Search Results for author:
Found 60 papers, 25 papers with code
Attacking Multimodal OS Agents with Malicious Image Patches
Recent advances in operating system (OS) agents enable vision-language models to interact directly with the graphical user interface of an OS.
Shh, don't say that! Domain Certification in LLMs
Large language models (LLMs) are often deployed to perform constrained tasks, with narrow domains.
On the Coexistence and Ensembling of Watermarks
We perform the first study of coexistence of deep image watermarking methods and, contrary to intuition, we find that various open-source watermarks can coexist with only minor impacts on image quality and decoding robustness.
Open Problems in Machine Unlearning for AI Safety
As AI systems become more capable, widely deployed, and increasingly autonomous in critical areas such as cybersecurity, biological research, and healthcare, ensuring their safety and alignment with human values is paramount.
Detecting LLM Hallucination Through Layer-wise Information Deficiency: Analysis of Unanswerable Questions and Ambiguous Prompts
Large language models (LLMs) frequently generate confident yet inaccurate responses, introducing significant risks for deployment in safety-critical domains.
Bi-Factorial Preference Optimization: Balancing Safety-Helpfulness in Language Models
Fine-tuning large language models (LLMs) on human preferences, typically through reinforcement learning from human feedback (RLHF), has proven successful in enhancing their capabilities.
FedMedICL: Towards Holistic Evaluation of Distribution Shifts in Federated Medical Imaging
In response, we introduce FedMedICL, a unified framework and benchmark to holistically evaluate federated medical imaging challenges, simultaneously capturing label, demographic, and temporal distribution shifts.
Model Merging and Safety Alignment: One Bad Model Spoils the Bunch
Our experiments illustrate the effectiveness of integrating alignment-related data during merging, resulting in models that excel in both domain expertise and alignment.
Mimicking User Data: On Mitigating Fine-Tuning Risks in Closed Large Language Models
Fine-tuning large language models on small, high-quality datasets can enhance their performance on specific downstream tasks.
Towards Interpretable Deep Local Learning with Successive Gradient Reconciliation
its input is not reconciled with the local gradient in the previous module w. r. t.
Universal In-Context Approximation By Prompting Fully Recurrent Models
We demonstrate that RNNs, LSTMs, GRUs, Linear RNNs, and linear gated architectures such as Mamba and Hawk/Griffin can also serve as universal in-context approximators.
Towards Certification of Uncertainty Calibration under Adversarial Attacks
We show that attacks can significantly harm calibration, and thus propose certified calibration as worst-case bounds on calibration under adversarial perturbations.
Risks and Opportunities of Open-Source Generative AI
Applications of Generative AI (Gen AI) are expected to revolutionize a number of different areas, ranging from science & medicine to education.
Near to Mid-term Risks and Opportunities of Open-Source Generative AI
In the next few years, applications of Generative AI are expected to revolutionize a number of different areas, ranging from science & medicine to education.
Continual Learning on a Diet: Learning from Sparsely Labeled Streams Under Constrained Computation
DietCL meticulously allocates computational budget for both types of data.
No "Zero-Shot" Without Exponential Data: Pretraining Concept Frequency Determines Multimodal Model Performance
Web-crawled pretraining datasets underlie the impressive "zero-shot" evaluation performance of multimodal models, such as CLIP for classification/retrieval and Stable-Diffusion for image generation.
On Pretraining Data Diversity for Self-Supervised Learning
We explore the impact of training with more diverse datasets, characterized by the number of unique samples, on the performance of self-supervised learning (SSL) under a fixed computational budget.
Efficient Lifelong Model Evaluation in an Era of Rapid Progress
To address this challenge, we introduce an efficient framework for model evaluation, Sort & Search (S&S)}, which reuses previously evaluated models by leveraging dynamic programming algorithms to selectively rank and sub-select test samples.
Prompting a Pretrained Transformer Can Be a Universal Approximator
Despite the widespread adoption of prompting, prompt tuning and prefix-tuning of transformer models, our theoretical understanding of these fine-tuning methods remains limited.
