Search Results for author:
Found 53 papers, 32 papers with code
On Calibration of Modern Neural Networks
Confidence calibration -- the problem of predicting probability estimates representative of the true correctness likelihood -- is important for classification models in many applications.
MoMask: Generative Masked Modeling of 3D Human Motions
For the base-layer motion tokens, a Masked Transformer is designated to predict randomly masked motion tokens conditioned on text input at training stage.
Ranked #1 on
Motion Synthesis
on HumanML3D
Countering Adversarial Images using Input Transformations
This paper investigates strategies that defend against adversarial-example attacks on image-classification systems by transforming the inputs before feeding them to the system.
Generating Diverse and Natural 3D Human Motions From Text
Automated generation of 3D human motions from text is a challenging problem.
Ranked #6 on
Motion Synthesis
on InterHuman
An empirical study on evaluation metrics of generative adversarial networks
Evaluating generative adversarial networks (GANs) is inherently challenging.
Simple Black-box Adversarial Attacks
We propose an intriguingly simple method for the construction of adversarial images in the black-box setting.
Action2Motion: Conditioned Generation of 3D Human Motions
Action recognition is a relatively established task, where givenan input sequence of human motion, the goal is to predict its ac-tion category.
TM2T: Stochastic and Tokenized Modeling for the Reciprocal Generation of 3D Human Motions and Texts
Our approach is flexible, could be used for both text2motion and motion2text tasks.
Ranked #2 on
Motion Captioning
on KIT Motion-Language
Supervised Word Mover's Distance
Accurately measuring the similarity between text documents lies at the core of many real world applications of machine learning.
Gradient-based Adversarial Attacks against Text Transformers
We propose the first general-purpose gradient-based attack against transformer models.
Certified Data Removal from Machine Learning Models
Good data stewardship requires removal of data at the request of the data's owner.
TM2D: Bimodality Driven 3D Dance Generation via Music-Text Integration
We propose a novel task for generating 3D dance movements that simultaneously incorporate both text and music modalities.
ReAct: Out-of-distribution Detection With Rectified Activations
Out-of-distribution (OOD) detection has received much attention lately due to its practical importance in enhancing the safe deployment of neural networks.
Ranked #13 on
Out-of-Distribution Detection
on ImageNet-1k vs SUN
Measuring Data Leakage in Machine-Learning Models with Fisher Information
This information leaks either through the model itself or through predictions made by the model.
Do SSL Models Have Déjà Vu? A Case of Unintended Memorization in Self-supervised Learning
Self-supervised learning (SSL) algorithms can produce useful image representations by learning to associate different parts of natural images with one another.
A New Defense Against Adversarial Images: Turning a Weakness into a Strength
Natural images are virtually surrounded by low-density misclassified regions that can be efficiently discovered by gradient-guided search --- enabling the generation of adversarial images.
EventHPE: Event-based 3D Human Pose and Shape Estimation
Event camera is an emerging imaging sensor for capturing dynamics of moving objects as events, which motivates our work in estimating 3D human pose and shape from the event signals.
ViP: A Differentially Private Foundation Model for Computer Vision
In this work, we propose as a mitigation measure a recipe to train foundation vision models with differential privacy (DP) guarantee.
Human Pose and Shape Estimation from Single Polarization Images
This paper focuses on a new problem of estimating human pose and shape from single polarization images.
Low Frequency Adversarial Perturbation
In this paper we propose to restrict the search for adversarial images to a low frequency domain.
MotionMix: Weakly-Supervised Diffusion for Controllable Motion Generation
Specifically, we separate the denoising objectives of a diffusion model into two stages: obtaining conditional rough motion approximations in the initial $T-T^*$ steps by learning the noisy annotated motions, followed by the unconditional refinement of these preliminary motions during the last $T^*$ steps using unannotated motions.
Promoting Saliency From Depth: Deep Unsupervised RGB-D Saliency Detection
The laborious and time-consuming manual annotation has become a real bottleneck in various practical scenarios.
Privacy-Aware Compression for Federated Data Analysis
Federated data analytics is a framework for distributed data analysis where a server compiles noisy responses from a group of distributed low-bandwidth user devices to estimate aggregate statistics.
Privacy-Aware Compression for Federated Learning Through Numerical Mechanism Design
In private federated learning (FL), a server aggregates differentially private updates from a large number of clients in order to train a machine learning model.
Making Paper Reviewing Robust to Bid Manipulation Attacks
We develop a novel approach for paper bidding and assignment that is much more robust against such attacks.
On the Importance of Difficulty Calibration in Membership Inference Attacks
The vulnerability of machine learning models to membership inference attacks has received much attention in recent years.
Bounding Training Data Reconstruction in Private (Deep) Learning
Differential privacy is widely accepted as the de facto method for preventing data leakage in ML, and conventional wisdom suggests that it offers strong protection against privacy attacks.
