Publications
At ELSA, we aim to inspire and share knowledge within our network and beyond. The collection of publications below provides an overview of both the network’s own output and research we support. Labels distinguish the categories.
Please note that this list makes no claims of being complete. If you have published a paper which is related to ELSA and should be listed, please reach out to our Press and Communications team.
2024
Kangin, Dmitry; Angelov, Plamen P.
Unsupervised Domain Adaptation within Deep Foundation Latent Spaces Journal Article
In: ArXiv, vol. abs/2402.14976, 2024.
@article{Kangin2024UnsupervisedDA,
title = {Unsupervised Domain Adaptation within Deep Foundation Latent Spaces},
author = {Dmitry Kangin and Plamen P. Angelov},
url = {https://api.semanticscholar.org/CorpusID:267897989},
year = {2024},
date = {2024-01-01},
journal = {ArXiv},
volume = {abs/2402.14976},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Pellicer, Alvaro Lopez; Li, Yi; Angelov, Plamen
PUDD: Towards Robust Multi-modal Prototype-based Deepfake Detection Proceedings Article
In: 2024.
@inproceedings{inproceedings,
title = {PUDD: Towards Robust Multi-modal Prototype-based Deepfake Detection},
author = {Alvaro Lopez Pellicer and Yi Li and Plamen Angelov},
doi = {10.1109/CVPRW63382.2024.00385},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Li, Yi; Sun, Yang; Angelov, Plamen
Complex-Cycle-Consistent Diffusion Model for Monaural Speech Enhancement Journal Article
In: CoRR, vol. abs/2412.08856, 2024.
@article{DBLP:journals/corr/abs-2412-08856,
title = {Complex-Cycle-Consistent Diffusion Model for Monaural Speech Enhancement},
author = {Yi Li and Yang Sun and Plamen Angelov},
url = {https://doi.org/10.48550/arXiv.2412.08856},
doi = {10.48550/ARXIV.2412.08856},
year = {2024},
date = {2024-01-01},
journal = {CoRR},
volume = {abs/2412.08856},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Zverev, Egor; Abdelnabi, Sahar; Fritz, Mario; Lampert, Christoph H.
Can LLMs Separate Instructions From Data? And What Do We Even Mean By That? Proceedings Article
In: ICLR 2024 Workshop on Secure and Trustworthy Large Language Models, 2024.
@inproceedings{zverev2024can,
title = {Can LLMs Separate Instructions From Data? And What Do We Even Mean By That?},
author = {Egor Zverev and Sahar Abdelnabi and Mario Fritz and Christoph H. Lampert},
url = {https://openreview.net/forum?id=32eytC1Nt1},
year = {2024},
date = {2024-01-01},
booktitle = {ICLR 2024 Workshop on Secure and Trustworthy Large Language Models},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Chen, Dingfan; Kerkouche, Raouf; Fritz, Mario
A Unified View of Differentially Private Deep Generative Modeling Journal Article
In: Transactions on Machine Learning Research, 2024, ISSN: 2835-8856, (Survey Certification).
@article{chen2024a,
title = {A Unified View of Differentially Private Deep Generative Modeling},
author = {Dingfan Chen and Raouf Kerkouche and Mario Fritz},
url = {https://openreview.net/forum?id=YgmBD2c9qX},
issn = {2835-8856},
year = {2024},
date = {2024-01-01},
journal = {Transactions on Machine Learning Research},
note = {Survey Certification},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Zhang, Ziyang; Angelov, Plamen P.; Kangin, Dmitry; Long’ep’e, Nicolas
IMAFD: An Interpretable Multi-stage Approach to Flood Detection from time series Multispectral Data Journal Article
In: ArXiv, vol. abs/2405.07916, 2024.
@article{Zhang2024IMAFDAI,
title = {IMAFD: An Interpretable Multi-stage Approach to Flood Detection from time series Multispectral Data},
author = {Ziyang Zhang and Plamen P. Angelov and Dmitry Kangin and Nicolas Long'ep'e},
url = {https://api.semanticscholar.org/CorpusID:269757928},
year = {2024},
date = {2024-01-01},
journal = {ArXiv},
volume = {abs/2405.07916},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Li, Yi; Angelov, Plamen P
Explainable Audio-Visual Representation Learning via Prototypical Contrastive Masked Autoencoder Proceedings Article
In: NeurIPS 2024 Workshop: Self-Supervised Learning – Theory and Practice, 2024.
@inproceedings{li2024explainable,
title = {Explainable Audio-Visual Representation Learning via Prototypical Contrastive Masked Autoencoder},
author = {Yi Li and Plamen P Angelov},
url = {https://openreview.net/forum?id=ZLPVS0T4lc},
year = {2024},
date = {2024-01-01},
booktitle = {NeurIPS 2024 Workshop: Self-Supervised Learning - Theory and Practice},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Kapoor, Sanyam; Gruver, Nate; Roberts, Manley; Collins, Katherine; Pal, Arka; Bhatt, Umang; Weller, Adrian; Dooley, Samuel; Goldblum, Micah; Wilson, Andrew Gordon
Large Language Models Must Be Taught to Know What They Don’t Know Miscellaneous
2024.
@misc{kapoor2024largelanguagemodelstaught,
title = {Large Language Models Must Be Taught to Know What They Don't Know},
author = {Sanyam Kapoor and Nate Gruver and Manley Roberts and Katherine Collins and Arka Pal and Umang Bhatt and Adrian Weller and Samuel Dooley and Micah Goldblum and Andrew Gordon Wilson},
url = {https://arxiv.org/abs/2406.08391},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Borlino, Francesco Cappio; Lu, Lorenzo; Tommasi, Tatiana
Foundation Models and Fine-Tuning: A Benchmark for Out of Distribution Detection Journal Article
In: IEEE Access, vol. 12, pp. 79401-79414, 2024, ISSN: 2169-3536.
@article{10547247,
title = {Foundation Models and Fine-Tuning: A Benchmark for Out of Distribution Detection},
author = {Francesco Cappio Borlino and Lorenzo Lu and Tatiana Tommasi},
doi = {10.1109/ACCESS.2024.3409587},
issn = {2169-3536},
year = {2024},
date = {2024-01-01},
journal = {IEEE Access},
volume = {12},
pages = {79401-79414},
abstract = {The rise of foundation models is pushing Computer Vision research towards a paradigm shift, in the wake of what already happened in the Natural Language Processing field. These models, trained at scale on huge data collections, provide high-quality representations that generalize well enough to be applied directly to downstream tasks, often outperforming task-specific models. The Out Of Distribution (OOD) detection problem, which involves the ability to recognize when test samples come from a previously unseen semantic category, represents one of the research fields in which this paradigm shift could have the greatest impact. However, existing testbeds are limited in scale and scope and get easily saturated when adopting foundation-based pretrainings. With this work, we introduce a new benchmark covering realistic yet harder OOD detection tasks to properly assess the performance of large pretrained models. We design an experimental framework to analyze specific choices in the model learning and use (which dataset, pretraining objective, OOD scoring function) and extensively evaluate the comparison to standard approaches that leverage a training phase on the available In Distribution (ID) data. The results highlight the actual performance benefits of leveraging foundation models in this context without any further learning effort, and identify situations where task-specific fine-tuning remains the best choice.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The rise of foundation models is pushing Computer Vision research towards a paradigm shift, in the wake of what already happened in the Natural Language Processing field. These models, trained at scale on huge data collections, provide high-quality representations that generalize well enough to be applied directly to downstream tasks, often outperforming task-specific models. The Out Of Distribution (OOD) detection problem, which involves the ability to recognize when test samples come from a previously unseen semantic category, represents one of the research fields in which this paradigm shift could have the greatest impact. However, existing testbeds are limited in scale and scope and get easily saturated when adopting foundation-based pretrainings. With this work, we introduce a new benchmark covering realistic yet harder OOD detection tasks to properly assess the performance of large pretrained models. We design an experimental framework to analyze specific choices in the model learning and use (which dataset, pretraining objective, OOD scoring function) and extensively evaluate the comparison to standard approaches that leverage a training phase on the available In Distribution (ID) data. The results highlight the actual performance benefits of leveraging foundation models in this context without any further learning effort, and identify situations where task-specific fine-tuning remains the best choice.
Rai, Shyam Nandan; Cermelli, Fabio; Caputo, Barbara; Masone, Carlo
Mask2Anomaly: Mask Transformer for Universal Open-Set Segmentation Journal Article
In: IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 46, no. 12, pp. 9286-9302, 2024.
@article{10574844,
title = {Mask2Anomaly: Mask Transformer for Universal Open-Set Segmentation},
author = {Shyam Nandan Rai and Fabio Cermelli and Barbara Caputo and Carlo Masone},
doi = {10.1109/TPAMI.2024.3419055},
year = {2024},
date = {2024-01-01},
journal = {IEEE Transactions on Pattern Analysis and Machine Intelligence},
volume = {46},
number = {12},
pages = {9286-9302},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Iurada, Leonardo; Ciccone, Marco; Tommasi, Tatiana
Finding Lottery Tickets in Vision Models via Data-Driven Spectral Foresight Pruning Journal Article
In: 2024 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pp. 16142-16151, 2024.
