Performance Analysis
Measuring Fairness in Financial Transaction Machine Learning Models
Ayvaz, Deniz Sezin, Belenguer, Lorenzo, He, Hankun, Kanubala, Deborah Dormah, Li, Mingxu, Low, Soung, Mougan, Carlos, Onwuegbuche, Faithful Chiagoziem, Pi, Yulu, Sikora, Natalia, Tran, Dan, Verma, Shresth, Wang, Hanzhi, Xie, Skyler, Pelletier, Adeline
Mastercard, a global leader in financial services, develops and deploys machine learning models aimed at optimizing card usage and preventing attrition through advanced predictive models. These models use aggregated and anonymized card usage patterns, including cross-border transactions and industry-specific spending, to tailor bank offerings and maximize revenue opportunities. Mastercard has established an AI Governance program, based on its Data and Tech Responsibility Principles, to evaluate any built and bought AI for efficacy, fairness, and transparency. As part of this effort, Mastercard has sought expertise from the Turing Institute through a Data Study Group to better assess fairness in more complex AI/ML models. The Data Study Group challenge lies in defining, measuring, and mitigating fairness in these predictions, which can be complex due to the various interpretations of fairness, gaps in the research literature, and ML-operations challenges.
Reviews: Improved Precision and Recall Metric for Assessing Generative Models
Originality: This paper uses similar intuition as [1]. Precision should represent the generated images captured by real images and the recall should represent the real images should be captured by generated images. Instead of using PR curve, the authors use two values definition as information retrieval metric and claim it is better by showing counterexample in StyleGAN with truncation trick. I think the main contribution is the empirical evaluations on large-scale GANs. They evaluated StyleGAN and BigGAN and show the tradeoff between precision and recall by controlling the truncation trick.
Reviews: Improved Precision and Recall Metric for Assessing Generative Models
This paper proposes a new metric for mode collapse, which is a scalar value that can be read off from previously proposed measure of mode collapse in PacGAN. Precisely, in the mode collapse region, one can read the two points: (i) where the mode collapse region touches vertical axis ( \delta -axis) and (ii) where the mode collapse r region touches \delta 1 line. Each one is exactly the same as P_r(support{P_g}) and P_g(support{P_r}) that defend the proposed scalar valued mode collapse measure. This should be explained precisely in the paper, as (i) PacGAN introduced a proper mathematical notion of mode collapse earlier, (ii) the mode collapse region strictly generalizes the proposed metric (iii) mode collapse regions is the foundation of understanding mode collapse theoretically. A new estimator based on nearest neighbor distances are proposed, with extensive numerical validation of the proposed metric.
Separated Inter/Intra-Modal Fusion Prompts for Compositional Zero-Shot Learning
Compositional Zero-Shot Learning (CZSL) aims to recognize subtle differences in meaning or the combination of states and objects through the use of known and unknown concepts during training. Existing methods either focused on prompt configuration or on using prompts to tune the pre-trained Vision-Language model. However, these methods faced challenges in accurately identifying subtle differences in meaning or combining states with objects. To jointly eradicate the above issues and construct an efficient and effective CZSL technique, we suggest a method to improve attribute recognition performance by utilizing diverse Prompt Learning with an Inter/Intra-Modality Fusion Synthesizer in scene understanding involving subtle semantic differences and multiple objects. NTRODUCTION When encountering a new thing, such as a blue cat, people often attempt to name it despite the challenge of linking "blue" and "cat"' together. Compositional Zero-Shot Learning (CZSL) aims to recognize and distinguish new concepts.
An End-to-End Approach for Korean Wakeword Systems with Speaker Authentication
Wakeword detection plays a critical role in enabling AI assistants to listen to user voices and interact effectively. However, for languages other than English, there is a significant lack of pre-trained wakeword models. Additionally, systems that merely determine the presence of a wakeword can pose serious privacy concerns. In this paper, we propose an end-to-end approach that trains wakewords for Non-English languages, particulary Korean, and uses this to develop a Voice Authentication model to protect user privacy. Our implementation employs an open-source platform OpenWakeWord, which performs wakeword detection using an FCN (Fully-Connected Network) architecture. Once a wakeword is detected, our custom-developed code calculates cosine similarity for robust user authentication. Experimental results demonstrate the effectiveness of our approach, achieving a 16.79% and a 6.6% Equal Error Rate (EER) each in the Wakeword Detection and the Voice Authentication. These findings highlight the model's potential in providing secure and accurate wakeword detection and authentication for Korean users.
