Out-of-distribution (OOD) detection has attracted a large amount of attention from the machine learning research community in recent years due to its importance in deployed systems. Most of the previous studies focused on the detection of OOD samples in the multi-class classification task. However, OOD detection in the multi-label classification task remains an underexplored domain. In this research, we propose YolOOD - a method that utilizes concepts from the object detection domain to perform OOD detection in the multi-label classification task. Object detection models have an inherent ability to distinguish between objects of interest (in-distribution) and irrelevant objects (e.g., OOD objects) on images that contain multiple objects from different categories. These abilities allow us to convert a regular object detection model into an image classifier with inherent OOD detection capabilities with just minor changes. We compare our approach to state-of-the-art OOD detection methods and demonstrate YolOOD's ability to outperform these methods on a comprehensive suite of in-distribution and OOD benchmark datasets.

许多具有挑战性的现实世界问题需要部署合奏多个互补学习模型，以达到可接受的绩效水平。虽然有效，但将整个合奏应用于每个样本都是昂贵且通常不必要的。深钢筋学习（DRL）提供了一种具有成本效益的替代方案，其中检测器是根据其前辈的输出动态选择的，其实用性加权其计算成本。尽管它们具有潜力，但基于DRL的解决方案并未在这种能力中广泛使用，部分原因是在为每个新任务配置奖励功能，DRL代理对数据变化的不可预测反应以及无法使用常见的反应的困难。性能指标（例如TPR/FPR）指导该算法的性能。在这项研究中，我们提出了用于微调和校准基于DRL的策略的方法，以便它们可以满足多个绩效目标。此外，我们提出了一种将有效的安全策略从一个数据集传输到另一个数据集的方法。最后，我们证明我们的方法对对抗性攻击非常强大。

在过去的几年中，对针对基于学习的对象探测器的对抗性攻击进行了广泛的研究。提出的大多数攻击都针对模型的完整性（即导致模型做出了错误的预测），而针对模型可用性的对抗性攻击，这是安全关键领域（例如自动驾驶）的关键方面，尚未探索。机器学习研究社区。在本文中，我们提出了一种新颖的攻击，对端到端对象检测管道的决策潜伏期产生负面影响。我们制作了一种通用的对抗扰动（UAP），该扰动（UAP）针对了许多对象检测器管道中的广泛使用的技术 - 非最大抑制（NMS）。我们的实验证明了拟议的UAP通过添加“幻影”对象来增加单个帧的处理时间的能力，该对象在保留原始对象的检测时（允许攻击时间更长的时间内未检测到）。

基于深度学习的面部识别（FR）模型在过去几年中表现出最先进的性能，即使在佩戴防护医疗面罩时，面膜在Covid-19大流行期间变得普遍。鉴于这些模型的出色表现，机器学习研究界已经表明对挑战其稳健性越来越令人兴趣。最初，研究人员在数字域中呈现了对抗性攻击，后来将攻击转移到物理领域。然而，在许多情况下，物理领域的攻击是显眼的，例如，需要在脸上放置贴纸，因此可能会在真实环境中引起怀疑（例如，机场）。在本文中，我们提出了对伪装在面部面罩的最先进的FR模型的身体对抗性掩模，以仔细制作的图案的形式施加在面部面具上。在我们的实验中，我们检查了我们的对抗掩码对广泛的FR模型架构和数据集的可转移性。此外，我们通过在织物医疗面罩上印刷对抗性模式来验证了我们的对抗性面膜效果，使FR系统仅识别穿面膜的3.34％的参与者（相比最低83.34％其他评估的面具）。

由于表现出不公平行为，基于深度学习的面部识别系统经历了增加的媒体关注。大型企业，如IBM，后果关闭了他们的面部识别和年龄预测系统。年龄预测是一个特别困难的应用程序，其公平仍然存在开放的研究问题（例如，预测不同种族的年龄同样准确）。年龄预测方法中不公平行为的主要原因之一在于培训数据的分配和多样性。在这项工作中，我们提出了两种用于数据集策策和数据增强的新方法，以通过平衡特征策策来提高公平，并通过分布意识增强增加多样性。为此，我们向面部识别域引入分发检测，用于选择与年龄，种族和性别之间的数据之间与深度神经网络（DNN）任务最相关的数据。我们的方法显示了有希望的结果。我们经过最佳训练的DNN模型在公平程度上表现优于4.92倍，并提高了DNN概括了亚马逊AWS和微软澳大利亚公共云系统的能力，分别将占据了31.88％和10.95％。

