Search Results for author:
Found 163 papers, 81 papers with code
Representation-Constrained Autoencoders and an Application to Wireless Positioning
In a number of practical applications that rely on dimensionality reduction, the dataset or measurement process provides valuable side information that can be incorporated when learning low-dimensional embeddings.
Analyzing the effect of neural network architecture on training performance
Through novel theoretical and experimental results, we show how the neural net architecture affects gradient confusion, and thus the efficiency of training.
A Cookbook of Self-Supervised Learning
Self-supervised learning, dubbed the dark matter of intelligence, is a promising path to advance machine learning.
JPEG Compressed Images Can Bypass Protections Against AI Editing
Recently developed text-to-image diffusion models make it easy to edit or create high-quality images.
Neural Auctions Compromise Bidder Information
It has been shown that neural networks can be used to approximate optimal mechanisms while satisfying the constraints that an auction be strategyproof and individually rational.
Universal Guidance for Diffusion Models
Typical diffusion models are trained to accept a particular form of conditioning, most commonly text, and cannot be conditioned on other modalities without retraining.
Hard Prompts Made Easy: Gradient-Based Discrete Optimization for Prompt Tuning and Discovery
In the text-to-image setting, the method creates hard prompts for diffusion models, allowing API users to easily generate, discover, and mix and match image concepts without prior knowledge on how to prompt the model.
Exploring and Exploiting Decision Boundary Dynamics for Adversarial Robustness
However, it is unclear whether existing robust training methods effectively increase the margin for each vulnerable point during training.
A Watermark for Large Language Models
Potential harms of large language models can be mitigated by watermarking model output, i. e., embedding signals into generated text that are invisible to humans but algorithmically detectable from a short span of tokens.
Cramming: Training a Language Model on a Single GPU in One Day
Recent trends in language modeling have focused on increasing performance through scaling, and have resulted in an environment where training language models is out of reach for most researchers and practitioners.
What do Vision Transformers Learn? A Visual Exploration
In addition, we show that ViTs maintain spatial information in all layers except the final layer.
Diffusion Art or Digital Forgery? Investigating Data Replication in Diffusion Models
Cutting-edge diffusion models produce images with high quality and customizability, enabling them to be used for commercial art and graphic design purposes.
Robustness Disparities in Face Detection
Many existing algorithmic audits examine the performance of these systems on later stage elements of facial analysis systems like facial recognition and age, emotion, or perceived gender prediction; however, a core component to these systems has been vastly understudied from a fairness perspective: face detection, sometimes called face localization.
K-SAM: Sharpness-Aware Minimization at the Speed of SGD
Sharpness-Aware Minimization (SAM) has recently emerged as a robust technique for improving the accuracy of deep neural networks.
Canary in a Coalmine: Better Membership Inference with Ensembled Adversarial Queries
As industrial applications are increasingly automated by machine learning models, enforcing personal data ownership and intellectual property rights requires tracing training data back to their rightful owners.
Thinking Two Moves Ahead: Anticipating Other Users Improves Backdoor Attacks in Federated Learning
Federated learning is particularly susceptible to model poisoning and backdoor attacks because individual users have direct control over the training data and model updates.
How Much Data Are Augmentations Worth? An Investigation into Scaling Laws, Invariance, and Implicit Regularization
Despite the clear performance benefits of data augmentations, little is known about why they are so effective.
Test-Time Prompt Tuning for Zero-Shot Generalization in Vision-Language Models
In evaluating cross-dataset generalization with unseen categories, TPT performs on par with the state-of-the-art approaches that use additional training data.
Cold Diffusion: Inverting Arbitrary Image Transforms Without Noise
We observe that the generative behavior of diffusion models is not strongly dependent on the choice of image degradation, and in fact an entire family of generative models can be constructed by varying this choice.
Certified Neural Network Watermarks with Randomized Smoothing
Watermarking is a commonly used strategy to protect creators' rights to digital images, videos and audio.
