Search Results for author:
Found 32 papers, 10 papers with code
Stochastic Actor-Executor-Critic for Image-to-Image Translation
Training a model-free deep reinforcement learning model to solve image-to-image translation is difficult since it involves high-dimensional continuous state and action spaces.
Stochastic Planner-Actor-Critic for Unsupervised Deformable Image Registration
We evaluate our method on several 2D and 3D medical image datasets, some of which contain large deformations.
Revisiting Adversarial Robustness of Classifiers With a Reject Option
Motivated by this metric, we propose novel loss functions and a robust training method -- \textit{stratified adversarial training with rejection} (SATR) -- for a classifier with reject option, where the goal is to accept and correctly-classify small input perturbations, while allowing the rejection of larger input perturbations that cannot be correctly classified.
Towards Evaluating the Robustness of Neural Networks Learned by Transduction
There has been emerging interest in using transductive learning for adversarial robustness (Goldwasser et al., NeurIPS 2020; Wu et al., ICML 2020; Wang et al., ArXiv 2021).
Detecting Errors and Estimating Accuracy on Unlabeled Data with Self-training Ensembles
This observation leads to two challenging tasks: (1) unsupervised accuracy estimation, which aims to estimate the accuracy of a pre-trained classifier on a set of unlabeled test inputs; (2) error detection, which aims to identify mis-classified test inputs.
Towards Adversarial Robustness via Transductive Learning
Compared to traditional "test-time" defenses, these defense mechanisms "dynamically retrain" the model based on test time input via transductive learning; and theoretically, attacking these defenses boils down to bilevel optimization, which seems to raise the difficulty for adaptive attacks.
Imperceptible Adversarial Examples for Fake Image Detection
Fooling people with highly realistic fake images generated with Deepfake or GANs brings a great social disturbance to our society.
Transferable Adversarial Examples for Anchor Free Object Detection
Deep neural networks have been demonstrated to be vulnerable to adversarial attacks: subtle perturbation can completely change prediction result.
Deep Learning based Multi-modal Computing with Feature Disentanglement for MRI Image Synthesis
To take full advantage of the complementary information provided by different modalities, multi-modal MRI sequences are utilized as input.
Racetrack microresonator based electro-optic phase shifters on a 3C-silicon-carbide-on-insulator platform
We report the first demonstration of integrated electro-optic (EO) phase shifters based on racetrack microresonators on a 3C-silicon-carbide-on-insulator (SiCOI) platform working at near-infrared (NIR) wavelengths.
Optics Applied Physics
Multilayer Haldane model
We propose the model of layered materials, in which each layer is described by the conventional Haldane model, while the inter - layer hopping parameter corresponds to the ABC stacking.
Mesoscale and Nanoscale Physics
Test-Time Adaptation and Adversarial Robustness
On the positive side, we show that, if one is allowed to access the training data, then Domain Adversarial Neural Networks (${\sf DANN}$), an algorithm designed for unsupervised domain adaptation, can provide nontrivial robustness in the test-time maximin threat model against strong transfer attacks and adaptive fixed point attacks.
Fast Local Attack: Generating Local Adversarial Examples for Object Detectors
The deep neural network is vulnerable to adversarial examples.
ASMFS: Adaptive-Similarity-based Multi-modality Feature Selection for Classification of Alzheimer's Disease
With the increasing amounts of high-dimensional heterogeneous data to be processed, multi-modality feature selection has become an important research direction in medical image analysis.
Informative Outlier Matters: Robustifying Out-of-distribution Detection Using Outlier Mining
We show that, by mining informative auxiliary OOD data, one can significantly improve OOD detection performance, and somewhat surprisingly, generalize to unseen adversarial attacks.
ATOM: Robustifying Out-of-distribution Detection Using Outlier Mining
We show that, by mining informative auxiliary OOD data, one can significantly improve OOD detection performance, and somewhat surprisingly, generalize to unseen adversarial attacks.
DSU-net: Dense SegU-net for automatic head-and-neck tumor segmentation in MR images
In this paper, we propose a Dense SegU-net (DSU-net) framework for automatic NPC segmentation in MRI.
Representation Bayesian Risk Decompositions and Multi-Source Domain Adaptation
Recent studies provide hints and failure examples for domain invariant representation learning, a common approach for this problem, but the explanations provided are somewhat different and do not provide a unified picture.
Robust Out-of-distribution Detection for Neural Networks
Formally, we extensively study the problem of Robust Out-of-Distribution Detection on common OOD detection approaches, and show that state-of-the-art OOD detectors can be easily fooled by adding small perturbations to the in-distribution and OOD inputs.
Category-wise Attack: Transferable Adversarial Examples for Anchor Free Object Detection
Deep neural networks have been demonstrated to be vulnerable to adversarial attacks: subtle perturbations can completely change the classification results.
Robust Multimodal Image Registration Using Deep Recurrent Reinforcement Learning
To this end, these two components are tackled in an end-to-end manner via reinforcement learning in this work.
Discovery of Bias and Strategic Behavior in Crowdsourced Performance Assessment
With the industry trend of shifting from a traditional hierarchical approach to flatter management structure, crowdsourced performance assessment gained mainstream popularity.
Rearchitecting Classification Frameworks For Increased Robustness
and how to design a classification paradigm that leverages these invariances to improve the robustness accuracy trade-off?
Robust Attribution Regularization
An emerging problem in trustworthy machine learning is to train models that produce robust interpretations for their predictions.
Concise Explanations of Neural Networks using Adversarial Training
Our first contribution is a theoretical exploration of how these two properties (when using attributions based on Integrated Gradients, or IG) are related to adversarial training, for a class of 1-layer networks (which includes logistic regression models for binary and multi-class classification); for these networks we show that (a) adversarial training using an $\ell_\infty$-bounded adversary produces models with sparse attribution vectors, and (b) natural model-training while encouraging stable explanations (via an extra term in the loss function), is equivalent to adversarial training.
Towards Understanding Limitations of Pixel Discretization Against Adversarial Attacks
We analyze our results in a theoretical framework and offer strong evidence that pixel discretization is unlikely to work on all but the simplest of the datasets.
The Manifold Assumption and Defenses Against Adversarial Perturbations
Interestingly, we find that a recent objective by Madry et al. encourages training a model that satisfies well our formal version of the goodness property, but has a weak control of points that are wrong but with low confidence.
Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training
In this paper we study leveraging confidence information induced by adversarial training to reinforce adversarial robustness of a given adversarially trained model.
Tuple-oriented Compression for Large-scale Mini-batch Stochastic Gradient Descent
We fill this crucial research gap by proposing a new lossless compression scheme we call tuple-oriented compression (TOC) that is inspired by an unlikely source, the string/text compression scheme Lempel-Ziv-Welch, but tailored to MGD in a way that preserves tuple boundaries within mini-batches.
Bolt-on Differential Privacy for Scalable Stochastic Gradient Descent-based Analytics
This paper takes a first step to remedy this disconnect and proposes a private SGD algorithm to address \emph{both} issues in an integrated manner.
Revisiting Differentially Private Regression: Lessons From Learning Theory and their Consequences
Perhaps more importantly, our theory reveals that the most basic mechanism in differential privacy, output perturbation, can be used to obtain a better tradeoff for all convex-Lipschitz-bounded learning tasks.
Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks
In this work, we introduce a defensive mechanism called defensive distillation to reduce the effectiveness of adversarial samples on DNNs.