Machine learning (ML) models can leak information about users, and differential privacy (DP) provides a rigorous way to bound that leakage under a given budget. This DP budget can be regarded as a new type of compute resource in workloads of multiple ML models training on user data. Once it is used, the DP budget is forever consumed. Therefore, it is crucial to allocate it most efficiently to train as many models as possible. This paper presents the scheduler for privacy that optimizes for efficiency. We formulate privacy scheduling as a new type of multidimensional knapsack problem, called privacy knapsack, which maximizes DP budget efficiency. We show that privacy knapsack is NP-hard, hence practical algorithms are necessarily approximate. We develop an approximation algorithm for privacy knapsack, DPK, and evaluate it on microbenchmarks and on a new, synthetic private-ML workload we developed from the Alibaba ML cluster trace. We show that DPK: (1) often approaches the efficiency-optimal schedule, (2) consistently schedules more tasks compared to a state-of-the-art privacy scheduling algorithm that focused on fairness (1.3-1.7x in Alibaba, 1.0-2.6x in microbenchmarks), but (3) sacrifices some level of fairness for efficiency. Therefore, using DPK, DP ML operators should be able to train more models on the same amount of user data while offering the same privacy guarantee to their users.

We consider a long-term average profit maximizing admission control problem in an M/M/1 queuing system with a known arrival rate but an unknown service rate. With a fixed reward collected upon service completion and a cost per unit of time enforced on customers waiting in the queue, a dispatcher decides upon arrivals whether to admit the arriving customer or not based on the full history of observations of the queue-length of the system. \cite[Econometrica]{Naor} showed that if all the parameters of the model are known, then it is optimal to use a static threshold policy - admit if the queue-length is less than a predetermined threshold and otherwise not. We propose a learning-based dispatching algorithm and characterize its regret with respect to optimal dispatch policies for the full information model of \cite{Naor}. We show that the algorithm achieves an $O(1)$ regret when all optimal thresholds with full information are non-zero, and achieves an $O(\ln^{3+\epsilon}(N))$ regret in the case that an optimal threshold with full information is $0$ (i.e., an optimal policy is to reject all arrivals), where $N$ is the number of arrivals and $\epsilon>0$.

We present the UC$^3$RL algorithm for regret minimization in Stochastic Contextual MDPs (CMDPs). The algorithm operates under the minimal assumptions of realizable function class, and access to offline least squares and log loss regression oracles. Our algorithm is efficient (assuming efficient offline regression oracles) and enjoys an $\widetilde{O}(H^3 \sqrt{T |S| |A|(\log (|\mathcal{F}|/\delta) + \log (|\mathcal{P}|/ \delta) )})$ regret guarantee, with $T$ being the number of episodes, $S$ the state space, $A$ the action space, $H$ the horizon, and $\mathcal{P}$ and $\mathcal{F}$ are finite function classes, used to approximate the context-dependent dynamics and rewards, respectively. To the best of our knowledge, our algorithm is the first efficient and rate-optimal regret minimization algorithm for CMDPs, which operates under the general offline function approximation setting.

我们研究保形预测的鲁棒性，这是标记噪声的不确定性定量的强大工具。我们的分析解决了回归和分类问题，表征了何时以及如何构建正确覆盖未观察到的无噪音地面真相标签的不确定性集。通过风格化的理论示例和实际实验，我们认为天真的保形预测涵盖了无噪声的地面真相标签，除非噪声分布是对手设计的。这使我们相信，除了病理数据分布或噪声源外，对标签噪声的纠正是不必要的。在这种情况下，我们还可以在保形预测算法中校正有界大小的噪声，以确保在没有得分或数据规律性的情况下正确覆盖地面真相标签。

尽管已经提出了有效的体系结构和大量用于端到端图像分类任务的增强，并进行了大量研究，但针对音频分类的最新技术仍然依赖于音频信号的众多表示，以及大型体系结构，罚款，罚款 - 从大型数据集中调整。通过利用音频和新颖音频增强的继承的轻质性质，我们能够提出具有强大概括能力的有效端到端网络。在各种声音分类集的实验中，通过在各种环境中实现最先进的结果来证明我们方法的有效性和鲁棒性。公共代码可在：\ href {https://github.com/alibaba-miil/audioclassfication} {此http url} {