Transfer Learning with Deep Tabular Models
In this work, we demonstrate that upstream data gives tabular neural networks a decisive advantage over widely used GBDT models.
A Robust Stacking Framework for Training Deep Graph Models with Multifaceted Node Features
Graph Neural Networks (GNNs) with numerical node features and graph structure as inputs have demonstrated superior performance on various supervised learning tasks with graph data.
Autoregressive Perturbations for Data Poisoning
Unfortunately, existing methods require knowledge of both the target architecture and the complete dataset so that a surrogate network can be trained, the parameters of which are used to generate the attack.
Poisons that are learned faster are more effective
We advocate for evaluating poisons in terms of peak test accuracy.
Can Neural Nets Learn the Same Model Twice? Investigating Reproducibility and Double Descent from the Decision Boundary Perspective
We also use decision boundary methods to visualize double descent phenomena.
A Deep Dive into Dataset Imbalance and Bias in Face Identification
This is an unfortunate omission, as 'imbalance' is a more complex matter in identification; imbalance may arise in not only the training data, but also the testing data, and furthermore may affect the proportion of identities belonging to each demographic group or the number of images belonging to each identity.
End-to-end Algorithm Synthesis with Recurrent Networks: Logical Extrapolation Without Overthinking
Algorithmic extrapolation can be achieved through recurrent systems, which can be iterated many times to solve difficult reasoning problems.
Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification
Federated learning (FL) has rapidly risen in popularity due to its promise of privacy and efficiency.
Plug-In Inversion: Model-Agnostic Inversion for Vision with Data Augmentations
Existing techniques for model inversion typically rely on hard-to-tune regularizers, such as total variation or feature regularization, which must be individually calibrated for each network in order to produce adequate images.
Decepticons: Corrupted Transformers Breach Privacy in Federated Learning for Language Models
A central tenet of Federated learning (FL), which trains models without centralizing user data, is privacy.
Certifying Model Accuracy under Distribution Shifts
Certified robustness in machine learning has primarily focused on adversarial perturbations of the input with a fixed attack budget for each point in the data distribution.
Are Commercial Face Detection Models as Biased as Academic Models?
When we compare the size of these disparities to that of commercial models, we conclude that commercial models - in contrast to their relatively larger development budget and industry-level fairness commitments - are always as biased or more biased than an academic model.
Execute Order 66: Targeted Data Poisoning for Reinforcement Learning
Data poisoning for reinforcement learning has historically focused on general performance degradation, and targeted attacks have been successful via perturbations that involve control of the victim's policy and rewards.
Gradient-Free Adversarial Training Against Image Corruption for Learning-based Steering
We introduce a simple yet effective framework for improving the robustness of learning algorithms against image corruptions for autonomous driving.
Active Learning at the ImageNet Scale
Active learning (AL) algorithms aim to identify an optimal subset of data for annotation, such that deep neural networks (DNN) can achieve better performance when trained on this labeled subset.
VQ-GNN: A Universal Framework to Scale up Graph Neural Networks using Vector Quantization
Our framework avoids the "neighbor explosion" problem of GNNs using quantized representations combined with a low-rank version of the graph convolution matrix.
Ranked #11 on
Node Classification
on Reddit
A Frequency Perspective of Adversarial Robustness
Our analysis shows that adversarial examples are neither in high-frequency nor in low-frequency components, but are simply dataset dependent.
Does your graph need a confidence boost? Convergent boosted smoothing on graphs with tabular node features
For supervised learning with tabular data, decision tree ensembles produced via boosting techniques generally dominate real-world applications involving iid training/test sets.
Robbing the Fed: Directly Obtaining Private Data in Federated Learning with Modified Models
Federated learning has quickly gained popularity with its promises of increased user privacy and efficiency.
Comparing Human and Machine Bias in Face Recognition
Much recent research has uncovered and discussed serious concerns of bias in facial analysis technologies, finding performance disparities between groups of people based on perceived gender, skin type, lighting condition, etc.
