feature importance method as an absolute tool to measure implicit bias. On the other hand, it is concluded that the amount of bias towards protected features might differ depending on whether the features are numerically or categorically encoded.

defense

Title: Releasing Inequlity Phenomena in $L_{\infty}$-Adversarial Training via Input Gradient Distillation. (arXiv:2305.09305v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09305
• Code URL: null
• Copy Paste: [[2305.09305] Releasing Inequlity Phenomena in $L_{\infty}$-Adversarial Training via Input Gradient Distillation](http://arxiv.org/abs/2305.09305) #defense
• Summary:

  Since adversarial examples appeared and showed the catastrophic degradation they brought to DNN, many adversarial defense methods have been devised, among which adversarial training is considered the most effective. However, a recent work showed the inequality phenomena in $l_{\infty}$-adversarial training and revealed that the $l_{\infty}$-adversarially trained model is vulnerable when a few important pixels are perturbed by i.i.d. noise or occluded. In this paper, we propose a simple yet effective method called Input Gradient Distillation to release the inequality phenomena in $l_{\infty}$-adversarial training. Experiments show that while preserving the model's adversarial robustness, Input Gradient Distillation improves the model's robustness to i.i.d. noise and occlusion. Moreover, we formally explain why the equality of the model's saliency map can improve the model's robustness to i.i.d. noise or occlusion. Github:https://github.com/fhdnskfbeuv/Inuput-Gradient-Distillation

Title: Trojan Playground: A Reinforcement Learning Framework for Hardware Trojan Insertion and Detection. (arXiv:2305.09592v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09592
• Code URL: null
• Copy Paste: [[2305.09592] Trojan Playground: A Reinforcement Learning Framework for Hardware Trojan Insertion and Detection](http://arxiv.org/abs/2305.09592) #defense
• Summary:

  Current Hardware Trojan (HT) detection techniques are mostly developed based on a limited set of HT benchmarks. Existing HT benchmarks circuits are generated with multiple shortcomings, i.e., i) they are heavily biased by the designers' mindset when they are created, and ii) they are created through a one-dimensional lens, mainly the signal activity of nets. To address these shortcomings, we introduce the first automated reinforcement learning (RL) HT insertion and detection framework. In the insertion phase, an RL agent explores the circuits and finds different locations that are best for keeping inserted HTs hidden. On the defense side, we introduce a multi-criteria RL-based detector that generates test vectors to discover the existence of HTs. Using the proposed framework, one can explore the HT insertion and detection design spaces to break the human mindset limitations as well as the benchmark issues, ultimately leading toward the next-generation of innovative detectors. Our HT toolset is open-source to accelerate research in this field and reduce the initial setup time for newcomers. We demonstrate the efficacy of our framework on ISCAS-85 benchmarks and provide the attack and detection success rates and define a methodology for comparing our techniques.

attack

Title: EXPRESSNET: An Explainable Residual Slim Network for Fingerprint Presentation Attack Detection. (arXiv:2305.09397v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09397
• Code URL: null
• Copy Paste: [[2305.09397] EXPRESSNET: An Explainable Residual Slim Network for Fingerprint Presentation Attack Detection](http://arxiv.org/abs/2305.09397) #attack
• Summary:

  Presentation attack is a challenging issue that persists in the security of automatic fingerprint recognition systems. This paper proposes a novel explainable residual slim network that detects the presentation attack by representing the visual features in the input fingerprint sample. The encoder-decoder of this network along with the channel attention block converts the input sample into its heatmap representation while the modified residual convolutional neural network classifier discriminates between live and spoof fingerprints. The entire architecture of the heatmap generator block and modified ResNet classifier works together in an end-to-end manner. The performance of the proposed model is validated on benchmark liveness detection competition databases i.e. Livdet 2011, 2013, 2015, 2017, and 2019 and the classification accuracy of 96.86\%, 99.84\%, 96.45\%, 96.07\%, 96.27\% are achieved on them, respectively. The performance of the proposed model is compared with the state-of-the-art techniques, and the proposed method outperforms state-of-the-art methods in benchmark protocols of presentation attack detection in terms of classification accuracy.

Title: UOR: Universal Backdoor Attacks on Pre-trained Language Models. (arXiv:2305.09574v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09574
• Code URL: null
• Copy Paste: [[2305.09574] UOR: Universal Backdoor Attacks on Pre-trained Language Models](http://arxiv.org/abs/2305.09574) #attack
• Summary:

  Backdoors implanted in pre-trained language models (PLMs) can be transferred to various downstream tasks, which exposes a severe security threat. However, most existing backdoor attacks against PLMs are un-targeted and task-specific. Few targeted and task-agnostic methods use manually pre-defined triggers and output representations, which prevent the attacks from being more effective and general. In this paper, we first summarize the requirements that a more threatening backdoor attack against PLMs should satisfy, and then propose a new backdoor attack method called UOR, which breaks the bottleneck of the previous approach by turning manual selection into automatic optimization. Specifically, we define poisoned supervised contrastive learning which can automatically learn the more uniform and universal output representations of triggers for various PLMs. Moreover, we use gradient search to select appropriate trigger words which can be adaptive to different PLMs and vocabularies. Experiments show that our method can achieve better attack performance on various text classification tasks compared to manual methods. Further, we tested our method on PLMs with different architectures, different usage paradigms, and more difficult tasks, which demonstrated the universality of our method.

Title: Ortho-ODE: Enhancing Robustness and of Neural ODEs against Adversarial Attacks. (arXiv:2305.09179v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09179
• Code URL: null
• Copy Paste: [[2305.09179] Ortho-ODE: Enhancing Robustness and of Neural ODEs against Adversarial Attacks](http://arxiv.org/abs/2305.09179) #attack
• Summary:

  Neural Ordinary Differential Equations (NODEs) probed the usage of numerical solvers to solve the differential equation characterized by a Neural Network (NN), therefore initiating a new paradigm of deep learning models with infinite depth. NODEs were designed to tackle the irregular time series problem. However, NODEs have demonstrated robustness against various noises and adversarial attacks. This paper is about the natural robustness of NODEs and examines the cause behind such surprising behaviour. We show that by controlling the Lipschitz constant of the ODE dynamics the robustness can be significantly improved. We derive our approach from Grownwall's inequality. Further, we draw parallels between contractivity theory and Grownwall's inequality. Experimentally we corroborate the enhanced robustness on numerous datasets - MNIST, CIFAR-10, and CIFAR 100. We also present the impact of adaptive and non-adaptive solvers on the robustness of NODEs.

Title: Comprehensively Analyzing the Impact of Cyberattacks on Power Grids. (arXiv:2305.09390v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09390
• Code URL: null
• Copy Paste: [[2305.09390] Comprehensively Analyzing the Impact of Cyberattacks on Power Grids](http://arxiv.org/abs/2305.09390) #attack
• Summary:

  The increasing digitalization of power grids and especially the shift towards IP-based communication drastically increase the susceptibility to cyberattacks, potentially leading to blackouts and physical damage. Understanding the involved risks, the interplay of communication and physical assets, and the effects of cyberattacks are paramount for the uninterrupted operation of this critical infrastructure. However, as the impact of cyberattacks cannot be researched in real-world power grids, current efforts tend to focus on analyzing isolated aspects at small scales, often covering only either physical or communication assets. To fill this gap, we present WATTSON, a comprehensive research environment that facilitates reproducing, implementing, and analyzing cyberattacks against power grids and, in particular, their impact on both communication and physical processes. We validate WATTSON's accuracy against a physical testbed and show its scalability to realistic power grid sizes. We then perform authentic cyberattacks, such as Industroyer, within the environment and study their impact on the power grid's energy and communication side. Besides known vulnerabilities, our results reveal the ripple effects of susceptible communication on complex cyber-physical processes and thus lay the foundation for effective countermeasures.

Title: Reconstruction-based LSTM-Autoencoder for Anomaly-based DDoS Attack Detection over Multivariate Time-Series Data. (arXiv:2305.09475v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09475
• Code URL: null
• Copy Paste: [[2305.09475] Reconstruction-based LSTM-Autoencoder for Anomaly-based DDoS Attack Detection over Multivariate Time-Series Data](http://arxiv.org/abs/2305.09475) #attack
• Summary:

  A Distributed Denial-of-service (DDoS) attack is a malicious attempt to disrupt the regular traffic of a targeted server, service, or network by sending a flood of traffic to overwhelm the target or its surrounding infrastructure. As technology improves, new attacks have been developed by hackers. Traditional statistical and shallow machine learning techniques can detect superficial anomalies based on shallow data and feature selection, however, these approaches cannot detect unseen DDoS attacks. In this context, we propose a reconstruction-based anomaly detection model named LSTM-Autoencoder (LSTM-AE) which combines two deep learning-based models for detecting DDoS attack anomalies. The proposed structure of long short-term memory (LSTM) networks provides units that work with each other to learn the long short-term correlation of data within a time series sequence. Autoencoders are used to identify the optimal threshold based on the reconstruction error rates evaluated on each sample across all time-series sequences. As such, a combination model LSTM-AE can not only learn delicate sub-pattern differences in attacks and benign traffic flows, but also minimize reconstructed benign traffic to obtain a lower range reconstruction error, with attacks presenting a larger reconstruction error. In this research, we trained and evaluated our proposed LSTM-AE model on reflection-based DDoS attacks (DNS, LDAP, and SNMP). The results of our experiments demonstrate that our method performs better than other state-of-the-art methods, especially for LDAP attacks, with an accuracy of over 99.

Title: ANALYSE -- Learning to Attack Cyber-Physical Energy Systems With Intelligent Agents. (arXiv:2305.09476v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09476
• Code URL: null
• Copy Paste: [[2305.09476] ANALYSE -- Learning to Attack Cyber-Physical Energy Systems With Intelligent Agents](http://arxiv.org/abs/2305.09476) #attack
• Summary:

  The ongoing penetration of energy systems with information and communications technology (ICT) and the introduction of new markets increase the potential for malicious or profit-driven attacks that endanger system stability. To ensure security-of-supply, it is necessary to analyze such attacks and their underlying vulnerabilities, to develop countermeasures and improve system design. We propose ANALYSE, a machine-learning-based software suite to let learning agents autonomously find attacks in cyber-physical energy systems, consisting of the power system, ICT, and energy markets. ANALYSE is a modular, configurable, and self-documenting framework designed to find yet unknown attack types and to reproduce many known attack strategies in cyber-physical energy systems from the scientific literature.

Title: Training Neural Networks without Backpropagation: A Deeper Dive into the Likelihood Ratio Method. (arXiv:2305.08960v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.08960
• Code URL: null
• Copy Paste: [[2305.08960] Training Neural Networks without Backpropagation: A Deeper Dive into the Likelihood Ratio Method](http://arxiv.org/abs/2305.08960) #attack
• Summary:

  Backpropagation (BP) is the most important gradient estimation method for training neural networks in deep learning. However, the literature shows that neural networks trained by BP are vulnerable to adversarial attacks. We develop the likelihood ratio (LR) method, a new gradient estimation method, for training a broad range of neural network architectures, including convolutional neural networks, recurrent neural networks, graph neural networks, and spiking neural networks, without recursive gradient computation. We propose three methods to efficiently reduce the variance of the gradient estimation in the neural network training process. Our experiments yield numerical results for training different neural networks on several datasets. All results demonstrate that the LR method is effective for training various neural networks and significantly improves the robustness of the neural networks under adversarial attacks relative to the BP method.

robust

Title: DopUS-Net: Quality-Aware Robotic Ultrasound Imaging based on Doppler Signal. (arXiv:2305.08938v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.08938
• Code URL: https://github.com/felixduelmer/dopus
• Copy Paste: [[2305.08938] DopUS-Net: Quality-Aware Robotic Ultrasound Imaging based on Doppler Signal](http://arxiv.org/abs/2305.08938) #robust
• Summary:

  Medical ultrasound (US) is widely used to evaluate and stage vascular diseases, in particular for the preliminary screening program, due to the advantage of being radiation-free. However, automatic segmentation of small tubular structures (e.g., the ulnar artery) from cross-sectional US images is still challenging. To address this challenge, this paper proposes the DopUS-Net and a vessel re-identification module that leverage the Doppler effect to enhance the final segmentation result. Firstly, the DopUS-Net combines the Doppler images with B-mode images to increase the segmentation accuracy and robustness of small blood vessels. It incorporates two encoders to exploit the maximum potential of the Doppler signal and recurrent neural network modules to preserve sequential information. Input to the first encoder is a two-channel duplex image representing the combination of the grey-scale Doppler and B-mode images to ensure anatomical spatial correctness. The second encoder operates on the pure Doppler images to provide a region proposal. Secondly, benefiting from the Doppler signal, this work first introduces an online artery re-identification module to qualitatively evaluate the real-time segmentation results and automatically optimize the probe pose for enhanced Doppler images. This quality-aware module enables the closed-loop control of robotic screening to further improve the confidence and robustness of image segmentation. The experimental results demonstrate that the proposed approach with the re-identification process can significantly improve the accuracy and robustness of the segmentation results (dice score: from 0:54 to 0:86; intersection over union: from 0:47 to 0:78).

