hyperparam
Effective Backdoor Mitigation Depends on the Pre-training Objective
Verma, Sahil, Bhatt, Gantavya, Schwarzschild, Avi, Singhal, Soumye, Das, Arnav Mohanty, Shah, Chirag, Dickerson, John P, Bilmes, Jeff
Despite the advanced capabilities of contemporary machine learning (ML) models, they remain vulnerable to adversarial and backdoor attacks. This vulnerability is particularly concerning in real-world deployments, where compromised models may exhibit unpredictable behavior in critical scenarios. Such risks are heightened by the prevalent practice of collecting massive, internet-sourced datasets for pre-training multimodal models, as these datasets may harbor backdoors. Various techniques have been proposed to mitigate the effects of backdooring in these models such as CleanCLIP which is the current state-of-the-art approach. In this work, we demonstrate that the efficacy of CleanCLIP in mitigating backdoors is highly dependent on the particular objective used during model pre-training. We observe that stronger pre-training objectives correlate with harder to remove backdoors behaviors. We show this by training multimodal models on two large datasets consisting of 3 million (CC3M) and 6 million (CC6M) datapoints, under various pre-training objectives, followed by poison removal using CleanCLIP. We find that CleanCLIP is ineffective when stronger pre-training objectives are used, even with extensive hyperparameter tuning. Our findings underscore critical considerations for ML practitioners who pre-train models using large-scale web-curated data and are concerned about potential backdoor threats. Notably, our results suggest that simpler pre-training objectives are more amenable to effective backdoor removal. This insight is pivotal for practitioners seeking to balance the trade-offs between using stronger pre-training objectives and security against backdoor attacks.
Kani: A Lightweight and Highly Hackable Framework for Building Language Model Applications
Zhu, Andrew, Dugan, Liam, Hwang, Alyssa, Callison-Burch, Chris
Language model applications are becoming increasingly popular and complex, often including features like tool usage and retrieval augmentation. However, existing frameworks for such applications are often opinionated, deciding for developers how their prompts ought to be formatted and imposing limitations on customizability and reproducibility. To solve this we present Kani: a lightweight, flexible, and model-agnostic open-source framework for building language model applications. Kani helps developers implement a variety of complex features by supporting the core building blocks of chat interaction: model interfacing, chat management, and robust function calling. All Kani core functions are easily overridable and well documented to empower developers to customize functionality for their own needs. Kani thus serves as a useful tool for researchers, hobbyists, and industry professionals alike to accelerate their development while retaining interoperability and fine-grained control.
Bridging the Imitation Gap by Adaptive Insubordination
Weihs, Luca, Jain, Unnat, Salvador, Jordi, Lazebnik, Svetlana, Kembhavi, Aniruddha, Schwing, Alexander
Why do agents often obtain better reinforcement learning policies when imitating a worse expert? We show that privileged information used by the expert is marginalized in the learned agent policy, resulting in an "imitation gap." Prior work bridges this gap via a progression from imitation learning to reinforcement learning. While often successful, gradual progression fails for tasks that require frequent switches between exploration and memorization skills. To better address these tasks and alleviate the imitation gap we propose 'Adaptive Insubordination' (ADVISOR), which dynamically reweights imitation and reward-based reinforcement learning losses during training, enabling switching between imitation and exploration. On a suite of challenging tasks, we show that ADVISOR outperforms pure imitation, pure reinforcement learning, as well as sequential combinations of these approaches.
r/MachineLearning - [D] What is the best way to search for a learning rate schedule?
In general, the hyperparams are related - if you perturb one hyperparam, you need to perturb some other hyperparams also to get satisfactory results. Some people do a random search on their hyperparam grid but if one hyperparam is very sensitive to changes in the other hyperparams, then the search will be more difficult. Personally, I've had OK results using Cyclic Learning Rate together with batchnorm and only have 3 values for the max-learning-rate hyperparam in my hyperparam grid. However, you probably won't find many papers on CLR because its efficacy and the details of the right way to use it is probably quite problem-specific and there's very little theory behind it even by deep-learning standards.
Our NIPS 2017: Learning to Run approach – ML Review – Medium
For 3 months, from July to 13 November (sometimes with long breaks though), me and my friend Piotr Jarosik participated in the NIPS 2017: Learning to Run competition. In this post we will describe how it went. We release the full source code. Competitors were given a model of a human skeleton and OpenSim simulator. The task was to write a program that activates legs muscles in order to maximize the number of meters passed in 1000 timesteps. A typical program will read the initial observation and output an action, activating some muscles. The simulator will update its state and give us the observation for the next timestep a reward (distance passed) for the previous timestep.