As language models (LMs) scale, they develop many novel behaviors, good and bad, exacerbating the need to evaluate how they behave. Prior work creates evaluations with crowdwork (which is time-consuming and expensive) or existing data sources (which are not always available). Here, we automatically generate evaluations with LMs. We explore approaches with varying amounts of human effort, from instructing LMs to write yes/no questions to making complex Winogender schemas with multiple stages of LM-based generation and filtering. Crowdworkers rate the examples as highly relevant and agree with 90-100% of labels, sometimes more so than corresponding human-written datasets. We generate 154 datasets and discover new cases of inverse scaling where LMs get worse with size. Larger LMs repeat back a dialog user's preferred answer ("sycophancy") and express greater desire to pursue concerning goals like resource acquisition and goal preservation. We also find some of the first examples of inverse scaling in RL from Human Feedback (RLHF), where more RLHF makes LMs worse. For example, RLHF makes LMs express stronger political views (on gun rights and immigration) and a greater desire to avoid shut down. Overall, LM-written evaluations are high-quality and let us quickly discover many novel LM behaviors.

Federated learning has been predominantly concerned with collaborative training of deep networks from scratch, and especially the many challenges that arise, such as communication cost, robustness to heterogeneous data, and support for diverse device capabilities. However, there is no unified framework that addresses all these problems together. This paper studies the challenges and opportunities of exploiting pre-trained Transformer models in FL. In particular, we propose to efficiently adapt such pre-trained models by injecting a novel attention-based adapter module at each transformer block that both modulates the forward pass and makes an early prediction. Training only the lightweight adapter by FL leads to fast and communication-efficient learning even in the presence of heterogeneous data and devices. Extensive experiments on standard FL benchmarks, including CIFAR-100, FEMNIST and SpeechCommandsv2 demonstrate that this simple framework provides fast and accurate FL while supporting heterogenous device capabilities, efficient personalization, and scalable-cost anytime inference.

Differentially private deep learning has recently witnessed advances in computational efficiency and privacy-utility trade-off. We explore whether further improvements along the two axes are possible and provide affirmative answers leveraging two instantiations of \emph{group-wise clipping}. To reduce the compute time overhead of private learning, we show that \emph{per-layer clipping}, where the gradient of each neural network layer is clipped separately, allows clipping to be performed in conjunction with backpropagation in differentially private optimization. This results in private learning that is as memory-efficient and almost as fast per training update as non-private learning for many workflows of interest. While per-layer clipping with constant thresholds tends to underperform standard flat clipping, per-layer clipping with adaptive thresholds matches or outperforms flat clipping under given training epoch constraints, hence attaining similar or better task performance within less wall time. To explore the limits of scaling (pretrained) models in differentially private deep learning, we privately fine-tune the 175 billion-parameter GPT-3. We bypass scaling challenges associated with clipping gradients that are distributed across multiple devices with \emph{per-device clipping} that clips the gradient of each model piece separately on its host device. Privately fine-tuning GPT-3 with per-device clipping achieves a task performance at $\epsilon=1$ better than what is attainable by non-privately fine-tuning the largest GPT-2 on a summarization task.

In recent years, semi-supervised graph learning with data augmentation (DA) is currently the most commonly used and best-performing method to enhance model robustness in sparse scenarios with few labeled samples. Differing from homogeneous graph, DA in heterogeneous graph has greater challenges: heterogeneity of information requires DA strategies to effectively handle heterogeneous relations, which considers the information contribution of different types of neighbors and edges to the target nodes. Furthermore, over-squashing of information is caused by the negative curvature that formed by the non-uniformity distribution and strong clustering in complex graph. To address these challenges, this paper presents a novel method named Semi-Supervised Heterogeneous Graph Learning with Multi-level Data Augmentation (HG-MDA). For the problem of heterogeneity of information in DA, node and topology augmentation strategies are proposed for the characteristics of heterogeneous graph. And meta-relation-based attention is applied as one of the indexes for selecting augmented nodes and edges. For the problem of over-squashing of information, triangle based edge adding and removing are designed to alleviate the negative curvature and bring the gain of topology. Finally, the loss function consists of the cross-entropy loss for labeled data and the consistency regularization for unlabeled data. In order to effectively fuse the prediction results of various DA strategies, the sharpening is used. Existing experiments on public datasets, i.e., ACM, DBLP, OGB, and industry dataset MB show that HG-MDA outperforms current SOTA models. Additionly, HG-MDA is applied to user identification in internet finance scenarios, helping the business to add 30% key users, and increase loans and balances by 3.6%, 11.1%, and 9.8%.