Title: Lightweight Self-Knowledge Distillation with Multi-source Information Fusion. (arXiv:2305.09183v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09183
• Code URL: https://github.com/xucong-parsifal/lightskd
• Copy Paste: [[2305.09183] Lightweight Self-Knowledge Distillation with Multi-source Information Fusion](http://arxiv.org/abs/2305.09183) #robust
• Summary:

  Knowledge Distillation (KD) is a powerful technique for transferring knowledge between neural network models, where a pre-trained teacher model is used to facilitate the training of the target student model. However, the availability of a suitable teacher model is not always guaranteed. To address this challenge, Self-Knowledge Distillation (SKD) attempts to construct a teacher model from itself. Existing SKD methods add Auxiliary Classifiers (AC) to intermediate layers of the model or use the history models and models with different input data within the same class. However, these methods are computationally expensive and only capture time-wise and class-wise features of data. In this paper, we propose a lightweight SKD framework that utilizes multi-source information to construct a more informative teacher. Specifically, we introduce a Distillation with Reverse Guidance (DRG) method that considers different levels of information extracted by the model, including edge, shape, and detail of the input data, to construct a more informative teacher. Additionally, we design a Distillation with Shape-wise Regularization (DSR) method that ensures a consistent shape of ranked model output for all data. We validate the performance of the proposed DRG, DSR, and their combination through comprehensive experiments on various datasets and models. Our results demonstrate the superiority of the proposed methods over baselines (up to 2.87%) and state-of-the-art SKD methods (up to 1.15%), while being computationally efficient and robust. The code is available at https://github.com/xucong-parsifal/LightSKD.

Title: Noise robust neural network architecture. (arXiv:2305.09276v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09276
• Code URL: https://github.com/xiongyunuo/xnn
• Copy Paste: [[2305.09276] Noise robust neural network architecture](http://arxiv.org/abs/2305.09276) #robust
• Summary:

  In which we propose neural network architecture (dune neural network) for recognizing general noisy image without adding any artificial noise in the training data. By representing each free parameter of the network as an uncertainty interval, and applying a linear transformation to each input element, we show that the resulting architecture achieves decent noise robustness when faced with input data with white noise. We apply simple dune neural networks for MNIST dataset and demonstrate that even for very noisy input images which are hard for human to recognize, our approach achieved better test set accuracy than human without dataset augmentation. We also find that our method is robust for many other examples with various background patterns added.

Title: Latent Distribution Adjusting for Face Anti-Spoofing. (arXiv:2305.09285v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09285
• Code URL: null
• Copy Paste: [[2305.09285] Latent Distribution Adjusting for Face Anti-Spoofing](http://arxiv.org/abs/2305.09285) #robust
• Summary:

  With the development of deep learning, the field of face anti-spoofing (FAS) has witnessed great progress. FAS is usually considered a classification problem, where each class is assumed to contain a single cluster optimized by softmax loss. In practical deployment, one class can contain several local clusters, and a single-center is insufficient to capture the inherent structure of the FAS data. However, few approaches consider large distribution discrepancies in the field of FAS. In this work, we propose a unified framework called Latent Distribution Adjusting (LDA) with properties of latent, discriminative, adaptive, generic to improve the robustness of the FAS model by adjusting complex data distribution with multiple prototypes. 1) Latent. LDA attempts to model the data of each class as a Gaussian mixture distribution, and acquire a flexible number of centers for each class in the last fully connected layer implicitly. 2) Discriminative. To enhance the intra-class compactness and inter-class discrepancy, we propose a margin-based loss for providing distribution constrains for prototype learning. 3) Adaptive. To make LDA more efficient and decrease redundant parameters, we propose Adaptive Prototype Selection (APS) by selecting the appropriate number of centers adaptively according to different distributions. 4) Generic. Furthermore, LDA can adapt to unseen distribution by utilizing very few training data without re-training. Extensive experiments demonstrate that our framework can 1) make the final representation space both intra-class compact and inter-class separable, 2) outperform the state-of-the-art methods on multiple standard FAS benchmarks.

Title: Multi-modal Visual Understanding with Prompts for Semantic Information Disentanglement of Image. (arXiv:2305.09333v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09333
• Code URL: null
• Copy Paste: [[2305.09333] Multi-modal Visual Understanding with Prompts for Semantic Information Disentanglement of Image](http://arxiv.org/abs/2305.09333) #robust
• Summary:

  Multi-modal visual understanding of images with prompts involves using various visual and textual cues to enhance the semantic understanding of images. This approach combines both vision and language processing to generate more accurate predictions and recognition of images. By utilizing prompt-based techniques, models can learn to focus on certain features of an image to extract useful information for downstream tasks. Additionally, multi-modal understanding can improve upon single modality models by providing more robust representations of images. Overall, the combination of visual and textual information is a promising area of research for advancing image recognition and understanding. In this paper we will try an amount of prompt design methods and propose a new method for better extraction of semantic information

Title: A Novel Strategy for Improving Robustness in Computer Vision Manufacturing Defect Detection. (arXiv:2305.09407v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09407
• Code URL: null
• Copy Paste: [[2305.09407] A Novel Strategy for Improving Robustness in Computer Vision Manufacturing Defect Detection](http://arxiv.org/abs/2305.09407) #robust
• Summary:

  Visual quality inspection in high performance manufacturing can benefit from automation, due to cost savings and improved rigor. Deep learning techniques are the current state of the art for generic computer vision tasks like classification and object detection. Manufacturing data can pose a challenge for deep learning because data is highly repetitive and there are few images of defects or deviations to learn from. Deep learning models trained with such data can be fragile and sensitive to context, and can under-detect new defects not found in the training data. In this work, we explore training defect detection models to learn specific defects out of context, so that they are more likely to be detected in new situations. We demonstrate how models trained on diverse images containing a common defect type can pick defects out in new circumstances. Such generic models could be more robust to new defects not found data collected for training, and can reduce data collection impediments to implementing visual inspection on production lines. Additionally, we demonstrate that object detection models trained to predict a label and bounding box outperform classifiers that predict a label only on held out test data typical of manufacturing inspection tasks. Finally, we studied the factors that affect generalization in order to train models that work under a wider range of conditions.

Title: Progressive Translation: Improving Domain Robustness of Neural Machine Translation with Intermediate Sequences. (arXiv:2305.09154v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09154
• Code URL: https://github.com/chaojun-wang/progressive-translation
• Copy Paste: [[2305.09154] Progressive Translation: Improving Domain Robustness of Neural Machine Translation with Intermediate Sequences](http://arxiv.org/abs/2305.09154) #robust
• Summary:

  Previous studies show that intermediate supervision signals benefit various Natural Language Processing tasks. However, it is not clear whether there exist intermediate signals that benefit Neural Machine Translation (NMT). Borrowing techniques from Statistical Machine Translation, we propose intermediate signals which are intermediate sequences from the "source-like" structure to the "target-like" structure. Such intermediate sequences introduce an inductive bias that reflects a domain-agnostic principle of translation, which reduces spurious correlations that are harmful to out-of-domain generalisation. Furthermore, we introduce a full-permutation multi-task learning to alleviate the spurious causal relations from intermediate sequences to the target, which results from exposure bias. The Minimum Bayes Risk decoding algorithm is used to pick the best candidate translation from all permutations to further improve the performance. Experiments show that the introduced intermediate signals can effectively improve the domain robustness of NMT and reduces the amount of hallucinations on out-of-domain translation. Further analysis shows that our methods are especially promising in low-resource scenarios.

Title: Causal Analysis for Robust Interpretability of Neural Networks. (arXiv:2305.08950v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.08950
• Code URL: null
• Copy Paste: [[2305.08950] Causal Analysis for Robust Interpretability of Neural Networks](http://arxiv.org/abs/2305.08950) #robust
• Summary:

  Interpreting the inner function of neural networks is crucial for the trustworthy development and deployment of these black-box models. Prior interpretability methods focus on correlation-based measures to attribute model decisions to individual examples. However, these measures are susceptible to noise and spurious correlations encoded in the model during the training phase (e.g., biased inputs, model overfitting, or misspecification). Moreover, this process has proven to result in noisy and unstable attributions that prevent any transparent understanding of the model's behavior. In this paper, we develop a robust interventional-based method grounded by causal analysis to capture cause-effect mechanisms in pre-trained neural networks and their relation to the prediction. Our novel approach relies on path interventions to infer the causal mechanisms within hidden layers and isolate relevant and necessary information (to model prediction), avoiding noisy ones. The result is task-specific causal explanatory graphs that can audit model behavior and express the actual causes underlying its performance. We apply our method to vision models trained on classification tasks. On image classification tasks, we provide extensive quantitative experiments to show that our approach can capture more stable and faithful explanations than standard attribution-based methods. Furthermore, the underlying causal graphs reveal the neural interactions in the model, making it a valuable tool in other applications (e.g., model repair).

Title: Scalable and Robust Tensor Ring Decomposition for Large-scale Data. (arXiv:2305.09044v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09044
• Code URL: null
• Copy Paste: [[2305.09044] Scalable and Robust Tensor Ring Decomposition for Large-scale Data](http://arxiv.org/abs/2305.09044) #robust
• Summary:

  Tensor ring (TR) decomposition has recently received increased attention due to its superior expressive performance for high-order tensors. However, the applicability of traditional TR decomposition algorithms to real-world applications is hindered by prevalent large data sizes, missing entries, and corruption with outliers. In this work, we propose a scalable and robust TR decomposition algorithm capable of handling large-scale tensor data with missing entries and gross corruptions. We first develop a novel auto-weighted steepest descent method that can adaptively fill the missing entries and identify the outliers during the decomposition process. Further, taking advantage of the tensor ring model, we develop a novel fast Gram matrix computation (FGMC) approach and a randomized subtensor sketching (RStS) strategy which yield significant reduction in storage and computational complexity. Experimental results demonstrate that the proposed method outperforms existing TR decomposition methods in the presence of outliers, and runs significantly faster than existing robust tensor completion algorithms.

Title: FiMReSt: Finite Mixture of Multivariate Regulated Skew-t Kernels -- A Flexible Probabilistic Model for Multi-Clustered Data with Asymmetrically-Scattered Non-Gaussian Kernels. (arXiv:2305.09071v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09071
• Code URL: null
• Copy Paste: [[2305.09071] FiMReSt: Finite Mixture of Multivariate Regulated Skew-t Kernels -- A Flexible Probabilistic Model for Multi-Clustered Data with Asymmetrically-Scattered Non-Gaussian Kernels](http://arxiv.org/abs/2305.09071) #robust
• Summary:

  Recently skew-t mixture models have been introduced as a flexible probabilistic modeling technique taking into account both skewness in data clusters and the statistical degree of freedom (S-DoF) to improve modeling generalizability, and robustness to heavy tails and skewness. In this paper, we show that the state-of-the-art skew-t mixture models fundamentally suffer from a hidden phenomenon named here as "S-DoF explosion," which results in local minima in the shapes of normal kernels during the non-convex iterative process of expectation maximization. For the first time, this paper provides insights into the instability of the S-DoF, which can result in the divergence of the kernels from the mixture of t-distribution, losing generalizability and power for modeling the outliers. Thus, in this paper, we propose a regularized iterative optimization process to train the mixture model, enhancing the generalizability and resiliency of the technique. The resulting mixture model is named Finite Mixture of Multivariate Regulated Skew-t (FiMReSt) Kernels, which stabilizes the S-DoF profile during optimization process of learning. To validate the performance, we have conducted a comprehensive experiment on several real-world datasets and a synthetic dataset. The results highlight (a) superior performance of the FiMReSt, (b) generalizability in the presence of outliers, and (c) convergence of S-DoF.

Title: Transfer Causal Learning: Causal Effect Estimation with Knowledge Transfer. (arXiv:2305.09126v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09126
• Code URL: null
• Copy Paste: [[2305.09126] Transfer Causal Learning: Causal Effect Estimation with Knowledge Transfer](http://arxiv.org/abs/2305.09126) #robust
• Summary:

  A novel problem of improving causal effect estimation accuracy with the help of knowledge transfer under the same covariate (or feature) space setting, i.e., homogeneous transfer learning (TL), is studied, referred to as the Transfer Causal Learning (TCL) problem. While most recent efforts in adapting TL techniques to estimate average causal effect (ACE) have been focused on the heterogeneous covariate space setting, those methods are inadequate for tackling the TCL problem since their algorithm designs are based on the decomposition into shared and domain-specific covariate spaces. To address this issue, we propose a generic framework called \texttt{$\ell_1$-TCL}, which incorporates $\ell_1$ regularized TL for nuisance parameter estimation and downstream plug-in ACE estimators, including outcome regression, inverse probability weighted, and doubly robust estimators. Most importantly, with the help of Lasso for high-dimensional regression, we establish non-asymptotic recovery guarantees for the generalized linear model (GLM) under the sparsity assumption for the proposed \texttt{$\ell_1$-TCL}. Moreover, the success of \texttt{$\ell_1$-TCL} could inspire the adaptations of many recently proposed principled approaches in statistics literature to be adapted to this novel TCL problem. From an empirical perspective, \texttt{$\ell_1$-TCL} is a generic learning framework that can incorporate not only GLM but also many recently developed non-parametric methods, which can enhance robustness to model mis-specification. We demonstrate this empirical benefit through extensive experiments using GLM and recent neural network based \texttt{$\ell_1$-TCL} on both benchmark semi-synthetic and real datasets, which shows improved performance compared with existing TL approaches for ACE estimation.