A Flexible Measurement of Diversity in Datasets with Random Network Distillation
We validate and deploy this metric on both images and text.
DP-InstaHide: Data Augmentations Provably Enhance Guarantees Against Dataset Manipulations
Data poisoning and backdoor attacks manipulate training data to induce security breaches in a victim model.
Contrastive Learning is Just Meta-Learning
Contrastive learning has recently taken off as a paradigm for learning from unlabeled data.
Diurnal or Nocturnal? Federated Learning of Multi-branch Networks from Periodically Shifting Distributions
Federated learning has been deployed to train machine learning models from decentralized client data on mobile devices in practice.
Thinking Deeper With Recurrent Networks: Logical Extrapolation Without Overthinking
Classical machine learning systems perform best when they are trained and tested on the same distribution, and they lack a mechanism to increase model power after training is complete.
An Investigation into the Role of Author Demographics in ICLR Participation and Review
As machine learning conferences grow rapidly, many are concerned that individuals will be left behind on the basis of traits such as gender and geography.
Convergent Boosted Smoothing for Modeling GraphData with Tabular Node Features
Many practical modeling tasks require making predictions using tabular data composed of heterogeneous feature types (e. g., text-based, categorical, continuous, etc.).
A Closer Look at Distribution Shifts and Out-of-Distribution Generalization on Graphs
We observe that in most cases, we need both a suitable domain generalization algorithm and a strong GNN backbone model to optimize out-of-distribution test performance.
Protecting Proprietary Data: Poisoning for Secure Dataset Release
These two behaviors can be in conflict as an organization wants to prevent competitors from using their own data to replicate the performance of their proprietary models.
Stochastic Training is Not Necessary for Generalization
It is widely believed that the implicit regularization of SGD is fundamental to the impressive generalization behavior we observe in neural networks.
Towards Transferable Adversarial Attacks on Vision Transformers
We evaluate the transferability of attacks on state-of-the-art ViTs, CNNs and robustly trained CNNs.
Robustness Disparities in Commercial Face Detection
Facial detection and analysis systems have been deployed by large companies and critiqued by scholars and activists for the past decade.
Datasets for Studying Generalization from Easy to Hard Examples
We describe new datasets for studying generalization from easy to hard examples.
Where do Models go Wrong? Parameter-Space Saliency Maps for Explainability
We find that samples which cause similar parameters to malfunction are semantically similar.
Long-Short Transformer: Efficient Transformers for Language and Vision
For instance, Transformer-LS achieves 0. 97 test BPC on enwik8 using half the number of parameters than previous method, while being faster and is able to handle 3x as long sequences compared to its full-attention version on the same hardware.
Ranked #1 on
Language Modelling
on enwik8 dev
Adversarial Examples Make Strong Poisons
The adversarial machine learning literature is largely partitioned into evasion attacks on testing data and poisoning attacks on training data.
MetaBalance: High-Performance Neural Networks for Class-Imbalanced Data
Class-imbalanced data, in which some classes contain far more samples than others, is ubiquitous in real-world applications.
Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch
In contrast, the Hidden Trigger Backdoor Attack achieves poisoning without placing a trigger into the training data at all.
Learning Revenue-Maximizing Auctions With Differentiable Matching
We propose a new architecture to approximately learn incentive compatible, revenue-maximizing auctions from sampled valuations.
Can You Learn an Algorithm? Generalizing from Easy to Hard Problems with Recurrent Networks
In this work, we show that recurrent networks trained to solve simple problems with few recurrent steps can indeed solve much more complex problems simply by performing additional recurrences during inference.
SAINT: Improved Neural Networks for Tabular Data via Row Attention and Contrastive Pre-Training
We devise a hybrid deep learning approach to solving tabular data problems.
