Supervised learning methods trained with maximum likelihood objectives often overfit on training data. Most regularizers that prevent overfitting look to increase confidence on additional examples (e.g., data augmentation, adversarial training), or reduce it on training data (e.g., label smoothing). In this work we propose a complementary regularization strategy that reduces confidence on self-generated examples. The method, which we call RCAD (Reducing Confidence along Adversarial Directions), aims to reduce confidence on out-of-distribution examples lying along directions adversarially chosen to increase training loss. In contrast to adversarial training, RCAD does not try to robustify the model to output the original label, but rather regularizes it to have reduced confidence on points generated using much larger perturbations than in conventional adversarial training. RCAD can be easily integrated into training pipelines with a few lines of code. Despite its simplicity, we find on many classification benchmarks that RCAD can be added to existing techniques (e.g., label smoothing, MixUp training) to increase test accuracy by 1-3% in absolute value, with more significant gains in the low data regime. We also provide a theoretical analysis that helps to explain these benefits in simplified settings, showing that RCAD can provably help the model unlearn spurious features in the training data.

Hundreds of defenses have been proposed to make deep neural networks robust against minimal (adversarial) input perturbations. However, only a handful of these defenses held up their claims because correctly evaluating robustness is extremely challenging: Weak attacks often fail to find adversarial examples even if they unknowingly exist, thereby making a vulnerable network look robust. In this paper, we propose a test to identify weak attacks and, thus, weak defense evaluations. Our test slightly modifies a neural network to guarantee the existence of an adversarial example for every sample. Consequentially, any correct attack must succeed in breaking this modified network. For eleven out of thirteen previously-published defenses, the original evaluation of the defense fails our test, while stronger attacks that break these defenses pass it. We hope that attack unit tests - such as ours - will be a major component in future robustness evaluations and increase confidence in an empirical field that is currently riddled with skepticism.

The authors show that deep networks with hand-crafted structure inspired from IHT can solve sparse recovery problems, in particular with coherent dictionaries and adversarial RIP constants.

The problem of f-divergence estimation is important in the fields of machine learning, information theory, and statistics. While several divergence estimators exist, relatively few have known convergence properties. In particular, even for those estimators whose MSE convergence rates are known, the asymptotic distributions are unknown. We establish the asymptotic normality of a recently proposed ensemble estimator of f-divergence between two distributions from a finite number of samples. This estimator has MSE convergence rate of O(1/T), is simple to implement, and performs well in high dimensions. This theory enables us to perform divergence-based inference tasks such as testing equality of pairs of distributions based on empirical samples. We experimentally validate our theoretical results and, as an illustration, use them to empirically bound the best achievable classification error.

While most machine learning models can provide confidence in their predictions, confidence is insufficient to understand a prediction's reliability. For instance, the model may have a low confidence prediction if the input is not well-represented in the training dataset or if the input is inherently ambiguous. In this work, we investigate the relationship between how atypical (rare) a sample or a class is and the reliability of a model's predictions. We first demonstrate that atypicality is strongly related to miscalibration and accuracy. In particular, we empirically show that predictions for atypical inputs or atypical classes are more overconfident and have lower accuracy.

We report part of the design experience gained in X-Media, a system for knowledge management and sharing. Consolidated techniques of interaction design (scenario-based design) had to be revisited to capture the richness and complexity of intelligent interactive systems. We show that the design of intelligent systems requires methodologies (faceted scenarios) that support the investigation of intelligent features and usability factors simultaneously. Interaction designers become mediators between intelligent technology and users and have to facilitate reciprocal understanding. However, which design process should be followed to achieve such success is not clear: is a user-centered system design process enough, or should a new practice be developed to address the specificity of systems able to take autonomous decisions? From the very beginning it was clear that a participatory approach with both users and technologists discussing and contributing to the system design was not an easy goal: ambiguity in terminology and gaps in understanding could not be easily overcome. A new role had to be devised, that of a mediator that moves between the two parties, facilitates the communication, and helps each group see the potential in what the other has to offer. A number of tools to facilitate the mediation and preserve the original intended meaning (so as to avoid "translation mistakes" while moving from one group to the other) were devised. Mediating between the parties meant an increase in the number of design iterations, as, for example, discussing with users a potential solution generated new ideas for additional intelligent features that had to be discussed with the AI experts and then validated with users. The rest of this article presents and discusses this experience in more detail.

We present a deployed AI system, Calvin, for cosmogenic isotope dating, a domain that is fraught with these difficult issues. Calvin solves these problems using an argumentation framework and a system of confidence that uses twodimensional vectors to express the quality of heuristics and the applicability of evidence. The arguments it produces are strikingly similar to published expert arguments. Calvin is in daily use by isotope dating experts. An automated tool can do boring and repetitive reasoning, freeing experts to do more difficult and creative work.

Psychological research has revealed that human performance in the face of uncertainty is spotty at best. Moreover, both novices and experts are subject to these kinds of inaccuracies and errors. This poor report card should be particularly distressing to knowledge engineers (KEs) who are confronted with the dilemma that no matter how uncertain knowledge is represented in an expert system, it is suspect if acquired from a human, even a human expert. Those who are trying to automate knowledge acquisition by building intelligent interfaces to knowledge engineering tools cannot be comforted by this news. Their interfaces would have to contain sophisticated and as yet unspecified metaknowledge about these particular human frailties in order to overcome the problem.

The ability to map the state of an object into a category languages is transforming AI theories into symbolic strucin a classification hierarchy has long been an important tures. This pattern can be seen in knowledge representapart of many fields, for example, biology and medicine. Gordon and Shortliffe, 1985), and has been especially concerned with applying classification to diagnostic problems. One of the problems in classification is that the relationship between observable evidence and categories is often ambiguous. A piece of evidence can be associated with several categories or can occur with a category in an irregular fashion.

IBM Research undertook a challenge to build a computer system that could compete at the human champion level in real time on the American TV quiz show, Jeopardy. The extent of the challenge includes fielding a real-time automatic contestant on the show, not merely a laboratory exercise. The Jeopardy Challenge helped us address requirements that led to the design of the DeepQA architecture and the implementation of Watson. After three years of intense research and development by a core team of about 20 researchers, Watson is performing at human expert levels in terms of precision, confidence, and speed at the Jeopardy quiz show. Our results strongly suggest that DeepQA is an effective and extensible architecture that can be used as a foundation for combining, deploying, evaluating, and advancing a wide range of algorithmic techniques to rapidly advance the field of question answering (QA).