Oceania
Towards a Robust Classifier: An MDL-Based Method for Generating Adversarial Examples
Asadi, Behzad, Varadharajan, Vijay
We address the problem of adversarial examples in machine learning where an adversary tries to misguide a classifier by making functionality-preserving modifications to original samples. We assume a black-box scenario where the adversary has access to only the feature set, and the final hard-decision output of the classifier. We propose a method to generate adversarial examples using the minimum description length (MDL) principle. Our final aim is to improve the robustness of the classifier by considering generated examples in rebuilding the classifier. We evaluate our method for the application of static malware detection in portable executable (PE) files. We consider API calls of PE files as their distinguishing features where the feature vector is a binary vector representing the presence-absence of API calls. In our method, we first create a dataset of benign samples by querying the target classifier. We next construct a code table of frequent patterns for the compression of this dataset using the MDL principle. We finally generate an adversarial example corresponding to a malware sample by selecting and adding a pattern from the benign code table to the malware sample. The selected pattern is the one that minimizes the length of the compressed adversarial example given the code table. This modification preserves the functionalities of the original malware sample as all original API calls are kept, and only some new API calls are added. Considering a neural network, we show that the evasion rate is 78.24 percent for adversarial examples compared to 8.16 percent for original malware samples. This shows the effectiveness of our method in generating examples that need to be considered in rebuilding the classifier.
Unsupervised Transfer Learning via BERT Neuron Selection
Valipour, Mehrdad, Lee, En-Shiun Annie, Jamacaro, Jaime R., Bessega, Carolina
Recent advancements in language representation models such as BERT have led to a rapid improvement in numerous natural language processing tasks. However, language models usually consist of a few hundred million trainable parameters with embedding space distributed across multiple layers, thus making them challenging to be fine-tuned for a specific task or to be transferred to a new domain. To determine whether there are task-specific neurons that can be exploited for unsupervised transfer learning, we introduce a method for selecting the most important neurons to solve a specific classification task. This algorithm is further extended to multi-source transfer learning by computing the importance of neurons for several single-source transfer learning scenarios between different subsets of data sources. Besides, a task-specific fingerprint for each data source is obtained based on the percentage of the selected neurons in each layer. We perform extensive experiments in unsupervised transfer learning for sentiment analysis, natural language inference and sentence similarity, and compare our results with the existing literature and baselines. Significantly, we found that the source and target data sources with higher degrees of similarity between their task-specific fingerprints demonstrate a better transferability property. We conclude that our method can lead to better performance using just a few hundred task-specific and interpretable neurons.
Doubly Robust Off-Policy Actor-Critic Algorithms for Reinforcement Learning
Islam, Riashat, Seraj, Raihan, Arnob, Samin Yeasar, Precup, Doina
We study the problem of off-policy critic evaluation in several variants of value-based off-policy actor-critic algorithms. Off-policy actor-critic algorithms require an off-policy critic evaluation step, to estimate the value of the new policy after every policy gradient update. Despite enormous success of off-policy policy gradients on control tasks, existing general methods suffer from high variance and instability, partly because the policy improvement depends on gradient of the estimated value function. In this work, we present a new way of off-policy policy evaluation in actor-critic, based on the doubly robust estimators. We extend the doubly robust estimator from off-policy policy evaluation (OPE) to actor-critic algorithms that consist of a reward estimator performance model. We find that doubly robust estimation of the critic can significantly improve performance in continuous control tasks. Furthermore, in cases where the reward function is stochastic that can lead to high variance, doubly robust critic estimation can improve performance under corrupted, stochastic reward signals, indicating its usefulness for robust and safe reinforcement learning.