The Intrinsic Dimension of Images and Its Impact on Learning
We find that common natural image datasets indeed have very low intrinsic dimension relative to the high number of pixels in the images.
THAT: Two Head Adversarial Training for Improving Robustness at Scale
Many variants of adversarial training have been proposed, with most research focusing on problems with relatively few classes.
Improving Generalization of Transfer Learning Across Domains Using Spatio-Temporal Features in Autonomous Driving
Practical learning-based autonomous driving models must be capable of generalizing learned behaviors from simulated to real domains, and from training data to unseen domains with unusual image properties.
Insta-RS: Instance-wise Randomized Smoothing for Improved Robustness and Accuracy
Randomized smoothing (RS) is an effective and scalable technique for constructing neural network classifiers that are certifiably robust to adversarial perturbations.
DP-InstaHide: Provably Defusing Poisoning and Backdoor Attacks with Differentially Private Data Augmentations
The InstaHide method has recently been proposed as an alternative to DP training that leverages supposed privacy properties of the mixup augmentation, although without rigorous guarantees.
Improving Robustness of Learning-based Autonomous Steering Using Adversarial Images
For safety of autonomous driving, vehicles need to be able to drive under various lighting, weather, and visibility conditions in different environments.
What Doesn't Kill You Makes You Robust(er): How to Adversarially Train against Data Poisoning
Data poisoning is a threat model in which a malicious actor tampers with training data to manipulate outcomes at inference time.
The Uncanny Similarity of Recurrence and Depth
It is widely believed that deep neural networks contain layer specialization, wherein neural networks extract hierarchical features representing edges and patterns in shallow layers and complete objects in deeper layers.
Center Smoothing: Certified Robustness for Networks with Structured Outputs
We extend the scope of certifiable robustness to problems with more general and structured outputs like sets, images, language, etc.
GradInit: Learning to Initialize Neural Networks for Stable and Efficient Training
Innovations in neural architectures have fostered significant breakthroughs in language modeling and computer vision.
Ranked #136 on
Image Classification
on CIFAR-10
Preventing Unauthorized Use of Proprietary Data: Poisoning for Secure Dataset Release
Large organizations such as social media companies continually release data, for example user images.
Technical Challenges for Training Fair Neural Networks
As machine learning algorithms have been widely deployed across applications, many concerns have been raised over the fairness of their predictions, especially in high stakes settings (such as facial recognition and medical imaging).
LowKey: Leveraging Adversarial Attacks to Protect Social Media Users from Facial Recognition
Facial recognition systems are increasingly deployed by private corporations, government agencies, and contractors for consumer services and mass surveillance programs alike.
Driving through the Lens: Improving Generalization of Learning-based Steering using Simulated Adversarial Examples
To ensure the wide adoption and safety of autonomous driving, the vehicles need to be able to drive under various lighting, weather, and visibility conditions in different environments.
WrapNet: Neural Net Inference with Ultra-Low-Precision Arithmetic
Low-precision neural networks represent both weights and activations with few bits, drastically reducing the multiplication complexity.
Just How Toxic is Data Poisoning? A Benchmark for Backdoor and Data Poisoning Attacks
Data poisoning and backdoor attacks manipulate training data in order to cause models to fail during inference.
Certified Watermarks for Neural Networks
Watermarking is a commonly used strategy to protect creators' rights to digital images, videos and audio.
Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses
As machine learning systems grow in scale, so do their training data requirements, forcing practitioners to automate and outsource the curation of training data in order to achieve state-of-the-art performance.
Detection as Regression: Certified Object Detection with Median Smoothing
Despite the vulnerability of object detectors to adversarial attacks, very few defenses are known to date.
Analyzing the Machine Learning Conference Review Process
Members of the machine learning community are likely to overhear allegations ranging from randomness of acceptance decisions to institutional bias.
Strong Data Augmentation Sanitizes Poisoning and Backdoor Attacks Without an Accuracy Tradeoff
Data poisoning and backdoor attacks manipulate victim models by maliciously modifying training data.