@article{Iurada2024FindingLT,
title = {Finding Lottery Tickets in Vision Models via Data-Driven Spectral Foresight Pruning},
author = {Leonardo Iurada and Marco Ciccone and Tatiana Tommasi},
url = {https://api.semanticscholar.org/CorpusID:270226621},
year = {2024},
date = {2024-01-01},
journal = {2024 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},
pages = {16142-16151},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Iurada, Leonardo; Bucci, Silvia; Hospedales, Timothy M.; Tommasi, Tatiana
Fairness Meets Cross-Domain Learning: A Benchmark of Models and Metrics Journal Article
In: IEEE Access, vol. 12, pp. 47854-47867, 2024, ISSN: 2169-3536.
@article{10487929,
title = {Fairness Meets Cross-Domain Learning: A Benchmark of Models and Metrics},
author = {Leonardo Iurada and Silvia Bucci and Timothy M. Hospedales and Tatiana Tommasi},
doi = {10.1109/ACCESS.2024.3383841},
issn = {2169-3536},
year = {2024},
date = {2024-01-01},
journal = {IEEE Access},
volume = {12},
pages = {47854-47867},
abstract = {Deep learning-based recognition systems are deployed at scale for real-world applications that inevitably involve our social life. Although of great support when making complex decisions, they might capture spurious data correlations and leverage sensitive attributes (e.g., age, gender, ethnicity). How to factor out this information while maintaining high performance is a problem with several open questions, many of which are shared with those of the domain adaptation and generalization literature which aims at avoiding visual domain biases. In this work, we propose an in-depth study of the relationship between cross-domain learning (CD) and model fairness, by experimentally evaluating 14 CD approaches together with 3 state-of-the-art fairness algorithms on 5 datasets of faces and medical images spanning several demographic groups. We consider attribute classification and landmark detection tasks: the latter is introduced here for the first time in the fairness literature, showing how keypoint localization may be affected by sensitive attribute biases. To assess the analyzed methods, we adopt widely used evaluation metrics while also presenting their limits with a detailed review. Moreover, we propose a new Harmonic Fairness (HF) score that can ease unfairness mitigation model comparisons. Overall, our work shows how CD approaches can outperform state-of-the-art fairness algorithms and defines a framework with dataset and metrics as well as a code suite to pave the way for a more systematic analysis of fairness problems in computer vision (Code available at: https://github.com/iurada/fairness_crossdomain).},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Deep learning-based recognition systems are deployed at scale for real-world applications that inevitably involve our social life. Although of great support when making complex decisions, they might capture spurious data correlations and leverage sensitive attributes (e.g., age, gender, ethnicity). How to factor out this information while maintaining high performance is a problem with several open questions, many of which are shared with those of the domain adaptation and generalization literature which aims at avoiding visual domain biases. In this work, we propose an in-depth study of the relationship between cross-domain learning (CD) and model fairness, by experimentally evaluating 14 CD approaches together with 3 state-of-the-art fairness algorithms on 5 datasets of faces and medical images spanning several demographic groups. We consider attribute classification and landmark detection tasks: the latter is introduced here for the first time in the fairness literature, showing how keypoint localization may be affected by sensitive attribute biases. To assess the analyzed methods, we adopt widely used evaluation metrics while also presenting their limits with a detailed review. Moreover, we propose a new Harmonic Fairness (HF) score that can ease unfairness mitigation model comparisons. Overall, our work shows how CD approaches can outperform state-of-the-art fairness algorithms and defines a framework with dataset and metrics as well as a code suite to pave the way for a more systematic analysis of fairness problems in computer vision (Code available at: https://github.com/iurada/fairness_crossdomain).
Vu, Tuan-Hung; Valle, Eduardo; Bursuc, Andrei; Kerssies, Tommie; Geus, Daan; Dubbelman, Gijs; Qian, Long; Zhu, Bingke; Chen, Yingying; Tang, Ming; Wang, Jinqiao; Vojíř, Tomáš; Šochman, Jan; Matas, Jiří; Smith, Michael; Ferrie, Frank; Basu, Shamik; Sakaridis, Christos; Gool, Luc
The BRAVO Semantic Segmentation Challenge Results in UNCV2024 unknown
2024.
@unknown{unknownb,
title = {The BRAVO Semantic Segmentation Challenge Results in UNCV2024},
author = {Tuan-Hung Vu and Eduardo Valle and Andrei Bursuc and Tommie Kerssies and Daan Geus and Gijs Dubbelman and Long Qian and Bingke Zhu and Yingying Chen and Ming Tang and Jinqiao Wang and Tomáš Vojíř and Jan Šochman and Jiří Matas and Michael Smith and Frank Ferrie and Shamik Basu and Christos Sakaridis and Luc Gool},
doi = {10.48550/arXiv.2409.15107},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {unknown}
}
Hariat, Marwane; Laurent, Olivier; Kazmierczak, Rémi; Zhang, Shihao; Bursuc, Andrei; Yao, Angela; Franchi, Gianni
Learning to generate training datasets for robust semantic segmentation Proceedings Article
In: 2024 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV), pp. 3882-3893, 2024, ISSN: 2642-9381.
@inproceedings{10484317,
title = {Learning to generate training datasets for robust semantic segmentation},
author = {Marwane Hariat and Olivier Laurent and Rémi Kazmierczak and Shihao Zhang and Andrei Bursuc and Angela Yao and Gianni Franchi},
doi = {10.1109/WACV57701.2024.00385},
issn = {2642-9381},
year = {2024},
date = {2024-01-01},
booktitle = {2024 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV)},
pages = {3882-3893},
abstract = {Semantic segmentation methods have advanced significantly. Still, their robustness to real-world perturbations and object types not seen during training remains a challenge, particularly in safety-critical applications. We propose a novel approach to improve the robustness of semantic segmentation techniques by leveraging the synergy between label-to-image generators and image-to-label segmentation models. Specifically, we design Robusta, a novel robust conditional generative adversarial network to generate realistic and plausible perturbed images that can be used to train reliable segmentation models. We conduct in-depth studies of the proposed generative model, assess the performance and robustness of the downstream segmentation network, and demonstrate that our approach can significantly enhance the robustness in the face of real-world perturbations, distribution shifts, and out-of-distribution samples. Our results suggest that this approach could be valuable in safety-critical applications, where the reliability of perception modules such as semantic segmentation is of utmost importance and comes with a limited computational budget in inference. We release our code at github.com/ENSTA-U2IS/robusta.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Semantic segmentation methods have advanced significantly. Still, their robustness to real-world perturbations and object types not seen during training remains a challenge, particularly in safety-critical applications. We propose a novel approach to improve the robustness of semantic segmentation techniques by leveraging the synergy between label-to-image generators and image-to-label segmentation models. Specifically, we design Robusta, a novel robust conditional generative adversarial network to generate realistic and plausible perturbed images that can be used to train reliable segmentation models. We conduct in-depth studies of the proposed generative model, assess the performance and robustness of the downstream segmentation network, and demonstrate that our approach can significantly enhance the robustness in the face of real-world perturbations, distribution shifts, and out-of-distribution samples. Our results suggest that this approach could be valuable in safety-critical applications, where the reliability of perception modules such as semantic segmentation is of utmost importance and comes with a limited computational budget in inference. We release our code at github.com/ENSTA-U2IS/robusta.
Zhang, Xiyue; Wang, Zifan; Gao, Yulong; Romao, Licio; Abate, Alessandro; Kwiatkowska, Marta
Risk-Averse Certification of Bayesian Neural Networks Miscellaneous
2024.
@misc{zhang2024riskaversecertificationbayesianneural,
title = {Risk-Averse Certification of Bayesian Neural Networks},
author = {Xiyue Zhang and Zifan Wang and Yulong Gao and Licio Romao and Alessandro Abate and Marta Kwiatkowska},
url = {https://arxiv.org/abs/2411.19729},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Chen, Jialuo; Wang, Jingyi; Zhang, Xiyue; Sun, Youcheng; Kwiatkowska, Marta; Chen, Jiming; Cheng, Peng
FAST: Boosting Uncertainty-based Test Prioritization Methods for Neural Networks via Feature Selection Proceedings Article
In: Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering, pp. 895–906, Association for Computing Machinery, Sacramento, CA, USA, 2024, ISBN: 9798400712487.
