to

### Anyone Can Download An Autonomous 'Research Robot' From The Air Force Research Laboratory

Dr. Benji Maruyama is the Air Force Research Laboratory team lead for Autonomous Materials and the ... [ ] Autonomous Research System also known as ARES. ARES OS, an open-source software program, is now available online as a free download. In the fight to prevail over America's adversaries by out-innovating them - a fight which has all the hallmarks of a Cold War despite President Biden's assertions to the contrary - increasing the speed at which physical lab experiments can be done and iterated is vital. Air Force Research Laboratory (AFRL) scientist, Dr. Benji Maruyama, is reminding his peers and the public that, "Research is a painfully slow process. Being in a lab and doing experiments takes lots of time."

### Synthetic Data Does Not Reliably Protect Privacy, Researchers Claim

A new research collaboration between France and the UK casts doubt on growing industry confidence that synthetic data can resolve the privacy, quality and availability issues (among other issues) that threaten progress in the machine learning sector. Among several key points addressed, the authors assert that synthetic data modeled from real data retains enough of the genuine information as to provide no reliable protection from inference and membership attacks, which seek to deanonymize data and re-associate it with actual people. Furthermore, the individuals most at risk from such attacks, including those with critical medical conditions or high hospital bills (in the case of medical record anonymization) are, through the'outlier' nature of their condition, most likely to be re-identified by these techniques. 'Given access to a synthetic dataset, a strategic adversary can infer, with high confidence, the presence of a target record in the original data.' The paper also notes that differentially private synthetic data, which obscures the signature of individual records, does indeed protect individuals' privacy, but only by significantly crippling the usefulness of the information retrieval systems that use it.

### In Artificial Intelligence, 'We Need To Be More Precise': Lt. Gen. O'Brien - Breaking Defense

A soldier wears virtual reality glasses. Illustration created by NIWC Pacific. AFA: Beyond throwing around "artificial intelligence" as a buzzword during briefings, the Air Force needs to communicate more clearly within own its ranks and to industry about what it wants in AI capabilities, a top Air Force intelligence officer said. "I'm in the Pentagon, so I see a lot of PowerPoint presentations, and I see a lot of slides saying'we're going to use some AI'" to solve a problem, Lt. Gen. Mary O'Brien said. "But we need to be more precise. Sometimes we say we want AI, but what we describe to industry is an automation tool, or a visualization tool, or [some technology] without training data."

### Vulnerabilities May Slow Air Force's Adoption of Artificial Intelligence

The Air Force needs to better prepare to defend AI programs and algorithms from adversaries that may seek to corrupt training data, the service's deputy chief of staff for intelligence, surveillance, reconnaissance and cyber effects said Wednesday. "There's an assumption that once we develop the AI, we have the algorithm, we have the training data, it's giving us whatever it is we want it to do, that there's no risk. There's no threat," said Lt. Gen. Mary F. O'Brien, the Air Force's deputy chief of staff for intelligence, surveillance, reconnaissance and cyber effects operations. That assumption could be costly to future operations. Speaking at the Air Force Association's Air, Space and Cyber conference, O'Brien said that while deployed AI is still in its infancy, the Air Force should prepare for the possibility of adversaries using the service's own tools against the United States.

### La veille de la cybersécurité

As researchers and engineers race to develop new artificial intelligence systems for the U.S. military, they must consider how the technology could lead to accidents with catastrophic consequences. In a startling, but fictitious, scenario, analysts at the Center for Security and Emerging Technology -- which is part of Georgetown University's Walsh School of Foreign Service -- lay out a potential doomsday storyline with phantom missile launches. In the scenario, U.S. Strategic Command relies on a new missile defense system's algorithms to detect attacks from adversaries. The system can quickly and autonomously trigger an interceptor to shoot down enemy missiles which might be armed with nuclear warheads. "One day, unusual atmospheric conditions over the Bering Strait create an unusual glare on the horizon," the report imagined.

### Army researchers seek to provide more data to soldiers through two projects

The U.S. Army Research Lab made breakthroughs this summer on two neural networks projects that could assist commanders' decision-making on the battlefield and provide soldiers' health information through fibers in their uniform. The advancements come as the U.S. military is preparing for data-driven battle, in which gobs of data are transmitted across the battlespace, processed and used in a commander's decision-making. Neural networks are a combination of algorithms that work together to recognize patterns in data through a process similar to that of the human brain. The first project is working to provide a tool to battle commanders that quantifies uncertainty in data analysis using neural networks. Researchers associated with the Army Research Lab created a new framework for neural network processing that would use artificial intelligence to provide confidence ratings.

### Aegis: A Trusted, Automatic and Accurate Verification Framework for Vertical Federated Learning

Vertical federated learning (VFL) leverages various privacy-preserving algorithms, e.g., homomorphic encryption or secret sharing based SecureBoost, to ensure data privacy. However, these algorithms all require a semi-honest secure definition, which raises concerns in real-world applications. In this paper, we present Aegis, a trusted, automatic, and accurate verification framework to verify the security of VFL jobs. Aegis is separated from local parties to ensure the security of the framework. Furthermore, it automatically adapts to evolving VFL algorithms by defining the VFL job as a finite state machine to uniformly verify different algorithms and reproduce the entire job to provide more accurate verification. We implement and evaluate Aegis with different threat models on financial and medical datasets. Evaluation results show that: 1) Aegis can detect 95% threat models, and 2) it provides fine-grained verification results within 84% of the total VFL job time.

### Statistically Near-Optimal Hypothesis Selection

Hypothesis Selection is a fundamental distribution learning problem where given a comparator-class $Q=\{q_1,\ldots, q_n\}$ of distributions, and a sampling access to an unknown target distribution $p$, the goal is to output a distribution $q$ such that $\mathsf{TV}(p,q)$ is close to $opt$, where $opt = \min_i\{\mathsf{TV}(p,q_i)\}$ and $\mathsf{TV}(\cdot, \cdot)$ denotes the total-variation distance. Despite the fact that this problem has been studied since the 19th century, its complexity in terms of basic resources, such as number of samples and approximation guarantees, remains unsettled (this is discussed, e.g., in the charming book by Devroye and Lugosi 00). This is in stark contrast with other (younger) learning settings, such as PAC learning, for which these complexities are well understood. We derive an optimal $2$-approximation learning strategy for the Hypothesis Selection problem, outputting $q$ such that $\mathsf{TV}(p,q) \leq2 \cdot opt + \eps$, with a (nearly) optimal sample complexity of~$\tilde O(\log n/\epsilon^2)$. This is the first algorithm that simultaneously achieves the best approximation factor and sample complexity: previously, Bousquet, Kane, and Moran (COLT 19) gave a learner achieving the optimal $2$-approximation, but with an exponentially worse sample complexity of $\tilde O(\sqrt{n}/\epsilon^{2.5})$, and Yatracos~(Annals of Statistics `85) gave a learner with optimal sample complexity of $O(\log n /\epsilon^2)$ but with a sub-optimal approximation factor of $3$.