Are Adversarial Examples Created Equal? A Learnable Weighted Minimax Risk for Robustness under Non-uniform Attacks
Adversarial Training is proved to be an efficient method to defend against adversarial examples, being one of the few defenses that withstand strong attacks.
Robust Optimization as Data Augmentation for Large-scale Graphs
Data augmentation helps neural networks generalize better by enlarging the training set, but it remains an open question how to effectively augment graph data to enhance the performance of GNNs (Graph Neural Networks).
Ranked #1 on
Graph Property Prediction
on ogbg-ppa
Towards Accurate Quantization and Pruning via Data-free Knowledge Transfer
Further, we demonstrate that the compact structure and corresponding initialization from the Lottery Ticket Hypothesis can also help in data-free training.
Data Augmentation for Meta-Learning
Conventional image classifiers are trained by randomly sampling mini-batches of images.
Random Network Distillation as a Diversity Metric for Both Image and Text Generation
We validate and deploy this metric on both images and text.
ProportionNet: Balancing Fairness and Revenue for Auction Design with Deep Learning
Inspired by these advances, in this paper, we extend techniques for approximating auctions using deep learning to address concerns of fairness while maintaining high revenue and strong incentive guarantees.
An Open Review of OpenReview: A Critical Analysis of the Machine Learning Conference Review Process
Members of the machine learning community are likely to overhear allegations ranging from randomness of acceptance decisions to institutional bias.
Prepare for the Worst: Generalizing across Domain Shifts with Adversarial Batch Normalization
Adversarial training is the industry standard for producing models that are robust to small adversarial perturbations.
Encoding Robustness to Image Style via Adversarial Feature Perturbations
We adapt adversarial training by directly perturbing feature statistics, rather than image pixels, to produce models that are robust to various unseen distributional shifts.
Certifying Confidence via Randomized Smoothing
It uses the probabilities of predicting the top two most-likely classes around an input point under a smoothing distribution to generate a certified radius for a classifier's prediction.
High-Bandwidth Spatial Equalization for mmWave Massive MU-MIMO with Processing-In-Memory
All-digital basestation (BS) architectures enable superior spectral efficiency compared to hybrid solutions in massive multi-user MIMO systems.
Witches' Brew: Industrial Scale Data Poisoning via Gradient Matching
We consider a particularly malicious poisoning attack that is both "from scratch" and "clean label", meaning we analyze an attack that successfully works against new, randomly initialized models, and is nearly imperceptible to humans, all while perturbing only a small fraction of the training data.
WrapNet: Neural Net Inference with Ultra-Low-Resolution Arithmetic
Low-resolution neural networks represent both weights and activations with few bits, drastically reducing the multiplication complexity.
Detection as Regression: Certified Object Detection by Median Smoothing
While adversarial training can improve the empirical robustness of image classifiers, a direct extension to object detection is very expensive.
Just How Toxic is Data Poisoning? A Unified Benchmark for Backdoor and Data Poisoning Attacks
Data poisoning and backdoor attacks manipulate training data in order to cause models to fail during inference.
MaxVA: Fast Adaptation of Step Sizes by Maximizing Observed Variance of Gradients
Adaptive gradient methods such as RMSProp and Adam use exponential moving estimate of the squared gradient to compute adaptive step sizes, achieving better convergence than SGD in face of noisy objectives.
Certifying Strategyproof Auction Networks
We focus on the RegretNet architecture, which can represent auctions with arbitrary numbers of items and participants; it is trained to be empirically strategyproof, but the property is never exactly verified leaving potential loopholes for market participants to exploit.
Exploring Model Robustness with Adaptive Networks and Improved Adversarial Training
Our adaptive networks also outperform larger widened non-adaptive architectures that have 1. 5 times more parameters.
Headless Horseman: Adversarial Attacks on Transfer Learning Models
We first demonstrate successful transfer attacks against a victim network using \textit{only} its feature extractor.