@inproceedings{10.1145/3691620.3695472,
title = {FAST: Boosting Uncertainty-based Test Prioritization Methods for Neural Networks via Feature Selection},
author = {Jialuo Chen and Jingyi Wang and Xiyue Zhang and Youcheng Sun and Marta Kwiatkowska and Jiming Chen and Peng Cheng},
url = {https://doi.org/10.1145/3691620.3695472},
doi = {10.1145/3691620.3695472},
isbn = {9798400712487},
year = {2024},
date = {2024-01-01},
booktitle = {Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering},
pages = {895–906},
publisher = {Association for Computing Machinery},
address = {Sacramento, CA, USA},
series = {ASE '24},
abstract = {Due to the vast testing space, the increasing demand for effective and efficient testing of deep neural networks (DNNs) has led to the development of various DNN test case prioritization techniques. However, the fact that DNNs can deliver high-confidence predictions for incorrectly predicted examples, known as the over-confidence problem, causes these methods to fail to reveal high-confidence errors. To address this limitation, in this work, we propose FAST, a method that boosts existing prioritization methods through guided FeAture SelecTion. FAST is based on the insight that certain features may introduce noise that affects the model's output confidence, thereby contributing to high-confidence errors. It quantifies the importance of each feature for the model's correct predictions, and then dynamically prunes the information from the noisy features during inference to derive a new probability vector for the uncertainty estimation. With the help of FAST, the high-confidence errors and correctly classified examples become more distinguishable, resulting in higher APFD (Average Percentage of Fault Detection) values for test prioritization, and higher generalization ability for model enhancement. We conduct extensive experiments to evaluate FAST across a diverse set of model structures on multiple benchmark datasets to validate the effectiveness, efficiency, and scalability of FAST compared to the state-of-the-art prioritization techniques.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Due to the vast testing space, the increasing demand for effective and efficient testing of deep neural networks (DNNs) has led to the development of various DNN test case prioritization techniques. However, the fact that DNNs can deliver high-confidence predictions for incorrectly predicted examples, known as the over-confidence problem, causes these methods to fail to reveal high-confidence errors. To address this limitation, in this work, we propose FAST, a method that boosts existing prioritization methods through guided FeAture SelecTion. FAST is based on the insight that certain features may introduce noise that affects the model’s output confidence, thereby contributing to high-confidence errors. It quantifies the importance of each feature for the model’s correct predictions, and then dynamically prunes the information from the noisy features during inference to derive a new probability vector for the uncertainty estimation. With the help of FAST, the high-confidence errors and correctly classified examples become more distinguishable, resulting in higher APFD (Average Percentage of Fault Detection) values for test prioritization, and higher generalization ability for model enhancement. We conduct extensive experiments to evaluate FAST across a diverse set of model structures on multiple benchmark datasets to validate the effectiveness, efficiency, and scalability of FAST compared to the state-of-the-art prioritization techniques.
Zhang, Xiyue; Wang, Benjie; Kwiatkowska, Marta; Zhang, Huan
PREMAP: A Unifying PREiMage APproximation Framework for Neural Networks unknown
2024.
@unknown{unknown,
title = {PREMAP: A Unifying PREiMage APproximation Framework for Neural Networks},
author = {Xiyue Zhang and Benjie Wang and Marta Kwiatkowska and Huan Zhang},
doi = {10.48550/arXiv.2408.09262},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {unknown}
}
Kumar, Sreejan; Marjieh, Raja; Zhang, Byron; Campbell, Declan; Hu, Michael Y.; Bhatt, Umang; Lake, Brenden; Griffiths, Thomas L.
Comparing Abstraction in Humans and Large Language Models Using Multimodal Serial Reproduction Miscellaneous
2024.
@misc{kumar2024comparingabstractionhumanslarge,
title = {Comparing Abstraction in Humans and Large Language Models Using Multimodal Serial Reproduction},
author = {Sreejan Kumar and Raja Marjieh and Byron Zhang and Declan Campbell and Michael Y. Hu and Umang Bhatt and Brenden Lake and Thomas L. Griffiths},
url = {https://arxiv.org/abs/2402.03618},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Lorenz, T; Kwiatkowska, M; Fritz, M
FullCert: deterministic end-to-end certification for training and inference of neural networks Proceedings Article
In: Springer, 2024.
@inproceedings{lorenz2024a,
title = {FullCert: deterministic end-to-end certification for training and inference of neural networks},
author = {T Lorenz and M Kwiatkowska and M Fritz},
year = {2024},
date = {2024-01-01},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Yu, Longhui; Jiang, Weisen; Shi, Han; Yu, Jincheng; Liu, Zhengying; Zhang, Yu; Kwok, James T.; Li, Zhenguo; Weller, Adrian; Liu, Weiyang
MetaMath: Bootstrap Your Own Mathematical Questions for Large Language Models Miscellaneous
2024.
@misc{yu2024metamathbootstrapmathematicalquestions,
title = {MetaMath: Bootstrap Your Own Mathematical Questions for Large Language Models},
author = {Longhui Yu and Weisen Jiang and Han Shi and Jincheng Yu and Zhengying Liu and Yu Zhang and James T. Kwok and Zhenguo Li and Adrian Weller and Weiyang Liu},
url = {https://arxiv.org/abs/2309.12284},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Shamsabadi, Ali Shahin; Tan, Gefei; Cebere, Tudor Ioan; Bellet, Aurélien; Haddadi, Hamed; Papernot, Nicolas; Wang, Xiao; Weller, Adrian
Confidential-DPproof: Confidential Proof of Differentially Private Training Proceedings Article
In: The Twelfth International Conference on Learning Representations, 2024.
@inproceedings{shamsabadi2024confidentialdpproof,
title = {Confidential-DPproof: Confidential Proof of Differentially Private Training},
author = {Ali Shahin Shamsabadi and Gefei Tan and Tudor Ioan Cebere and Aurélien Bellet and Hamed Haddadi and Nicolas Papernot and Xiao Wang and Adrian Weller},
url = {https://openreview.net/forum?id=PQY2v6VtGe},
year = {2024},
date = {2024-01-01},
booktitle = {The Twelfth International Conference on Learning Representations},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Zarlenga, Mateo Espinosa; Collins, Katherine M.; Dvijotham, Krishnamurthy; Weller, Adrian; Shams, Zohreh; Jamnik, Mateja
Learning to Receive Help: Intervention-Aware Concept Embedding Models Miscellaneous
2024.
@misc{zarlenga2024learningreceivehelpinterventionaware,
title = {Learning to Receive Help: Intervention-Aware Concept Embedding Models},
author = {Mateo Espinosa Zarlenga and Katherine M. Collins and Krishnamurthy Dvijotham and Adrian Weller and Zohreh Shams and Mateja Jamnik},
url = {https://arxiv.org/abs/2309.16928},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Shao, Daqian; Soleymani, Ashkan; Quinzan, Francesco; Kwiatkowska, Marta
Learning decision policies with instrumental variables through double machine learning Proceedings Article
In: Proceedings of the 41st International Conference on Machine Learning, JMLR.org, Vienna, Austria, 2024.
@inproceedings{10.5555/3692070.3693881,
title = {Learning decision policies with instrumental variables through double machine learning},
author = {Daqian Shao and Ashkan Soleymani and Francesco Quinzan and Marta Kwiatkowska},
year = {2024},
date = {2024-01-01},
booktitle = {Proceedings of the 41st International Conference on Machine Learning},
publisher = {JMLR.org},
address = {Vienna, Austria},
series = {ICML'24},
abstract = {A common issue in learning decision-making policies in data-rich settings is spurious correlations in the offline dataset, which can be caused by hidden confounders. Instrumental variable (IV) regression, which utilises a key unconfounded variable known as the instrument, is a standard technique for learning causal relationships between confounded action, outcome, and context variables. Most recent IV regression algorithms use a two-stage approach, where a deep neural network (DNN) estimator learnt in the first stage is directly plugged into the second stage, in which another DNN is used to estimate the causal effect. Naively plugging the estimator can cause heavy bias in the second stage, especially when regularisation bias is present in the first stage estimator. We propose DML-IV, a non-linear IV regression method that reduces the bias in two-stage IV regressions and effectively learns high-performing policies. We derive a novel learning objective to reduce bias and design the DML-IV algorithm following the double/debiased machine learning (DML) framework. The learnt DML-IV estimator has strong convergence rate and O(N-1/2) suboptimality guarantees that match those when the dataset is unconfounded. DML-IV outperforms state-of-the-art IV regression methods on IV regression benchmarks and learns high-performing policies in the presence of instruments.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
A common issue in learning decision-making policies in data-rich settings is spurious correlations in the offline dataset, which can be caused by hidden confounders. Instrumental variable (IV) regression, which utilises a key unconfounded variable known as the instrument, is a standard technique for learning causal relationships between confounded action, outcome, and context variables. Most recent IV regression algorithms use a two-stage approach, where a deep neural network (DNN) estimator learnt in the first stage is directly plugged into the second stage, in which another DNN is used to estimate the causal effect. Naively plugging the estimator can cause heavy bias in the second stage, especially when regularisation bias is present in the first stage estimator. We propose DML-IV, a non-linear IV regression method that reduces the bias in two-stage IV regressions and effectively learns high-performing policies. We derive a novel learning objective to reduce bias and design the DML-IV algorithm following the double/debiased machine learning (DML) framework. The learnt DML-IV estimator has strong convergence rate and O(N-1/2) suboptimality guarantees that match those when the dataset is unconfounded. DML-IV outperforms state-of-the-art IV regression methods on IV regression benchmarks and learns high-performing policies in the presence of instruments.
Zhang, Xiyue; Wang, Benjie; Kwiatkowska, Marta
Provable Preimage Under-Approximation for Neural Networks Proceedings Article
In: Finkbeiner, Bernd; Kovács, Laura (Ed.): Tools and Algorithms for the Construction and Analysis of Systems, pp. 3–23, Springer Nature Switzerland, Cham, 2024, ISBN: 978-3-031-57256-2.