Learning to Invert: Simple Adaptive Attacks for Gradient Inversion in Federated Learning
Gradient inversion attack enables recovery of training samples from model gradients in federated learning (FL), and constitutes a serious threat to data privacy.
Does Label Differential Privacy Prevent Label Inference Attacks?
Label differential privacy (label-DP) is a popular framework for training private ML models on datasets with public features and sensitive private labels.
Fixes That Fail: Self-Defeating Improvements in Machine-Learning Systems
Machine-learning systems such as self-driving cars or virtual assistants are composed of a large number of machine-learning models that recognize image content, transcribe speech, analyze natural language, infer preferences, rank options, etc.
"Private Prediction Strikes Back!'' Private Kernelized Nearest Neighbors with Individual Renyi Filter
Most existing approaches of differentially private (DP) machine learning focus on private training.
Guarantees of confidentiality via Hammersley-Chapman-Robbins bounds
The HCR bounds appear to be insufficient on their own to guarantee confidentiality of the inputs to inference with standard deep neural nets, "ResNet-18" and "Swin-T," pre-trained on the data set, "ImageNet-1000," which contains 1000 classes.
Breaking the Glass Ceiling for Embedding-Based Classifiers for Large Output Spaces
In extreme classification settings, embedding-based neural network models are currently not competitive with sparse linear and tree-based methods in terms of accuracy.
TrojanNet: Exposing the Danger of Trojan Horse Attack on Neural Networks
The complexity of large-scale neural networks can lead to poor understanding of their internal details.
Secure multiparty computations in floating-point arithmetic
Secure multiparty computations enable the distribution of so-called shares of sensitive data to multiple parties such that the multiple parties can effectively process the data while being unable to glean much information about the data (at least not without collusion among all parties to put back together all the shares).
On Hiding Neural Networks Inside Neural Networks
Modern neural networks often contain significantly more parameters than the size of their training data.
Polarization Human Shape and Pose Dataset
Polarization images are known to be able to capture polarized reflected lights that preserve rich geometric cues of an object, which has motivated its recent applications in reconstructing detailed surface normal of the objects of interest.
Byzantine-Robust and Privacy-Preserving Framework for FedML
This learning setting presents, among others, two unique challenges: how to protect privacy of the clients' data during training, and how to ensure integrity of the trained model.
Online Adaptation to Label Distribution Shift
Machine learning models often encounter distribution shifts when deployed in the real world.
BulletTrain: Accelerating Robust Neural Network Training via Boundary Example Mining
Neural network robustness has become a central topic in machine learning in recent years.
Action2video: Generating Videos of Human 3D Actions
Action2motion stochastically generates plausible 3D pose sequences of a prescribed action category, which are processed and rendered by motion2video to form 2D videos.
Submix: Practical Private Prediction for Large-Scale Language Models
Recent data-extraction attacks have exposed that language models can memorize some training samples verbatim.
Origins of Low-dimensional Adversarial Perturbations
Finally, we show that if a decision-region is compact, then it admits a universal adversarial perturbation with $L_2$ norm which is $\sqrt{d}$ times smaller than the typical $L_2$ norm of a data point.
Cocktail Party Attack: Breaking Aggregation-Based Privacy in Federated Learning using Independent Component Analysis
Federated learning (FL) aims to perform privacy-preserving machine learning on distributed data held by multiple data owners.
Measuring and Controlling Split Layer Privacy Leakage Using Fisher Information
Split learning and inference propose to run training/inference of a large model that is split across client devices and the cloud.
Analyzing Privacy Leakage in Machine Learning via Multiple Hypothesis Testing: A Lesson From Fano
Differential privacy (DP) is by far the most widely accepted framework for mitigating privacy risks in machine learning.
Information Flow Control in Machine Learning through Modular Model Architecture
In today's machine learning (ML) models, any part of the training data can affect its output.
Large-Scale Public Data Improves Differentially Private Image Generation Quality
In this work, we look at how to use generic large-scale public data to improve the quality of differentially private image generation in Generative Adversarial Networks (GANs), and provide an improved method that uses public data effectively.
Generative Human Motion Stylization in Latent Space
Building upon this, we present a novel generative model that produces diverse stylization results of a single motion (latent) code.
Déjà Vu Memorization in Vision-Language Models
Vision-Language Models (VLMs) have emerged as the state-of-the-art representation learning solution, with myriads of downstream applications such as image classification, retrieval and generation.
Differentially Private Representation Learning via Image Captioning
In this work, we show that effective DP representation learning can be done via image captioning and scaling up to internet-scale multimodal datasets.
Privacy Amplification for the Gaussian Mechanism via Bounded Support
Data-dependent privacy accounting frameworks such as per-instance differential privacy (pDP) and Fisher information loss (FIL) confer fine-grained privacy guarantees for individuals in a fixed training dataset.
DP-RDM: Adapting Diffusion Models to Private Domains Without Fine-Tuning
Text-to-image diffusion models have been shown to suffer from sample-level memorization, possibly reproducing near-perfect replica of images that they are trained on, which may be undesirable.
