Machine learning (ML) models can leak information about users, and differential privacy (DP) provides a rigorous way to bound that leakage under a given budget. This DP budget can be regarded as a new type of compute resource in workloads of multiple ML models training on user data. Once it is used, the DP budget is forever consumed. Therefore, it is crucial to allocate it most efficiently to train as many models as possible. This paper presents the scheduler for privacy that optimizes for efficiency. We formulate privacy scheduling as a new type of multidimensional knapsack problem, called privacy knapsack, which maximizes DP budget efficiency. We show that privacy knapsack is NP-hard, hence practical algorithms are necessarily approximate. We develop an approximation algorithm for privacy knapsack, DPK, and evaluate it on microbenchmarks and on a new, synthetic private-ML workload we developed from the Alibaba ML cluster trace. We show that DPK: (1) often approaches the efficiency-optimal schedule, (2) consistently schedules more tasks compared to a state-of-the-art privacy scheduling algorithm that focused on fairness (1.3-1.7x in Alibaba, 1.0-2.6x in microbenchmarks), but (3) sacrifices some level of fairness for efficiency. Therefore, using DPK, DP ML operators should be able to train more models on the same amount of user data while offering the same privacy guarantee to their users.

丹尼德缩放结束和摩尔法的放缓使能量使用数据中心在不可持续的道路上。数据中心已经是全球电力使用的大部分，应用需求以快速缩放。我们认为，数据中心计算的碳强度的大幅减少可以通过以软件为中心的方法来实现：通过修改系统API，通过修改系统API来使应用程序开发人员可见的能量和碳，使其成为可能进行知情的贸易性能和碳排放之间，并通过提高应用程序编程水平，以便灵活地使用更节能的计算和存储方法。我们还为系统软件奠定了一个研究议程，以减少数据中心计算的碳足迹。

We consider a long-term average profit maximizing admission control problem in an M/M/1 queuing system with a known arrival rate but an unknown service rate. With a fixed reward collected upon service completion and a cost per unit of time enforced on customers waiting in the queue, a dispatcher decides upon arrivals whether to admit the arriving customer or not based on the full history of observations of the queue-length of the system. \cite[Econometrica]{Naor} showed that if all the parameters of the model are known, then it is optimal to use a static threshold policy - admit if the queue-length is less than a predetermined threshold and otherwise not. We propose a learning-based dispatching algorithm and characterize its regret with respect to optimal dispatch policies for the full information model of \cite{Naor}. We show that the algorithm achieves an $O(1)$ regret when all optimal thresholds with full information are non-zero, and achieves an $O(\ln^{3+\epsilon}(N))$ regret in the case that an optimal threshold with full information is $0$ (i.e., an optimal policy is to reject all arrivals), where $N$ is the number of arrivals and $\epsilon>0$.

Out-of-distribution (OOD) detection has attracted a large amount of attention from the machine learning research community in recent years due to its importance in deployed systems. Most of the previous studies focused on the detection of OOD samples in the multi-class classification task. However, OOD detection in the multi-label classification task remains an underexplored domain. In this research, we propose YolOOD - a method that utilizes concepts from the object detection domain to perform OOD detection in the multi-label classification task. Object detection models have an inherent ability to distinguish between objects of interest (in-distribution) and irrelevant objects (e.g., OOD objects) on images that contain multiple objects from different categories. These abilities allow us to convert a regular object detection model into an image classifier with inherent OOD detection capabilities with just minor changes. We compare our approach to state-of-the-art OOD detection methods and demonstrate YolOOD's ability to outperform these methods on a comprehensive suite of in-distribution and OOD benchmark datasets.