MetaPoison: Practical General-purpose Clean-label Data Poisoning
Existing attacks for data poisoning neural networks have relied on hand-crafted heuristics, because solving the poisoning problem directly via bilevel optimization is generally thought of as intractable for deep models.
Breaking certified defenses: Semantic adversarial examples with spoofed robustness certificates
To deflect adversarial attacks, a range of "certified" classifiers have been proposed.
Certified Defenses for Adversarial Patches
Adversarial patch attacks are among one of the most practical threat models against real-world computer vision systems.
Improving the Tightness of Convex Relaxation Bounds for Training Certifiably Robust Classifiers
Convex relaxations are effective for training and certifying neural networks against norm-bounded adversarial attacks, but they leave a large gap between certifiable and empirical robustness.
Adversarial Attacks on Machine Learning Systems for High-Frequency Trading
Algorithmic trading systems are often completely automated, and deep learning is increasingly receiving attention in this domain.
Unraveling Meta-Learning: Understanding Feature Representations for Few-Shot Tasks
In doing so, we introduce and verify several hypotheses for why meta-learned models perform better.
Curse of Dimensionality on Randomized Smoothing for Certifiable Robustness
Notably, for $p \geq 2$, this dependence on $d$ is no better than that of the $\ell_p$-radius that can be certified using isotropic Gaussian smoothing, essentially putting a matching lower bound on the robustness radius.
MSE-Optimal Neural Network Initialization via Layer Fusion
To address this issue, a variety of methods that rely on random parameter initialization or knowledge distillation have been proposed in the past.
WITCHcraft: Efficient PGD attacks with random step size
State-of-the-art adversarial attacks on neural networks use expensive iterative methods and numerous random restarts from different initial points.
Certified Data Removal from Machine Learning Models
Good data stewardship requires removal of data at the request of the data's owner.
Making an Invisibility Cloak: Real World Adversarial Attacks on Object Detectors
We present a systematic study of adversarial attacks on state-of-the-art object detection frameworks.
Label Smoothing and Logit Squeezing: A Replacement for Adversarial Training?
Adversarial training is one of the strongest defenses against adversarial attacks, but it requires adversarial examples to be generated for every mini-batch during optimization.
Instance adaptive adversarial training: Improved accuracy tradeoffs in neural nets
Adversarial training is by far the most successful strategy for improving robustness of neural networks to adversarial attacks.
Adversarially Robust Few-Shot Learning: A Meta-Learning Approach
Previous work on adversarially robust neural networks for image classification requires large training sets and computationally expensive training procedures.
Truth or Backpropaganda? An Empirical Investigation of Deep Learning Theory
We empirically evaluate common assumptions about neural networks that are widely held by practitioners and theorists alike.
Siamese Neural Networks for Wireless Positioning and Channel Charting
In this paper, we propose a unified architecture based on Siamese networks that can be used for supervised UE positioning and unsupervised channel charting.
Deep k-NN Defense against Clean-label Data Poisoning Attacks
Targeted clean-label data poisoning is a type of adversarial attack on machine learning systems in which an adversary injects a few correctly-labeled, minimally-perturbed samples into the training data, causing a model to misclassify a particular test sample during inference.
FreeLB: Enhanced Adversarial Training for Natural Language Understanding
Adversarial training, which minimizes the maximal risk for label-preserving input perturbations, has proved to be effective for improving the generalization of language models.
The Effect of Neural Net Architecture on Gradient Confusion & Training Performance
Through novel theoretical and experimental results, we show how the neural net architecture affects gradient confusion, and thus the efficiency of training.
Improved Training of Certifiably Robust Models
Convex relaxations are effective for training and certifying neural networks against norm-bounded adversarial attacks, but they leave a large gap between certifiable and empirical (PGD) robustness.