Title: Machine learning enhanced real-time aerodynamic forces prediction based on sparse pressure sensor inputs. (arXiv:2305.09199v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09199
• Code URL: null
• Copy Paste: [[2305.09199] Machine learning enhanced real-time aerodynamic forces prediction based on sparse pressure sensor inputs](http://arxiv.org/abs/2305.09199) #robust
• Summary:

  Accurate prediction of aerodynamic forces in real-time is crucial for autonomous navigation of unmanned aerial vehicles (UAVs). This paper presents a data-driven aerodynamic force prediction model based on a small number of pressure sensors located on the surface of UAV. The model is built on a linear term that can make a reasonably accurate prediction and a nonlinear correction for accuracy improvement. The linear term is based on a reduced basis reconstruction of the surface pressure distribution, where the basis is extracted from numerical simulation data and the basis coefficients are determined by solving linear pressure reconstruction equations at a set of sensor locations. Sensor placement is optimized using the discrete empirical interpolation method (DEIM). Aerodynamic forces are computed by integrating the reconstructed surface pressure distribution. The nonlinear term is an artificial neural network (NN) that is trained to bridge the gap between the ground truth and the DEIM prediction, especially in the scenario where the DEIM model is constructed from simulation data with limited fidelity. A large network is not necessary for accurate correction as the linear model already captures the main dynamics of the surface pressure field, thus yielding an efficient DEIM+NN aerodynamic force prediction model. The model is tested on numerical and experimental dynamic stall data of a 2D NACA0015 airfoil, and numerical simulation data of dynamic stall of a 3D drone. Numerical results demonstrate that the machine learning enhanced model can make fast and accurate predictions of aerodynamic forces using only a few pressure sensors, even for the NACA0015 case in which the simulations do not agree well with the wind tunnel experiments. Furthermore, the model is robust to noise.

Title: Evaluation of self-supervised pre-training for automatic infant movement classification using wearable movement sensors. (arXiv:2305.09366v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09366
• Code URL: null
• Copy Paste: [[2305.09366] Evaluation of self-supervised pre-training for automatic infant movement classification using wearable movement sensors](http://arxiv.org/abs/2305.09366) #robust
• Summary:

  The recently-developed infant wearable MAIJU provides a means to automatically evaluate infants' motor performance in an objective and scalable manner in out-of-hospital settings. This information could be used for developmental research and to support clinical decision-making, such as detection of developmental problems and guiding of their therapeutic interventions. MAIJU-based analyses rely fully on the classification of infant's posture and movement; it is hence essential to study ways to increase the accuracy of such classifications, aiming to increase the reliability and robustness of the automated analysis. Here, we investigated how self-supervised pre-training improves performance of the classifiers used for analyzing MAIJU recordings, and we studied whether performance of the classifier models is affected by context-selective quality-screening of pre-training data to exclude periods of little infant movement or with missing sensors. Our experiments show that i) pre-training the classifier with unlabeled data leads to a robust accuracy increase of subsequent classification models, and ii) selecting context-relevant pre-training data leads to substantial further improvements in the classifier performance.

Title: Double Pessimism is Provably Efficient for Distributionally Robust Offline Reinforcement Learning: Generic Algorithm and Robust Partial Coverage. (arXiv:2305.09659v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09659
• Code URL: null
• Copy Paste: [[2305.09659] Double Pessimism is Provably Efficient for Distributionally Robust Offline Reinforcement Learning: Generic Algorithm and Robust Partial Coverage](http://arxiv.org/abs/2305.09659) #robust
• Summary:

  We study distributionally robust offline reinforcement learning (robust offline RL), which seeks to find an optimal robust policy purely from an offline dataset that can perform well in perturbed environments. We propose a generic algorithm framework \underline{D}oubly \underline{P}essimistic \underline{M}odel-based \underline{P}olicy \underline{O}ptimization ($\texttt{P}^2\texttt{MPO}$) for robust offline RL, which features a novel combination of a flexible model estimation subroutine and a doubly pessimistic policy optimization step. The \emph{double pessimism} principle is crucial to overcome the distributional shift incurred by i) the mismatch between behavior policy and the family of target policies; and ii) the perturbation of the nominal model. Under certain accuracy assumptions on the model estimation subroutine, we show that $\texttt{P}^2\texttt{MPO}$ is provably efficient with \emph{robust partial coverage data}, which means that the offline dataset has good coverage of the distributions induced by the optimal robust policy and perturbed models around the nominal model. By tailoring specific model estimation subroutines for concrete examples including tabular Robust Markov Decision Process (RMDP), factored RMDP, and RMDP with kernel and neural function approximations, we show that $\texttt{P}^2\texttt{MPO}$ enjoys a $\tilde{\mathcal{O}}(n^{-1/2})$ convergence rate, where $n$ is the number of trajectories in the offline dataset. Notably, these models, except for the tabular case, are first identified and proven tractable by this paper. To the best of our knowledge, we first propose a general learning principle -- double pessimism -- for robust offline RL and show that it is provably efficient in the context of general function approximations.

biometric

steal

extraction

Title: Learning Correspondence Uncertainty via Differentiable Nonlinear Least Squares. (arXiv:2305.09527v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09527
• Code URL: null
• Copy Paste: [[2305.09527] Learning Correspondence Uncertainty via Differentiable Nonlinear Least Squares](http://arxiv.org/abs/2305.09527) #extraction
• Summary:

  We propose a differentiable nonlinear least squares framework to account for uncertainty in relative pose estimation from feature correspondences. Specifically, we introduce a symmetric version of the probabilistic normal epipolar constraint, and an approach to estimate the covariance of feature positions by differentiating through the camera pose estimation procedure. We evaluate our approach on synthetic, as well as the KITTI and EuRoC real-world datasets. On the synthetic dataset, we confirm that our learned covariances accurately approximate the true noise distribution. In real world experiments, we find that our approach consistently outperforms state-of-the-art non-probabilistic and probabilistic approaches, regardless of the feature extraction algorithm of choice.

Title: Easy-to-Hard Learning for Information Extraction. (arXiv:2305.09193v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09193
• Code URL: null
• Copy Paste: [[2305.09193] Easy-to-Hard Learning for Information Extraction](http://arxiv.org/abs/2305.09193) #extraction
• Summary:

  Information extraction (IE) systems aim to automatically extract structured information, such as named entities, relations between entities, and events, from unstructured texts. While most existing work addresses a particular IE task, universally modeling various IE tasks with one model has achieved great success recently. Despite their success, they employ a one-stage learning strategy, i.e., directly learning to extract the target structure given the input text, which contradicts the human learning process. In this paper, we propose a unified easy-to-hard learning framework consisting of three stages, i.e., the easy stage, the hard stage, and the main stage, for IE by mimicking the human learning process. By breaking down the learning process into multiple stages, our framework facilitates the model to acquire general IE task knowledge and improve its generalization ability. Extensive experiments across four IE tasks demonstrate the effectiveness of our framework. We achieve new state-of-the-art results on 13 out of 17 datasets. Our code is available at \url{https://github.com/DAMO-NLP-SG/IE-E2H}.

Title: Enhancing Keyphrase Extraction from Long Scientific Documents using Graph Embeddings. (arXiv:2305.09316v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09316
• Code URL: null
• Copy Paste: [[2305.09316] Enhancing Keyphrase Extraction from Long Scientific Documents using Graph Embeddings](http://arxiv.org/abs/2305.09316) #extraction
• Summary:

  In this study, we investigate using graph neural network (GNN) representations to enhance contextualized representations of pre-trained language models (PLMs) for keyphrase extraction from lengthy documents. We show that augmenting a PLM with graph embeddings provides a more comprehensive semantic understanding of words in a document, particularly for long documents. We construct a co-occurrence graph of the text and embed it using a graph convolutional network (GCN) trained on the task of edge prediction. We propose a graph-enhanced sequence tagging architecture that augments contextualized PLM embeddings with graph representations. Evaluating on benchmark datasets, we demonstrate that enhancing PLMs with graph embeddings outperforms state-of-the-art models on long documents, showing significant improvements in F1 scores across all the datasets. Our study highlights the potential of GNN representations as a complementary approach to improve PLM performance for keyphrase extraction from long documents.

Title: Constructing and Interpreting Causal Knowledge Graphs from News. (arXiv:2305.09359v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09359
• Code URL: null
• Copy Paste: [[2305.09359] Constructing and Interpreting Causal Knowledge Graphs from News](http://arxiv.org/abs/2305.09359) #extraction
• Summary:

  Many jobs rely on news to learn about causal events in the past and present, to make informed decisions and predictions about the future. With the ever-increasing amount of news and text available on the internet, there is a need to automate the extraction of causal events from unstructured texts. In this work, we propose a methodology to construct causal knowledge graphs (KGs) from news using two steps: (1) Extraction of Causal Relations, and (2) Argument Clustering and Representation into KG. We aim to build graphs that emphasize on recall, precision and interpretability. For extraction, although many earlier works already construct causal KGs from text, most adopt rudimentary pattern-based methods. We close this gap by using the latest BERT-based extraction models alongside pattern-based ones. As a result, we achieved a high recall, while still maintaining a high precision. For clustering, we utilized a topic modelling approach to cluster our arguments, so as to increase the connectivity of our graph. As a result, instead of 15,686 disconnected subgraphs, we were able to obtain 1 connected graph that enables users to infer more causal relationships from. Our final KG effectively captures and conveys causal relationships, validated through multiple use cases and user feedback.

Title: Consistent Multi-Granular Rationale Extraction for Explainable Multi-hop Fact Verification. (arXiv:2305.09400v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09400
• Code URL: null
• Copy Paste: [[2305.09400] Consistent Multi-Granular Rationale Extraction for Explainable Multi-hop Fact Verification](http://arxiv.org/abs/2305.09400) #extraction
• Summary:

  The success of deep learning models on multi-hop fact verification has prompted researchers to understand the behavior behind their veracity. One possible way is erasure search: obtaining the rationale by entirely removing a subset of input without compromising the veracity prediction. Although extensively explored, existing approaches fall within the scope of the single-granular (tokens or sentences) explanation, which inevitably leads to explanation redundancy and inconsistency. To address such issues, this paper explores the viability of multi-granular rationale extraction with consistency and faithfulness for explainable multi-hop fact verification. In particular, given a pretrained veracity prediction model, both the token-level explainer and sentence-level explainer are trained simultaneously to obtain multi-granular rationales via differentiable masking. Meanwhile, three diagnostic properties (fidelity, consistency, salience) are introduced and applied to the training process, to ensure that the extracted rationales satisfy faithfulness and consistency. Experimental results on three multi-hop fact verification datasets show that the proposed approach outperforms some state-of-the-art baselines.

Title: About Evaluation of F1 Score for RECENT Relation Extraction System. (arXiv:2305.09410v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09410
• Code URL: null
• Copy Paste: [[2305.09410] About Evaluation of F1 Score for RECENT Relation Extraction System](http://arxiv.org/abs/2305.09410) #extraction
• Summary:

  This document contains a discussion of the F1 score evaluation used in the article 'Relation Classification with Entity Type Restriction' by Shengfei Lyu, Huanhuan Chen published on Findings of the Association for Computational Linguistics: ACL-IJCNLP 2021. The authors created a system named RECENT and claim it achieves (then) a new state-of-the-art result 75.2 (previous 74.8) on the TACRED dataset, while after correcting errors and reevaluation the final result is 65.16

Title: DLUE: Benchmarking Document Language Understanding. (arXiv:2305.09520v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09520
• Code URL: null
• Copy Paste: [[2305.09520] DLUE: Benchmarking Document Language Understanding](http://arxiv.org/abs/2305.09520) #extraction
• Summary:

  Understanding documents is central to many real-world tasks but remains a challenging topic. Unfortunately, there is no well-established consensus on how to comprehensively evaluate document understanding abilities, which significantly hinders the fair comparison and measuring the progress of the field. To benchmark document understanding researches, this paper summarizes four representative abilities, i.e., document classification, document structural analysis, document information extraction, and document transcription. Under the new evaluation framework, we propose \textbf{Document Language Understanding Evaluation} -- \textbf{DLUE}, a new task suite which covers a wide-range of tasks in various forms, domains and document genres. We also systematically evaluate six well-established transformer models on DLUE, and find that due to the lengthy content, complicated underlying structure and dispersed knowledge, document understanding is still far from being solved, and currently there is no neural architecture that dominates all tasks, raising requirements for a universal document understanding architecture.

