Deep learning models are known to put the privacy of their training data at risk, which poses challenges for their safe and ethical release to the public. Differentially private stochastic gradient descent is the de facto standard for training neural networks without leaking sensitive information about the training data. However, applying it to models for graph-structured data poses a novel challenge: unlike with i.i.d. data, sensitive information about a node in a graph cannot only leak through its gradients, but also through the gradients of all nodes within a larger neighborhood. In practice, this limits privacy-preserving deep learning on graphs to very shallow graph neural networks. We propose to solve this issue by training graph neural networks on disjoint subgraphs of a given training graph. We develop three random-walk-based methods for generating such disjoint subgraphs and perform a careful analysis of the data-generating distributions to provide strong privacy guarantees. Through extensive experiments, we show that our method greatly outperforms the state-of-the-art baseline on three large graphs, and matches or outperforms it on four smaller ones.

神经网络的鲁棒性和异常检测能力是其在现实世界中安全采用的关键主题。此外，最近网络的过度参数伴随着高计算成本，并提出了有关其对稳健性和异常检测的影响的疑问。在这项工作中，我们表明稀疏性可以使网络更强大，更好的异常检测器。为了进一步激励这一点，我们表明，预先训练的神经网络包含在其参数空间内，稀疏的子网络在没有任何进一步培训的情况下在这些任务上更好。我们还表明，结构化的稀疏性极大地有助于降低昂贵的鲁棒性和检测方法的复杂性，同时维持甚至改善其在这些任务上的结果。最后，我们引入了一种新方法Sensnorm，该方法使用从适当的修剪方法得出的权重的灵敏度来检测输入中的异常样品。

修剪是稀疏深神经网络的任务，最近受到了越来越多的关注。尽管最先进的修剪方法提取了高度稀疏的模型，但它们忽略了两个主要挑战：（1）寻找这些稀疏模型的过程通常非常昂贵； （2）非结构化的修剪在GPU记忆，训练时间或碳排放方面没有提供好处。我们提出了通过梯度流量保存（早期CROP）提出的早期压缩，该压缩在训练挑战（1）的培训（1）中有效提取最先进的稀疏模型，并且可以以结构化的方式应用来应对挑战（2）。这使我们能够在商品GPU上训练稀疏的网络，该商品GPU的密集版本太大，从而节省了成本并减少了硬件要求。我们从经验上表明，早期杂交的表现优于许多任务（包括分类，回归）和域（包括计算机视觉，自然语言处理和增强学习）的丰富基线。早期杂交导致准确性与密集训练相当，同时超过修剪基线。

时间序列数据通常由异常值或其他类型的异常损坏。识别异常点可以是其自身（异常检测）的目标，或提高其他时间序列任务的性能的手段（例如预测）。最近基于深度学习的异常检测和预测的方法通常假设训练数据中的异常比例足够小以忽略，并将未标记的数据从名义数据分布中视为。我们为增强现有时间序列模型提出了一种简单而有效的技术，以便在培训数据中明确地解释异常。通过使用蒙特卡洛EM使用蒙特卡洛EM训练潜在模型的潜在异常指示变量来增加潜在异常指标变量，我们的方法同时介绍异常点，同时提高标称数据的模型性能。我们通过将其与简单的前锋预测模型相结合来证明该方法的有效性。我们调查火车集中的异常程度如何影响预测模型的培训，这些模型通常用于时间序列异常检测，并表明我们的方法改善了模型的培训。

鉴于他们的普及和应用程序的多样性，图形神经网络（GNNS）越来越重要。然而，对对抗性袭击的脆弱性的现有研究依赖于相对较小的图形。我们解决了这个差距并研究了如何在规模攻击和捍卫GNN。我们提出了两个稀疏感知的一阶优化攻击，尽管优化了在节点数量中的许多参数上优化了有效的表示。我们表明，普通的替代损失并不适合全球对GNN的攻击。我们的替代品可以加倍攻击力量。此外，为了提高GNNS的可靠性，我们设计了强大的聚合函数，软中位，导致所有尺度的有效防御。我们评估了我们的攻击和防御与图形的标准GNN，与以前的工作相比大于100倍以上。我们甚至通过将技术扩展到可伸缩的GNN来进一步缩放一个数量级。