We present the UC$^3$RL algorithm for regret minimization in Stochastic Contextual MDPs (CMDPs). The algorithm operates under the minimal assumptions of realizable function class, and access to offline least squares and log loss regression oracles. Our algorithm is efficient (assuming efficient offline regression oracles) and enjoys an $\widetilde{O}(H^3 \sqrt{T |S| |A|(\log (|\mathcal{F}|/\delta) + \log (|\mathcal{P}|/ \delta) )})$ regret guarantee, with $T$ being the number of episodes, $S$ the state space, $A$ the action space, $H$ the horizon, and $\mathcal{P}$ and $\mathcal{F}$ are finite function classes, used to approximate the context-dependent dynamics and rewards, respectively. To the best of our knowledge, our algorithm is the first efficient and rate-optimal regret minimization algorithm for CMDPs, which operates under the general offline function approximation setting.

我们研究保形预测的鲁棒性，这是标记噪声的不确定性定量的强大工具。我们的分析解决了回归和分类问题，表征了何时以及如何构建正确覆盖未观察到的无噪音地面真相标签的不确定性集。通过风格化的理论示例和实际实验，我们认为天真的保形预测涵盖了无噪声的地面真相标签，除非噪声分布是对手设计的。这使我们相信，除了病理数据分布或噪声源外，对标签噪声的纠正是不必要的。在这种情况下，我们还可以在保形预测算法中校正有界大小的噪声，以确保在没有得分或数据规律性的情况下正确覆盖地面真相标签。

许多具有挑战性的现实世界问题需要部署合奏多个互补学习模型，以达到可接受的绩效水平。虽然有效，但将整个合奏应用于每个样本都是昂贵且通常不必要的。深钢筋学习（DRL）提供了一种具有成本效益的替代方案，其中检测器是根据其前辈的输出动态选择的，其实用性加权其计算成本。尽管它们具有潜力，但基于DRL的解决方案并未在这种能力中广泛使用，部分原因是在为每个新任务配置奖励功能，DRL代理对数据变化的不可预测反应以及无法使用常见的反应的困难。性能指标（例如TPR/FPR）指导该算法的性能。在这项研究中，我们提出了用于微调和校准基于DRL的策略的方法，以便它们可以满足多个绩效目标。此外，我们提出了一种将有效的安全策略从一个数据集传输到另一个数据集的方法。最后，我们证明我们的方法对对抗性攻击非常强大。

在过去的几年中，对针对基于学习的对象探测器的对抗性攻击进行了广泛的研究。提出的大多数攻击都针对模型的完整性（即导致模型做出了错误的预测），而针对模型可用性的对抗性攻击，这是安全关键领域（例如自动驾驶）的关键方面，尚未探索。机器学习研究社区。在本文中，我们提出了一种新颖的攻击，对端到端对象检测管道的决策潜伏期产生负面影响。我们制作了一种通用的对抗扰动（UAP），该扰动（UAP）针对了许多对象检测器管道中的广泛使用的技术 - 非最大抑制（NMS）。我们的实验证明了拟议的UAP通过添加“幻影”对象来增加单个帧的处理时间的能力，该对象在保留原始对象的检测时（允许攻击时间更长的时间内未检测到）。

尽管已经提出了有效的体系结构和大量用于端到端图像分类任务的增强，并进行了大量研究，但针对音频分类的最新技术仍然依赖于音频信号的众多表示，以及大型体系结构，罚款，罚款 - 从大型数据集中调整。通过利用音频和新颖音频增强的继承的轻质性质，我们能够提出具有强大概括能力的有效端到端网络。在各种声音分类集的实验中，通过在各种环境中实现最先进的结果来证明我们方法的有效性和鲁棒性。公共代码可在：\ href {https://github.com/alibaba-miil/audioclassfication} {此http url} {

我们考虑在随机凸成本和状态和成本函数的全部反馈下控制未知线性动力学系统的问题。我们提出了一种计算高效的算法，该算法与最佳的稳定线性控制器相比，该算法达到了最佳的$ \ sqrt {t} $遗憾。与以前的工作相反，我们的算法基于面对不确定性范式的乐观情绪。这导致了大大改善的计算复杂性和更简单的分析。