Advances and Open Problems in Federated Learning
Kairouz, Peter, McMahan, H. Brendan, Avent, Brendan, Bellet, Aurélien, Bennis, Mehdi, Bhagoji, Arjun Nitin, Bonawitz, Keith, Charles, Zachary, Cormode, Graham, Cummings, Rachel, D'Oliveira, Rafael G. L., Rouayheb, Salim El, Evans, David, Gardner, Josh, Garrett, Zachary, Gascón, Adrià, Ghazi, Badih, Gibbons, Phillip B., Gruteser, Marco, Harchaoui, Zaid, He, Chaoyang, He, Lie, Huo, Zhouyuan, Hutchinson, Ben, Hsu, Justin, Jaggi, Martin, Javidi, Tara, Joshi, Gauri, Khodak, Mikhail, Konečný, Jakub, Korolova, Aleksandra, Koushanfar, Farinaz, Koyejo, Sanmi, Lepoint, Tancrède, Liu, Yang, Mittal, Prateek, Mohri, Mehryar, Nock, Richard, Özgür, Ayfer, Pagh, Rasmus, Raykova, Mariana, Qi, Hang, Ramage, Daniel, Raskar, Ramesh, Song, Dawn, Song, Weikang, Stich, Sebastian U., Sun, Ziteng, Suresh, Ananda Theertha, Tramèr, Florian, Vepakomma, Praneeth, Wang, Jianyu, Xiong, Li, Xu, Zheng, Yang, Qiang, Yu, Felix X., Yu, Han, Zhao, Sen
FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs resulting from traditional, centralized machine learning and data science approaches. Motivated by the explosive growth in FL research, this paper discusses recent advances and presents an extensive collection of open problems and challenges. Peter Kairouz and H. Brendan McMahan conceived, coordinated, and edited this work.
Entropy Regularization with Discounted Future State Distribution in Policy Gradient Methods
Islam, Riashat, Seraj, Raihan, Bacon, Pierre-Luc, Precup, Doina
The policy gradient theorem is defined based on an objective with respect to the initial distribution over states. In the discounted case, this results in policies that are optimal for one distribution over initial states, but may not be uniformly optimal for others, no matter where the agent starts from. Furthermore, to obtain unbiased gradient estimates, the starting point of the policy gradient estimator requires sampling states from a normalized discounted weighting of states. However, the difficulty of estimating the normalized discounted weighting of states, or the stationary state distribution, is quite well-known. Additionally, the large sample complexity of policy gradient methods is often attributed to insufficient exploration, and to remedy this, it is often assumed that the restart distribution provides sufficient exploration in these algorithms. In this work, we propose exploration in policy gradient methods based on maximizing entropy of the discounted future state distribution. The key contribution of our work includes providing a practically feasible algorithm to estimate the normalized discounted weighting of states, i.e, the \textit{discounted future state distribution}. We propose that exploration can be achieved by entropy regularization with the discounted state distribution in policy gradients, where a metric for maximal coverage of the state space can be based on the entropy of the induced state distribution. The proposed approach can be considered as a three time-scale algorithm and under some mild technical conditions, we prove its convergence to a locally optimal policy. Experimentally, we demonstrate usefulness of regularization with the discounted future state distribution in terms of increased state space coverage and faster learning on a range of complex tasks.
Explainability Fact Sheets: A Framework for Systematic Assessment of Explainable Approaches
Explanations in Machine Learning come in many forms, but a consensus regarding their desired properties is yet to emerge. In this paper we introduce a taxonomy and a set of descriptors that can be used to characterise and systematically assess explainable systems along five key dimensions: functional, operational, usability, safety and validation. In order to design a comprehensive and representative taxonomy and associated descriptors we surveyed the eXplainable Artificial Intelligence literature, extracting the criteria and desiderata that other authors have proposed or implicitly used in their research. The survey includes papers introducing new explainability algorithms to see what criteria are used to guide their development and how these algorithms are evaluated, as well as papers proposing such criteria from both computer science and social science perspectives. This novel framework allows to systematically compare and contrast explainability approaches, not just to better understand their capabilities but also to identify discrepancies between their theoretical qualities and properties of their implementations. We developed an operationalisation of the framework in the form of Explainability Fact Sheets, which enable researchers and practitioners alike to quickly grasp capabilities and limitations of a particular explainable method. When used as a Work Sheet, our taxonomy can guide the development of new explainability approaches by aiding in their critical evaluation along the five proposed dimensions.