@inproceedings{10.1007/978-3-031-57256-2_1,
title = {Provable Preimage Under-Approximation for Neural Networks},
author = {Xiyue Zhang and Benjie Wang and Marta Kwiatkowska},
editor = {Bernd Finkbeiner and Laura Kovács},
isbn = {978-3-031-57256-2},
year = {2024},
date = {2024-01-01},
booktitle = {Tools and Algorithms for the Construction and Analysis of Systems},
pages = {3–23},
publisher = {Springer Nature Switzerland},
address = {Cham},
abstract = {Neural network verification mainly focuses on local robustness properties, which can be checked by bounding the image (set of outputs) of a given input set. However, often it is important to know whether a given property holds globally for the input domain, and if not then for what proportion of the input the property is true. To analyze such properties requires computing preimage abstractions of neural networks. In this work, we propose an efficient anytime algorithm for generating symbolic under-approximations of the preimage of any polyhedron output set for neural networks. Our algorithm combines a novel technique for cheaply computing polytope preimage under-approximations using linear relaxation, with a carefully-designed refinement procedure that iteratively partitions the input region into subregions using input and ReLU splitting in order to improve the approximation. Empirically, we validate the efficacy of our method across a range of domains, including a high-dimensional MNIST classification task beyond the reach of existing preimage computation methods. Finally, as use cases, we showcase the application to quantitative verification and robustness analysis. We present a sound and complete algorithm for the former, which exploits our disjoint union of polytopes representation to provide formal guarantees. For the latter, we find that our method can provide useful quantitative information even when standard verifiers cannot verify a robustness property.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Neural network verification mainly focuses on local robustness properties, which can be checked by bounding the image (set of outputs) of a given input set. However, often it is important to know whether a given property holds globally for the input domain, and if not then for what proportion of the input the property is true. To analyze such properties requires computing preimage abstractions of neural networks. In this work, we propose an efficient anytime algorithm for generating symbolic under-approximations of the preimage of any polyhedron output set for neural networks. Our algorithm combines a novel technique for cheaply computing polytope preimage under-approximations using linear relaxation, with a carefully-designed refinement procedure that iteratively partitions the input region into subregions using input and ReLU splitting in order to improve the approximation. Empirically, we validate the efficacy of our method across a range of domains, including a high-dimensional MNIST classification task beyond the reach of existing preimage computation methods. Finally, as use cases, we showcase the application to quantitative verification and robustness analysis. We present a sound and complete algorithm for the former, which exploits our disjoint union of polytopes representation to provide formal guarantees. For the latter, we find that our method can provide useful quantitative information even when standard verifiers cannot verify a robustness property.
Wicker, Matthew; Patane, Andrea; Laurenti, Luca; Kwiatkowska, Marta
Adversarial Robustness Certification for Bayesian Neural Networks Proceedings Article
In: Formal Methods: 26th International Symposium, FM 2024, Milan, Italy, September 9–13, 2024, Proceedings, Part I, pp. 3–28, Springer-Verlag, Milan, Italy, 2024, ISBN: 978-3-031-71161-9.
@inproceedings{10.1007/978-3-031-71162-6_1,
title = {Adversarial Robustness Certification for Bayesian Neural Networks},
author = {Matthew Wicker and Andrea Patane and Luca Laurenti and Marta Kwiatkowska},
url = {https://doi.org/10.1007/978-3-031-71162-6_1},
doi = {10.1007/978-3-031-71162-6_1},
isbn = {978-3-031-71161-9},
year = {2024},
date = {2024-01-01},
booktitle = {Formal Methods: 26th International Symposium, FM 2024, Milan, Italy, September 9–13, 2024, Proceedings, Part I},
pages = {3–28},
publisher = {Springer-Verlag},
address = {Milan, Italy},
abstract = {We study the problem of certifying the robustness of Bayesian neural networks (BNNs) to adversarial input perturbations. Specifically, we define two notions of robustness for BNNs in an adversarial setting: probabilistic robustness and decision robustness. The former deals with the probabilistic behaviour of the network, that is, it ensures robustness across different stochastic realisations of the network, while the latter provides guarantees for the overall (output) decision of the BNN. Although these robustness properties cannot be computed analytically, we present a unified computational framework for efficiently and formally bounding them. Our approach is based on weight interval sampling, integration and bound propagation techniques, and can be applied to BNNs with a large number of parameters independently of the (approximate) inference method employed to train the BNN. We evaluate the effectiveness of our method on tasks including airborne collision avoidance, medical imaging and autonomous driving, demonstrating that it can compute non-trivial guarantees on medium size images (i.e., over 16 thousand input parameters).},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
We study the problem of certifying the robustness of Bayesian neural networks (BNNs) to adversarial input perturbations. Specifically, we define two notions of robustness for BNNs in an adversarial setting: probabilistic robustness and decision robustness. The former deals with the probabilistic behaviour of the network, that is, it ensures robustness across different stochastic realisations of the network, while the latter provides guarantees for the overall (output) decision of the BNN. Although these robustness properties cannot be computed analytically, we present a unified computational framework for efficiently and formally bounding them. Our approach is based on weight interval sampling, integration and bound propagation techniques, and can be applied to BNNs with a large number of parameters independently of the (approximate) inference method employed to train the BNN. We evaluate the effectiveness of our method on tasks including airborne collision avoidance, medical imaging and autonomous driving, demonstrating that it can compute non-trivial guarantees on medium size images (i.e., over 16 thousand input parameters).
Cesa-Bianchi, Nicolò; Cesari, Tommaso; Vecchia, Riccardo Della
Cooperative Online Learning with Feedback Graphs Journal Article
In: Transactions on Machine Learning Research, 2024, ISSN: 2835-8856.
@article{cesa-bianchi2024cooperative,
title = {Cooperative Online Learning with Feedback Graphs},
author = {Nicolò Cesa-Bianchi and Tommaso Cesari and Riccardo Della Vecchia},
url = {https://openreview.net/forum?id=PtNyIboDIG},
issn = {2835-8856},
year = {2024},
date = {2024-01-01},
journal = {Transactions on Machine Learning Research},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Collins, Katherine M.; Chen, Valerie; Sucholutsky, Ilia; Kirk, Hannah Rose; Sadek, Malak; Sargeant, Holli; Talwalkar, Ameet; Weller, Adrian; Bhatt, Umang
Modulating Language Model Experiences through Frictions Miscellaneous
2024.
@misc{collins2024modulatinglanguagemodelexperiences,
title = {Modulating Language Model Experiences through Frictions},
author = {Katherine M. Collins and Valerie Chen and Ilia Sucholutsky and Hannah Rose Kirk and Malak Sadek and Holli Sargeant and Ameet Talwalkar and Adrian Weller and Umang Bhatt},
url = {https://arxiv.org/abs/2407.12804},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Collins, Katherine M.; Sucholutsky, Ilia; Bhatt, Umang; Chandra, Kartik; Wong, Lionel; Lee, Mina; Zhang, Cedegao E.; Zhi-Xuan, Tan; Ho, Mark; Mansinghka, Vikash; Weller, Adrian; Tenenbaum, Joshua B.; Griffiths, Thomas L.
Building Machines that Learn and Think with People Miscellaneous
2024.
@misc{collins2024buildingmachineslearnthink,
title = {Building Machines that Learn and Think with People},
author = {Katherine M. Collins and Ilia Sucholutsky and Umang Bhatt and Kartik Chandra and Lionel Wong and Mina Lee and Cedegao E. Zhang and Tan Zhi-Xuan and Mark Ho and Vikash Mansinghka and Adrian Weller and Joshua B. Tenenbaum and Thomas L. Griffiths},
url = {https://arxiv.org/abs/2408.03943},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Bhatt, Umang; Sargeant, Holli
When Should Algorithms Resign? A Proposal for AI Governance Journal Article
In: Computer, vol. 57, no. 10, pp. 99-103, 2024.
@article{10687308,
title = {When Should Algorithms Resign? A Proposal for AI Governance},
author = {Umang Bhatt and Holli Sargeant},
doi = {10.1109/MC.2024.3431328},
year = {2024},
date = {2024-01-01},
journal = {Computer},
volume = {57},
number = {10},
pages = {99-103},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Guo, Wei; Demontis, Ambra; Plntor, Maura; Chan, Patrick; Biggio, Battista
LFPD: Local-Feature-Powered Defense Against Adaptive Backdoor Attacks Proceedings Article
In: pp. 607-612, 2024.
@inproceedings{inproceedingsc,
title = {LFPD: Local-Feature-Powered Defense Against Adaptive Backdoor Attacks},
author = {Wei Guo and Ambra Demontis and Maura Plntor and Patrick Chan and Battista Biggio},
doi = {10.1109/ICMLC63072.2024.10935153},
year = {2024},
date = {2024-01-01},
pages = {607-612},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Li, Yi; Angelov, Plamen P; Suri, Neeraj
Robust Self-Supervised Learning for Adversarial Attack Detection Proceedings Article
In: NeurIPS 2024 Workshop: Self-Supervised Learning – Theory and Practice, 2024.
@inproceedings{li2024robust,
title = {Robust Self-Supervised Learning for Adversarial Attack Detection},
author = {Yi Li and Plamen P Angelov and Neeraj Suri},
url = {https://openreview.net/forum?id=VSYnG9s2mo},
year = {2024},
date = {2024-01-01},
booktitle = {NeurIPS 2024 Workshop: Self-Supervised Learning - Theory and Practice},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Weil, Rebecca; Abdelnabi, Sahar; Fritz, Mario; Hasan, Rakibul
Tell Me What You Like and I Know What You Will Share: Topical Interest Influences Behavior Toward News From High and Low Credible Sources Proceedings Article
In: 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 504-518, 2024.
