深度学习中的关键挑战之一是检测对抗例的有效策略的定义。为此，我们提出了一种名为Ensemble对抗探测器（EAD）的新型方法，用于识别对抗性示例，在标准的多字节分类场景中。 EAD结合了多个检测器，该检测器利用了预先训练的深神经网络（DNN）内部表示中的输入实例的不同属性。具体而言，EAD基于Mahalanobis距离和局部内在的维度（盖子）与基于单级支持向量机（OSVM）的新引进的方法集成了最先进的探测器。尽管所有构成方法都假定测试实例从一组正确分类的训练实例的距离越大，但概率越高，其是对手示例的概率越高，它们在计算距离的方式中不同。为了利用不同方法的有效性在捕获数据分布的不同特性，因此，有效地解决泛化和过度装备之间的权衡，EAD采用探测器特定的距离分数作为逻辑回归分类器的特征，独立的超公数后优化。我们在不同的数据集（CIFAR-10，CiFar-100和SVHN）和模型（Reset和Densenet）上评估了EAD方法，以及通过与竞争方法进行比较，关于四个对抗性攻击（FGSM，BIM，DeepFool和CW）。总的来说，我们表明EAD达到了最大的Auroc和Aupr在大多数设置和其他方面的表现。对现有技术的改进以及容易延伸EAD以包括任何任意探测器的可能性，铺平了在普遍示例性检测的广场上广泛采用的集合方法。

In this paper we present TruFor, a forensic framework that can be applied to a large variety of image manipulation methods, from classic cheapfakes to more recent manipulations based on deep learning. We rely on the extraction of both high-level and low-level traces through a transformer-based fusion architecture that combines the RGB image and a learned noise-sensitive fingerprint. The latter learns to embed the artifacts related to the camera internal and external processing by training only on real data in a self-supervised manner. Forgeries are detected as deviations from the expected regular pattern that characterizes each pristine image. Looking for anomalies makes the approach able to robustly detect a variety of local manipulations, ensuring generalization. In addition to a pixel-level localization map and a whole-image integrity score, our approach outputs a reliability map that highlights areas where localization predictions may be error-prone. This is particularly important in forensic applications in order to reduce false alarms and allow for a large scale analysis. Extensive experiments on several datasets show that our method is able to reliably detect and localize both cheapfakes and deepfakes manipulations outperforming state-of-the-art works. Code will be publicly available at https://grip-unina.github.io/TruFor/

The shift of public debate to the digital sphere has been accompanied by a rise in online hate speech. While many promising approaches for hate speech classification have been proposed, studies often focus only on a single language, usually English, and do not address three key concerns: post-deployment performance, classifier maintenance and infrastructural limitations. In this paper, we introduce a new human-in-the-loop BERT-based hate speech classification pipeline and trace its development from initial data collection and annotation all the way to post-deployment. Our classifier, trained using data from our original corpus of over 422k examples, is specifically developed for the inherently multilingual setting of Switzerland and outperforms with its F1 score of 80.5 the currently best-performing BERT-based multilingual classifier by 5.8 F1 points in German and 3.6 F1 points in French. Our systematic evaluations over a 12-month period further highlight the vital importance of continuous, human-in-the-loop classifier maintenance to ensure robust hate speech classification post-deployment.

In this paper, we introduce MINTIME, a video deepfake detection approach that captures spatial and temporal anomalies and handles instances of multiple people in the same video and variations in face sizes. Previous approaches disregard such information either by using simple a-posteriori aggregation schemes, i.e., average or max operation, or using only one identity for the inference, i.e., the largest one. On the contrary, the proposed approach builds on a Spatio-Temporal TimeSformer combined with a Convolutional Neural Network backbone to capture spatio-temporal anomalies from the face sequences of multiple identities depicted in a video. This is achieved through an Identity-aware Attention mechanism that attends to each face sequence independently based on a masking operation and facilitates video-level aggregation. In addition, two novel embeddings are employed: (i) the Temporal Coherent Positional Embedding that encodes each face sequence's temporal information and (ii) the Size Embedding that encodes the size of the faces as a ratio to the video frame size. These extensions allow our system to adapt particularly well in the wild by learning how to aggregate information of multiple identities, which is usually disregarded by other methods in the literature. It achieves state-of-the-art results on the ForgeryNet dataset with an improvement of up to 14% AUC in videos containing multiple people and demonstrates ample generalization capabilities in cross-forgery and cross-dataset settings. The code is publicly available at https://github.com/davide-coccomini/MINTIME-Multi-Identity-size-iNvariant-TIMEsformer-for-Video-Deepfake-Detection.

Prescriptive Process Monitoring systems recommend, during the execution of a business process, interventions that, if followed, prevent a negative outcome of the process. Such interventions have to be reliable, that is, they have to guarantee the achievement of the desired outcome or performance, and they have to be flexible, that is, they have to avoid overturning the normal process execution or forcing the execution of a given activity. Most of the existing Prescriptive Process Monitoring solutions, however, while performing well in terms of recommendation reliability, provide the users with very specific (sequences of) activities that have to be executed without caring about the feasibility of these recommendations. In order to face this issue, we propose a new Outcome-Oriented Prescriptive Process Monitoring system recommending temporal relations between activities that have to be guaranteed during the process execution in order to achieve a desired outcome. This softens the mandatory execution of an activity at a given point in time, thus leaving more freedom to the user in deciding the interventions to put in place. Our approach defines these temporal relations with Linear Temporal Logic over finite traces patterns that are used as features to describe the historical process data recorded in an event log by the information systems supporting the execution of the process. Such encoded log is used to train a Machine Learning classifier to learn a mapping between the temporal patterns and the outcome of a process execution. The classifier is then queried at runtime to return as recommendations the most salient temporal patterns to be satisfied to maximize the likelihood of a certain outcome for an input ongoing process execution. The proposed system is assessed using a pool of 22 real-life event logs that have already been used as a benchmark in the Process Mining community.