对于工业规模的广告系统，对广告点击率（CTR）的预测是一个核心问题。广告点击构成了一类重要的用户参与，通常用作广告对用户有用的主要信号。此外，在每次点击收费的广告系统中，单击费用期望值直接输入价值估计。因此，对于大多数互联网广告公司而言，CTR模型开发是一项重大投资。此类问题的工程需要许多适合在线学习的机器学习（ML）技术，这些技术远远超出了传统的准确性改进，尤其是有关效率，可重复性，校准，信用归因。我们介绍了Google搜索广告CTR模型中部署的实用技术的案例研究。本文提供了一项行业案例研究，该研究强调了当前的ML研究的重要领域，并说明了如何评估有影响力的新ML方法并在大型工业环境中有用。

机器学习构成了严重的隐私问题，因为这表明学识渊博的模型可以揭示有关其培训数据的敏感信息。许多作品已经调查了广泛补习的数据增强（DA）和对抗性培训（AT）技术的影响，这些技术在论文中称为数据增强对机器学习模型的隐私泄漏的影响。这种隐私效应通常是通过成员推理攻击（MIA）来衡量的，旨在确定特定例子是否属于培训集。我们建议从称为记忆的新角度调查隐私。通过记忆的镜头，我们发现先前部署的MIA会产生误导性结果，因为与具有低隐私风险的样本相比，它们不太可能将具有较高隐私风险的样本识别为较高的隐私风险样本。为了解决这个问题，我们部署了最近的攻击，该攻击可以捕获单个样本的记忆度以进行评估。通过广泛的实验，我们提出了关于机器学习模型的三个重要属性（包括隐私，泛化差距和对抗性鲁棒性）之间连接的非平凡发现。我们证明，与现有结果不同，概括差距与隐私泄漏没有高度关联。此外，更强的对抗性鲁棒性并不一定意味着该模型更容易受到隐私攻击的影响。

现有的视频域改编（DA）方法需要存储视频帧的所有时间组合或配对源和目标视频，这些视频和目标视频成本昂贵，无法扩展到长时间的视频。为了解决这些局限性，我们建议采用以下记忆高效的基于图形的视频DA方法。首先，我们的方法模型每个源或目标视频通过图：节点表示视频帧和边缘表示帧之间的时间或视觉相似性关系。我们使用图形注意力网络来了解单个帧的重量，并同时将源和目标视频对齐到域不变的图形特征空间中。我们的方法没有存储大量的子视频，而是仅构建一个图形，其中一个视频的图形注意机制，从而大大降低了内存成本。广泛的实验表明，与最先进的方法相比，我们在降低内存成本的同时取得了卓越的性能。

通过最大似然估计（MLE）训练的文本生成模型遭受了臭名昭著的暴露偏见问题，而生成的对抗网络（GAN）被证明具有解决方案的潜力。现有的语言gans采用估计器，例如增强或连续放松来模型单词分布。此类估计器的固有局限性导致当前模型依赖于预训练技术（MLE预训练或预训练的嵌入）。但是，由于其先前尝试的性能较差，因此很少探索没有这些局限性的代表建模方法。我们的分析表明，无效的采样方法和不健康的梯度是其不令人满意的性能的主要因素。在这项工作中，我们提出了两种解决这些问题的技术：辍学抽样和完全归一化的LSTM。基于这两种技术，我们提出了初始gan，其参数是完全初始初始初始初始初始初始初始初始化的。此外，我们引入了新的评估度量，覆盖率最少，以更好地评估生成的样品的质量。实验结果表明，Initialgan的表现都优于MLE和其他比较模型。据我们所知，这是GAN语言第一次在没有任何预训练技术的情况下胜过MLE。

本文调查了一种捍卫对抗性攻击的方法家族，其成功的部分原因是创造了嘈杂，不连续或不足的损失景观，而对手很难驾驶。实现这种效果的一种常见但不是普遍的方法是使用随机神经网络。我们表明，这是梯度混淆的一种形式，并根据Weierstrass变换提出了对基于梯度的对手的一般扩展，该变换平滑了损失函数的表面并提供了更可靠的梯度估计。我们进一步表明，相同的原则可以增强无梯度的对手。我们证明了消失方法对由于这种混淆而表现出鲁棒性的随机和非传统对抗防御的功效。此外，我们将分析它与对转型的期望相互作用。目前用于攻击随机防御的流行梯度采样方法。

已知神经网络在输入图像上产生过度自信的预测，即使这些图像不存在（OOD）样本。这限制了神经网络模型在存在OOD样本的实际场景中的应用。许多现有方法通过利用各种提示来确定OOD实例，例如在特征空间，逻辑空间，梯度空间或图像的原始空间中查找不规则模式。相反，本文提出了一种简单的测试时间线性训练（ETLT）用于OOD检测方法。从经验上讲，我们发现输入图像的概率不存在，与神经网络提取的功能令人惊讶地线性相关。具体来说，许多最先进的OOD算法虽然旨在以不同的方式衡量可靠性，但实际上导致OOD得分主要与其图像特征线性相关。因此，通过简单地学习从配对图像特征训练并在测试时间推断的OOD分数的线性回归模型，我们可以为测试实例做出更精确的OOD预测。我们进一步提出了该方法的在线变体，该变体可以实现有希望的性能，并且在现实世界中更为实用。值得注意的是，我们将FPR95从$ 51.37 \％$提高到CIFAR-10数据集的$ 12.30 \％$，最大的SoftMax概率是基本的OOD检测器。在几个基准数据集上进行的广泛实验显示了ETLT对OOD检测任务的功效。