@inproceedings{10628732,
title = {Tell Me What You Like and I Know What You Will Share: Topical Interest Influences Behavior Toward News From High and Low Credible Sources},
author = {Rebecca Weil and Sahar Abdelnabi and Mario Fritz and Rakibul Hasan},
doi = {10.1109/EuroSPW61312.2024.00062},
year = {2024},
date = {2024-01-01},
booktitle = {2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)},
pages = {504-518},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Sheth, Ivaxi; Abdelnabi, Sahar; Fritz, Mario
Hypothesizing Missing Causal Variables with LLMs Miscellaneous
2024.
@misc{sheth2024hypothesizingmissingcausalvariables,
title = {Hypothesizing Missing Causal Variables with LLMs},
author = {Ivaxi Sheth and Sahar Abdelnabi and Mario Fritz},
url = {https://arxiv.org/abs/2409.02604},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Chen, Dingfan; Oestreich, Marie; Afonja, Tejumade; Kerkouche, Raouf; Becker, Matthias; Fritz, Mario
Towards Biologically Plausible and Private Gene Expression Data Generation Miscellaneous
2024.
@misc{chen2024biologicallyplausibleprivategene,
title = {Towards Biologically Plausible and Private Gene Expression Data Generation},
author = {Dingfan Chen and Marie Oestreich and Tejumade Afonja and Raouf Kerkouche and Matthias Becker and Mario Fritz},
url = {https://arxiv.org/abs/2402.04912},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Jiang, Ziping; Angelov, Plamen; Kangin, Dmitry; Zhang, Zhaonian; Jiang, Richard
On Neuron Activation Pattern and Applications Journal Article
In: 2024.
@article{Jiang_2024,
title = {On Neuron Activation Pattern and Applications},
author = {Ziping Jiang and Plamen Angelov and Dmitry Kangin and Zhaonian Zhang and Richard Jiang},
url = {http://dx.doi.org/10.36227/techrxiv.170421894.45150592/v1},
doi = {10.36227/techrxiv.170421894.45150592/v1},
year = {2024},
date = {2024-01-01},
publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Trizna, Dmitrijs; Demetrio, Luca; Biggio, Battista; Roli, Fabio
Living-off-The-Land Reverse-Shell Detection by Informed Data Augmentation Journal Article
In: CoRR, vol. abs/2402.18329, 2024.
@article{DBLP:journals/corr/abs-2402-18329,
title = {Living-off-The-Land Reverse-Shell Detection by Informed Data Augmentation},
author = {Dmitrijs Trizna and Luca Demetrio and Battista Biggio and Fabio Roli},
url = {https://doi.org/10.48550/arXiv.2402.18329},
doi = {10.48550/ARXIV.2402.18329},
year = {2024},
date = {2024-01-01},
journal = {CoRR},
volume = {abs/2402.18329},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Rahimian, Shadi; Kerkouche, Raouf; Kurth, Ina; Fritz, Mario
Private and Collaborative Kaplan-Meier Estimators Proceedings Article
In: Proceedings of the 23rd Workshop on Privacy in the Electronic Society, pp. 212–241, Association for Computing Machinery, Salt Lake City, UT, USA, 2024, ISBN: 9798400712395.
@inproceedings{10.1145/3689943.3695039,
title = {Private and Collaborative Kaplan-Meier Estimators},
author = {Shadi Rahimian and Raouf Kerkouche and Ina Kurth and Mario Fritz},
url = {https://doi.org/10.1145/3689943.3695039},
doi = {10.1145/3689943.3695039},
isbn = {9798400712395},
year = {2024},
date = {2024-01-01},
booktitle = {Proceedings of the 23rd Workshop on Privacy in the Electronic Society},
pages = {212–241},
publisher = {Association for Computing Machinery},
address = {Salt Lake City, UT, USA},
series = {WPES '24},
abstract = {Kaplan-Meier estimators are essential tools in survival analysis, capturing the survival behavior of a cohort. Their accuracy improves with large, diverse datasets, encouraging data holders to collaborate for more precise estimations. However, these datasets often contain sensitive individual information, necessitating stringent data protection measures that preclude naive data sharing.In this work, we introduce two novel differentially private methods that offer flexibility in applying differential privacy to various functions of the data. Additionally, we propose a synthetic dataset generation technique that enables easy and rapid conversion between different data representations. Utilizing these methods, we propose various paths that allow a joint estimation of the Kaplan-Meier curves with strict privacy guarantees. Our contribution includes a taxonomy of methods for this task and an extensive experimental exploration and evaluation based on this structure. We demonstrate that our approach can construct a joint global Kaplan-Meier estimator that adheres to strict privacy standards (ε = 1) while exhibiting no statistically significant deviation from the non-private centralized estimator. The source code is available at https://github.com/ShadiRahimian/DPFed-KM.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Kaplan-Meier estimators are essential tools in survival analysis, capturing the survival behavior of a cohort. Their accuracy improves with large, diverse datasets, encouraging data holders to collaborate for more precise estimations. However, these datasets often contain sensitive individual information, necessitating stringent data protection measures that preclude naive data sharing.In this work, we introduce two novel differentially private methods that offer flexibility in applying differential privacy to various functions of the data. Additionally, we propose a synthetic dataset generation technique that enables easy and rapid conversion between different data representations. Utilizing these methods, we propose various paths that allow a joint estimation of the Kaplan-Meier curves with strict privacy guarantees. Our contribution includes a taxonomy of methods for this task and an extensive experimental exploration and evaluation based on this structure. We demonstrate that our approach can construct a joint global Kaplan-Meier estimator that adheres to strict privacy standards (ε = 1) while exhibiting no statistically significant deviation from the non-private centralized estimator. The source code is available at https://github.com/ShadiRahimian/DPFed-KM.
Cinà, Antonio Emanuele; Villani, Francesco; Pintor, Maura; Schönherr, Lea; Biggio, Battista; Pelillo, Marcello
2024.
@misc{<LineBreak>cinà2024sigmazero,
title = {$textbackslashsigma$-zero: Gradient-based Optimization of textbackslashtextbackslash$textbackslashell_0$-norm Adversarial Examples},
author = {Antonio Emanuele Cinà and Francesco Villani and Maura Pintor and Lea Schönherr and Battista Biggio and Marcello Pelillo},
url = {https://openreview.net/forum?id=dXRWP4n15q},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Trizna, Dmitrijs; Demetrio, Luca; Biggio, Battista; Roli, Fabio
Nebula: Self-Attention for Dynamic Malware Analysis Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 19, pp. 6155-6167, 2024, ISSN: 1556-6021.
@article{10551436,
title = {Nebula: Self-Attention for Dynamic Malware Analysis},
author = {Dmitrijs Trizna and Luca Demetrio and Battista Biggio and Fabio Roli},
doi = {10.1109/TIFS.2024.3409083},
issn = {1556-6021},
year = {2024},
date = {2024-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {19},
pages = {6155-6167},
abstract = {Dynamic analysis enables detecting Windows malware by executing programs in a controlled environment and logging their actions. Previous work has proposed training machine learning models, i.e., convolutional and long short-term memory networks, on homogeneous input features like runtime APIs to either detect or classify malware, neglecting other relevant information coming from heterogeneous data like network and file operations. To overcome these issues, we introduce Nebula, a versatile, self-attention Transformer-based neural architecture that generalizes across different behavioral representations and formats, combining diverse information from dynamic log reports. Nebula is composed by several components needed to tokenize, filter, normalize and encode data to feed the transformer architecture. We firstly perform a comprehensive ablation study to evaluate their impact on the performance of the whole system, highlighting which components can be used as-is, and which must be enriched with specific domain knowledge. We perform extensive experiments on both malware detection and classification tasks, using three datasets acquired from different dynamic analyses platforms, show that, on average, Nebula outperforms state-of-the-art models at low false positive rates, with a peak of 12% improvement. Moreover, we showcase how self-supervised learning pre-training matches the performance of fully-supervised models with only 20% of training data, and we inspect the output of Nebula through explainable AI techniques, pinpointing how attention is focusing on specific tokens correlated to malicious activities of malware families. To foster reproducibility, we open-source our findings and models at https://github.com/dtrizna/nebula.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Dynamic analysis enables detecting Windows malware by executing programs in a controlled environment and logging their actions. Previous work has proposed training machine learning models, i.e., convolutional and long short-term memory networks, on homogeneous input features like runtime APIs to either detect or classify malware, neglecting other relevant information coming from heterogeneous data like network and file operations. To overcome these issues, we introduce Nebula, a versatile, self-attention Transformer-based neural architecture that generalizes across different behavioral representations and formats, combining diverse information from dynamic log reports. Nebula is composed by several components needed to tokenize, filter, normalize and encode data to feed the transformer architecture. We firstly perform a comprehensive ablation study to evaluate their impact on the performance of the whole system, highlighting which components can be used as-is, and which must be enriched with specific domain knowledge. We perform extensive experiments on both malware detection and classification tasks, using three datasets acquired from different dynamic analyses platforms, show that, on average, Nebula outperforms state-of-the-art models at low false positive rates, with a peak of 12% improvement. Moreover, we showcase how self-supervised learning pre-training matches the performance of fully-supervised models with only 20% of training data, and we inspect the output of Nebula through explainable AI techniques, pinpointing how attention is focusing on specific tokens correlated to malicious activities of malware families. To foster reproducibility, we open-source our findings and models at https://github.com/dtrizna/nebula.
Oneto, Luca; Ridella, Sandro; Anguita, Davide
Towards algorithms and models that we can trust: A theoretical perspective Journal Article
In: Neurocomputing, vol. 592, pp. 127798, 2024, ISSN: 0925-2312.
