Search Results for author: Pratyush Maini

Found 17 papers, 13 papers with code

Adversarial Robustness Against the Union of Multiple Threat Models

1 code implementation ICML 2020 Pratyush Maini, Eric Wong, Zico Kolter

Owing to the susceptibility of deep learning systems to adversarial attacks, there has been a great deal of work in developing (both empirically and certifiably) robust classifiers.

Adversarial Robustness

Understanding Hallucinations in Diffusion Models through Mode Interpolation

1 code implementation13 Jun 2024 Sumukh K Aithal, Pratyush Maini, Zachary C. Lipton, J. Zico Kolter

Specifically, we find that diffusion models smoothly "interpolate" between nearby data modes in the training set, to generate samples that are completely outside the support of the original training distribution; this phenomenon leads diffusion models to generate artifacts that never existed in real data (i. e., hallucinations).

Hallucination Image Generation

LLM Dataset Inference: Did you train on my dataset?

1 code implementation10 Jun 2024 Pratyush Maini, Hengrui Jia, Nicolas Papernot, Adam Dziedzic

Instead, we propose a new dataset inference method to accurately identify the datasets used to train large language models.

Rethinking LLM Memorization through the Lens of Adversarial Compression

no code implementations23 Apr 2024 Avi Schwarzschild, Zhili Feng, Pratyush Maini, Zachary C. Lipton, J. Zico Kolter

The ACR overcomes the limitations of existing notions of memorization by (i) offering an adversarial view of measuring memorization, especially for monitoring unlearning and compliance; and (ii) allowing for the flexibility to measure memorization for arbitrary strings at a reasonably low compute.

Memorization

Scaling Laws for Data Filtering -- Data Curation cannot be Compute Agnostic

1 code implementation10 Apr 2024 Sachin Goyal, Pratyush Maini, Zachary C. Lipton, aditi raghunathan, J. Zico Kolter

Vision-language models (VLMs) are trained for thousands of GPU hours on carefully curated web datasets.

Rephrasing the Web: A Recipe for Compute and Data-Efficient Language Modeling

no code implementations29 Jan 2024 Pratyush Maini, Skyler Seto, He Bai, David Grangier, Yizhe Zhang, Navdeep Jaitly

Large language models are trained on massive scrapes of the web, which are often unstructured, noisy, and poorly phrased.

Language Modelling

TOFU: A Task of Fictitious Unlearning for LLMs

2 code implementations11 Jan 2024 Pratyush Maini, Zhili Feng, Avi Schwarzschild, Zachary C. Lipton, J. Zico Kolter

Large language models trained on massive corpora of data from the web can memorize and reproduce sensitive or private data raising both legal and ethical concerns.

Scaling Laws for Data Filtering-- Data Curation cannot be Compute Agnostic

no code implementations CVPR 2024 Sachin Goyal, Pratyush Maini, Zachary C. Lipton, aditi raghunathan, J. Zico Kolter

Our work bridges this important gap in the literature by developing scaling laws that characterize the differing utility of various data subsets and accounting for how this diminishes for a data point at its nth repetition.

Can Neural Network Memorization Be Localized?

1 code implementation18 Jul 2023 Pratyush Maini, Michael C. Mozer, Hanie Sedghi, Zachary C. Lipton, J. Zico Kolter, Chiyuan Zhang

Recent efforts at explaining the interplay of memorization and generalization in deep overparametrized networks have posited that neural networks $\textit{memorize}$ "hard" examples in the final few layers of the model.

Memorization

T-MARS: Improving Visual Representations by Circumventing Text Feature Learning

1 code implementation6 Jul 2023 Pratyush Maini, Sachin Goyal, Zachary C. Lipton, J. Zico Kolter, aditi raghunathan

However, naively removing all such data could also be wasteful, as it throws away images that contain visual features (in addition to overlapping text).

Optical Character Recognition

Model-tuning Via Prompts Makes NLP Models Adversarially Robust

1 code implementation13 Mar 2023 Mrigank Raman, Pratyush Maini, J. Zico Kolter, Zachary C. Lipton, Danish Pruthi

Across 5 NLP datasets, 4 adversarial attacks, and 3 different models, MVP improves performance against adversarial substitutions by an average of 8% over standard methods and even outperforms adversarial training-based state-of-art defenses by 3. 5%.

Adversarial Robustness Language Modelling +1

Characterizing Datapoints via Second-Split Forgetting

1 code implementation26 Oct 2022 Pratyush Maini, Saurabh Garg, Zachary C. Lipton, J. Zico Kolter

Popular metrics derived from these dynamics include (i) the epoch at which examples are first correctly classified; (ii) the number of times their predictions flip during training; and (iii) whether their prediction flips if they are held out.

Dataset Inference: Ownership Resolution in Machine Learning

1 code implementation ICLR 2021 Pratyush Maini, Mohammad Yaghini, Nicolas Papernot

We thus introduce $dataset$ $inference$, the process of identifying whether a suspected model copy has private knowledge from the original model's dataset, as a defense against model stealing.

BIG-bench Machine Learning

Perturbation Type Categorization for Multiple $\ell_p$ Bounded Adversarial Robustness

no code implementations1 Jan 2021 Pratyush Maini, Xinyun Chen, Bo Li, Dawn Song

In addition, we demonstrate the realization of this trade-off in deep networks by adding random noise to the model input at test time, enabling enhanced robustness against strong adaptive attacks.

Adversarial Robustness Vocal Bursts Type Prediction

Data-Free Model Extraction

2 code implementations CVPR 2021 Jean-Baptiste Truong, Pratyush Maini, Robert J. Walls, Nicolas Papernot

Current model extraction attacks assume that the adversary has access to a surrogate dataset with characteristics similar to the proprietary data used to train the victim model.

Model extraction Transfer Learning

Why and when should you pool? Analyzing Pooling in Recurrent Architectures

1 code implementation Findings of the Association for Computational Linguistics 2020 Pratyush Maini, Keshav Kolluru, Danish Pruthi, Mausam

We find that pooling-based architectures substantially differ from their non-pooling equivalents in their learning ability and positional biases--which elucidate their performance benefits.

Sentence text-classification +1

Adversarial Robustness Against the Union of Multiple Perturbation Models

1 code implementation9 Sep 2019 Pratyush Maini, Eric Wong, J. Zico Kolter

Owing to the susceptibility of deep learning systems to adversarial attacks, there has been a great deal of work in developing (both empirically and certifiably) robust classifiers.

Adversarial Robustness

Cannot find the paper you are looking for? You can Submit a new open access paper.