Title: Boosting Event Extraction with Denoised Structure-to-Text Augmentation. (arXiv:2305.09598v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09598
• Code URL: null
• Copy Paste: [[2305.09598] Boosting Event Extraction with Denoised Structure-to-Text Augmentation](http://arxiv.org/abs/2305.09598) #extraction
• Summary:

  Event extraction aims to recognize pre-defined event triggers and arguments from texts, which suffer from the lack of high-quality annotations. In most NLP applications, involving a large scale of synthetic training data is a practical and effective approach to alleviate the problem of data scarcity. However, when applying to the task of event extraction, recent data augmentation methods often neglect the problem of grammatical incorrectness, structure misalignment, and semantic drifting, leading to unsatisfactory performances. In order to solve these problems, we propose a denoised structure-to-text augmentation framework for event extraction DAEE, which generates additional training data through the knowledge-based structure-to-text generation model and selects the effective subset from the generated data iteratively with a deep reinforcement learning agent. Experimental results on several datasets demonstrate that the proposed method generates more diverse text representations for event extraction and achieves comparable results with the state-of-the-art.

membership infer

Title: Private Training Set Inspection in MLaaS. (arXiv:2305.09058v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09058
• Code URL: null
• Copy Paste: [[2305.09058] Private Training Set Inspection in MLaaS](http://arxiv.org/abs/2305.09058) #membership infer
• Summary:

  Machine Learning as a Service (MLaaS) is a popular cloud-based solution for customers who aim to use an ML model but lack training data, computation resources, or expertise in ML. In this case, the training datasets are typically a private possession of the ML or data companies and are inaccessible to the customers, but the customers still need an approach to confirm that the training datasets meet their expectations and fulfil regulatory measures like fairness. However, no existing work addresses the above customers' concerns. This work is the first attempt to solve this problem, taking data origin as an entry point. We first define origin membership measurement and based on this, we then define diversity and fairness metrics to address customers' concerns. We then propose a strategy to estimate the values of these two metrics in the inaccessible training dataset, combining shadow training techniques from membership inference and an efficient featurization scheme in multiple instance learning. The evaluation contains an application of text review polarity classification applications based on the language BERT model. Experimental results show that our solution can achieve up to 0.87 accuracy for membership inspection and up to 99.3% confidence in inspecting diversity and fairness distribution.

federate

Title: Smart Policy Control for Securing Federated Learning Management System. (arXiv:2305.09134v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09134
• Code URL: null
• Copy Paste: [[2305.09134] Smart Policy Control for Securing Federated Learning Management System](http://arxiv.org/abs/2305.09134) #federate
• Summary:

  The widespread adoption of Internet of Things (IoT) devices in smart cities, intelligent healthcare systems, and various real-world applications have resulted in the generation of vast amounts of data, often analyzed using different Machine Learning (ML) models. Federated learning (FL) has been acknowledged as a privacy-preserving machine learning technology, where multiple parties cooperatively train ML models without exchanging raw data. However, the current FL architecture does not allow for an audit of the training process due to the various data-protection policies implemented by each FL participant. Furthermore, there is no global model verifiability available in the current architecture. This paper proposes a smart contract-based policy control for securing the Federated Learning (FL) management system. First, we develop and deploy a smart contract-based local training policy control on the FL participants' side. This policy control is used to verify the training process, ensuring that the evaluation process follows the same rules for all FL participants. We then enforce a smart contract-based aggregation policy to manage the global model aggregation process. Upon completion, the aggregated model and policy are stored on blockchain-based storage. Subsequently, we distribute the aggregated global model and the smart contract to all FL participants. Our proposed method uses smart policy control to manage access and verify the integrity of machine learning models. We conducted multiple experiments with various machine learning architectures and datasets to evaluate our proposed framework, such as MNIST and CIFAR-10.

Title: Trust-Worthy Semantic Communications for the Metaverse Relying on Federated Learning. (arXiv:2305.09255v1 [cs.CR])

• Paper URL: http://arxiv.org/abs/2305.09255
• Code URL: null
• Copy Paste: [[2305.09255] Trust-Worthy Semantic Communications for the Metaverse Relying on Federated Learning](http://arxiv.org/abs/2305.09255) #federate
• Summary:

  As an evolving successor to the mobile Internet, the Metaverse creates the impression of an immersive environment, integrating the virtual as well as the real world. In contrast to the traditional mobile Internet based on servers, the Metaverse is constructed by billions of cooperating users by harnessing their smart edge devices having limited communication and computation resources. In this immersive environment an unprecedented amount of multi-modal data has to be processed. To circumvent this impending bottleneck, low-rate semantic communication might be harnessed in support of the Metaverse. But given that private multi-modal data is exchanged in the Metaverse, we have to guard against security breaches and privacy invasions. Hence we conceive a trust-worthy semantic communication system for the Metaverse based on a federated learning architecture by exploiting its distributed decision-making and privacy-preserving capability. We conclude by identifying a suite of promising research directions and open issues.

Title: Federated Learning over Harmonized Data Silos. (arXiv:2305.08985v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.08985
• Code URL: null
• Copy Paste: [[2305.08985] Federated Learning over Harmonized Data Silos](http://arxiv.org/abs/2305.08985) #federate
• Summary:

  Federated Learning is a distributed machine learning approach that enables geographically distributed data silos to collaboratively learn a joint machine learning model without sharing data. Most of the existing work operates on unstructured data, such as images or text, or on structured data assumed to be consistent across the different sites. However, sites often have different schemata, data formats, data values, and access patterns. The field of data integration has developed many methods to address these challenges, including techniques for data exchange and query rewriting using declarative schema mappings, and for entity linkage. Therefore, we propose an architectural vision for an end-to-end Federated Learning and Integration system, incorporating the critical steps of data harmonization and data imputation, to spur further research on the intersection of data management information systems and machine learning.

Title: Adaptive Federated Pruning in Hierarchical Wireless Networks. (arXiv:2305.09042v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09042
• Code URL: null
• Copy Paste: [[2305.09042] Adaptive Federated Pruning in Hierarchical Wireless Networks](http://arxiv.org/abs/2305.09042) #federate
• Summary:

  Federated Learning (FL) is a promising privacy-preserving distributed learning framework where a server aggregates models updated by multiple devices without accessing their private datasets. Hierarchical FL (HFL), as a device-edge-cloud aggregation hierarchy, can enjoy both the cloud server's access to more datasets and the edge servers' efficient communications with devices. However, the learning latency increases with the HFL network scale due to the increasing number of edge servers and devices with limited local computation capability and communication bandwidth. To address this issue, in this paper, we introduce model pruning for HFL in wireless networks to reduce the neural network scale. We present the convergence analysis of an upper on the l2 norm of gradients for HFL with model pruning, analyze the computation and communication latency of the proposed model pruning scheme, and formulate an optimization problem to maximize the convergence rate under a given latency threshold by jointly optimizing the pruning ratio and wireless resource allocation. By decoupling the optimization problem and using Karush Kuhn Tucker (KKT) conditions, closed-form solutions of pruning ratio and wireless resource allocation are derived. Simulation results show that our proposed HFL with model pruning achieves similar learning accuracy compared with the HFL without model pruning and reduces about 50 percent communication cost.

Title: Faster Federated Learning with Decaying Number of Local SGD Steps. (arXiv:2305.09628v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09628
• Code URL: null
• Copy Paste: [[2305.09628] Faster Federated Learning with Decaying Number of Local SGD Steps](http://arxiv.org/abs/2305.09628) #federate
• Summary:

  In Federated Learning (FL) client devices connected over the internet collaboratively train a machine learning model without sharing their private data with a central server or with other clients. The seminal Federated Averaging (FedAvg) algorithm trains a single global model by performing rounds of local training on clients followed by model averaging. FedAvg can improve the communication-efficiency of training by performing more steps of Stochastic Gradient Descent (SGD) on clients in each round. However, client data in real-world FL is highly heterogeneous, which has been extensively shown to slow model convergence and harm final performance when $K > 1$ steps of SGD are performed on clients per round. In this work we propose decaying $K$ as training progresses, which can jointly improve the final performance of the FL model whilst reducing the wall-clock time and the total computational cost of training compared to using a fixed $K$. We analyse the convergence of FedAvg with decaying $K$ for strongly-convex objectives, providing novel insights into the convergence properties, and derive three theoretically-motivated decay schedules for $K$. We then perform thorough experiments on four benchmark FL datasets (FEMNIST, CIFAR100, Sentiment140, Shakespeare) to show the real-world benefit of our approaches in terms of real-world convergence time, computational cost, and generalisation performance.

fair

Title: Skin Deep: Investigating Subjectivity in Skin Tone Annotations for Computer Vision Benchmark Datasets. (arXiv:2305.09072v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09072
• Code URL: https://github.com/social-futures-lab/skin-deep
• Copy Paste: [[2305.09072] Skin Deep: Investigating Subjectivity in Skin Tone Annotations for Computer Vision Benchmark Datasets](http://arxiv.org/abs/2305.09072) #fair
• Summary:

  To investigate the well-observed racial disparities in computer vision systems that analyze images of humans, researchers have turned to skin tone as more objective annotation than race metadata for fairness performance evaluations. However, the current state of skin tone annotation procedures is highly varied. For instance, researchers use a range of untested scales and skin tone categories, have unclear annotation procedures, and provide inadequate analyses of uncertainty. In addition, little attention is paid to the positionality of the humans involved in the annotation process--both designers and annotators alike--and the historical and sociological context of skin tone in the United States. Our work is the first to investigate the skin tone annotation process as a sociotechnical project. We surveyed recent skin tone annotation procedures and conducted annotation experiments to examine how subjective understandings of skin tone are embedded in skin tone annotation procedures. Our systematic literature review revealed the uninterrogated association between skin tone and race and the limited effort to analyze annotator uncertainty in current procedures for skin tone annotation in computer vision evaluation. Our experiments demonstrated that design decisions in the annotation procedure such as the order in which the skin tone scale is presented or additional context in the image (i.e., presence of a face) significantly affected the resulting inter-annotator agreement and individual uncertainty of skin tone annotations. We call for greater reflexivity in the design, analysis, and documentation of procedures for evaluation using skin tone.

Title: Consensus and Subjectivity of Skin Tone Annotation for ML Fairness. (arXiv:2305.09073v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09073
• Code URL: null
• Copy Paste: [[2305.09073] Consensus and Subjectivity of Skin Tone Annotation for ML Fairness](http://arxiv.org/abs/2305.09073) #fair
• Summary:

  Recent advances in computer vision fairness have relied on datasets augmented with perceived attribute signals (e.g. gender presentation, skin tone, and age) and benchmarks enabled by these datasets. Typically labels for these tasks come from human annotators. However, annotating attribute signals, especially skin tone, is a difficult and subjective task. Perceived skin tone is affected by technical factors, like lighting conditions, and social factors that shape an annotator's lived experience. This paper examines the subjectivity of skin tone annotation through a series of annotation experiments using the Monk Skin Tone (MST) scale, a small pool of professional photographers, and a much larger pool of trained crowdsourced annotators. Our study shows that annotators can reliably annotate skin tone in a way that aligns with an expert in the MST scale, even under challenging environmental conditions. We also find evidence that annotators from different geographic regions rely on different mental models of MST categories resulting in annotations that systematically vary across regions. Given this, we advise practitioners to use a diverse set of annotators and a higher replication count for each image when annotating skin tone for fairness research.

Title: On the Origins of Bias in NLP through the Lens of the Jim Code. (arXiv:2305.09281v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09281
• Code URL: null
• Copy Paste: [[2305.09281] On the Origins of Bias in NLP through the Lens of the Jim Code](http://arxiv.org/abs/2305.09281) #fair
• Summary:

  In this paper, we trace the biases in current natural language processing (NLP) models back to their origins in racism, sexism, and homophobia over the last 500 years. We review literature from critical race theory, gender studies, data ethics, and digital humanities studies, and summarize the origins of bias in NLP models from these social science perspective. We show how the causes of the biases in the NLP pipeline are rooted in social issues. Finally, we argue that the only way to fix the bias and unfairness in NLP is by addressing the social problems that caused them in the first place and by incorporating social sciences and social scientists in efforts to mitigate bias in NLP models. We provide actionable recommendations for the NLP research community to do so.

interpretability

explainability

watermark

Title: Watermarking Text Generated by Black-Box Language Models. (arXiv:2305.08883v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.08883
• Code URL: null
• Copy Paste: [[2305.08883] Watermarking Text Generated by Black-Box Language Models](http://arxiv.org/abs/2305.08883) #watermark
• Summary:

  LLMs now exhibit human-like skills in various fields, leading to worries about misuse. Thus, detecting generated text is crucial. However, passive detection methods are stuck in domain specificity and limited adversarial robustness. To achieve reliable detection, a watermark-based method was proposed for white-box LLMs, allowing them to embed watermarks during text generation. The method involves randomly dividing the model vocabulary to obtain a special list and adjusting the probability distribution to promote the selection of words in the list. A detection algorithm aware of the list can identify the watermarked text. However, this method is not applicable in many real-world scenarios where only black-box language models are available. For instance, third-parties that develop API-based vertical applications cannot watermark text themselves because API providers only supply generated text and withhold probability distributions to shield their commercial interests. To allow third-parties to autonomously inject watermarks into generated text, we develop a watermarking framework for black-box language model usage scenarios. Specifically, we first define a binary encoding function to compute a random binary encoding corresponding to a word. The encodings computed for non-watermarked text conform to a Bernoulli distribution, wherein the probability of a word representing bit-1 being approximately 0.5. To inject a watermark, we alter the distribution by selectively replacing words representing bit-0 with context-based synonyms that represent bit-1. A statistical test is then used to identify the watermark. Experiments demonstrate the effectiveness of our method on both Chinese and English datasets. Furthermore, results under re-translation, polishing, word deletion, and synonym substitution attacks reveal that it is arduous to remove the watermark without compromising the original semantics.

diffusion

Title: Common Diffusion Noise Schedules and Sample Steps are Flawed. (arXiv:2305.08891v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.08891
• Code URL: null
• Copy Paste: [[2305.08891] Common Diffusion Noise Schedules and Sample Steps are Flawed](http://arxiv.org/abs/2305.08891) #diffusion
• Summary:

  We discover that common diffusion noise schedules do not enforce the last timestep to have zero signal-to-noise ratio (SNR), and some implementations of diffusion samplers do not start from the last timestep. Such designs are flawed and do not reflect the fact that the model is given pure Gaussian noise at inference, creating a discrepancy between training and inference. We show that the flawed design causes real problems in existing implementations. In Stable Diffusion, it severely limits the model to only generate images with medium brightness and prevents it from generating very bright and dark samples. We propose a few simple fixes: (1) rescale the noise schedule to enforce zero terminal SNR; (2) train the model with v prediction; (3) change the sampler to always start from the last timestep; (4) rescale classifier-free guidance to prevent over-exposure. These simple changes ensure the diffusion process is congruent between training and inference and allow the model to generate samples more faithful to the original data distribution.