Improving Channel Charting with Representation-Constrained Autoencoders
Channel charting (CC) has been proposed recently to enable logical positioning of user equipments (UEs) in the neighborhood of a multi-antenna base-station solely from channel-state information (CSI).
Adversarial attacks on Copyright Detection Systems
Our goal is to raise awareness of the threats posed by adversarial examples in this space, and to highlight the importance of hardening copyright detection systems to attacks.
Understanding Generalization through Visualizations
The power of neural networks lies in their ability to generalize to unseen data, yet the underlying reasons for this phenomenon remain elusive.
Network Deconvolution
Convolution is a central operation in Convolutional Neural Networks (CNNs), which applies a kernel to overlapping regions shifted across the image.
Adversarially Robust Distillation
In addition to producing small models with high test accuracy like conventional distillation, ARD also passes the superior robustness of large networks onto the student.
Adversarially robust transfer learning
By training classifiers on top of these feature extractors, we produce new models that inherit the robustness of their parent networks.
Transferable Clean-Label Poisoning Attacks on Deep Neural Nets
Clean-label poisoning attacks inject innocuous looking (and "correctly" labeled) poison images into training data, causing a model to misclassify a targeted image after being trained on this data.
Adversarial Training for Free!
Adversarial training, in which a network is trained on adversarial examples, is one of the few defenses against adversarial attacks that withstands strong attacks.
The Impact of Neural Network Overparameterization on Gradient Confusion and Stochastic Gradient Descent
Our results show that, for popular initialization techniques, increasing the width of neural networks leads to lower gradient confusion, and thus faster model training.
ACE: Adapting to Changing Environments for Semantic Segmentation
However, neural classifiers are often extremely brittle when confronted with domain shift---changes in the input distribution that occur over time.
Understanding the (un)interpretability of natural image distributions using generative models
Probability density estimation is a classical and well studied problem, but standard density estimation methods have historically lacked the power to model complex and high-dimensional image distributions.
Universal Adversarial Training
Standard adversarial attacks change the predicted class label of a selected image by adding specially tailored small perturbations to its pixels.
Are adversarial examples inevitable?
Using experiments, we explore the implications of theoretical guarantees for real-world problems and discuss how factors such as dimensionality and image complexity limit a classifier's robustness against adversarial examples.
Channel Charting: Locating Users within the Radio Environment using Channel State Information
We propose channel charting (CC), a novel framework in which a multi-antenna network element learns a chart of the radio geometry in its surrounding area.
Linear Spectral Estimators and an Application to Phase Retrieval
Phase retrieval refers to the problem of recovering real- or complex-valued vectors from magnitude measurements.
Stacked U-Nets: A No-Frills Approach to Natural Image Segmentation
Many imaging tasks require global information about all pixels in an image.
DCAN: Dual Channel-wise Alignment Networks for Unsupervised Scene Adaptation
In particular, given an image from the source domain and unlabeled samples from the target domain, the generator synthesizes new images on-the-fly to resemble samples from the target domain in appearance and the segmentation network further refines high-level features before predicting semantic maps, both of which leverage feature statistics of sampled images from the target domain.
Poison Frogs! Targeted Clean-Label Poisoning Attacks on Neural Networks
The proposed attacks use "clean-labels"; they don't require the attacker to have any control over the labeling of training data.
Visualizing the Loss Landscape of Neural Nets
Neural network training relies on our ability to find "good" minimizers of highly non-convex loss functions.
Convex Phase Retrieval without Lifting via PhaseMax
Semidefinite relaxation methods transform a variety of non-convex optimization problems into convex problems, but square the number of variables.
Adaptive Consensus ADMM for Distributed Optimization
The alternating direction method of multipliers (ADMM) is commonly used for distributed model fitting problems, but its performance and reliability depend strongly on user-defined penalty parameters.
Training Quantized Nets: A Deeper Understanding
Currently, deep neural networks are deployed on low-power portable devices by first training a full-precision model using powerful hardware, and then deriving a corresponding low-precision model for efficient inference on such systems.