Can Large Language Model Agents Simulate Human Trust Behavior?
In this paper, we focus on one critical and elemental behavior in human interactions, trust, and investigate whether LLM agents can simulate human trust behavior.
SynthCLIP: Are We Ready for a Fully Synthetic CLIP Training?
We present SynthCLIP, a CLIP model trained on entirely synthetic text-image pairs.
Label Delay in Online Continual Learning
We introduce a new continual learning framework with explicit modeling of the label delay between data and label streams over time steps.
From Categories to Classifiers: Name-Only Continual Learning by Exploring the Web
Continual Learning (CL) often relies on the availability of extensive annotated datasets, an assumption that is unrealistically time-consuming and costly in practice.
When Do Prompting and Prefix-Tuning Work? A Theory of Capabilities and Limitations
Context-based fine-tuning methods, including prompting, in-context learning, soft prompting (also known as prompt tuning), and prefix-tuning, have gained popularity due to their ability to often match the performance of full fine-tuning with a fraction of the parameters.
Segment, Select, Correct: A Framework for Weakly-Supervised Referring Segmentation
Referring Image Segmentation (RIS) - the problem of identifying objects in images through natural language sentences - is a challenging task currently mostly solved through supervised learning.
Language Model Tokenizers Introduce Unfairness Between Languages
Recent language models have shown impressive multilingual performance, even when not explicitly trained for it.
Efficient Error Certification for Physics-Informed Neural Networks
Recent work provides promising evidence that Physics-Informed Neural Networks (PINN) can efficiently solve partial differential equations (PDE).
Rapid Adaptation in Online Continual Learning: Are We Evaluating It Right?
We revisit the common practice of evaluating adaptation of Online Continual Learning (OCL) algorithms through the metric of online accuracy, which measures the accuracy of the model on the immediate next few samples.
Certifying Ensembles: A General Certification Theory with S-Lipschitzness
Improving and guaranteeing the robustness of deep learning models has been a topic of intense research.
Don't FREAK Out: A Frequency-Inspired Approach to Detecting Backdoor Poisoned Samples in DNNs
In this paper we investigate the frequency sensitivity of Deep Neural Networks (DNNs) when presented with clean samples versus poisoned samples.
Computationally Budgeted Continual Learning: What Does Matter?
Our conclusions are consistent in a different number of stream time steps, e. g., 20 to 200, and under several computational budgets.
Real-Time Evaluation in Online Continual Learning: A New Hope
We show that a simple baseline outperforms state-of-the-art CL methods under this evaluation, questioning the applicability of existing methods in realistic settings.
SimCS: Simulation for Domain Incremental Online Continual Segmentation
This work explores the problem of Online Domain-Incremental Continual Segmentation (ODICS), where the model is continually trained over batches of densely labeled images from different domains, with limited computation and no information about the task boundaries.
Diversified Dynamic Routing for Vision Tasks
Deep learning models for vision tasks are trained on large datasets under the assumption that there exists a universal representation that can be used to make predictions for all samples.
Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks
Autonomous agents deployed in the real world need to be robust against adversarial attacks on sensory inputs.
Catastrophic overfitting can be induced with discriminative non-robust features
Through extensive experiments we analyze this novel phenomenon and discover that the presence of these easy features induces a learning shortcut that leads to CO. Our findings provide new insights into the mechanisms of CO and improve our understanding of the dynamics of AT.
Make Some Noise: Reliable and Efficient Single-Step Adversarial Training
Recently, Wong et al. showed that adversarial training with single-step FGSM leads to a characteristic failure mode named Catastrophic Overfitting (CO), in which a model becomes suddenly vulnerable to multi-step attacks.
Towards fast and effective single-step adversarial training
In this work, we methodically revisit the role of noise and clipping in single-step adversarial training.
ANCER: Anisotropic Certification via Sample-wise Volume Maximization
Randomized smoothing has recently emerged as an effective tool that enables certification of deep neural network classifiers at scale.
