657 research outputs found
Discovering Galaxy Features via Dataset Distillation
In many applications, Neural Nets (NNs) have classification performance on
par or even exceeding human capacity. Moreover, it is likely that NNs leverage
underlying features that might differ from those humans perceive to classify.
Can we "reverse-engineer" pertinent features to enhance our scientific
understanding? Here, we apply this idea to the notoriously difficult task of
galaxy classification: NNs have reached high performance for this task, but
what does a neural net (NN) "see" when it classifies galaxies? Are there
morphological features that the human eye might overlook that could help with
the task and provide new insights? Can we visualize tracers of early evolution,
or additionally incorporated spectral data? We present a novel way to summarize
and visualize galaxy morphology through the lens of neural networks, leveraging
Dataset Distillation, a recent deep-learning methodology with the primary
objective to distill knowledge from a large dataset and condense it into a
compact synthetic dataset, such that a model trained on this synthetic dataset
achieves performance comparable to a model trained on the full dataset. We
curate a class-balanced, medium-size high-confidence version of the Galaxy Zoo
2 dataset, and proceed with dataset distillation from our accurate
NN-classifier to create synthesized prototypical images of galaxy morphological
features, demonstrating its effectiveness. Of independent interest, we
introduce a self-adaptive version of the state-of-the-art Matching Trajectory
algorithm to automate the distillation process, and show enhanced performance
on computer vision benchmarks.Comment: Accepted to NeurIPS Workshop on Machine Learning and the Physical
Sciences, 202
Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning
Learning-based pattern classifiers, including deep networks, have shown
impressive performance in several application domains, ranging from computer
vision to cybersecurity. However, it has also been shown that adversarial input
perturbations carefully crafted either at training or at test time can easily
subvert their predictions. The vulnerability of machine learning to such wild
patterns (also referred to as adversarial examples), along with the design of
suitable countermeasures, have been investigated in the research field of
adversarial machine learning. In this work, we provide a thorough overview of
the evolution of this research area over the last ten years and beyond,
starting from pioneering, earlier work on the security of non-deep learning
algorithms up to more recent work aimed to understand the security properties
of deep learning algorithms, in the context of computer vision and
cybersecurity tasks. We report interesting connections between these
apparently-different lines of work, highlighting common misconceptions related
to the security evaluation of machine-learning algorithms. We review the main
threat models and attacks defined to this end, and discuss the main limitations
of current work, along with the corresponding future challenges towards the
design of more secure learning algorithms.Comment: Accepted for publication on Pattern Recognition, 201
Right for the Right Reasons: Training Differentiable Models by Constraining their Explanations
Neural networks are among the most accurate supervised learning methods in
use today, but their opacity makes them difficult to trust in critical
applications, especially when conditions in training differ from those in test.
Recent work on explanations for black-box models has produced tools (e.g. LIME)
to show the implicit rules behind predictions, which can help us identify when
models are right for the wrong reasons. However, these methods do not scale to
explaining entire datasets and cannot correct the problems they reveal. We
introduce a method for efficiently explaining and regularizing differentiable
models by examining and selectively penalizing their input gradients, which
provide a normal to the decision boundary. We apply these penalties both based
on expert annotation and in an unsupervised fashion that encourages diverse
models with qualitatively different decision boundaries for the same
classification problem. On multiple datasets, we show our approach generates
faithful explanations and models that generalize much better when conditions
differ between training and test
- …