@article{ONETO2024127798,
title = {Towards algorithms and models that we can trust: A theoretical perspective},
author = {Luca Oneto and Sandro Ridella and Davide Anguita},
url = {https://www.sciencedirect.com/science/article/pii/S0925231224005691},
doi = {https://doi.org/10.1016/j.neucom.2024.127798},
issn = {0925-2312},
year = {2024},
date = {2024-01-01},
journal = {Neurocomputing},
volume = {592},
pages = {127798},
abstract = {In the last decade it became increasingly apparent the inability of technical metrics such as accuracy, sustainability, and non-regressiveness to well characterize the behavior of intelligent systems. In fact, they are nowadays requested to meet also ethical requirements such as explainability, fairness, robustness, and privacy increasing our trust in their use in the wild. Of course often technical and ethical metrics are in tension between each other but the final goal is to be able to develop a new generation of more responsible and trustworthy machine learning. In this paper, we focus our attention on machine learning algorithms and associated predictive models, questioning for the first time, from a theoretical perspective, if it is possible to simultaneously guarantee their performance in terms of both technical and ethical metrics towards machine learning algorithms that we can trust. In particular, we will investigate for the first time both theory and practice of deterministic and randomized algorithms and associated predictive models showing the advantages and disadvantages of the different approaches. For this purpose we will leverage the most recent advances coming from the statistical learning theory: Complexity-Based Methods, Distribution Stability, PAC-Bayes, and Differential Privacy. Results will show that it is possible to develop consistent algorithms which generate predictive models with guarantees on multiple trustworthiness metrics.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In the last decade it became increasingly apparent the inability of technical metrics such as accuracy, sustainability, and non-regressiveness to well characterize the behavior of intelligent systems. In fact, they are nowadays requested to meet also ethical requirements such as explainability, fairness, robustness, and privacy increasing our trust in their use in the wild. Of course often technical and ethical metrics are in tension between each other but the final goal is to be able to develop a new generation of more responsible and trustworthy machine learning. In this paper, we focus our attention on machine learning algorithms and associated predictive models, questioning for the first time, from a theoretical perspective, if it is possible to simultaneously guarantee their performance in terms of both technical and ethical metrics towards machine learning algorithms that we can trust. In particular, we will investigate for the first time both theory and practice of deterministic and randomized algorithms and associated predictive models showing the advantages and disadvantages of the different approaches. For this purpose we will leverage the most recent advances coming from the statistical learning theory: Complexity-Based Methods, Distribution Stability, PAC-Bayes, and Differential Privacy. Results will show that it is possible to develop consistent algorithms which generate predictive models with guarantees on multiple trustworthiness metrics.
Cesa-Bianchi, Nicolo; Cesari, Tommaso; Colomboni, Roberto; Fusco, Federico; Leonardi, Stefano
The Role of Transparency in Repeated First-Price Auctions with Unknown Valuations Proceedings Article
In: Proceedings of the 56th Annual ACM Symposium on Theory of Computing, pp. 225–236, Association for Computing Machinery, Vancouver, BC, Canada, 2024, ISBN: 9798400703836.
@inproceedings{10.1145/3618260.3649658,
title = {The Role of Transparency in Repeated First-Price Auctions with Unknown Valuations},
author = {Nicolo Cesa-Bianchi and Tommaso Cesari and Roberto Colomboni and Federico Fusco and Stefano Leonardi},
url = {https://doi.org/10.1145/3618260.3649658},
doi = {10.1145/3618260.3649658},
isbn = {9798400703836},
year = {2024},
date = {2024-01-01},
booktitle = {Proceedings of the 56th Annual ACM Symposium on Theory of Computing},
pages = {225–236},
publisher = {Association for Computing Machinery},
address = {Vancouver, BC, Canada},
series = {STOC 2024},
abstract = {We study the problem of regret minimization for a single bidder in a sequence of first-price auctions where the bidder discovers the item’s value only if the auction is won. Our main contribution is a complete characterization, up to logarithmic factors, of the minimax regret in terms of the auction’s transparency, which controls the amount of information on competing bids disclosed by the auctioneer at the end of each auction. Our results hold under different assumptions (stochastic, adversarial, and their smoothed variants) on the environment generating the bidder’s valuations and competing bids. These minimax rates reveal how the interplay between transparency and the nature of the environment affects how fast one can learn to bid optimally in first-price auctions.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
We study the problem of regret minimization for a single bidder in a sequence of first-price auctions where the bidder discovers the item’s value only if the auction is won. Our main contribution is a complete characterization, up to logarithmic factors, of the minimax regret in terms of the auction’s transparency, which controls the amount of information on competing bids disclosed by the auctioneer at the end of each auction. Our results hold under different assumptions (stochastic, adversarial, and their smoothed variants) on the environment generating the bidder’s valuations and competing bids. These minimax rates reveal how the interplay between transparency and the nature of the environment affects how fast one can learn to bid optimally in first-price auctions.
Achddou, Juliette; Cesa-Bianchi, Nicolò; Laforgue, Pierre
Multitask Online Learning: Listen to the Neighborhood Buzz Proceedings Article
In: Dasgupta, Sanjoy; Mandt, Stephan; Li, Yingzhen (Ed.): International Conference on Artificial Intelligence and Statistics, 2-4 May 2024, Palau de Congressos, Valencia, Spain, pp. 1846–1854, PMLR, 2024.
@inproceedings{DBLP:conf/aistats/AchddouCL24,
title = {Multitask Online Learning: Listen to the Neighborhood Buzz},
author = {Juliette Achddou and Nicolò Cesa-Bianchi and Pierre Laforgue},
editor = {Sanjoy Dasgupta and Stephan Mandt and Yingzhen Li},
url = {https://proceedings.mlr.press/v238/achddou24a.html},
year = {2024},
date = {2024-01-01},
booktitle = {International Conference on Artificial Intelligence and Statistics,
2-4 May 2024, Palau de Congressos, Valencia, Spain},
volume = {238},
pages = {1846–1854},
publisher = {PMLR},
series = {Proceedings of Machine Learning Research},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Oneto, Luca; Ridella, Sandro; Anguita, Davide
Towards algorithms and models that we can trust: A theoretical perspective Journal Article
In: Neurocomputing, vol. 592, pp. 127798, 2024, ISSN: 0925-2312.
@article{ONETO2024127798b,
title = {Towards algorithms and models that we can trust: A theoretical perspective},
author = {Luca Oneto and Sandro Ridella and Davide Anguita},
url = {https://www.sciencedirect.com/science/article/pii/S0925231224005691},
doi = {https://doi.org/10.1016/j.neucom.2024.127798},
issn = {0925-2312},
year = {2024},
date = {2024-01-01},
journal = {Neurocomputing},
volume = {592},
pages = {127798},
abstract = {In the last decade it became increasingly apparent the inability of technical metrics such as accuracy, sustainability, and non-regressiveness to well characterize the behavior of intelligent systems. In fact, they are nowadays requested to meet also ethical requirements such as explainability, fairness, robustness, and privacy increasing our trust in their use in the wild. Of course often technical and ethical metrics are in tension between each other but the final goal is to be able to develop a new generation of more responsible and trustworthy machine learning. In this paper, we focus our attention on machine learning algorithms and associated predictive models, questioning for the first time, from a theoretical perspective, if it is possible to simultaneously guarantee their performance in terms of both technical and ethical metrics towards machine learning algorithms that we can trust. In particular, we will investigate for the first time both theory and practice of deterministic and randomized algorithms and associated predictive models showing the advantages and disadvantages of the different approaches. For this purpose we will leverage the most recent advances coming from the statistical learning theory: Complexity-Based Methods, Distribution Stability, PAC-Bayes, and Differential Privacy. Results will show that it is possible to develop consistent algorithms which generate predictive models with guarantees on multiple trustworthiness metrics.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In the last decade it became increasingly apparent the inability of technical metrics such as accuracy, sustainability, and non-regressiveness to well characterize the behavior of intelligent systems. In fact, they are nowadays requested to meet also ethical requirements such as explainability, fairness, robustness, and privacy increasing our trust in their use in the wild. Of course often technical and ethical metrics are in tension between each other but the final goal is to be able to develop a new generation of more responsible and trustworthy machine learning. In this paper, we focus our attention on machine learning algorithms and associated predictive models, questioning for the first time, from a theoretical perspective, if it is possible to simultaneously guarantee their performance in terms of both technical and ethical metrics towards machine learning algorithms that we can trust. In particular, we will investigate for the first time both theory and practice of deterministic and randomized algorithms and associated predictive models showing the advantages and disadvantages of the different approaches. For this purpose we will leverage the most recent advances coming from the statistical learning theory: Complexity-Based Methods, Distribution Stability, PAC-Bayes, and Differential Privacy. Results will show that it is possible to develop consistent algorithms which generate predictive models with guarantees on multiple trustworthiness metrics.
Donghi, Giovanni; Pasa, Luca; Oneto, Luca; Gallicchio, Claudio; Micheli, Alessio; Anguita, Davide; Sperduti, Alessandro; Navarin, Nicolò
Investigating over-parameterized randomized graph networks Journal Article
In: Neurocomputing, vol. 606, pp. 128281, 2024, ISSN: 0925-2312.
