9 research outputs found
Towards Understanding Adversarial Robustness of Optical Flow Networks
Recent work demonstrated the lack of robustness of optical flow networks to
physical, patch-based adversarial attacks. The possibility to physically attack
a basic component of automotive systems is a reason for serious concerns. In
this paper, we analyze the cause of the problem and show that the lack of
robustness is rooted in the classical aperture problem of optical flow
estimation in combination with bad choices in the details of the network
architecture. We show how these mistakes can be rectified in order to make
optical flow networks robust to physical, patch-based attacks. Additionally, we
take a look at global white-box attacks in the scope of optical flow. We find
that targeted white-box attacks can be crafted to bias flow estimation models
towards any desired output, but this requires access to the input images and
model weights. Our results indicate that optical flow networks are robust to
universal attacks
Latent Diffusion Counterfactual Explanations
Counterfactual explanations have emerged as a promising method for
elucidating the behavior of opaque black-box models. Recently, several works
leveraged pixel-space diffusion models for counterfactual generation. To handle
noisy, adversarial gradients during counterfactual generation -- causing
unrealistic artifacts or mere adversarial perturbations -- they required either
auxiliary adversarially robust models or computationally intensive guidance
schemes. However, such requirements limit their applicability, e.g., in
scenarios with restricted access to the model's training data. To address these
limitations, we introduce Latent Diffusion Counterfactual Explanations (LDCE).
LDCE harnesses the capabilities of recent class- or text-conditional foundation
latent diffusion models to expedite counterfactual generation and focus on the
important, semantic parts of the data. Furthermore, we propose a novel
consensus guidance mechanism to filter out noisy, adversarial gradients that
are misaligned with the diffusion model's implicit classifier. We demonstrate
the versatility of LDCE across a wide spectrum of models trained on diverse
datasets with different learning paradigms. Finally, we showcase how LDCE can
provide insights into model errors, enhancing our understanding of black-box
model behavior
Eureka-Moments in Transformers: Multi-Step Tasks Reveal Softmax Induced Optimization Problems
In this work, we study rapid, step-wise improvements of the loss in
transformers when being confronted with multi-step decision tasks. We found
that transformers struggle to learn the intermediate tasks, whereas CNNs have
no such issue on the tasks we studied. When transformers learn the intermediate
task, they do this rapidly and unexpectedly after both training and validation
loss saturated for hundreds of epochs. We call these rapid improvements
Eureka-moments, since the transformer appears to suddenly learn a previously
incomprehensible task. Similar leaps in performance have become known as
Grokking. In contrast to Grokking, for Eureka-moments, both the validation and
the training loss saturate before rapidly improving. We trace the problem back
to the Softmax function in the self-attention block of transformers and show
ways to alleviate the problem. These fixes improve training speed. The improved
models reach 95% of the baseline model in just 20% of training steps while
having a much higher likelihood to learn the intermediate task, lead to higher
final accuracy and are more robust to hyper-parameters
Construction of Hierarchical Neural Architecture Search Spaces based on Context-free Grammars
The discovery of neural architectures from simple building blocks is a
long-standing goal of Neural Architecture Search (NAS). Hierarchical search
spaces are a promising step towards this goal but lack a unifying search space
design framework and typically only search over some limited aspect of
architectures. In this work, we introduce a unifying search space design
framework based on context-free grammars that can naturally and compactly
generate expressive hierarchical search spaces that are 100s of orders of
magnitude larger than common spaces from the literature. By enhancing and using
their properties, we effectively enable search over the complete architecture
and can foster regularity. Further, we propose an efficient hierarchical kernel
design for a Bayesian Optimization search strategy to efficiently search over
such huge spaces. We demonstrate the versatility of our search space design
framework and show that our search strategy can be superior to existing NAS
approaches. Code is available at
https://github.com/automl/hierarchical_nas_construction
Identification of 15 new psoriasis susceptibility loci highlights the role of innate immunity
To gain further insight into the genetic architecture of psoriasis, we conducted a meta-analysis of 3 genome-wide association studies (GWAS) and 2 independent data sets genotyped on the Immunochip, including 10,588 cases and 22,806 controls. We identified 15 new susceptibility loci, increasing to 36 the number associated with psoriasis in European individuals. We also identified, using conditional analyses, five independent signals within previously known loci. The newly identified loci shared with other autoimmune diseases include candidate genes with roles in regulating T-cell function (such as RUNX3, TAGAP and STAT3). Notably, they included candidate genes whose products are involved in innate host defense, including interferon-mediated antiviral responses (DDX58), macrophage activation (ZC3H12C) and nuclear factor (NF)-κB signaling (CARD14 and CARM1). These results portend a better understanding of shared and distinctive genetic determinants of immune-mediated inflammatory disorders and emphasize the importance of the skin in innate and acquired host defense