8 research outputs found
Unsupervised Discovery of 3D Hierarchical Structure with Generative Diffusion Features
Inspired by recent findings that generative diffusion models learn
semantically meaningful representations, we use them to discover the intrinsic
hierarchical structure in biomedical 3D images using unsupervised segmentation.
We show that features of diffusion models from different stages of a
U-Net-based ladder-like architecture capture different hierarchy levels in 3D
biomedical images. We design three losses to train a predictive unsupervised
segmentation network that encourages the decomposition of 3D volumes into
meaningful nested subvolumes that represent a hierarchy. First, we pretrain 3D
diffusion models and use the consistency of their features across subvolumes.
Second, we use the visual consistency between subvolumes. Third, we use the
invariance to photometric augmentations as a regularizer. Our models achieve
better performance than prior unsupervised structure discovery approaches on
challenging biologically-inspired synthetic datasets and on a real-world brain
tumor MRI dataset.Comment: MICCAI 202
Adversarial Turing Patterns from Cellular Automata
State-of-the-art deep classifiers are intriguingly vulnerable to universal
adversarial perturbations: single disturbances of small magnitude that lead to
misclassification of most in-puts. This phenomena may potentially result in a
serious security problem. Despite the extensive research in this area,there is
a lack of theoretical understanding of the structure of these perturbations. In
image domain, there is a certain visual similarity between patterns, that
represent these perturbations, and classical Turing patterns, which appear as a
solution of non-linear partial differential equations and are underlying
concept of many processes in nature. In this paper,we provide a theoretical
bridge between these two different theories, by mapping a simplified algorithm
for crafting universal perturbations to (inhomogeneous) cellular automata,the
latter is known to generate Turing patterns. Furthermore,we propose to use
Turing patterns, generated by cellular automata, as universal perturbations,
and experimentally show that they significantly degrade the performance of deep
learning models. We found this method to be a fast and efficient way to create
a data-agnostic quasi-imperceptible perturbation in the black-box scenario. The
source code is available at https://github.com/NurislamT/advTuring.Comment: Published as a conference paper at AAAI 2021 (camera-ready version
Smoothed Embeddings for Certified Few-Shot Learning
Randomized smoothing is considered to be the state-of-the-art provable
defense against adversarial perturbations. However, it heavily exploits the
fact that classifiers map input objects to class probabilities and do not focus
on the ones that learn a metric space in which classification is performed by
computing distances to embeddings of classes prototypes. In this work, we
extend randomized smoothing to few-shot learning models that map inputs to
normalized embeddings. We provide analysis of Lipschitz continuity of such
models and derive robustness certificate against -bounded perturbations
that may be useful in few-shot learning scenarios. Our theoretical results are
confirmed by experiments on different datasets
Data Driven Chiller Plant Energy Optimization with Domain Knowledge
Refrigeration and chiller optimization is an important and well studied topic
in mechanical engineering, mostly taking advantage of physical models, designed
on top of over-simplified assumptions, over the equipments. Conventional
optimization techniques using physical models make decisions of online
parameter tuning, based on very limited information of hardware specifications
and external conditions, e.g., outdoor weather. In recent years, new generation
of sensors is becoming essential part of new chiller plants, for the first time
allowing the system administrators to continuously monitor the running status
of all equipments in a timely and accurate way. The explosive growth of data
flowing to databases, driven by the increasing analytical power by machine
learning and data mining, unveils new possibilities of data-driven approaches
for real-time chiller plant optimization. This paper presents our research and
industrial experience on the adoption of data models and optimizations on
chiller plant and discusses the lessons learnt from our practice on real world
plants. Instead of employing complex machine learning models, we emphasize the
incorporation of appropriate domain knowledge into data analysis tools, which
turns out to be the key performance improver over state-of-the-art deep
learning techniques by a significant margin. Our empirical evaluation on a real
world chiller plant achieves savings by more than 7% on daily power
consumption.Comment: CIKM2017. Proceedings of the 26th ACM International Conference on
Information and Knowledge Management. 201
CC-CERT: A Probabilistic Approach to Certify General Robustness of Neural Networks
In safety-critical machine learning applications, it is crucial to defend models against adversarial attacks --- small modifications of the input that change the predictions. Besides rigorously studied -bounded additive perturbations, semantic perturbations (e.g. rotation, translation) raise a serious concern on deploying ML systems in real-world. Therefore, it is important to provide provable guarantees for deep learning models against semantically meaningful input transformations. In this paper, we propose a new universal probabilistic certification approach based on Chernoff-Cramer bounds that can be used in general attack settings. We estimate the probability of a model to fail if the attack is sampled from a certain distribution. Our theoretical findings are supported by experimental results on different datasets