图表的深度学习模型对节点分类的任务取得了很强的性能。尽管他们扩散，目前没有对对抗性袭击的稳健性的研究。然而，在域中可能被使用，例如，网上，对手很常见。图表的深度学习模型很容易被愚弄吗？在这项工作中，我们介绍了对归属图的对抗性攻击的第一次研究，特别是专注于利用图形卷积思想的模型。除了在考试时间的攻击之外，我们还解决了更具挑战性的中毒/致病攻击，这些攻击专注于机器学习模型的训练阶段。我们生成针对节点特征和图形结构的对抗扰动，从而占用了实例之间的依赖关系。此外，我们确保通过保留重要数据特征来确保扰动仍然是不可抑制的。为了应对基础的离散域，我们提出了一种有效的NetTack利用增量计算的算法。我们的实验研究表明，即使仅在扰动时，节点分类的准确性也显着下降。甚至更多，我们的攻击是可转移的：学习攻击概括到其他最先进的节点分类模型和无监督的方法，同样也是成功的，即使仅给出了关于图形的有限知识时也是成功的。

The performance of inertial navigation systems is largely dependent on the stable flow of external measurements and information to guarantee continuous filter updates and bind the inertial solution drift. Platforms in different operational environments may be prevented at some point from receiving external measurements, thus exposing their navigation solution to drift. Over the years, a wide variety of works have been proposed to overcome this shortcoming, by exploiting knowledge of the system current conditions and turning it into an applicable source of information to update the navigation filter. This paper aims to provide an extensive survey of information aided navigation, broadly classified into direct, indirect, and model aiding. Each approach is described by the notable works that implemented its concept, use cases, relevant state updates, and their corresponding measurement models. By matching the appropriate constraint to a given scenario, one will be able to improve the navigation solution accuracy, compensate for the lost information, and uncover certain internal states, that would otherwise remain unobservable.

We consider infinite horizon Markov decision processes (MDPs) with fast-slow structure, meaning that certain parts of the state space move "fast" (and in a sense, are more influential) while other parts transition more "slowly." Such structure is common in real-world problems where sequential decisions need to be made at high frequencies, yet information that varies at a slower timescale also influences the optimal policy. Examples include: (1) service allocation for a multi-class queue with (slowly varying) stochastic costs, (2) a restless multi-armed bandit with an environmental state, and (3) energy demand response, where both day-ahead and real-time prices play a role in the firm's revenue. Models that fully capture these problems often result in MDPs with large state spaces and large effective time horizons (due to frequent decisions), rendering them computationally intractable. We propose an approximate dynamic programming algorithmic framework based on the idea of "freezing" the slow states, solving a set of simpler finite-horizon MDPs (the lower-level MDPs), and applying value iteration (VI) to an auxiliary MDP that transitions on a slower timescale (the upper-level MDP). We also extend the technique to a function approximation setting, where a feature-based linear architecture is used. On the theoretical side, we analyze the regret incurred by each variant of our frozen-state approach. Finally, we give empirical evidence that the frozen-state approach generates effective policies using just a fraction of the computational cost, while illustrating that simply omitting slow states from the decision modeling is often not a viable heuristic.

In the present work we propose an unsupervised ensemble method consisting of oblique trees that can address the task of auto-encoding, namely Oblique Forest AutoEncoders (briefly OF-AE). Our method is a natural extension of the eForest encoder introduced in [1]. More precisely, by employing oblique splits consisting in multivariate linear combination of features instead of the axis-parallel ones, we will devise an auto-encoder method through the computation of a sparse solution of a set of linear inequalities consisting of feature values constraints. The code for reproducing our results is available at https://github.com/CDAlecsa/Oblique-Forest-AutoEncoders.

When robots learn reward functions using high capacity models that take raw state directly as input, they need to both learn a representation for what matters in the task -- the task ``features" -- as well as how to combine these features into a single objective. If they try to do both at once from input designed to teach the full reward function, it is easy to end up with a representation that contains spurious correlations in the data, which fails to generalize to new settings. Instead, our ultimate goal is to enable robots to identify and isolate the causal features that people actually care about and use when they represent states and behavior. Our idea is that we can tune into this representation by asking users what behaviors they consider similar: behaviors will be similar if the features that matter are similar, even if low-level behavior is different; conversely, behaviors will be different if even one of the features that matter differs. This, in turn, is what enables the robot to disambiguate between what needs to go into the representation versus what is spurious, as well as what aspects of behavior can be compressed together versus not. The notion of learning representations based on similarity has a nice parallel in contrastive learning, a self-supervised representation learning technique that maps visually similar data points to similar embeddings, where similarity is defined by a designer through data augmentation heuristics. By contrast, in order to learn the representations that people use, so we can learn their preferences and objectives, we use their definition of similarity. In simulation as well as in a user study, we show that learning through such similarity queries leads to representations that, while far from perfect, are indeed more generalizable than self-supervised and task-input alternatives.