Search Results for author:
Found 12 papers, 5 papers with code
On the Fly Neural Style Smoothing for Risk-Averse Domain Generalization
To enable risk-averse predictions from a DG classifier, we propose a novel inference procedure, Test-Time Neural Style Smoothing (TT-NSS), that uses a "style-smoothed" version of the DG classifier for prediction at test time.
Analysis of Task Transferability in Large Pre-trained Classifiers
We propose a novel Task Transfer Analysis approach that transforms the source distribution (and classifier) by changing the class prior distribution, label, and feature spaces to produce a new source distribution (and classifier) and allows us to relate the loss of the downstream task (i. e., transferability) to that of the source task.
Understanding the Robustness of Multi-Exit Models under Common Corruptions
Furthermore, the lack of calibration increases the inconsistency in the predictions of the model across exits, leading to both inefficient inference and more misclassifications compared with evaluation on in-distribution data.
On Certifying and Improving Generalization to Unseen Domains
This highlights that the performance of DG methods on a few benchmark datasets may not be representative of their performance on unseen domains in the wild.
Certified Adversarial Defenses Meet Out-of-Distribution Corruptions: Benchmarking Robustness and Simple Baselines
To alleviate this issue, we propose a novel data augmentation scheme, FourierMix, that produces augmentations to improve the spectral coverage of the training data.
Understanding the Limits of Unsupervised Domain Adaptation via Data Poisoning
Unsupervised domain adaptation (UDA) enables cross-domain learning without target domain labels by transferring knowledge from a labeled source domain whose distribution differs from that of the target.
On the Effectiveness of Poisoning against Unsupervised Domain Adaptation
However, the limited effect of poisoning is restricted to the setting where training and test data are from the same distribution.
Machine Learning with Electronic Health Records is vulnerable to Backdoor Trigger Attacks
Electronic Health Records (EHRs) provide a wealth of information for machine learning algorithms to predict the patient outcome from the data including diagnostic information, vital signals, lab tests, drug administration, and demographic information.
How Robust are Randomized Smoothing based Defenses to Data Poisoning?
Moreover, our attack is effective even when the victim trains the models from scratch using state-of-the-art robust training methods such as Gaussian data augmentation\cite{cohen2019certified}, MACER\cite{zhai2020macer}, and SmoothAdv\cite{salman2019provably} that achieve high certified adversarial robustness.
Penalty Method for Inversion-Free Deep Bilevel Optimization
We present results on data denoising, few-shot learning, and training-data poisoning problems in a large-scale setting.
Fast Interactive Image Retrieval using large-scale unlabeled data
Active learning reduces the number of user interactions by querying the labels of the most informative points and GSSL allows to use abundant unlabeled data along with the limited labeled data provided by the user.
Machine vs Machine: Minimax-Optimal Defense Against Adversarial Examples
We demonstrate the minimax defense with two types of attack classes -- gradient-based and neural network-based attacks.