事实证明，图形神经网络（GNN）在图形结构数据的几个预测建模任务中已被证明。在这些任务中，链接预测是许多现实世界应用（例如推荐系统）的基本问题之一。但是，GNN不能免疫对抗攻击，即精心制作的恶意例子，旨在欺骗预测模型。在这项工作中，我们专注于对基于GNN的链接预测模型进行特定的白盒攻击，其中恶意节点的目的是出现在给定目标受害者的推荐节点列表中。为了实现这一目标，攻击者节点还可以指望它直接控制的其他现有同伴的合作，即在网络中注入许多``vicious''节点的能力。具体而言，所有这些恶意节点都可以添加新的边缘或删除现有的节点，从而扰乱原始图。因此，我们提出了野蛮人，一种新颖的框架和一种安装这种链接预测攻击的方法。野蛮人将对手的目标制定为一项优化任务，从而达到了攻击的有效性与所需的恶意资源的稀疏之间的平衡。在现实世界和合成数据集上进行的广泛实验表明，通过野蛮人实施的对抗性攻击确实达到了很高的攻击成功率，但使用少量恶性节点。最后，尽管这些攻击需要完全了解目标模型，但我们表明它们可以成功地转移到其他黑框方法以进行链接预测。

许多涉及某种形式的3D视觉感知的机器人任务极大地受益于对工作环境的完整知识。但是，机器人通常必须应对非结构化的环境，并且由于工作空间有限，混乱或对象自我划分，它们的车载视觉传感器只能提供不完整的信息。近年来，深度学习架构的形状完成架构已开始将牵引力作为从部分视觉数据中推断出完整的3D对象表示的有效手段。然而，大多数现有的最新方法都以体素电网形式提供了固定的输出分辨率，这与神经网络输出阶段的大小严格相关。尽管这足以完成某些任务，例如导航，抓握和操纵的障碍需要更精细的分辨率，并且简单地扩大神经网络输出在计算上是昂贵的。在本文中，我们通过基于隐式3D表示的对象形状完成方法来解决此限制，该方法为每个重建点提供了置信值。作为第二个贡献，我们提出了一种基于梯度的方法，用于在推理时在任意分辨率下有效地采样这种隐式函数。我们通过将重建的形状与地面真理进行比较，并通过在机器人握把管道中部署形状完成算法来实验验证我们的方法。在这两种情况下，我们将结果与最先进的形状完成方法进行了比较。

由于监视摄像头网络的无处不在，从图像中计算的自动人士最近引起了现代智能城市的城市监测的注意。当前的计算机视觉技术依赖于基于深度学习的算法，这些算法估算了静止图像中的行人密度。只有一堆作品利用视频序列中的时间一致性。在这项工作中，我们提出了一个时空的细心神经网络，以估计监视视频中的行人数量。通过利用连续帧之间的时间相关性，我们在广泛使用的FDST基准上将最新的计数误差降低了5％，定位误差降低了7.5％。

在由家用电器，电动汽车和太阳能电池板等各种设备组成的分散家庭能源系统中，最终用户可以更深入地研究该系统的细节，并进一步实现能源可持续性，如果向它们提供了有关电能消耗的数据和设备粒度的生产。但是，该领域中的许多数据库都是从其他域中孤立的，包括仅与能源有关的信息。这可能会导致每个设备能源使用的信息损失（\ textit {例如{例如}天气）。同时，许多这些数据集已在计算建模技术（例如机器学习模型）中广泛使用。尽管这种计算方法仅通过仅专注于数据集的局部视图来实现极高的准确性和性能，但不能保证模型可靠性，因为当考虑到信息遗漏时，此类模型非常容易受到数据输入波动的影响。本文通过在家庭能源系统的基础上检查语义Web方法来解决智能能源系统领域的数据隔离问题。我们提供了一种基于本体的方法，用于在系统中的设备级分辨率下管理分散数据。结果，与每个设备相关的数据的范围可以在整个网络中以可互操作的方式轻松扩展，并且只要根据W3C标准组织数据，就可以从网络中获得其他信息，例如天气。 。

最近，图形神经网络（GNN）已被广泛用于开发成功的推荐系统。尽管功能强大，但基于GNN的建议系统很难附上明显的解释，说明为什么特定项目最终在给定用户的建议列表中。确实，解释基于GNN的建议是独特的，而现有的GNN解释方法是不合适的，原因有两个。首先，传统的GNN解释方法是为节点，边缘或图形分类任务而不是排名而设计的，如推荐系统中。其次，标准的机器学习解释通常旨在支持熟练的决策者。相反，建议是为任何最终用户设计的，因此应以用户理解的方式提供其解释。在这项工作中，我们提出了润滑脂，这是一种新的方法，用于解释任何基于黑盒GNN的建议系统提供的建议。具体而言，Grease首先在目标用户项目对及其$ L $ -HOP社区上训练替代模型。然后，它通过找到最佳的邻接矩阵扰动来捕获足够和必要的条件，分别推荐一个项目，从而生成事实和反事实解释。在现实世界数据集上进行的实验结果表明，油脂可以为流行的基于GNN的推荐模型产生简洁有效的解释。