Today's software is bloated leading to significant resource wastage. This bloat is prevalent across the entire software stack, from the operating system, all the way to software backends, frontends, and web-pages. In this paper, we study how prevalent bloat is in machine learning containers. We develop MMLB, a framework to analyze bloat in machine learning containers, measuring the amount of bloat that exists on the container and package levels. Our tool quantifies the sources of bloat and removes them. We integrate our tool with vulnerability analysis tools to measure how bloat affects container vulnerabilities. We experimentally study 15 machine learning containers from the official Tensorflow, Pytorch, and NVIDIA container registries under different tasks, (i.e., training, tuning, and serving). Our findings show that machine learning containers contain bloat encompassing up to 80\% of the container size. We find that debloating machine learning containers speeds provisioning times by up to $3.7\times$ and removes up to 98\% of all vulnerabilities detected by vulnerability analysis tools such as Grype. Finally, we relate our results to the larger discussion about technical debt in machine learning systems.

Adversarial training is an effective approach to make deep neural networks robust against adversarial attacks. Recently, different adversarial training defenses are proposed that not only maintain a high clean accuracy but also show significant robustness against popular and well studied adversarial attacks such as PGD. High adversarial robustness can also arise if an attack fails to find adversarial gradient directions, a phenomenon known as `gradient masking'. In this work, we analyse the effect of label smoothing on adversarial training as one of the potential causes of gradient masking. We then develop a guided mechanism to avoid local minima during attack optimization, leading to a novel attack dubbed Guided Projected Gradient Attack (G-PGA). Our attack approach is based on a `match and deceive' loss that finds optimal adversarial directions through guidance from a surrogate model. Our modified attack does not require random restarts, large number of attack iterations or search for an optimal step-size. Furthermore, our proposed G-PGA is generic, thus it can be combined with an ensemble attack strategy as we demonstrate for the case of Auto-Attack, leading to efficiency and convergence speed improvements. More than an effective attack, G-PGA can be used as a diagnostic tool to reveal elusive robustness due to gradient masking in adversarial defenses.

We consider the problem of improving the human instance segmentation mask quality for a given test image using keypoints estimation. We compare two alternative approaches. The first approach is a test-time adaptation (TTA) method, where we allow test-time modification of the segmentation network's weights using a single unlabeled test image. In this approach, we do not assume test-time access to the labeled source dataset. More specifically, our TTA method consists of using the keypoints estimates as pseudo labels and backpropagating them to adjust the backbone weights. The second approach is a training-time generalization (TTG) method, where we permit offline access to the labeled source dataset but not the test-time modification of weights. Furthermore, we do not assume the availability of any images from or knowledge about the target domain. Our TTG method consists of augmenting the backbone features with those generated by the keypoints head and feeding the aggregate vector to the mask head. Through a comprehensive set of ablations, we evaluate both approaches and identify several factors limiting the TTA gains. In particular, we show that in the absence of a significant domain shift, TTA may hurt and TTG show only a small gain in performance, whereas for a large domain shift, TTA gains are smaller and dependent on the heuristics used, while TTG gains are larger and robust to architectural choices.

Rating a video based on its content is an important step for classifying video age categories. Movie content rating and TV show rating are the two most common rating systems established by professional committees. However, manually reviewing and evaluating scene/film content by a committee is a tedious work and it becomes increasingly difficult with the ever-growing amount of online video content. As such, a desirable solution is to use computer vision based video content analysis techniques to automate the evaluation process. In this paper, related works are summarized for action recognition, multi-modal learning, movie genre classification, and sensitive content detection in the context of content moderation and movie content rating. The project page is available at https://github.com/fcakyon/content-moderation-deep-learning}.

Generalizable 3D part segmentation is important but challenging in vision and robotics. Training deep models via conventional supervised methods requires large-scale 3D datasets with fine-grained part annotations, which are costly to collect. This paper explores an alternative way for low-shot part segmentation of 3D point clouds by leveraging a pretrained image-language model, GLIP, which achieves superior performance on open-vocabulary 2D detection. We transfer the rich knowledge from 2D to 3D through GLIP-based part detection on point cloud rendering and a novel 2D-to-3D label lifting algorithm. We also utilize multi-view 3D priors and few-shot prompt tuning to boost performance significantly. Extensive evaluation on PartNet and PartNet-Mobility datasets shows that our method enables excellent zero-shot 3D part segmentation. Our few-shot version not only outperforms existing few-shot approaches by a large margin but also achieves highly competitive results compared to the fully supervised counterpart. Furthermore, we demonstrate that our method can be directly applied to iPhone-scanned point clouds without significant domain gaps.