Title: Denoising Diffusion Models for Plug-and-Play Image Restoration. (arXiv:2305.08995v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.08995
• Code URL: https://github.com/yuanzhi-zhu/diffpir
• Copy Paste: [[2305.08995] Denoising Diffusion Models for Plug-and-Play Image Restoration](http://arxiv.org/abs/2305.08995) #diffusion
• Summary:

  Plug-and-play Image Restoration (IR) has been widely recognized as a flexible and interpretable method for solving various inverse problems by utilizing any off-the-shelf denoiser as the implicit image prior. However, most existing methods focus on discriminative Gaussian denoisers. Although diffusion models have shown impressive performance for high-quality image synthesis, their potential to serve as a generative denoiser prior to the plug-and-play IR methods remains to be further explored. While several other attempts have been made to adopt diffusion models for image restoration, they either fail to achieve satisfactory results or typically require an unacceptable number of Neural Function Evaluations (NFEs) during inference. This paper proposes DiffPIR, which integrates the traditional plug-and-play method into the diffusion sampling framework. Compared to plug-and-play IR methods that rely on discriminative Gaussian denoisers, DiffPIR is expected to inherit the generative ability of diffusion models. Experimental results on three representative IR tasks, including super-resolution, image deblurring, and inpainting, demonstrate that DiffPIR achieves state-of-the-art performance on both the FFHQ and ImageNet datasets in terms of reconstruction faithfulness and perceptual quality with no more than 100 NFEs. The source code is available at {\url{https://github.com/yuanzhi-zhu/DiffPIR}}

Title: Diffusion Dataset Generation: Towards Closing the Sim2Real Gap for Pedestrian Detection. (arXiv:2305.09401v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09401
• Code URL: null
• Copy Paste: [[2305.09401] Diffusion Dataset Generation: Towards Closing the Sim2Real Gap for Pedestrian Detection](http://arxiv.org/abs/2305.09401) #diffusion
• Summary:

  We propose a method that augments a simulated dataset using diffusion models to improve the performance of pedestrian detection in real-world data. The high cost of collecting and annotating data in the real-world has motivated the use of simulation platforms to create training datasets. While simulated data is inexpensive to collect and annotate, it unfortunately does not always closely match the distribution of real-world data, which is known as the sim2real gap. In this paper we propose a novel method of synthetic data creation meant to close the sim2real gap for the challenging pedestrian detection task. Our method uses a diffusion-based architecture to learn a real-world distribution which, once trained, is used to generate datasets. We mix this generated data with simulated data as a form of augmentation and show that training on a combination of generated and simulated data increases average precision by as much as 27.3% for pedestrian detection models in real-world data, compared against training on purely simulated data.

Title: Multi-Level Global Context Cross Consistency Model for Semi-Supervised Ultrasound Image Segmentation with Diffusion Model. (arXiv:2305.09447v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09447
• Code URL: https://github.com/FengheTan9/Multi-Level-Global-Context-Cross-Consistency
• Copy Paste: [[2305.09447] Multi-Level Global Context Cross Consistency Model for Semi-Supervised Ultrasound Image Segmentation with Diffusion Model](http://arxiv.org/abs/2305.09447) #diffusion
• Summary:

  Medical image segmentation is a critical step in computer-aided diagnosis, and convolutional neural networks are popular segmentation networks nowadays. However, the inherent local operation characteristics make it difficult to focus on the global contextual information of lesions with different positions, shapes, and sizes. Semi-supervised learning can be used to learn from both labeled and unlabeled samples, alleviating the burden of manual labeling. However, obtaining a large number of unlabeled images in medical scenarios remains challenging. To address these issues, we propose a Multi-level Global Context Cross-consistency (MGCC) framework that uses images generated by a Latent Diffusion Model (LDM) as unlabeled images for semi-supervised learning. The framework involves of two stages. In the first stage, a LDM is used to generate synthetic medical images, which reduces the workload of data annotation and addresses privacy concerns associated with collecting medical data. In the second stage, varying levels of global context noise perturbation are added to the input of the auxiliary decoder, and output consistency is maintained between decoders to improve the representation ability. Experiments conducted on open-source breast ultrasound and private thyroid ultrasound datasets demonstrate the effectiveness of our framework in bridging the probability distribution and the semantic representation of the medical image. Our approach enables the effective transfer of probability distribution knowledge to the segmentation network, resulting in improved segmentation accuracy. The code is available at https://github.com/FengheTan9/Multi-Level Global-Context-Cross-Consistency.

Title: Make-An-Animation: Large-Scale Text-conditional 3D Human Motion Generation. (arXiv:2305.09662v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09662
• Code URL: null
• Copy Paste: [[2305.09662] Make-An-Animation: Large-Scale Text-conditional 3D Human Motion Generation](http://arxiv.org/abs/2305.09662) #diffusion
• Summary:

  Text-guided human motion generation has drawn significant interest because of its impactful applications spanning animation and robotics. Recently, application of diffusion models for motion generation has enabled improvements in the quality of generated motions. However, existing approaches are limited by their reliance on relatively small-scale motion capture data, leading to poor performance on more diverse, in-the-wild prompts. In this paper, we introduce Make-An-Animation, a text-conditioned human motion generation model which learns more diverse poses and prompts from large-scale image-text datasets, enabling significant improvement in performance over prior works. Make-An-Animation is trained in two stages. First, we train on a curated large-scale dataset of (text, static pseudo-pose) pairs extracted from image-text datasets. Second, we fine-tune on motion capture data, adding additional layers to model the temporal dimension. Unlike prior diffusion models for motion generation, Make-An-Animation uses a U-Net architecture similar to recent text-to-video generation models. Human evaluation of motion realism and alignment with input text shows that our model reaches state-of-the-art performance on text-to-motion generation.

Title: AR-Diffusion: Auto-Regressive Diffusion Model for Text Generation. (arXiv:2305.09515v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09515
• Code URL: null
• Copy Paste: [[2305.09515] AR-Diffusion: Auto-Regressive Diffusion Model for Text Generation](http://arxiv.org/abs/2305.09515) #diffusion
• Summary:

  Diffusion models have gained significant attention in the realm of image generation due to their exceptional performance. Their success has been recently expanded to text generation via generating all tokens within a sequence concurrently. However, natural language exhibits a far more pronounced sequential dependency in comparison to images, and the majority of existing language models are trained utilizing a left-to-right auto-regressive approach. To account for the inherent sequential characteristic of natural language, we introduce Auto-Regressive Diffusion (AR-Diffusion). AR-Diffusion ensures that the generation of tokens on the right depends on the generated ones on the left, a mechanism achieved through employing a dynamic number of denoising steps that vary based on token position. This results in tokens on the left undergoing fewer denoising steps than those on the right, thereby enabling them to generate earlier and subsequently influence the generation of tokens on the right. In a series of experiments on various text generation tasks including text summarization, machine translation, and common sense generation, AR-Diffusion clearly demonstrated the superiority over existing diffusion language models and that it can be $100\times\sim600\times$ faster when achieving comparable results. Our code will be publicly released.

noise learning

data-free

transformer

Title: M$^2$DAR: Multi-View Multi-Scale Driver Action Recognition with Vision Transformer. (arXiv:2305.08877v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.08877
• Code URL: https://github.com/purduedigitaltwin/m2dar
• Copy Paste: [[2305.08877] M$^2$DAR: Multi-View Multi-Scale Driver Action Recognition with Vision Transformer](http://arxiv.org/abs/2305.08877) #transformer
• Summary:

  Ensuring traffic safety and preventing accidents is a critical goal in daily driving, where the advancement of computer vision technologies can be leveraged to achieve this goal. In this paper, we present a multi-view, multi-scale framework for naturalistic driving action recognition and localization in untrimmed videos, namely M$^2$DAR, with a particular focus on detecting distracted driving behaviors. Our system features a weight-sharing, multi-scale Transformer-based action recognition network that learns robust hierarchical representations. Furthermore, we propose a new election algorithm consisting of aggregation, filtering, merging, and selection processes to refine the preliminary results from the action recognition module across multiple views. Extensive experiments conducted on the 7th AI City Challenge Track 3 dataset demonstrate the effectiveness of our approach, where we achieved an overlap score of 0.5921 on the A2 test set. Our source code is available at \url{https://github.com/PurdueDigitalTwin/M2DAR}.

Title: LoViT: Long Video Transformer for Surgical Phase Recognition. (arXiv:2305.08989v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.08989
• Code URL: null
• Copy Paste: [[2305.08989] LoViT: Long Video Transformer for Surgical Phase Recognition](http://arxiv.org/abs/2305.08989) #transformer
• Summary:

  Online surgical phase recognition plays a significant role towards building contextual tools that could quantify performance and oversee the execution of surgical workflows. Current approaches are limited since they train spatial feature extractors using frame-level supervision that could lead to incorrect predictions due to similar frames appearing at different phases, and poorly fuse local and global features due to computational constraints which can affect the analysis of long videos commonly encountered in surgical interventions. In this paper, we present a two-stage method, called Long Video Transformer (LoViT) for fusing short- and long-term temporal information that combines a temporally-rich spatial feature extractor and a multi-scale temporal aggregator consisting of two cascaded L-Trans modules based on self-attention, followed by a G-Informer module based on ProbSparse self-attention for processing global temporal information. The multi-scale temporal head then combines local and global features and classifies surgical phases using phase transition-aware supervision. Our approach outperforms state-of-the-art methods on the Cholec80 and AutoLaparo datasets consistently. Compared to Trans-SVNet, LoViT achieves a 2.39 pp (percentage point) improvement in video-level accuracy on Cholec80 and a 3.14 pp improvement on AutoLaparo. Moreover, it achieves a 5.25 pp improvement in phase-level Jaccard on AutoLaparo and a 1.55 pp improvement on Cholec80. Our results demonstrate the effectiveness of our approach in achieving state-of-the-art performance of surgical phase recognition on two datasets of different surgical procedures and temporal sequencing characteristics whilst introducing mechanisms that cope with long videos.

Title: PanelNet: Understanding 360 Indoor Environment via Panel Representation. (arXiv:2305.09078v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09078
• Code URL: null
• Copy Paste: [[2305.09078] PanelNet: Understanding 360 Indoor Environment via Panel Representation](http://arxiv.org/abs/2305.09078) #transformer
• Summary:

  Indoor 360 panoramas have two essential properties. (1) The panoramas are continuous and seamless in the horizontal direction. (2) Gravity plays an important role in indoor environment design. By leveraging these properties, we present PanelNet, a framework that understands indoor environments using a novel panel representation of 360 images. We represent an equirectangular projection (ERP) as consecutive vertical panels with corresponding 3D panel geometry. To reduce the negative impact of panoramic distortion, we incorporate a panel geometry embedding network that encodes both the local and global geometric features of a panel. To capture the geometric context in room design, we introduce Local2Global Transformer, which aggregates local information within a panel and panel-wise global context. It greatly improves the model performance with low training overhead. Our method outperforms existing methods on indoor 360 depth estimation and shows competitive results against state-of-the-art approaches on the task of indoor layout estimation and semantic segmentation.

Title: Is a Video worth $n\times n$ Images? A Highly Efficient Approach to Transformer-based Video Question Answering. (arXiv:2305.09107v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09107
• Code URL: null
• Copy Paste: [[2305.09107] Is a Video worth $n\times n$ Images? A Highly Efficient Approach to Transformer-based Video Question Answering](http://arxiv.org/abs/2305.09107) #transformer
• Summary:

  Conventional Transformer-based Video Question Answering (VideoQA) approaches generally encode frames independently through one or more image encoders followed by interaction between frames and question. However, such schema would incur significant memory use and inevitably slow down the training and inference speed. In this work, we present a highly efficient approach for VideoQA based on existing vision-language pre-trained models where we concatenate video frames to a $n\times n$ matrix and then convert it to one image. By doing so, we reduce the use of the image encoder from $n^{2}$ to $1$ while maintaining the temporal structure of the original video. Experimental results on MSRVTT and TrafficQA show that our proposed approach achieves state-of-the-art performance with nearly $4\times$ faster speed and only 30% memory use. We show that by integrating our approach into VideoQA systems we can achieve comparable, even superior, performance with a significant speed up for training and inference. We believe the proposed approach can facilitate VideoQA-related research by reducing the computational requirements for those who have limited access to budgets and resources. Our code will be made publicly available for research use.

Title: Blind Image Quality Assessment via Transformer Predicted Error Map and Perceptual Quality Token. (arXiv:2305.09353v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09353
• Code URL: https://github.com/srache/tempqt
• Copy Paste: [[2305.09353] Blind Image Quality Assessment via Transformer Predicted Error Map and Perceptual Quality Token](http://arxiv.org/abs/2305.09353) #transformer
• Summary:

  Image quality assessment is a fundamental problem in the field of image processing, and due to the lack of reference images in most practical scenarios, no-reference image quality assessment (NR-IQA), has gained increasing attention recently. With the development of deep learning technology, many deep neural network-based NR-IQA methods have been developed, which try to learn the image quality based on the understanding of database information. Currently, Transformer has achieved remarkable progress in various vision tasks. Since the characteristics of the attention mechanism in Transformer fit the global perceptual impact of artifacts perceived by a human, Transformer is thus well suited for image quality assessment tasks. In this paper, we propose a Transformer based NR-IQA model using a predicted objective error map and perceptual quality token. Specifically, we firstly generate the predicted error map by pre-training one model consisting of a Transformer encoder and decoder, in which the objective difference between the distorted and the reference images is used as supervision. Then, we freeze the parameters of the pre-trained model and design another branch using the vision Transformer to extract the perceptual quality token for feature fusion with the predicted error map. Finally, the fused features are regressed to the final image quality score. Extensive experiments have shown that our proposed method outperforms the current state-of-the-art in both authentic and synthetic image databases. Moreover, the attentional map extracted by the perceptual quality token also does conform to the characteristics of the human visual system.