Towards Robust Multi-tab Website Fingerprinting
Deng, Xinhao, Zhao, Xiyuan, Yin, Qilei, Liu, Zhuotao, Li, Qi, Xu, Mingwei, Xu, Ke, Wu, Jianping
Website fingerprinting enables an eavesdropper to determine which websites a user is visiting over an encrypted connection. State-of-the-art website fingerprinting (WF) attacks have demonstrated effectiveness even against Tor-protected network traffic. However, existing WF attacks have critical limitations on accurately identifying websites in multi-tab browsing sessions, where the holistic pattern of individual websites is no longer preserved, and the number of tabs opened by a client is unknown a priori. In this paper, we propose ARES, a novel WF framework natively designed for multi-tab WF attacks. ARES formulates the multi-tab attack as a multi-label classification problem and solves it using the novel Transformer-based models. Specifically, ARES extracts local patterns based on multi-level traffic aggregation features and utilizes the improved self-attention mechanism to analyze the correlations between these local patterns, effectively identifying websites. We implement a prototype of ARES and extensively evaluate its effectiveness using our large-scale datasets collected over multiple months. The experimental results illustrate that ARES achieves optimal performance in several realistic scenarios. Further, ARES remains robust even against various WF defenses.
Enhancing Privacy in the Early Detection of Sexual Predators Through Federated Learning and Differential Privacy
Chehbouni, Khaoula, De Cock, Martine, Caporossi, Gilles, Taik, Afaf, Rabbany, Reihaneh, Farnadi, Golnoosh
The increased screen time and isolation caused by the COVID-19 pandemic have led to a significant surge in cases of online grooming, which is the use of strategies by predators to lure children into sexual exploitation. Previous efforts to detect grooming in industry and academia have involved accessing and monitoring private conversations through centrally-trained models or sending private conversations to a global server. In this work, we implement a privacy-preserving pipeline for the early detection of sexual predators. We leverage federated learning and differential privacy in order to create safer online spaces for children while respecting their privacy. We investigate various privacy-preserving implementations and discuss their benefits and shortcomings. Our extensive evaluation using real-world data proves that privacy and utility can coexist with only a slight reduction in utility.
FedCLEAN: byzantine defense by CLustering Errors of Activation maps in Non-IID federated learning environments
Ghali, Mehdi Ben, Bellafqira, Reda, Coatrieux, Gouenou
Federated Learning (FL) enables clients to collaboratively train a global model using their local datasets while reinforcing data privacy. However, FL is susceptible to poisoning attacks. Existing defense mechanisms assume that clients' data are independent and identically distributed (IID), making them ineffective in real-world applications where data are non-IID. This paper presents FedCLEAN, the first defense capable of filtering attackers' model updates in a non-IID FL environment. The originality of FedCLEAN is twofold. First, it relies on a client confidence score derived from the reconstruction errors of each client's model activation maps for a given trigger set, with reconstruction errors obtained by means of a Conditional Variational Autoencoder trained according to a novel server-side strategy. Second, we propose an ad-hoc trust propagation algorithm based on client scores, which allows building a cluster of benign clients while flagging potential attackers. Experimental results on the datasets MNIST and FashionMNIST demonstrate the robustness of FedCLEAN against Byzantine attackers in non-IID scenarios and a close-to-zero benign client misclassification rate, even in the absence of an attack.
A Hybrid Supervised and Self-Supervised Graph Neural Network for Edge-Centric Applications
Borzone, Eugenio, Di Persia, Leandro, Gerard, Matias
This paper presents a novel graph-based deep learning model for tasks involving relations between two nodes (edge-centric tasks), where the focus lies on predicting relationships and interactions between pairs of nodes rather than node properties themselves. This model combines supervised and self-supervised learning, taking into account for the loss function the embeddings learned and patterns with and without ground truth. Additionally it incorporates an attention mechanism that leverages both node and edge features. The architecture, trained end-to-end, comprises two primary components: embedding generation and prediction. First, a graph neural network (GNN) transform raw node features into dense, low-dimensional embeddings, incorporating edge attributes. Then, a feedforward neural model processes the node embeddings to produce the final output. Experiments demonstrate that our model matches or exceeds existing methods for protein-protein interactions prediction and Gene Ontology (GO) terms prediction. The model also performs effectively with one-hot encoding for node features, providing a solution for the previously unsolved problem of predicting similarity between compounds with unknown structures.
Ultralow-dimensionality reduction for identifying critical transitions by spatial-temporal PCA
Chen, Pei, Suo, Yaofang, Liu, Rui, Chen, Luonan
Discovering dominant patterns and exploring dynamic behaviors especially critical state transitions and tipping points in high-dimensional time-series data are challenging tasks in study of real-world complex systems, which demand interpretable data representations to facilitate comprehension of both spatial and temporal information within the original data space. Here, we proposed a general and analytical ultralow-dimensionality reduction method for dynamical systems named spatial-temporal principal component analysis (stPCA) to fully represent the dynamics of a high-dimensional time-series by only a single latent variable without distortion, which transforms high-dimensional spatial information into one-dimensional temporal information based on nonlinear delay-embedding theory. The dynamics of this single variable is analytically solved and theoretically preserves the temporal property of original high-dimensional time-series, thereby accurately and reliably identifying the tipping point before an upcoming critical transition. Its applications to real-world datasets such as individual-specific heterogeneous ICU records demonstrated the effectiveness of stPCA, which quantitatively and robustly provides the early-warning signals of the critical/tipping state on each patient.