Pretrained large-scale vision-language models like CLIP have exhibited strong generalization over unseen tasks. Yet imperceptible adversarial perturbations can significantly reduce CLIP's performance on new tasks. In this work, we identify and explore the problem of \emph{adapting large-scale models for zero-shot adversarial robustness}. We first identify two key factors during model adaption -- training losses and adaptation methods -- that affect the model's zero-shot adversarial robustness. We then propose a text-guided contrastive adversarial training loss, which aligns the text embeddings and the adversarial visual features with contrastive learning on a small set of training data. We apply this training loss to two adaption methods, model finetuning and visual prompt tuning. We find that visual prompt tuning is more effective in the absence of texts, while finetuning wins in the existence of text guidance. Overall, our approach significantly improves the zero-shot adversarial robustness over CLIP, seeing an average improvement of over 31 points over ImageNet and 15 zero-shot datasets. We hope this work can shed light on understanding the zero-shot adversarial robustness of large-scale models.

Many visual recognition models are evaluated only on their classification accuracy, a metric for which they obtain strong performance. In this paper, we investigate whether computer vision models can also provide correct rationales for their predictions. We propose a ``doubly right'' object recognition benchmark, where the metric requires the model to simultaneously produce both the right labels as well as the right rationales. We find that state-of-the-art visual models, such as CLIP, often provide incorrect rationales for their categorical predictions. However, by transferring the rationales from language models into visual representations through a tailored dataset, we show that we can learn a ``why prompt,'' which adapts large visual representations to produce correct rationales. Visualizations and empirical experiments show that our prompts significantly improve performance on doubly right object recognition, in addition to zero-shot transfer to unseen tasks and datasets.

Deep networks for computer vision are not reliable when they encounter adversarial examples. In this paper, we introduce a framework that uses the dense intrinsic constraints in natural images to robustify inference. By introducing constraints at inference time, we can shift the burden of robustness from training to the inference algorithm, thereby allowing the model to adjust dynamically to each individual image's unique and potentially novel characteristics at inference time. Among different constraints, we find that equivariance-based constraints are most effective, because they allow dense constraints in the feature space without overly constraining the representation at a fine-grained level. Our theoretical results validate the importance of having such dense constraints at inference time. Our empirical experiments show that restoring feature equivariance at inference time defends against worst-case adversarial perturbations. The method obtains improved adversarial robustness on four datasets (ImageNet, Cityscapes, PASCAL VOC, and MS-COCO) on image recognition, semantic segmentation, and instance segmentation tasks. Project page is available at equi4robust.cs.columbia.edu.

许多机器学习方法通过在推理时反转神经网络来运作，这已成为解决计算机视觉，机器人技术和图形中反向问题的流行技术。但是，这些方法通常涉及高度非凸损失景观的梯度下降，从而导致优化过程不稳定和缓慢。我们介绍了一种学习损失景观的方法，其中梯度下降是有效的，从而为反转过程带来了巨大的改进和加速。我们在许多生成和判别任务的方法上证明了这一优势，包括GAN倒置，对抗防御和3D人类姿势重建。

3D重建是计算机视觉中的一个基本问题，当重建对象被部分或完全遮住时，任务尤其具有挑战性。我们介绍了一种使用未观察到的对象施放的阴影的方法，以推断遮挡背后的3D卷。我们创建一个可区分的图像形成模型，使我们能够共同推断物体的3D形状，其姿势和光源的位置。由于该方法是端到端可区分的，因此我们能够集成对象几何学的学习先验，以生成不同对象类别的现实3D形状。实验和可视化表明该方法能够生成与阴影观察一致的多个可能的解决方案。即使光源和物体姿势的位置都未知，我们的方法也起作用。我们的方法对现实世界的图像也很强，而地面真实的阴影面罩未知。

自动语音识别系统为应用程序创建了激动人心的可能性，但是它们还为系统窃听的机会提供了机会。我们提出了一种方法来伪装一个人的声音，这些系统来自这些系统，而不会对房间里的人之间的谈话不方便。标准对策攻击在实时流动情况下无效，因为信号的特性将在执行攻击时发生变化。我们介绍了预测攻击，通过预测将来最有效的攻击预测攻击来实现实时性能。在实时约束下，我们的方法在通过字错误率通过字错误率测量的基本电咨询器中，我们的方法堵塞了37x的基线，而通过字符错误率测量。我们还展示了我们的方法在物理环境中实际上是在物理距离的现实环境中。