Title: NightHazeFormer: Single Nighttime Haze Removal Using Prior Query Transformer. (arXiv:2305.09533v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09533
• Code URL: null
• Copy Paste: [[2305.09533] NightHazeFormer: Single Nighttime Haze Removal Using Prior Query Transformer](http://arxiv.org/abs/2305.09533) #transformer
• Summary:

  Nighttime image dehazing is a challenging task due to the presence of multiple types of adverse degrading effects including glow, haze, blurry, noise, color distortion, and so on. However, most previous studies mainly focus on daytime image dehazing or partial degradations presented in nighttime hazy scenes, which may lead to unsatisfactory restoration results. In this paper, we propose an end-to-end transformer-based framework for nighttime haze removal, called NightHazeFormer. Our proposed approach consists of two stages: supervised pre-training and semi-supervised fine-tuning. During the pre-training stage, we introduce two powerful priors into the transformer decoder to generate the non-learnable prior queries, which guide the model to extract specific degradations. For the fine-tuning, we combine the generated pseudo ground truths with input real-world nighttime hazy images as paired images and feed into the synthetic domain to fine-tune the pre-trained model. This semi-supervised fine-tuning paradigm helps improve the generalization to real domain. In addition, we also propose a large-scale synthetic dataset called UNREAL-NH, to simulate the real-world nighttime haze scenarios comprehensively. Extensive experiments on several synthetic and real-world datasets demonstrate the superiority of our NightHazeFormer over state-of-the-art nighttime haze removal methods in terms of both visually and quantitatively.

Title: Ray-Patch: An Efficient Decoder for Light Field Transformers. (arXiv:2305.09566v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09566
• Code URL: null
• Copy Paste: [[2305.09566] Ray-Patch: An Efficient Decoder for Light Field Transformers](http://arxiv.org/abs/2305.09566) #transformer
• Summary:

  In this paper we propose the Ray-Patch decoder, a novel model to efficiently query transformers to decode implicit representations into target views. Our Ray-Patch decoding reduces the computational footprint up to two orders of magnitude compared to previous models, without losing global attention, and hence maintaining specific task metrics. The key idea of our novel decoder is to split the target image into a set of patches, then querying the transformer for each patch to extract a set of feature vectors, which are finally decoded into the target image using convolutional layers. Our experimental results quantify the effectiveness of our method, specifically the notable boost in rendering speed and equal specific task metrics for different baselines and datasets.

Title: Understanding 3D Object Interaction from a Single Image. (arXiv:2305.09664v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09664
• Code URL: null
• Copy Paste: [[2305.09664] Understanding 3D Object Interaction from a Single Image](http://arxiv.org/abs/2305.09664) #transformer
• Summary:

  Humans can easily understand a single image as depicting multiple potential objects permitting interaction. We use this skill to plan our interactions with the world and accelerate understanding new objects without engaging in interaction. In this paper, we would like to endow machines with the similar ability, so that intelligent agents can better explore the 3D scene or manipulate objects. Our approach is a transformer-based model that predicts the 3D location, physical properties and affordance of objects. To power this model, we collect a dataset with Internet videos, egocentric videos and indoor images to train and validate our approach. Our model yields strong performance on our data, and generalizes well to robotics data.

Title: Exploring the Impact of Layer Normalization for Zero-shot Neural Machine Translation. (arXiv:2305.09312v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09312
• Code URL: null
• Copy Paste: [[2305.09312] Exploring the Impact of Layer Normalization for Zero-shot Neural Machine Translation](http://arxiv.org/abs/2305.09312) #transformer
• Summary:

  This paper studies the impact of layer normalization (LayerNorm) on zero-shot translation (ZST). Recent efforts for ZST often utilize the Transformer architecture as the backbone, with LayerNorm at the input of layers (PreNorm) set as the default. However, Xu et al. (2019) has revealed that PreNorm carries the risk of overfitting the training data. Based on this, we hypothesize that PreNorm may overfit supervised directions and thus have low generalizability for ZST. Through experiments on OPUS, IWSLT, and Europarl datasets for 54 ZST directions, we demonstrate that the original Transformer setting of LayerNorm after residual connections (PostNorm) consistently outperforms PreNorm by up to 12.3 BLEU points. We then study the performance disparities by analyzing the differences in off-target rates and structural variations between PreNorm and PostNorm. This study highlights the need for careful consideration of the LayerNorm setting for ZST.

Title: GIFT: Graph-Induced Fine-Tuning for Multi-Party Conversation Understanding. (arXiv:2305.09360v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09360
• Code URL: https://github.com/JasonForJoy/MPC-BERT
• Copy Paste: [[2305.09360] GIFT: Graph-Induced Fine-Tuning for Multi-Party Conversation Understanding](http://arxiv.org/abs/2305.09360) #transformer
• Summary:

  Addressing the issues of who saying what to whom in multi-party conversations (MPCs) has recently attracted a lot of research attention. However, existing methods on MPC understanding typically embed interlocutors and utterances into sequential information flows, or utilize only the superficial of inherent graph structures in MPCs. To this end, we present a plug-and-play and lightweight method named graph-induced fine-tuning (GIFT) which can adapt various Transformer-based pre-trained language models (PLMs) for universal MPC understanding. In detail, the full and equivalent connections among utterances in regular Transformer ignore the sparse but distinctive dependency of an utterance on another in MPCs. To distinguish different relationships between utterances, four types of edges are designed to integrate graph-induced signals into attention mechanisms to refine PLMs originally designed for processing sequential texts. We evaluate GIFT by implementing it into three PLMs, and test the performance on three downstream tasks including addressee recognition, speaker identification and response selection. Experimental results show that GIFT can significantly improve the performance of three PLMs on three downstream tasks and two benchmarks with only 4 additional parameters per encoding layer, achieving new state-of-the-art performance on MPC understanding.

Title: Life of PII -- A PII Obfuscation Transformer. (arXiv:2305.09550v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09550
• Code URL: null
• Copy Paste: [[2305.09550] Life of PII -- A PII Obfuscation Transformer](http://arxiv.org/abs/2305.09550) #transformer
• Summary:

  Protecting sensitive information is crucial in today's world of Large Language Models (LLMs) and data-driven services. One common method used to preserve privacy is by using data perturbation techniques to reduce overreaching utility of (sensitive) Personal Identifiable Information (PII) data while maintaining its statistical and semantic properties. Data perturbation methods often result in significant information loss, making them impractical for use. In this paper, we propose 'Life of PII', a novel Obfuscation Transformer framework for transforming PII into faux-PII while preserving the original information, intent, and context as much as possible. Our approach includes an API to interface with the given document, a configuration-based obfuscator, and a model based on the Transformer architecture, which has shown high context preservation and performance in natural language processing tasks and LLMs.

Our Transformer-based approach learns mapping between the original PII and its transformed faux-PII representation, which we call "obfuscated" data. Our experiments demonstrate that our method, called Life of PII, outperforms traditional data perturbation techniques in terms of both utility preservation and privacy protection. We show that our approach can effectively reduce utility loss while preserving the original information, offering greater flexibility in the trade-off between privacy protection and data utility. Our work provides a solution for protecting PII in various real-world applications.

Title: Adapting Sentence Transformers for the Aviation Domain. (arXiv:2305.09556v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09556
• Code URL: null
• Copy Paste: [[2305.09556] Adapting Sentence Transformers for the Aviation Domain](http://arxiv.org/abs/2305.09556) #transformer
• Summary:

  Learning effective sentence representations is crucial for many Natural Language Processing (NLP) tasks, including semantic search, semantic textual similarity (STS), and clustering. While multiple transformer models have been developed for sentence embedding learning, these models may not perform optimally when dealing with specialized domains like aviation, which has unique characteristics such as technical jargon, abbreviations, and unconventional grammar. Furthermore, the absence of labeled datasets makes it difficult to train models specifically for the aviation domain. To address these challenges, we propose a novel approach for adapting sentence transformers for the aviation domain. Our method is a two-stage process consisting of pre-training followed by fine-tuning. During pre-training, we use Transformers and Sequential Denoising AutoEncoder (TSDAE) with aviation text data as input to improve the initial model performance. Subsequently, we fine-tune our models using a Natural Language Inference (NLI) dataset in the Sentence Bidirectional Encoder Representations from Transformers (SBERT) architecture to mitigate overfitting issues. Experimental results on several downstream tasks show that our adapted sentence transformers significantly outperform general-purpose transformers, demonstrating the effectiveness of our approach in capturing the nuances of the aviation domain. Overall, our work highlights the importance of domain-specific adaptation in developing high-quality NLP solutions for specialized industries like aviation.

Title: Self-Supervised Pretraining on Paired Sequences of fMRI Data for Transfer Learning to Brain Decoding Tasks. (arXiv:2305.09057v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09057
• Code URL: null
• Copy Paste: [[2305.09057] Self-Supervised Pretraining on Paired Sequences of fMRI Data for Transfer Learning to Brain Decoding Tasks](http://arxiv.org/abs/2305.09057) #transformer
• Summary:

  In this work we introduce a self-supervised pretraining framework for transformers on functional Magnetic Resonance Imaging (fMRI) data. First, we pretrain our architecture on two self-supervised tasks simultaneously to teach the model a general understanding of the temporal and spatial dynamics of human auditory cortex during music listening. Our pretraining results are the first to suggest a synergistic effect of multitask training on fMRI data. Second, we finetune the pretrained models and train additional fresh models on a supervised fMRI classification task. We observe significantly improved accuracy on held-out runs with the finetuned models, which demonstrates the ability of our pretraining tasks to facilitate transfer learning. This work contributes to the growing body of literature on transformer architectures for pretraining and transfer learning with fMRI data, and serves as a proof of concept for our pretraining tasks and multitask pretraining on fMRI data.

Title: Prompt-Tuning Decision Transformer with Preference Ranking. (arXiv:2305.09648v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09648
• Code URL: null
• Copy Paste: [[2305.09648] Prompt-Tuning Decision Transformer with Preference Ranking](http://arxiv.org/abs/2305.09648) #transformer
• Summary:

  Prompt-tuning has emerged as a promising method for adapting pre-trained models to downstream tasks or aligning with human preferences. Prompt learning is widely used in NLP but has limited applicability to RL due to the complex physical meaning and environment-specific information contained within RL prompts. These factors require supervised learning to imitate the demonstrations and may result in a loss of meaning after learning. Additionally, directly extending prompt-tuning approaches to RL is challenging because RL prompts guide agent behavior based on environmental modeling and analysis, rather than filling in missing information, making it unlikely that adjustments to the prompt format for downstream tasks, as in NLP, can yield significant improvements. In this work, we propose the Prompt-Tuning DT algorithm to address these challenges by using trajectory segments as prompts to guide RL agents in acquiring environmental information and optimizing prompts via black-box tuning to enhance their ability to contain more relevant information, thereby enabling agents to make better decisions. Our approach involves randomly sampling a Gaussian distribution to fine-tune the elements of the prompt trajectory and using preference ranking function to find the optimization direction, thereby providing more informative prompts and guiding the agent towards specific preferences in the target environment. Extensive experiments show that with only 0.03% of the parameters learned, Prompt-Tuning DT achieves comparable or even better performance than full-model fine-tuning in low-data scenarios. Our work contributes to the advancement of prompt-tuning approaches in RL, providing a promising direction for optimizing large RL agents for specific preference tasks.

generative

Title: ProtoVAE: Prototypical Networks for Unsupervised Disentanglement. (arXiv:2305.09092v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09092
• Code URL: null
• Copy Paste: [[2305.09092] ProtoVAE: Prototypical Networks for Unsupervised Disentanglement](http://arxiv.org/abs/2305.09092) #generative
• Summary:

  Generative modeling and self-supervised learning have in recent years made great strides towards learning from data in a completely unsupervised way. There is still however an open area of investigation into guiding a neural network to encode the data into representations that are interpretable or explainable. The problem of unsupervised disentanglement is of particular importance as it proposes to discover the different latent factors of variation or semantic concepts from the data alone, without labeled examples, and encode them into structurally disjoint latent representations. Without additional constraints or inductive biases placed in the network, a generative model may learn the data distribution and encode the factors, but not necessarily in a disentangled way. Here, we introduce a novel deep generative VAE-based model, ProtoVAE, that leverages a deep metric learning Prototypical network trained using self-supervision to impose these constraints. The prototypical network constrains the mapping of the representation space to data space to ensure that controlled changes in the representation space are mapped to changes in the factors of variations in the data space. Our model is completely unsupervised and requires no a priori knowledge of the dataset, including the number of factors. We evaluate our proposed model on the benchmark dSprites, 3DShapes, and MPI3D disentanglement datasets, showing state of the art results against previous methods via qualitative traversals in the latent space, as well as quantitative disentanglement metrics. We further qualitatively demonstrate the effectiveness of our model on the real-world CelebA dataset.