2020 is when cybersecurity gets even weirder, so get ready ZDNet
If you thought cybersecurity was a challenging and often weird part of the tech industry, be prepared for it to get even odder. The next couple of years will bring a new range of threats that will take tech security far beyond its traditional boundaries and will require a whole new set of skills and alliances. One example: tech analyst Forrester predicts that deepfakes could end up costing businesses a lot of money next year: as much as $250m. That might happen in a couple of ways. There's the risk to your share price if someone creates a deepfake of your CEO apparently resigning from the company.
Pixel 4 gets automatic robocall screening, improved location accuracy, and more
If Google's Pixel 4 is your daily driver, good news: It's now able to screen robocalls -- and more. Google announced this morning an update to the Pixel 4's Call Screen feature in the U.S. that automatically declines calls from unknown parties and filters out suspected robocallers, alongside an improved video calling experience on Duo, the rollout of the new Google Assistant to more users, and a zippier software experience made possible by memory usage optimizations. It's a part of what Google's calling feature drops, which will deliver "bigger updates" to Pixel devices with "more helpful and fun features" going forward. The first arrives starting today, with others to follow on a monthly cadence. "Pixel phones have always received monthly updates to improve performance and make your device safe," wrote Google group product manager Shenaz Zack in a blog post.
Needed in IT City, roads with tech touch
The average Bengalurean spends about two hours a day stuck in traffic. The sheer volume of vehicles is impossible to manage manually, through traffic policemen on ground. While Bengaluru has led the way in terms of a tech-savvy traffic police force, there is room for improvement. Artificial Intelligence and technology have revolutionised traffic management across the world but have not yet been adopted in Karnataka, which prefers to use traffic policemen in some areas and a Westernised Webster model that doesn't suit our traffic conditions in others. Civic agencies have also fallen short in terms well-designed roads, construction regulations and meeting infrastructure needs of a fast growing population, leading to congested roads, reports M.K. Ashoka.
40 Corporations Working On Autonomous Vehicles
Beyond trendy names like Tesla and Alphabet chasing self-driving cars, a host of auto brands and other tech heavyweights are also investing in autonomous R&D. Private companies working in auto tech are attracting record levels of deals and funding, with autonomous driving startups leading the charge. Along with early-stage startups, VCs, and other investors, large corporations are also angling to get a slice of the self-driving pie. From autonomy to telematics to ride sharing, the auto industry has never been at more risk. Get the free 67-page report PDF. Using CB Insights' investment, acquisition, and partnership data, we identified over 40 companies developing road-going self-driving vehicles. They are a diverse group of players, ranging from automotive industry stalwarts to leading technology brands and telecommunications companies. This list is organized alphabetically and focuses on larger corporate players in the space (as opposed to earlier-stage startups). Companies working on industrial autonomous vehicles were not included in this analysis. A few of the companies or brands listed below belong to the same parent organization but are detailed separately if they are operating distinct autonomous development programs. Some companies are grouped together by key partnerships or alliances. Given the complex web of relationships between these players, other collaborations are also noted in each profile. This is not intended to be an exhaustive list of corporations working on autonomous vehicle technology. This brief was originally published on 9/25/2015 and featured 25 select corporations. It was updated and expanded on 5/17/2017, 9/4/2018, and 8/28/2019. Over the last decade, Amazon has spent billions of dollars working on finding ever-better solutions to the last-mile problem in delivery. It's built its own fleet of cargo jets, explored delivery by drone in the form of "Prime Air," and more. More recently, an increasing percentage of that investment has been directed toward autonomous vehicle technology. In February 2019, Amazon invested in Aurora Innovation, an autonomous tech startup run by former executives from two other firms with strong ties to self-driving technology: Google and Tesla. "Autonomous technology has the potential to help make the jobs of our employees and partners safer and more productive, whether it's in a fulfillment center or on the road, and we're excited about the possibilities." The Aurora investment isn't the only autonomous technology play that Amazon is pursuing. In January 2019, the company introduced the Amazon Scout, a six-wheeled electric-powered delivery robot.