@article{DONGHI2024128281,
title = {Investigating over-parameterized randomized graph networks},
author = {Giovanni Donghi and Luca Pasa and Luca Oneto and Claudio Gallicchio and Alessio Micheli and Davide Anguita and Alessandro Sperduti and Nicolò Navarin},
url = {https://www.sciencedirect.com/science/article/pii/S092523122401052X},
doi = {https://doi.org/10.1016/j.neucom.2024.128281},
issn = {0925-2312},
year = {2024},
date = {2024-01-01},
journal = {Neurocomputing},
volume = {606},
pages = {128281},
abstract = {In this paper, we investigate neural models based on graph random features for classification tasks. First, we aim to understand when over parameterization, namely generating more features than the ones necessary to interpolate, may be beneficial for the generalization abilities of the resulting models. We employ two measures: one from the algorithmic stability framework and another one based on information theory. We provide empirical evidence from several commonly adopted graph datasets showing that the considered measures, even without considering task labels, can be effective for this purpose. Additionally, we investigate whether these measures can aid in the process of hyperparameters selection. The results of our empirical analysis show that the considered measures have good correlations with the estimated generalization performance of the models with different hyperparameter configurations. Moreover, they can be used to identify good hyperparameters, achieving results comparable to the ones obtained with a classic grid search.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In this paper, we investigate neural models based on graph random features for classification tasks. First, we aim to understand when over parameterization, namely generating more features than the ones necessary to interpolate, may be beneficial for the generalization abilities of the resulting models. We employ two measures: one from the algorithmic stability framework and another one based on information theory. We provide empirical evidence from several commonly adopted graph datasets showing that the considered measures, even without considering task labels, can be effective for this purpose. Additionally, we investigate whether these measures can aid in the process of hyperparameters selection. The results of our empirical analysis show that the considered measures have good correlations with the estimated generalization performance of the models with different hyperparameter configurations. Moreover, they can be used to identify good hyperparameters, achieving results comparable to the ones obtained with a classic grid search.
Wang, Hui-Po; Chen, Dingfan; Kerkouche, Raouf; Fritz, Mario
FedLAP-DP: Federated Learning by Sharing Differentially Private Loss Approximations Miscellaneous
2024.
@misc{wang2024fedlapdpfederatedlearningsharing,
title = {FedLAP-DP: Federated Learning by Sharing Differentially Private Loss Approximations},
author = {Hui-Po Wang and Dingfan Chen and Raouf Kerkouche and Mario Fritz},
url = {https://arxiv.org/abs/2302.01068},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Franco, Danilo; D’Amato, Vincenzo Stefano; Pasa, Luca; Navarin, Nicolò; Oneto, Luca
Fair graph representation learning: Empowering NIFTY via Biased Edge Dropout and Fair Attribute Preprocessing Journal Article
In: Neurocomputing, vol. 563, pp. 126948, 2024, ISSN: 0925-2312.
@article{FRANCO2024126948,
title = {Fair graph representation learning: Empowering NIFTY via Biased Edge Dropout and Fair Attribute Preprocessing},
author = {Danilo Franco and Vincenzo Stefano D’Amato and Luca Pasa and Nicolò Navarin and Luca Oneto},
url = {https://www.sciencedirect.com/science/article/pii/S0925231223010718},
doi = {https://doi.org/10.1016/j.neucom.2023.126948},
issn = {0925-2312},
year = {2024},
date = {2024-01-01},
journal = {Neurocomputing},
volume = {563},
pages = {126948},
abstract = {The increasing complexity and amount of data available in modern applications strongly demand Trustworthy Learning algorithms that can be fed directly with complex and large graphs data. In fact, on one hand, machine learning models must meet high technical standards (e.g., high accuracy with limited computational requirements), but, at the same time, they must be sure not to discriminate against subgroups of the population (e.g., based on gender or ethnicity). Graph Neural Networks (GNNs) are currently the most effective solution to meet the technical requirements, even if it has been demonstrated that they inherit and amplify the biases contained in the data as a reflection of societal inequities. In fact, when dealing with graph data, these biases can be hidden not only in the node attributes but also in the connections between entities. Several Fair GNNs have been proposed in the literature, with uNIfying Fairness and stabiliTY (NIFTY) (Agarwal et al., 2021) being one of the most effective. In this paper, we will empower NIFTY’s fairness with two new strategies. The first one is a Biased Edge Dropout, namely, we drop graph edges to balance homophilous and heterophilous sensitive connections, mitigating the bias induced by subgroup node cardinality. The second one is Attributes Preprocessing, which is the process of learning a fair transformation of the original node attributes. The effectiveness of our proposal will be tested on a series of datasets with increasingly challenging scenarios. These scenarios will deal with different levels of knowledge about the entire graph, i.e., how many portions of the graph are known and which sub-portion is labelled at the training and forward phases.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The increasing complexity and amount of data available in modern applications strongly demand Trustworthy Learning algorithms that can be fed directly with complex and large graphs data. In fact, on one hand, machine learning models must meet high technical standards (e.g., high accuracy with limited computational requirements), but, at the same time, they must be sure not to discriminate against subgroups of the population (e.g., based on gender or ethnicity). Graph Neural Networks (GNNs) are currently the most effective solution to meet the technical requirements, even if it has been demonstrated that they inherit and amplify the biases contained in the data as a reflection of societal inequities. In fact, when dealing with graph data, these biases can be hidden not only in the node attributes but also in the connections between entities. Several Fair GNNs have been proposed in the literature, with uNIfying Fairness and stabiliTY (NIFTY) (Agarwal et al., 2021) being one of the most effective. In this paper, we will empower NIFTY’s fairness with two new strategies. The first one is a Biased Edge Dropout, namely, we drop graph edges to balance homophilous and heterophilous sensitive connections, mitigating the bias induced by subgroup node cardinality. The second one is Attributes Preprocessing, which is the process of learning a fair transformation of the original node attributes. The effectiveness of our proposal will be tested on a series of datasets with increasingly challenging scenarios. These scenarios will deal with different levels of knowledge about the entire graph, i.e., how many portions of the graph are known and which sub-portion is labelled at the training and forward phases.
Abdelnabi, Sahar; Gomaa, Amr; Sivaprasad, Sarath; Schönherr, Lea; Fritz, Mario
Cooperation, Competition, and Maliciousness: LLM-Stakeholders Interactive Negotiation Miscellaneous
2024.
@misc{abdelnabi2024cooperationcompetitionmaliciousnessllmstakeholders,
title = {Cooperation, Competition, and Maliciousness: LLM-Stakeholders Interactive Negotiation},
author = {Sahar Abdelnabi and Amr Gomaa and Sarath Sivaprasad and Lea Schönherr and Mario Fritz},
url = {https://arxiv.org/abs/2309.17234},
year = {2024},
date = {2024-01-01},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Anani, Alaa; Lorenz, Tobias; Schiele, Bernt; Fritz, Mario
Adaptive hierarchical certification for segmentation using randomized smoothing Proceedings Article
In: Proceedings of the 41st International Conference on Machine Learning, JMLR.org, Vienna, Austria, 2024.
@inproceedings{10.5555/3692070.3692132,
title = {Adaptive hierarchical certification for segmentation using randomized smoothing},
author = {Alaa Anani and Tobias Lorenz and Bernt Schiele and Mario Fritz},
year = {2024},
date = {2024-01-01},
booktitle = {Proceedings of the 41st International Conference on Machine Learning},
publisher = {JMLR.org},
address = {Vienna, Austria},
series = {ICML'24},
abstract = {Certification for machine learning is proving that no adversarial sample can evade a model within a range under certain conditions, a necessity for safety-critical domains. Common certification methods for segmentation use a flat set of fine-grained classes, leading to high abstain rates due to model uncertainty across many classes. We propose a novel, more practical setting, which certifies pixels within a multi-level hierarchy, and adaptively relaxes the certification to a coarser level for unstable components classic methods would abstain from, effectively lowering the abstain rate whilst providing more certified semantically meaningful information. We mathematically formulate the problem setup, introduce an adaptive hierarchical certification algorithm and prove the correctness of its guarantees. Since certified accuracy does not take the loss of information into account for coarser classes, we introduce the Certified Information Gain (CIG) metric, which is proportional to the class granularity level. Our extensive experiments on the datasets Cityscapes, PASCAL-Context, ACDC and COCO-Stuff demonstrate that our adaptive algorithm achieves a higher CIG and lower abstain rate compared to the current state-of-the-art certification method. Our code can be found here: https://github.com/AlaaAnani/adaptive-certify.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Certification for machine learning is proving that no adversarial sample can evade a model within a range under certain conditions, a necessity for safety-critical domains. Common certification methods for segmentation use a flat set of fine-grained classes, leading to high abstain rates due to model uncertainty across many classes. We propose a novel, more practical setting, which certifies pixels within a multi-level hierarchy, and adaptively relaxes the certification to a coarser level for unstable components classic methods would abstain from, effectively lowering the abstain rate whilst providing more certified semantically meaningful information. We mathematically formulate the problem setup, introduce an adaptive hierarchical certification algorithm and prove the correctness of its guarantees. Since certified accuracy does not take the loss of information into account for coarser classes, we introduce the Certified Information Gain (CIG) metric, which is proportional to the class granularity level. Our extensive experiments on the datasets Cityscapes, PASCAL-Context, ACDC and COCO-Stuff demonstrate that our adaptive algorithm achieves a higher CIG and lower abstain rate compared to the current state-of-the-art certification method. Our code can be found here: https://github.com/AlaaAnani/adaptive-certify.