DeformRS: Certifying Input Deformations with Randomized Smoothing
Deep neural networks are vulnerable to input deformations in the form of vector fields of pixel displacements and to other parameterized geometric deformations e. g. translations, rotations, etc.
Combating Adversaries with Anti-Adversaries
Deep neural networks are vulnerable to small input perturbations known as adversarial attacks.
On the Decision Boundaries of Neural Networks. A Tropical Geometry Perspective
This work tackles the problem of characterizing and understanding the decision boundaries of neural networks with piecewise linear non-linearity activations.
Data-Dependent Randomized Smoothing
In this work, we revisit Gaussian randomized smoothing and show that the variance of the Gaussian distribution can be optimized at each input so as to maximize the certification radius for the construction of the smooth classifier.
Network Moments: Extensions and Sparse-Smooth Attacks
This has incited research on the reaction of DNNs to noisy input, namely developing adversarial input attacks and strategies that lead to robust DNNs to these attacks.
Rethinking Clustering for Robustness
This paper studies how encouraging semantically-aligned features during deep neural network training can increase network robustness.
On the Decision Boundaries of Neural Networks: A Tropical Geometry Perspective
Our main finding is that the decision boundaries are a subset of a tropical hypersurface, which is intimately related to a polytope formed by the convex hull of two zonotopes.
Analytical Moment Regularizer for Training Robust Networks
In this work, we propose a new training regularizer that aims to minimize the probabilistic expected training loss of a DNN subject to a generic Gaussian input.
Gabor Layers Enhance Network Robustness
We revisit the benefits of merging classical vision concepts with deep learning models.
On the Decision Boundaries of Deep Neural Networks: A Tropical Geometry Perspective
We use tropical geometry, a new development in the area of algebraic geometry, to provide a characterization of the decision boundaries of a simple neural network of the form (Affine, ReLU, Affine).
Expected Tight Bounds for Robust Deep Neural Network Training
al. that bounded input intervals can be inexpensively propagated from layer to layer through deep networks.
Constrained Clustering: General Pairwise and Cardinality Constraints
Extensive experiments on both synthetic and real data demonstrate when: (1) utilizing a single category of constraint, the proposed model is superior to or competitive with SOTA constrained clustering models, and (2) utilizing both categories of constraints jointly, the proposed model shows better performance than the case of the single category.
Expected Tight Bounds for Robust Training
In this paper, we closely examine the bounds of a block of layers composed in the form of Affine-ReLU-Affine.
Deep Layers as Stochastic Solvers
In particular, we show that a forward pass through a standard dropout layer followed by a linear layer and a non-linear activation is equivalent to optimizing a convex optimization objective with a single iteration of a $\tau$-nice Proximal Stochastic Gradient method.
Analytical Moment Regularizer for Gaussian Robust Networks
Despite the impressive performance of deep neural networks (DNNs) on numerous vision tasks, they still exhibit yet-to-understand uncouth behaviours.
Analytic Expressions for Probabilistic Moments of PL-DNN With Gaussian Input
Moreover, we show how these expressions can be used to systematically construct targeted and non-targeted adversarial attacks.
TrackingNet: A Large-Scale Dataset and Benchmark for Object Tracking in the Wild
In this work, we present TrackingNet, the first large-scale dataset and benchmark for object tracking in the wild.
High Order Tensor Formulation for Convolutional Sparse Coding
Convolutional sparse coding (CSC) has gained attention for its successful role as a reconstruction and a classification tool in the computer vision and machine learning community.
FFTLasso: Large-Scale LASSO in the Fourier Domain
Since all operations in our FFTLasso method are element-wise, the subproblems are completely independent and can be trivially parallelized (e. g. on a GPU).
In Defense of Sparse Tracking: Circulant Sparse Tracker
Sparse representation has been introduced to visual tracking by finding the best target candidate with minimal reconstruction error within the particle filter framework.
3D Part-Based Sparse Tracker With Automatic Synchronization and Registration
In this paper, we present a part-based sparse tracker in a particle filter framework where both the motion and appearance model are formulated in 3D.
