An off-the-shelf model as a commercial service could be stolen by model stealing attacks, posing great threats to the rights of the model owner. Model fingerprinting aims to verify whether a suspect model is stolen from the victim model, which gains more and more attention nowadays. Previous methods always leverage the transferable adversarial examples as the model fingerprint, which is sensitive to adversarial defense or transfer learning scenarios. To address this issue, we consider the pairwise relationship between samples instead and propose a novel yet simple model stealing detection method based on SAmple Correlation (SAC). Specifically, we present SAC-w that selects wrongly classified normal samples as model inputs and calculates the mean correlation among their model outputs. To reduce the training time, we further develop SAC-m that selects CutMix Augmented samples as model inputs, without the need for training the surrogate models or generating adversarial examples. Extensive results validate that SAC successfully defends against various model stealing attacks, even including adversarial training or transfer learning, and detects the stolen models with the best performance in terms of AUC across different datasets and model architectures. The codes are available at https://github.com/guanjiyang/SAC.

Elon Musk's xAI is facing a potential trademark dispute over the name of its chatbot, Grok. The company's trademark application with the US Patent and Trademark Office has been suspended after the agency argued the name could be confused with that of two other companies, AI chipmaker Groq and software provider Grokstream. Now, a third tech startup called Bizly is claiming it owns the rights to "Grok." This isn't the first time Musk has chosen a name for one of his products that other companies say they trademarked first. Last month, Musk's social media platform settled a lawsuit brought by a marketing firm that claimed it owns exclusive rights to the name X. Bizly and xAI appear to have arrived at the name Grok independently.

An off-the-shelf model as a commercial service could be stolen by model stealing attacks, posing great threats to the rights of the model owner. Model fingerprinting aims to verify whether a suspect model is stolen from the victim model, which gains more and more attention nowadays. Previous methods always leverage the transferable adversarial examples as the model fingerprint, which is sensitive to adversarial defense or transfer learning scenarios. To address this issue, we consider the pairwise relationship between samples instead and propose a novel yet simple model stealing detection method based on SAmple Correlation (SAC). Specifically, we present SAC-w that selects wrongly classified normal samples as model inputs and calculates the mean correlation among their model outputs.

Dyna-style off-policy model-based reinforcement learning (DMBRL) algorithms are a family of techniques for generating synthetic state transition data and thereby enhancing the sample efficiency of off-policy RL algorithms. This paper identifies and investigates a surprising performance gap observed when applying DMBRL algorithms across different benchmark environments with proprioceptive observations. We show that, while DMBRL algorithms perform well in OpenAI Gym, their performance can drop significantly in DeepMind Control Suite (DMC), even though these settings offer similar tasks and identical physics backends. Modern techniques designed to address several key issues that arise in these settings do not provide a consistent improvement across all environments, and overall our results show that adding synthetic rollouts to the training process -- the backbone of Dyna-style algorithms -- significantly degrades performance across most DMC environments. Our findings contribute to a deeper understanding of several fundamental challenges in model-based RL and show that, like many optimization fields, there is no free lunch when evaluating performance across diverse benchmarks in RL.

Video Friday is your weekly selection of awesome robotics videos, collected by your Automaton bloggers. We'll also be posting a weekly calendar of upcoming robotics events for the next two months; here's what we have so far (send us your events!): Let us know if you have suggestions for next week, and enjoy today's videos. This video was published on March 31, not April 1, which I assume means that Pepper's fish mode is going to be a real thing: In fact, it's possible that this capability has already been enabled, so feel free to toss your Pepper into the nearest lake and let us know how it goes. Kinema Pick is the world's first Deep Learning 3D Vision system for industrial robots.

Until today, the race to build a self-driving car seemed to hinge on who had the best technology. Now it's become a case of full-blown corporate intrigue. Alphabet's self-driving startup, Waymo, is suing Uber, accusing the ridesharing giant of stealing critical autonomous driving technology. If the suit goes to trial, Apple's legal battle with Samsung could wind up looking tame by comparison. Waymo alleges that Anthony Levandovski, a former Google employee now at Uber, secretly downloaded 14,000 files from its hardware systems, resigned a month later, and then used the information to launch a self-driving truck startup called Otto.

Billions of dollars are being poured into building sophisticated artificial intelligence algorithms. But they could all be snatched away if even a tiny door is left open. Researchers have shown that given access to only an API, a way to remotely use software without having it on your computer, it's possible to reverse-engineer machine learning algorithms with up to 99% accuracy. In the real world, this would mean being able to steal AI products from companies like Microsoft and IBM, and use them for free. Small companies built around a single machine learning API could lose any competitive advantage.

Even if your career survived offshoring and the Great Recession, now's not the time to get complacent: a report from the World Economic Forum predicts that automation and artificial intelligence (A.I.) could eliminate as many as 47 percent of jobs in the U.S. in coming years. Martin Ford, a software developer, entrepreneur and author of "Rise of the Robots," is one of the Paul Revere-esque prophets sounding the alarm about a jobless future. "There's a huge number of jobs at risk, even highly-skilled jobs," Ford said. "We're going to feel the effects within five years, and we'll be fully into the age of A.I. in 10 to 15 years." While there's no "magic bullet" that will protect every human job, taking these proactive steps can better position you and your career to survive a takeover by the machines.