2023
Li, Yi; Angelov, Plamen; Suri, Neeraj
Fuzzy Detectors Against Adversarial Attacks Proceedings Article
In: 2023 IEEE Symposium Series on Computational Intelligence (SSCI), pp. 306-311, 2023, ISSN: 2472-8322.
@inproceedings{10372061,
title = {Fuzzy Detectors Against Adversarial Attacks},
author = {Yi Li and Plamen Angelov and Neeraj Suri},
doi = {10.1109/SSCI52147.2023.10372061},
issn = {2472-8322},
year = {2023},
date = {2023-12-01},
booktitle = {2023 IEEE Symposium Series on Computational Intelligence (SSCI)},
pages = {306-311},
abstract = {Deep learning-based methods have proved useful for adversarial attack detection. However, conventional detection algorithms exploit crisp set theory for classification boundary. Therefore, representing vague concepts is not available. Mo-tivated by the recent success in fuzzy systems, we propose a fuzzy rule-based neural network to improve adversarial attack detection accuracy. The pretrained ImageNet model is exploited to extract feature maps from clean and attacked images. Subsequently, the fuzzification network is used to obtain feature maps to produce fuzzy sets of difference degrees between clean and attacked images. The fuzzy rules control the intelligence that determines the detection boundaries. In the defuzzification layer, the fuzzy prediction from the in-telligence is mapped back into the crisp model predictions for images. The loss between the prediction and label controls the rules to train the fuzzy detector. We show that the fuzzy rule-based network learns rich feature information than binary outputs and offers to obtain an overall performance gain. Our experiments, conducted over a wide range of images, show that the proposed method consistently performs better than conventional crisp set training in adversarial attack detection with various fuzzy system-based neural networks. The source code of the proposed method is available at https://github.com/Yukino-3/Fuzzy.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Deep learning-based methods have proved useful for adversarial attack detection. However, conventional detection algorithms exploit crisp set theory for classification boundary. Therefore, representing vague concepts is not available. Mo-tivated by the recent success in fuzzy systems, we propose a fuzzy rule-based neural network to improve adversarial attack detection accuracy. The pretrained ImageNet model is exploited to extract feature maps from clean and attacked images. Subsequently, the fuzzification network is used to obtain feature maps to produce fuzzy sets of difference degrees between clean and attacked images. The fuzzy rules control the intelligence that determines the detection boundaries. In the defuzzification layer, the fuzzy prediction from the in-telligence is mapped back into the crisp model predictions for images. The loss between the prediction and label controls the rules to train the fuzzy detector. We show that the fuzzy rule-based network learns rich feature information than binary outputs and offers to obtain an overall performance gain. Our experiments, conducted over a wide range of images, show that the proposed method consistently performs better than conventional crisp set training in adversarial attack detection with various fuzzy system-based neural networks. The source code of the proposed method is available at https://github.com/Yukino-3/Fuzzy.
Tito, Rubèn Pérez
Exploring the role of Text in Visual Question Answering on Natural Scenes and Documents PhD Thesis
2023.
@phdthesis{nokey,
title = {Exploring the role of Text in Visual Question Answering on Natural Scenes and Documents},
author = {Rubèn Pérez Tito},
year = {2023},
date = {2023-11-13},
urldate = {2023-11-13},
abstract = {Visual Question Answering (VQA) is the task where given an image and a natural language question, the objective is to generate a natural language answer. At the intersection between computer vision and natural language processing, this task can be seen as a measure of image understanding capabilities, as it requires to reason about objects, actions, colors, positions, the relations between the different elements as well as commonsense reasoning, world knowledge, arithmetic skills and natural language understanding. However, even though the text present in the images conveys important semantically rich information that is explicit and not available in any other form, most VQA methods remained illiterate, largely ignoring the text despite its potential significance. In this thesis, we set out on a journey to bring reading capabilities to computer vision models applied to the VQA task, creating new datasets and methods that can read, reason and integrate the text with other visual cues in natural scene images and documents.
In this thesis, we address the combination of scene text with visual information to fully understand all the nuances of natural scene images. To achieve this objective, we define a new sub-task of VQA that requires reading the text in the image, and highlight the limitations of the current methods. In addition, we propose a new architecture that integrates both modalities and jointly reasons about textual and visual features.
Moreover, we shift the domain of VQA with reading capabilities and apply it to scanned industry document images, providing a high-level end-purpose perspective to Document Understanding, which has been primarily focused on digitizing the document’s contents and extracting key values without considering the ultimate purpose of the extracted information. For this, we create a dataset which requires methods to reason about the unique and challenging elements of documents, such as text, images, tables, graphs and complex layouts, to provide accurate answers in natural language. However, we observed that explicit visual features provide a slight contribution to the overall performance since the main information is usually conveyed within the text and its position. In consequence, we propose VQA on infographic images, seeking for document images with more visually rich elements that require to fully exploit visual information in order to answer the questions. We show the performance gap of different methods when used over industry scanned and infographic images, and propose a new method that integrates the visual features in early stages, which allows the transformer architecture to exploit the visual features during the self-attention operation.
Instead, we apply VQA on a big collection of single-page documents, where the methods must find which documents are relevant to answer the question and provide the answer itself. Finally, mimicking real-world application problems where systems must process documents with multiple pages, we address the multi-page document visual question-answering task. We demonstrate the limitations of existing methods, including models specifically designed to process long sequences. To overcome these limitations, we propose a hierarchical architecture that can process long documents, answer questions, and provide the index of the page where the information to answer the question is located as an explainability measure.},
keywords = {},
pubstate = {published},
tppubtype = {phdthesis}
}
Visual Question Answering (VQA) is the task where given an image and a natural language question, the objective is to generate a natural language answer. At the intersection between computer vision and natural language processing, this task can be seen as a measure of image understanding capabilities, as it requires to reason about objects, actions, colors, positions, the relations between the different elements as well as commonsense reasoning, world knowledge, arithmetic skills and natural language understanding. However, even though the text present in the images conveys important semantically rich information that is explicit and not available in any other form, most VQA methods remained illiterate, largely ignoring the text despite its potential significance. In this thesis, we set out on a journey to bring reading capabilities to computer vision models applied to the VQA task, creating new datasets and methods that can read, reason and integrate the text with other visual cues in natural scene images and documents.
In this thesis, we address the combination of scene text with visual information to fully understand all the nuances of natural scene images. To achieve this objective, we define a new sub-task of VQA that requires reading the text in the image, and highlight the limitations of the current methods. In addition, we propose a new architecture that integrates both modalities and jointly reasons about textual and visual features.
Moreover, we shift the domain of VQA with reading capabilities and apply it to scanned industry document images, providing a high-level end-purpose perspective to Document Understanding, which has been primarily focused on digitizing the document’s contents and extracting key values without considering the ultimate purpose of the extracted information. For this, we create a dataset which requires methods to reason about the unique and challenging elements of documents, such as text, images, tables, graphs and complex layouts, to provide accurate answers in natural language. However, we observed that explicit visual features provide a slight contribution to the overall performance since the main information is usually conveyed within the text and its position. In consequence, we propose VQA on infographic images, seeking for document images with more visually rich elements that require to fully exploit visual information in order to answer the questions. We show the performance gap of different methods when used over industry scanned and infographic images, and propose a new method that integrates the visual features in early stages, which allows the transformer architecture to exploit the visual features during the self-attention operation.
Instead, we apply VQA on a big collection of single-page documents, where the methods must find which documents are relevant to answer the question and provide the answer itself. Finally, mimicking real-world application problems where systems must process documents with multiple pages, we address the multi-page document visual question-answering task. We demonstrate the limitations of existing methods, including models specifically designed to process long sequences. To overcome these limitations, we propose a hierarchical architecture that can process long documents, answer questions, and provide the index of the page where the information to answer the question is located as an explainability measure.
In this thesis, we address the combination of scene text with visual information to fully understand all the nuances of natural scene images. To achieve this objective, we define a new sub-task of VQA that requires reading the text in the image, and highlight the limitations of the current methods. In addition, we propose a new architecture that integrates both modalities and jointly reasons about textual and visual features.
Moreover, we shift the domain of VQA with reading capabilities and apply it to scanned industry document images, providing a high-level end-purpose perspective to Document Understanding, which has been primarily focused on digitizing the document’s contents and extracting key values without considering the ultimate purpose of the extracted information. For this, we create a dataset which requires methods to reason about the unique and challenging elements of documents, such as text, images, tables, graphs and complex layouts, to provide accurate answers in natural language. However, we observed that explicit visual features provide a slight contribution to the overall performance since the main information is usually conveyed within the text and its position. In consequence, we propose VQA on infographic images, seeking for document images with more visually rich elements that require to fully exploit visual information in order to answer the questions. We show the performance gap of different methods when used over industry scanned and infographic images, and propose a new method that integrates the visual features in early stages, which allows the transformer architecture to exploit the visual features during the self-attention operation.
Instead, we apply VQA on a big collection of single-page documents, where the methods must find which documents are relevant to answer the question and provide the answer itself. Finally, mimicking real-world application problems where systems must process documents with multiple pages, we address the multi-page document visual question-answering task. We demonstrate the limitations of existing methods, including models specifically designed to process long sequences. To overcome these limitations, we propose a hierarchical architecture that can process long documents, answer questions, and provide the index of the page where the information to answer the question is located as an explainability measure.