Stabilizing Adversarial Nets With Prediction Methods
Adversarial neural networks solve many important problems in data science, but are notoriously difficult to train.
Adaptive Relaxed ADMM: Convergence Theory and Practical Implementation
Relaxed ADMM is a generalization of ADMM that often achieves better performance, but its efficiency depends strongly on algorithm parameters that must be chosen by an expert user.
A New Rank Constraint on Multi-view Fundamental Matrices, and its Application to Camera Location Recovery
We show that in general, with the selection of proper scale factors, a matrix formed by stacking fundamental matrices between pairs of images has rank 6.
Solving Uncalibrated Photometric Stereo Using Fewer Images by Jointly Optimizing Low-rank Matrix Completion and Integrability
We introduce a new, integrated approach to uncalibrated photometric stereo.
Son of Zorn's Lemma: Targeted Style Transfer Using Instance-aware Semantic Segmentation
This work considers targeted style transfer, in which the style of a template image is used to alter only part of a target image.
An Empirical Study of ADMM for Nonconvex Problems
The alternating direction method of multipliers (ADMM) is a common optimization tool for solving constrained and non-differentiable problems.
Non-negative Factorization of the Occurrence Tensor from Financial Contracts
We propose an algorithm for the non-negative factorization of an occurrence tensor built from heterogeneous networks.
Big Batch SGD: Automated Inference using Adaptive Batch Sizes
The high fidelity gradients enable automated learning rate selection and do not require stepsize decay.
Biconvex Relaxation for Semidefinite Programming in Computer Vision
We propose a general framework to approximately solve large-scale semidefinite problems (SDPs) at low complexity.
Adaptive ADMM with Spectral Penalty Parameter Selection
The alternating direction method of multipliers (ADMM) is a versatile tool for solving a wide range of constrained optimization problems, with differentiable or non-differentiable objective functions.
Training Neural Networks Without Gradients: A Scalable ADMM Approach
With the growing importance of large network models and enormous training datasets, GPUs have become increasingly necessary to train neural networks.
Estimating Sparse Signals with Smooth Support via Convex Programming and Block Sparsity
We demonstrate the efficacy of our regularizers on a variety of imaging tasks including compressive image recovery, image restoration, and robust PCA.
Efficient Distributed SGD with Variance Reduction
Stochastic Gradient Descent (SGD) has become one of the most popular optimization methods for training machine learning models on massive datasets.
Variance Reduction for Distributed Stochastic Gradient Descent
Variance reduction (VR) methods boost the performance of stochastic gradient descent (SGD) by enabling the use of larger, constant stepsizes and preserving linear convergence rates.
Adaptive Primal-Dual Splitting Methods for Statistical Learning and Image Processing
The alternating direction method of multipliers (ADMM) is an important tool for solving complex optimization problems, but it involves minimization sub-steps that are often difficult to solve efficiently.
Unwrapping ADMM: Efficient Distributed Computing via Transpose Reduction
Recent approaches to distributed model fitting rely heavily on consensus ADMM, where each node solves small sub-problems using only local data.
FASTA: A Generalized Implementation of Forward-Backward Splitting
This is a user manual for the software package FASTA.
Mathematical Software Numerical Analysis Numerical Analysis
A Field Guide to Forward-Backward Splitting with a FASTA Implementation
Non-differentiable and constrained optimization play a key role in machine learning, signal and image processing, communications, and beyond.
Numerical Analysis G.1.6
The STONE Transform: Multi-Resolution Image Enhancement and Real-Time Compressive Video
Compressed sensing enables the reconstruction of high-resolution signals from under-sampled data.
Adaptive Primal-Dual Hybrid Gradient Methods for Saddle-Point Problems
The Primal-Dual hybrid gradient (PDHG) method is a powerful optimization scheme that breaks complex problems into simple sub-steps.
Numerical Analysis 65K15 G.1.6