Title: DualGenerator: Information Interaction-based Generative Network for Point Cloud Completion. (arXiv:2305.09132v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09132
• Code URL: null
• Copy Paste: [[2305.09132] DualGenerator: Information Interaction-based Generative Network for Point Cloud Completion](http://arxiv.org/abs/2305.09132) #generative
• Summary:

  Point cloud completion estimates complete shapes from incomplete point clouds to obtain higher-quality point cloud data. Most existing methods only consider global object features, ignoring spatial and semantic information of adjacent points. They cannot distinguish structural information well between different object parts, and the robustness of models is poor. To tackle these challenges, we propose an information interaction-based generative network for point cloud completion ($\mathbf{DualGenerator}$). It contains an adversarial generation path and a variational generation path, which interact with each other and share weights. DualGenerator introduces a local refinement module in generation paths, which captures general structures from partial inputs, and then refines shape details of the point cloud. It promotes completion in the unknown region and makes a distinction between different parts more obvious. Moreover, we design DGStyleGAN to improve the generation quality further. It promotes the robustness of this network combined with fusion analysis of dual-path completion results. Qualitative and quantitative evaluations demonstrate that our method is superior on MVP and Completion3D datasets. The performance will not degrade significantly after adding noise interference or sparse sampling.

Title: Rethinking the editing of generative adversarial networks: a method to estimate editing vectors based on dimension reduction. (arXiv:2305.09454v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09454
• Code URL: null
• Copy Paste: [[2305.09454] Rethinking the editing of generative adversarial networks: a method to estimate editing vectors based on dimension reduction](http://arxiv.org/abs/2305.09454) #generative
• Summary:

  While Generative Adversarial Networks (GANs) have recently found applications in image editing, most previous GAN-based image editing methods require largescale datasets with semantic segmentation annotations for training, only provide high level control, or merely interpolate between different images. Previous researchers have proposed EditGAN for high-quality, high-precision semantic image editing with limited semantic annotations by finding `editing vectors'. However, it is noticed that there are many features that are not highly associated with semantics, and EditGAN may fail on them. Based on the orthogonality of latent space observed by EditGAN, we propose a method to estimate editing vectors that do not rely on semantic segmentation nor differentiable feature estimation network. Our method assumes that there is a correlation between the intensity distribution of features and the distribution of hidden vectors, and estimates the relationship between the above distributions by sampling the feature intensity of the image corresponding to several hidden vectors. We modified Linear Discriminant Analysis (LDA) to deal with both binary feature editing and continuous feature editing. We then found that this method has a good effect in processing features such as clothing type and texture, skin color and hair.

Title: Urban-StyleGAN: Learning to Generate and Manipulate Images of Urban Scenes. (arXiv:2305.09602v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09602
• Code URL: null
• Copy Paste: [[2305.09602] Urban-StyleGAN: Learning to Generate and Manipulate Images of Urban Scenes](http://arxiv.org/abs/2305.09602) #generative
• Summary:

  A promise of Generative Adversarial Networks (GANs) is to provide cheap photorealistic data for training and validating AI models in autonomous driving. Despite their huge success, their performance on complex images featuring multiple objects is understudied. While some frameworks produce high-quality street scenes with little to no control over the image content, others offer more control at the expense of high-quality generation. A common limitation of both approaches is the use of global latent codes for the whole image, which hinders the learning of independent object distributions. Motivated by SemanticStyleGAN (SSG), a recent work on latent space disentanglement in human face generation, we propose a novel framework, Urban-StyleGAN, for urban scene generation and manipulation. We find that a straightforward application of SSG leads to poor results because urban scenes are more complex than human faces. To provide a more compact yet disentangled latent representation, we develop a class grouping strategy wherein individual classes are grouped into super-classes. Moreover, we employ an unsupervised latent exploration algorithm in the $\mathcal{S}$-space of the generator and show that it is more efficient than the conventional $\mathcal{W}^{+}$-space in controlling the image content. Results on the Cityscapes and Mapillary datasets show the proposed approach achieves significantly more controllability and improved image quality than previous approaches on urban scenes and is on par with general-purpose non-controllable generative models (like StyleGAN2) in terms of quality.

Title: Wavelet-based Unsupervised Label-to-Image Translation. (arXiv:2305.09647v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09647
• Code URL: https://github.com/GeorgeEskandar/USIS-Unsupervised-Semantic-Image-Synthesis
• Copy Paste: [[2305.09647] Wavelet-based Unsupervised Label-to-Image Translation](http://arxiv.org/abs/2305.09647) #generative
• Summary:

  Semantic Image Synthesis (SIS) is a subclass of image-to-image translation where a semantic layout is used to generate a photorealistic image. State-of-the-art conditional Generative Adversarial Networks (GANs) need a huge amount of paired data to accomplish this task while generic unpaired image-to-image translation frameworks underperform in comparison, because they color-code semantic layouts and learn correspondences in appearance instead of semantic content. Starting from the assumption that a high quality generated image should be segmented back to its semantic layout, we propose a new Unsupervised paradigm for SIS (USIS) that makes use of a self-supervised segmentation loss and whole image wavelet based discrimination. Furthermore, in order to match the high-frequency distribution of real images, a novel generator architecture in the wavelet domain is proposed. We test our methodology on 3 challenging datasets and demonstrate its ability to bridge the performance gap between paired and unpaired models.

Title: Bidirectional Generative Framework for Cross-domain Aspect-based Sentiment Analysis. (arXiv:2305.09509v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09509
• Code URL: https://github.com/damo-nlp-sg/bgca
• Copy Paste: [[2305.09509] Bidirectional Generative Framework for Cross-domain Aspect-based Sentiment Analysis](http://arxiv.org/abs/2305.09509) #generative
• Summary:

  Cross-domain aspect-based sentiment analysis (ABSA) aims to perform various fine-grained sentiment analysis tasks on a target domain by transferring knowledge from a source domain. Since labeled data only exists in the source domain, a model is expected to bridge the domain gap for tackling cross-domain ABSA. Though domain adaptation methods have proven to be effective, most of them are based on a discriminative model, which needs to be specifically designed for different ABSA tasks. To offer a more general solution, we propose a unified bidirectional generative framework to tackle various cross-domain ABSA tasks. Specifically, our framework trains a generative model in both text-to-label and label-to-text directions. The former transforms each task into a unified format to learn domain-agnostic features, and the latter generates natural sentences from noisy labels for data augmentation, with which a more accurate model can be trained. To investigate the effectiveness and generality of our framework, we conduct extensive experiments on four cross-domain ABSA tasks and present new state-of-the-art results on all tasks. Our data and code are publicly available at \url{https://github.com/DAMO-NLP-SG/BGCA}.

Title: Smart Home Energy Management: VAE-GAN synthetic dataset generator and Q-learning. (arXiv:2305.08885v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.08885
• Code URL: null
• Copy Paste: [[2305.08885] Smart Home Energy Management: VAE-GAN synthetic dataset generator and Q-learning](http://arxiv.org/abs/2305.08885) #generative
• Summary:

  Recent years have noticed an increasing interest among academia and industry towards analyzing the electrical consumption of residential buildings and employing smart home energy management systems (HEMS) to reduce household energy consumption and costs. HEMS has been developed to simulate the statistical and functional properties of actual smart grids. Access to publicly available datasets is a major challenge in this type of research. The potential of artificial HEMS applications will be further enhanced with the development of time series that represent different operating conditions of the synthetic systems. In this paper, we propose a novel variational auto-encoder-generative adversarial network (VAE-GAN) technique for generating time-series data on energy consumption in smart homes. We also explore how the generative model performs when combined with a Q-learning-based HEMS. We tested the online performance of Q-learning-based HEMS with real-world smart home data. To test the generated dataset, we measure the Kullback-Leibler (KL) divergence, maximum mean discrepancy (MMD), and the Wasserstein distance between the probability distributions of the real and synthetic data. Our experiments show that VAE-GAN-generated synthetic data closely matches the real data distribution. Finally, we show that the generated data allows for the training of a higher-performance Q-learning-based HEMS compared to datasets generated with baseline approaches.

Title: Bounded KRnet and its applications to density estimation and approximation. (arXiv:2305.09063v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09063
• Code URL: null
• Copy Paste: [[2305.09063] Bounded KRnet and its applications to density estimation and approximation](http://arxiv.org/abs/2305.09063) #generative
• Summary:

  In this paper, we develop an invertible mapping, called B-KRnet, on a bounded domain and apply it to density estimation/approximation for data or the solutions of PDEs such as the Fokker-Planck equation and the Keller-Segel equation. Similar to KRnet, the structure of B-KRnet adapts the triangular form of the Knothe-Rosenblatt rearrangement into a normalizing flow model. The main difference between B-KRnet and KRnet is that B-KRnet is defined on a hypercube while KRnet is defined on the whole space, in other words, we introduce a new mechanism in B-KRnet to maintain the exact invertibility. Using B-KRnet as a transport map, we obtain an explicit probability density function (PDF) model that corresponds to the pushforward of a prior (uniform) distribution on the hypercube. To approximate PDFs defined on a bounded computational domain, B-KRnet is more effective than KRnet. By coupling KRnet and B-KRnet, we can also define a deep generative model on a high-dimensional domain where some dimensions are bounded and other dimensions are unbounded. A typical case is the solution of the stationary kinetic Fokker-Planck equation, which is a PDF of position and momentum. Based on B-KRnet, we develop an adaptive learning approach to approximate partial differential equations whose solutions are PDFs or can be regarded as a PDF. In addition, we apply B-KRnet to density estimation when only data are available. A variety of numerical experiments is presented to demonstrate the effectiveness of B-KRnet.

Title: Synthetic data, real errors: how (not) to publish and use synthetic data. (arXiv:2305.09235v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09235
• Code URL: null
• Copy Paste: [[2305.09235] Synthetic data, real errors: how (not) to publish and use synthetic data](http://arxiv.org/abs/2305.09235) #generative
• Summary:

  Generating synthetic data through generative models is gaining interest in the ML community and beyond, promising a future where datasets can be tailored to individual needs. Unfortunately, synthetic data is usually not perfect, resulting in potential errors in downstream tasks. In this work we explore how the generative process affects the downstream ML task. We show that the naive synthetic data approach -- using synthetic data as if it is real -- leads to downstream models and analyses that do not generalize well to real data. As a first step towards better ML in the synthetic data regime, we introduce Deep Generative Ensemble (DGE) -- a framework inspired by Deep Ensembles that aims to implicitly approximate the posterior distribution over the generative process model parameters. DGE improves downstream model training, evaluation, and uncertainty quantification, vastly outperforming the naive approach on average. The largest improvements are achieved for minority classes and low-density regions of the original data, for which the generative uncertainty is largest.

large language model

Title: SGP-TOD: Building Task Bots Effortlessly via Schema-Guided LLM Prompting. (arXiv:2305.09067v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09067
• Code URL: null
• Copy Paste: [[2305.09067] SGP-TOD: Building Task Bots Effortlessly via Schema-Guided LLM Prompting](http://arxiv.org/abs/2305.09067) #large language model
• Summary:

  Building end-to-end task bots and maintaining their integration with new functionalities using minimal human efforts is a long-standing challenge in dialog research. Recently large language models (LLMs) have demonstrated exceptional proficiency in conversational engagement and adherence to instructions across various downstream tasks. In this work, we introduce SGP-TOD, Schema-Guided Prompting for building Task-Oriented Dialog systems effortlessly based on LLMs. Utilizing the symbolic knowledge -- task schema, we instruct fixed LLMs to generate appropriate responses on novel tasks, circumventing the need for training data. Specifically, SGP-TOD comprises three components: a LLM for engaging with users, a DST Prompter to aid the LLM with dialog state tracking, which is then used to retrieve database items, and a Policy Prompter to elicit proper responses adhering to the provided dialog policy. Experimental results on Multiwoz, RADDLE and STAR datasets show that our training-free strategy SGP-TOD, without any task-specific data, yields state-of-the-art (SOTA) zero-shot performance, greatly surpasses the few-shot approaches. In a domain-extension setting, SGP-TOD aptly adapts to new functionalities by merely adding supplementary schema rules. We make our code and data publicly available.

Title: Large Language Models are Built-in Autoregressive Search Engines. (arXiv:2305.09612v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09612
• Code URL: https://github.com/ziems/llm-url
• Copy Paste: [[2305.09612] Large Language Models are Built-in Autoregressive Search Engines](http://arxiv.org/abs/2305.09612) #large language model
• Summary:

  Document retrieval is a key stage of standard Web search engines. Existing dual-encoder dense retrievers obtain representations for questions and documents independently, allowing for only shallow interactions between them. To overcome this limitation, recent autoregressive search engines replace the dual-encoder architecture by directly generating identifiers for relevant documents in the candidate pool. However, the training cost of such autoregressive search engines rises sharply as the number of candidate documents increases. In this paper, we find that large language models (LLMs) can follow human instructions to directly generate URLs for document retrieval.

Surprisingly, when providing a few {Query-URL} pairs as in-context demonstrations, LLMs can generate Web URLs where nearly 90\% of the corresponding documents contain correct answers to open-domain questions. In this way, LLMs can be thought of as built-in search engines, since they have not been explicitly trained to map questions to document identifiers. Experiments demonstrate that our method can consistently achieve better retrieval performance than existing retrieval approaches by a significant margin on three open-domain question answering benchmarks, under both zero and few-shot settings. The code for this work can be found at \url{https://github.com/Ziems/llm-url}.

Title: Towards Expert-Level Medical Question Answering with Large Language Models. (arXiv:2305.09617v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09617
• Code URL: null
• Copy Paste: [[2305.09617] Towards Expert-Level Medical Question Answering with Large Language Models](http://arxiv.org/abs/2305.09617) #large language model
• Summary:

  Recent artificial intelligence (AI) systems have reached milestones in "grand challenges" ranging from Go to protein-folding. The capability to retrieve medical knowledge, reason over it, and answer medical questions comparably to physicians has long been viewed as one such grand challenge.