多项式网络（PNS）最近在面部和图像识别方面表现出了有希望的表现。但是，PNS的鲁棒性尚不清楚，因此获得证书对于使其在现实世界应用中的采用至关重要。基于分支和绑定（BAB）技术的Relu神经网络（NNS）上的现有验证算法不能微不足道地应用于PN验证。在这项工作中，我们设计了一种新的边界方法，该方法配备了BAB，用于全球融合保证，称为VPN。一个关键的见解是，我们获得的边界比间隔结合的传播基线更紧密。这可以通过MNIST，CIFAR10和STL10数据集的经验验证进行声音和完整的PN验证。我们认为我们的方法对NN验证具有自身的兴趣。

由于卷积神经网络（CNN）在过去的十年中检测成功，多对象跟踪（MOT）通过检测方法的使用来控制。随着数据集和基础标记网站的发布，研究方向已转向在跟踪时在包括重新识别对象的通用场景（包括重新识别（REID））上的最佳准确性。在这项研究中，我们通过提供专用的行人数据集并专注于对性能良好的多对象跟踪器的深入分析来缩小监视的范围）现实世界应用的技术。为此，我们介绍SOMPT22数据集；一套新的，用于多人跟踪的新套装，带有带注释的简短视频，该视频从位于杆子上的静态摄像头捕获，高度为6-8米，用于城市监视。与公共MOT数据集相比，这提供了室外监视的MOT的更为集中和具体的基准。我们分析了该新数据集上检测和REID网络的使用方式，分析了将MOT跟踪器分类为单发和两阶段。我们新数据集的实验结果表明，SOTA远非高效率，而单一跟踪器是统一快速执行和准确性的良好候选者，并具有竞争性的性能。该数据集将在以下网址提供：sompt22.github.io

由于无人机成本降低并且无人机技术有所改善，无人机检测已成为对象检测的重要任务。但是，当对比度较弱，远距离可见度较弱时，很难检测到遥远的无人机。在这项工作中，我们提出了几个序列分类体系结构，以减少无人机轨道检测到的假阳性比率。此外，我们提出了一个新的无人机与鸟类序列分类数据集，以训练和评估拟议的架构。3D CNN，LSTM和基于变压器的序列分类体系结构已在拟议的数据集上进行了培训，以显示提出的思想的有效性。如实验所示，使用序列信息，鸟类分类和整体F1分数可以分别提高73％和35％。在所有序列分类模型中，基于R（2+1）D的完全卷积模型可产生最佳的转移学习和微调结果。

这项研究中我们的主要目标是提出一种基于转移学习的方法，用于从计算机断层扫描（CT）图像中检测。用于任务的转移学习模型是验证的X受感受模型。使用了模型结构和ImageNet上的预训练权重。通过128批量的大小和224x224、3个通道输入图像训练所得的修改模型，并从原始512x512，灰度图像转换。使用的数据集是A COV19-CT-DB。数据集中的标签包括1919年COVID-1919检测的COVID-19病例和非旋转19例。首先，使用数据集的验证分区以及精确召回和宏F1分数的准确性和损失来衡量所提出方法的性能。验证集中的最终宏F1得分超过了基线模型。

对于诸如银行和医疗保健等高度监管的行业，采用云计算的主要障碍之一是遵守监管标准。由于公司需要遵守的许多监管和技术规范（TechSpec）文件，这是一个复杂的问题。关键的问题是建立TechSpecs和法规控制之间的映射，以便从第一天开始，公司可以遵守最少的努力法规。我们证明了一种使用人工智能（AI）技术自动分析监管标准的方法的实用性。我们提出了早期的结果，以确定TechSpecs和监管控制之间的映射，并讨论该解决方案必须完全实用的挑战。