视觉变压器（VIV）被涌现为图像识别的最先进的架构。虽然最近的研究表明，VITS比卷积对应物更强大，但我们的实验发现，VITS过度依赖于局部特征（例如，滋扰和质地），并且不能充分使用全局背景（例如，形状和结构）。因此，VIT不能概括到分销，现实世界数据。为了解决这一缺陷，我们通过添加由矢量量化编码器产生的离散令牌来向Vit的输入层提出简单有效的架构修改。与标准的连续像素令牌不同，离散令牌在小扰动下不变，并且单独包含较少的信息，这促进了VITS学习不变的全局信息。实验结果表明，在七种想象中的鲁棒性基准中增加了四个架构变体上的离散表示，在七个想象中心坚固的基准中加强了高达12％的鲁棒性，同时保持了在想象成上的性能。

As one of the most important psychic stress reactions, micro-expressions (MEs), are spontaneous and transient facial expressions that can reveal the genuine emotions of human beings. Thus, recognizing MEs (MER) automatically is becoming increasingly crucial in the field of affective computing, and provides essential technical support in lie detection, psychological analysis and other areas. However, the lack of abundant ME data seriously restricts the development of cutting-edge data-driven MER models. Despite the recent efforts of several spontaneous ME datasets to alleviate this problem, it is still a tiny amount of work. To solve the problem of ME data hunger, we construct a dynamic spontaneous ME dataset with the largest current ME data scale, called DFME (Dynamic Facial Micro-expressions), which includes 7,526 well-labeled ME videos induced by 671 participants and annotated by more than 20 annotators throughout three years. Afterwards, we adopt four classical spatiotemporal feature learning models on DFME to perform MER experiments to objectively verify the validity of DFME dataset. In addition, we explore different solutions to the class imbalance and key-frame sequence sampling problems in dynamic MER respectively on DFME, so as to provide a valuable reference for future research. The comprehensive experimental results show that our DFME dataset can facilitate the research of automatic MER, and provide a new benchmark for MER. DFME will be published via https://mea-lab-421.github.io.

Cashews are grown by over 3 million smallholders in more than 40 countries worldwide as a principal source of income. As the third largest cashew producer in Africa, Benin has nearly 200,000 smallholder cashew growers contributing 15% of the country's national export earnings. However, a lack of information on where and how cashew trees grow across the country hinders decision-making that could support increased cashew production and poverty alleviation. By leveraging 2.4-m Planet Basemaps and 0.5-m aerial imagery, newly developed deep learning algorithms, and large-scale ground truth datasets, we successfully produced the first national map of cashew in Benin and characterized the expansion of cashew plantations between 2015 and 2021. In particular, we developed a SpatioTemporal Classification with Attention (STCA) model to map the distribution of cashew plantations, which can fully capture texture information from discriminative time steps during a growing season. We further developed a Clustering Augmented Self-supervised Temporal Classification (CASTC) model to distinguish high-density versus low-density cashew plantations by automatic feature extraction and optimized clustering. Results show that the STCA model has an overall accuracy of 80% and the CASTC model achieved an overall accuracy of 77.9%. We found that the cashew area in Benin has doubled from 2015 to 2021 with 60% of new plantation development coming from cropland or fallow land, while encroachment of cashew plantations into protected areas has increased by 70%. Only half of cashew plantations were high-density in 2021, suggesting high potential for intensification. Our study illustrates the power of combining high-resolution remote sensing imagery and state-of-the-art deep learning algorithms to better understand tree crops in the heterogeneous smallholder landscape.

Designing better deep networks and better reinforcement learning (RL) algorithms are both important for deep RL. This work focuses on the former. Previous methods build the network with several modules like CNN, LSTM and Attention. Recent methods combine the Transformer with these modules for better performance. However, it requires tedious optimization skills to train a network composed of mixed modules, making these methods inconvenient to be used in practice. In this paper, we propose to design \emph{pure Transformer-based networks} for deep RL, aiming at providing off-the-shelf backbones for both the online and offline settings. Specifically, the Transformer in Transformer (TIT) backbone is proposed, which cascades two Transformers in a very natural way: the inner one is used to process a single observation, while the outer one is responsible for processing the observation history; combining both is expected to extract spatial-temporal representations for good decision-making. Experiments show that TIT can achieve satisfactory performance in different settings, consistently.