Search Results for author:
Found 22 papers, 10 papers with code
Bandit Sequential Posted Pricing via Half-Concavity
To overcome this assumption, we study sequential posted pricing in the bandit learning model, where the seller interacts with $n$ buyers over $T$ rounds: In each round the seller posts $n$ prices for the $n$ buyers and the first buyer with a valuation higher than the price takes the item.
Data-Centric Debugging: mitigating model failures via targeted data collection
Our Data-Centric Debugging (DCD) framework carefully creates a debug-train set by selecting images from $\mathcal{F}$ that are perceptually similar to the images in $\mathcal{E}_{sample}$.
Bandit Algorithms for Prophet Inequality and Pandora's Box
The goal is to minimize the regret, which is the difference over $T$ rounds in the total value of the optimal algorithm that knows the distributions vs. the total value of our algorithm that learns the distributions from the partial feedback.
Improved techniques for deterministic l2 robustness
In this work, we reduce this gap by introducing (a) a procedure to certify robustness of 1-Lipschitz CNNs by replacing the last linear layer with a 1-hidden layer MLP that significantly improves their performance for both standard and provably robust accuracy, (b) a method to significantly reduce the training time per epoch for Skew Orthogonal Convolution (SOC) layers (>30\% reduction for deeper networks) and (c) a class of pooling layers using the mathematical property that the $l_{2}$ distance of an input to a manifold is 1-Lipschitz.
Core Risk Minimization using Salient ImageNet
Deep neural networks can be unreliable in the real world especially when they heavily use spurious features for their predictions.
Salient ImageNet: How to discover spurious features in Deep Learning?
Our methodology is based on this key idea: to identify spurious or core \textit{visual features} used in model predictions, we identify spurious or core \textit{neural features} (penultimate layer neurons of a robust model) via limited human supervision (e. g., using top 5 activating images per feature).
Causal ImageNet: How to discover spurious features in Deep Learning?
Focusing on image classifications, we define causal attributes as the set of visual features that are always a part of the object while spurious attributes are the ones that are likely to {\it co-occur} with the object but not a part of it (e. g., attribute ``fingers" for class ``band aid").
Improved deterministic l2 robustness on CIFAR-10 and CIFAR-100
While $1$-Lipschitz CNNs can be designed by enforcing a $1$-Lipschitz constraint on each layer, training such networks requires each layer to have an orthogonal Jacobian matrix (for all inputs) to prevent the gradients from vanishing during backpropagation.
Skew Orthogonal Convolutions
Then, we use the Taylor series expansion of the Jacobian exponential to construct the SOC layer that is orthogonal.
Low Curvature Activations Reduce Overfitting in Adversarial Training
In particular, we show that using activation functions with low (exact or approximate) curvature values has a regularization effect that significantly reduces both the standard and robust generalization gaps in adversarial training.
Perceptual Adversarial Robustness: Generalizable Defenses Against Unforeseen Threat Models
We call this threat model the neural perceptual threat model (NPTM); it includes adversarial examples with a bounded neural perceptual distance (a neural network-based approximation of the true perceptual distance) to natural images.
Fantastic Four: Differentiable and Efficient Bounds on Singular Values of Convolution Layers
Through experiments on MNIST and CIFAR-10, we demonstrate the effectiveness of our spectral bound in improving generalization and robustness of deep networks.
Understanding Failures of Deep Networks via Robust Feature Extraction
Traditional evaluation metrics for learned models that report aggregate scores over a test set are insufficient for surfacing important and informative patterns of failure over features and instances.
Online Learning with Vector Costs and Bandits with Knapsacks
We study \OLVCp in both stochastic and adversarial arrival settings, and give a general procedure to reduce the problem from $d$ dimensions to a single dimension.
Perceptual Adversarial Robustness: Defense Against Unseen Threat Models
We call this threat model the neural perceptual threat model (NPTM); it includes adversarial examples with a bounded neural perceptual distance (a neural network-based approximation of the true perceptual distance) to natural images.
Fairness Through Robustness: Investigating Robustness Disparity in Deep Learning
In this paper, we argue that traditional notions of fairness that are only based on models' outputs are not sufficient when the model is vulnerable to adversarial attacks.
Second-Order Provable Defenses against Adversarial Attacks
Second, we derive a computationally-efficient differentiable upper bound on the curvature of a deep network.
Fantastic Four: Differentiable Bounds on Singular Values of Convolution Layers
Through experiments on MNIST and CIFAR-10, we demonstrate the effectiveness of our spectral bound in improving generalization and provable robustness of deep networks.
Curvature-based Robustness Certificates against Adversarial Examples
We also use the curvature bound as a regularization term during the training of the network to boost its certified robustness against adversarial examples.
Certifiably Robust Interpretation in Deep Learning
Deep learning interpretation is essential to explain the reasoning behind model predictions.
Understanding Impacts of High-Order Loss Approximations and Features in Deep Learning Interpretation
Second, we compute the importance of group-features in deep learning interpretation by introducing a sparsity regularization term.
Robustness Certificates Against Adversarial Examples for ReLU Networks
These robustness certificates leverage the piece-wise linear structure of ReLU networks and use the fact that in a polyhedron around a given sample, the prediction function is linear.