Large language models (LLMs) have catalyzed significant progress in medical question answering; Med-PaLM was the first model to exceed a "passing" score in US Medical Licensing Examination (USMLE) style questions with a score of 67.2% on the MedQA dataset. However, this and other prior work suggested significant room for improvement, especially when models' answers were compared to clinicians' answers. Here we present Med-PaLM 2, which bridges these gaps by leveraging a combination of base LLM improvements (PaLM 2), medical domain finetuning, and prompting strategies including a novel ensemble refinement approach.

Med-PaLM 2 scored up to 86.5% on the MedQA dataset, improving upon Med-PaLM by over 19% and setting a new state-of-the-art. We also observed performance approaching or exceeding state-of-the-art across MedMCQA, PubMedQA, and MMLU clinical topics datasets.

We performed detailed human evaluations on long-form questions along multiple axes relevant to clinical applications. In pairwise comparative ranking of 1066 consumer medical questions, physicians preferred Med-PaLM 2 answers to those produced by physicians on eight of nine axes pertaining to clinical utility (p < 0.001). We also observed significant improvements compared to Med-PaLM on every evaluation axis (p < 0.001) on newly introduced datasets of 240 long-form "adversarial" questions to probe LLM limitations.

While further studies are necessary to validate the efficacy of these models in real-world settings, these results highlight rapid progress towards physician-level performance in medical question answering.

Title: AI-Augmented Surveys: Leveraging Large Language Models for Opinion Prediction in Nationally Representative Surveys. (arXiv:2305.09620v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09620
• Code URL: null
• Copy Paste: [[2305.09620] AI-Augmented Surveys: Leveraging Large Language Models for Opinion Prediction in Nationally Representative Surveys](http://arxiv.org/abs/2305.09620) #large language model
• Summary:

  How can we use large language models (LLMs) to augment surveys? This paper investigates three distinct applications of LLMs fine-tuned by nationally representative surveys for opinion prediction -- missing data imputation, retrodiction, and zero-shot prediction. We present a new methodological framework that incorporates neural embeddings of survey questions, individual beliefs, and temporal contexts to personalize LLMs in opinion prediction. Among 3,110 binarized opinions from 68,846 Americans in the General Social Survey from 1972 to 2021, our best models based on Alpaca-7b excels in missing data imputation (AUC = 0.87 for personal opinion prediction and $\rho$ = 0.99 for public opinion prediction) and retrodiction (AUC = 0.86, $\rho$ = 0.98). These remarkable prediction capabilities allow us to fill in missing trends with high confidence and pinpoint when public attitudes changed, such as the rising support for same-sex marriage. However, the models show limited performance in a zero-shot prediction task (AUC = 0.73, $\rho$ = 0.67), highlighting challenges presented by LLMs without human responses. Further, we find that the best models' accuracy is lower for individuals with low socioeconomic status, racial minorities, and non-partisan affiliations but higher for ideologically sorted opinions in contemporary periods. We discuss practical constraints, socio-demographic representation, and ethical concerns regarding individual autonomy and privacy when using LLMs for opinion prediction. This paper showcases a new approach for leveraging LLMs to enhance nationally representative surveys by predicting missing responses and trends.

Title: StructGPT: A General Framework for Large Language Model to Reason over Structured Data. (arXiv:2305.09645v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09645
• Code URL: null
• Copy Paste: [[2305.09645] StructGPT: A General Framework for Large Language Model to Reason over Structured Data](http://arxiv.org/abs/2305.09645) #large language model
• Summary:

  In this paper, we study how to improve the zero-shot reasoning ability of large language models~(LLMs) over structured data in a unified way. Inspired by the study on tool augmentation for LLMs, we develop an \emph{Iterative Reading-then-Reasoning~(IRR)} approach for solving question answering tasks based on structured data, called \textbf{StructGPT}. In our approach, we construct the specialized function to collect relevant evidence from structured data (\ie \emph{reading}), and let LLMs concentrate the reasoning task based on the collected information (\ie \emph{reasoning}). Specially, we propose an \emph{invoking-linearization-generation} procedure to support LLMs in reasoning on the structured data with the help of the external interfaces. By iterating this procedures with provided interfaces, our approach can gradually approach the target answer to a given query. Extensive experiments conducted on three types of structured data demonstrate the effectiveness of our approach, which can significantly boost the performance of ChatGPT and achieve comparable performance against the full-data supervised-tuning baselines. Our codes and data are publicly available at~\url{https://github.com/RUCAIBox/StructGPT}.

Title: Satisfiability-Aided Language Models Using Declarative Prompting. (arXiv:2305.09656v1 [cs.CL])

• Paper URL: http://arxiv.org/abs/2305.09656
• Code URL: https://github.com/xiye17/sat-lm
• Copy Paste: [[2305.09656] Satisfiability-Aided Language Models Using Declarative Prompting](http://arxiv.org/abs/2305.09656) #large language model
• Summary:

  Prior work has combined chain-of-thought prompting in large language models (LLMs) with programmatic representations to perform effective and transparent reasoning. While such an approach works very well for tasks that only require forward reasoning (e.g., straightforward arithmetic), it is less effective for constraint solving tasks that require more sophisticated planning and search. In this paper, we propose a new satisfiability-aided language modeling approach for improving the reasoning capabilities of LLMs. We use an LLM to generate a declarative task specification rather than an imperative program and leverage an off-the-shelf automated theorem prover to derive the final answer. This approach has two key advantages. The declarative specification is closer to the problem description than the reasoning steps are, so the LLM can parse it more accurately. Furthermore, by offloading the actual reasoning task to an automated theorem prover, our approach can guarantee the correctness of the answer with respect to the parsed specification and avoid planning errors in the reasoning process. We evaluate SATLM on 6 different datasets and show that it consistently outperforms program-aided LMs in an imperative paradigm (PROGLM). In particular, SATLM outperforms PROGLM by 23% on a challenging subset of GSM; SATLM also achieves a new SoTA on LSAT, surpassing previous models that are trained on the full training set.

segmentation

Title: Leaf Only SAM: A Segment Anything Pipeline for Zero-Shot Automated Leaf Segmentation. (arXiv:2305.09418v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09418
• Code URL: null
• Copy Paste: [[2305.09418] Leaf Only SAM: A Segment Anything Pipeline for Zero-Shot Automated Leaf Segmentation](http://arxiv.org/abs/2305.09418) #segmentation
• Summary:

  Segment Anything Model (SAM) is a new foundation model that can be used as a zero-shot object segmentation method with the use of either guide prompts such as bounding boxes, polygons, or points. Alternatively, additional post processing steps can be used to identify objects of interest after segmenting everything in an image. Here we present a method using segment anything together with a series of post processing steps to segment potato leaves, called Leaf Only SAM. The advantage of this proposed method is that it does not require any training data to produce its results so has many applications across the field of plant phenotyping where there is limited high quality annotated data available. We compare the performance of Leaf Only SAM to a Mask R-CNN model which has been fine-tuned on our small novel potato leaf dataset. On the evaluation dataset, Leaf Only SAM finds an average recall of 63.2 and an average precision of 60.3, compared to recall of 78.7 and precision of 74.7 for Mask R-CNN. Leaf Only SAM does not perform better than the fine-tuned Mask R-CNN model on our data, but the SAM based model does not require any extra training or annotation of our new dataset. This shows there is potential to use SAM as a zero-shot classifier with the addition of post processing steps.

Title: Increasing Melanoma Diagnostic Confidence: Forcing the Convolutional Network to Learn from the Lesion. (arXiv:2305.09542v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09542
• Code URL: null
• Copy Paste: [[2305.09542] Increasing Melanoma Diagnostic Confidence: Forcing the Convolutional Network to Learn from the Lesion](http://arxiv.org/abs/2305.09542) #segmentation
• Summary:

  Deep learning implemented with convolutional network architectures can exceed specialists' diagnostic accuracy. However, whole-image deep learning trained on a given dataset may not generalize to other datasets. The problem arises because extra-lesional features - ruler marks, ink marks, and other melanoma correlates - may serve as information leaks. These extra-lesional features, discoverable by heat maps, degrade melanoma diagnostic performance and cause techniques learned on one data set to fail to generalize. We propose a novel technique to improve melanoma recognition by an EfficientNet model. The model trains the network to detect the lesion and learn features from the detected lesion. A generalizable elliptical segmentation model for lesions was developed, with an ellipse enclosing a lesion and the ellipse enclosed by an extended rectangle (bounding box). The minimal bounding box was extended by 20% to allow some background around the lesion. The publicly available International Skin Imaging Collaboration (ISIC) 2020 skin lesion image dataset was used to evaluate the effectiveness of the proposed method. Our test results show that the proposed method improved diagnostic accuracy by increasing the mean area under receiver operating characteristic curve (mean AUC) score from 0.9 to 0.922. Additionally, correctly diagnosed scores are also improved, providing better separation of scores, thereby increasing melanoma diagnostic confidence. The proposed lesion-focused convolutional technique warrants further study.

Title: Image Reconstruction using Superpixel Clustering and Tensor Completion. (arXiv:2305.09564v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09564
• Code URL: null
• Copy Paste: [[2305.09564] Image Reconstruction using Superpixel Clustering and Tensor Completion](http://arxiv.org/abs/2305.09564) #segmentation
• Summary:

  This paper presents a pixel selection method for compact image representation based on superpixel segmentation and tensor completion. Our method divides the image into several regions that capture important textures or semantics and selects a representative pixel from each region to store. We experiment with different criteria for choosing the representative pixel and find that the centroid pixel performs the best. We also propose two smooth tensor completion algorithms that can effectively reconstruct different types of images from the selected pixels. Our experiments show that our superpixel-based method achieves better results than uniform sampling for various missing ratios.

Title: Inductive Graph Neural Networks for Moving Object Segmentation. (arXiv:2305.09585v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09585
• Code URL: null
• Copy Paste: [[2305.09585] Inductive Graph Neural Networks for Moving Object Segmentation](http://arxiv.org/abs/2305.09585) #segmentation
• Summary:

  Moving Object Segmentation (MOS) is a challenging problem in computer vision, particularly in scenarios with dynamic backgrounds, abrupt lighting changes, shadows, camouflage, and moving cameras. While graph-based methods have shown promising results in MOS, they have mainly relied on transductive learning which assumes access to the entire training and testing data for evaluation. However, this assumption is not realistic in real-world applications where the system needs to handle new data during deployment. In this paper, we propose a novel Graph Inductive Moving Object Segmentation (GraphIMOS) algorithm based on a Graph Neural Network (GNN) architecture. Our approach builds a generic model capable of performing prediction on newly added data frames using the already trained model. GraphIMOS outperforms previous inductive learning methods and is more generic than previous transductive techniques. Our proposed algorithm enables the deployment of graph-based MOS models in real-world applications.

Title: Concurrent Misclassification and Out-of-Distribution Detection for Semantic Segmentation via Energy-Based Normalizing Flow. (arXiv:2305.09610v1 [cs.CV])

• Paper URL: http://arxiv.org/abs/2305.09610
• Code URL: https://github.com/gudovskiy/flowenedet
• Copy Paste: [[2305.09610] Concurrent Misclassification and Out-of-Distribution Detection for Semantic Segmentation via Energy-Based Normalizing Flow](http://arxiv.org/abs/2305.09610) #segmentation
• Summary:

  Recent semantic segmentation models accurately classify test-time examples that are similar to a training dataset distribution. However, their discriminative closed-set approach is not robust in practical data setups with distributional shifts and out-of-distribution (OOD) classes. As a result, the predicted probabilities can be very imprecise when used as confidence scores at test time. To address this, we propose a generative model for concurrent in-distribution misclassification (IDM) and OOD detection that relies on a normalizing flow framework. The proposed flow-based detector with an energy-based inputs (FlowEneDet) can extend previously deployed segmentation models without their time-consuming retraining. Our FlowEneDet results in a low-complexity architecture with marginal increase in the memory footprint. FlowEneDet achieves promising results on Cityscapes, Cityscapes-C, FishyScapes and SegmentMeIfYouCan benchmarks in IDM/OOD detection when applied to pretrained DeepLabV3+ and SegFormer semantic segmentation models.

Title: One-Shot Online Testing of Deep Neural Networks Based on Distribution Shift Detection. (arXiv:2305.09348v1 [cs.LG])

• Paper URL: http://arxiv.org/abs/2305.09348
• Code URL: null
• Copy Paste: [[2305.09348] One-Shot Online Testing of Deep Neural Networks Based on Distribution Shift Detection](http://arxiv.org/abs/2305.09348) #segmentation
• Summary:

  Neural networks (NNs) are capable of learning complex patterns and relationships in data to make predictions with high accuracy, making them useful for various tasks. However, NNs are both computation-intensive and memory-intensive methods, making them challenging for edge applications. To accelerate the most common operations (matrix-vector multiplication) in NNs, hardware accelerator architectures such as computation-in-memory (CiM) with non-volatile memristive crossbars are utilized. Although they offer benefits such as power efficiency, parallelism, and nonvolatility, they suffer from various faults and variations, both during manufacturing and lifetime operations. This can lead to faulty computations and, in turn, degradation of post-mapping inference accuracy, which is unacceptable for many applications, including safety-critical applications. Therefore, proper testing of NN hardware accelerators is required. In this paper, we propose a \emph{one-shot} testing approach that can test NNs accelerated on memristive crossbars with only one test vector, making it very suitable for online testing applications. Our approach can consistently achieve $100\%$ fault coverage across several large topologies with up to $201$ layers and challenging tasks like semantic segmentation. Nevertheless, compared to existing methods, the fault coverage is improved by up to $24\%$, the memory overhead is only $0.0123$ MB, a reduction of up to $19980\times$ and the number of test vectors is reduced by $10000\times$.