当在安全 - 关键系统中使用深层神经网络（DNN）时，工程师应确定在测试过程中观察到的与故障（即错误输出）相关的安全风险。对于DNN处理图像，工程师在视觉上检查所有引起故障的图像以确定它们之间的共同特征。这种特征对应于危害触发事件（例如，低照明），这是安全分析的重要输入。尽管内容丰富，但这种活动却昂贵且容易出错。为了支持此类安全分析实践，我们提出了SEDE，该技术可为失败，现实世界图像中的共同点生成可读的描述，并通过有效的再培训改善DNN。 SEDE利用了通常用于网络物理系统的模拟器的可用性。它依靠遗传算法来驱动模拟器来生成与测试集中诱导失败的现实世界图像相似的图像。然后，它采用规则学习算法来得出以模拟器参数值捕获共同点的表达式。然后，派生表达式用于生成其他图像以重新训练和改进DNN。随着DNN执行车载传感任务，SEDE成功地表征了导致DNN精度下降的危险触发事件。此外，SEDE启用了重新培训，从而导致DNN准确性的显着提高，最高18个百分点。

Deep neural networks (DNNs) have demonstrated superior performance over classical machine learning to support many features in safety-critical systems. Although DNNs are now widely used in such systems (e.g., self driving cars), there is limited progress regarding automated support for functional safety analysis in DNN-based systems. For example, the identification of root causes of errors, to enable both risk analysis and DNN retraining, remains an open problem. In this paper, we propose SAFE, a black-box approach to automatically characterize the root causes of DNN errors. SAFE relies on a transfer learning model pre-trained on ImageNet to extract the features from error-inducing images. It then applies a density-based clustering algorithm to detect arbitrary shaped clusters of images modeling plausible causes of error. Last, clusters are used to effectively retrain and improve the DNN. The black-box nature of SAFE is motivated by our objective not to require changes or even access to the DNN internals to facilitate adoption.Experimental results show the superior ability of SAFE in identifying different root causes of DNN errors based on case studies in the automotive domain. It also yields significant improvements in DNN accuracy after retraining, while saving significant execution time and memory when compared to alternatives. CCS Concepts: • Software and its engineering → Software defect analysis; • Computing methodologies → Machine learning.

In this paper we present TruFor, a forensic framework that can be applied to a large variety of image manipulation methods, from classic cheapfakes to more recent manipulations based on deep learning. We rely on the extraction of both high-level and low-level traces through a transformer-based fusion architecture that combines the RGB image and a learned noise-sensitive fingerprint. The latter learns to embed the artifacts related to the camera internal and external processing by training only on real data in a self-supervised manner. Forgeries are detected as deviations from the expected regular pattern that characterizes each pristine image. Looking for anomalies makes the approach able to robustly detect a variety of local manipulations, ensuring generalization. In addition to a pixel-level localization map and a whole-image integrity score, our approach outputs a reliability map that highlights areas where localization predictions may be error-prone. This is particularly important in forensic applications in order to reduce false alarms and allow for a large scale analysis. Extensive experiments on several datasets show that our method is able to reliably detect and localize both cheapfakes and deepfakes manipulations outperforming state-of-the-art works. Code will be publicly available at https://grip-unina.github.io/TruFor/

The shift of public debate to the digital sphere has been accompanied by a rise in online hate speech. While many promising approaches for hate speech classification have been proposed, studies often focus only on a single language, usually English, and do not address three key concerns: post-deployment performance, classifier maintenance and infrastructural limitations. In this paper, we introduce a new human-in-the-loop BERT-based hate speech classification pipeline and trace its development from initial data collection and annotation all the way to post-deployment. Our classifier, trained using data from our original corpus of over 422k examples, is specifically developed for the inherently multilingual setting of Switzerland and outperforms with its F1 score of 80.5 the currently best-performing BERT-based multilingual classifier by 5.8 F1 points in German and 3.6 F1 points in French. Our systematic evaluations over a 12-month period further highlight the vital importance of continuous, human-in-the-loop classifier maintenance to ensure robust hate speech classification post-deployment.

In this paper, we introduce MINTIME, a video deepfake detection approach that captures spatial and temporal anomalies and handles instances of multiple people in the same video and variations in face sizes. Previous approaches disregard such information either by using simple a-posteriori aggregation schemes, i.e., average or max operation, or using only one identity for the inference, i.e., the largest one. On the contrary, the proposed approach builds on a Spatio-Temporal TimeSformer combined with a Convolutional Neural Network backbone to capture spatio-temporal anomalies from the face sequences of multiple identities depicted in a video. This is achieved through an Identity-aware Attention mechanism that attends to each face sequence independently based on a masking operation and facilitates video-level aggregation. In addition, two novel embeddings are employed: (i) the Temporal Coherent Positional Embedding that encodes each face sequence's temporal information and (ii) the Size Embedding that encodes the size of the faces as a ratio to the video frame size. These extensions allow our system to adapt particularly well in the wild by learning how to aggregate information of multiple identities, which is usually disregarded by other methods in the literature. It achieves state-of-the-art results on the ForgeryNet dataset with an improvement of up to 14% AUC in videos containing multiple people and demonstrates ample generalization capabilities in cross-forgery and cross-dataset settings. The code is publicly available at https://github.com/davide-coccomini/MINTIME-Multi-Identity-size-iNvariant-TIMEsformer-for-Video-Deepfake-Detection.

Prescriptive Process Monitoring systems recommend, during the execution of a business process, interventions that, if followed, prevent a negative outcome of the process. Such interventions have to be reliable, that is, they have to guarantee the achievement of the desired outcome or performance, and they have to be flexible, that is, they have to avoid overturning the normal process execution or forcing the execution of a given activity. Most of the existing Prescriptive Process Monitoring solutions, however, while performing well in terms of recommendation reliability, provide the users with very specific (sequences of) activities that have to be executed without caring about the feasibility of these recommendations. In order to face this issue, we propose a new Outcome-Oriented Prescriptive Process Monitoring system recommending temporal relations between activities that have to be guaranteed during the process execution in order to achieve a desired outcome. This softens the mandatory execution of an activity at a given point in time, thus leaving more freedom to the user in deciding the interventions to put in place. Our approach defines these temporal relations with Linear Temporal Logic over finite traces patterns that are used as features to describe the historical process data recorded in an event log by the information systems supporting the execution of the process. Such encoded log is used to train a Machine Learning classifier to learn a mapping between the temporal patterns and the outcome of a process execution. The classifier is then queried at runtime to return as recommendations the most salient temporal patterns to be satisfied to maximize the likelihood of a certain outcome for an input ongoing process execution. The proposed system is assessed using a pool of 22 real-life event logs that have already been used as a benchmark in the Process Mining community.

事实证明，图形神经网络（GNN）在图形结构数据的几个预测建模任务中已被证明。在这些任务中，链接预测是许多现实世界应用（例如推荐系统）的基本问题之一。但是，GNN不能免疫对抗攻击，即精心制作的恶意例子，旨在欺骗预测模型。在这项工作中，我们专注于对基于GNN的链接预测模型进行特定的白盒攻击，其中恶意节点的目的是出现在给定目标受害者的推荐节点列表中。为了实现这一目标，攻击者节点还可以指望它直接控制的其他现有同伴的合作，即在网络中注入许多``vicious''节点的能力。具体而言，所有这些恶意节点都可以添加新的边缘或删除现有的节点，从而扰乱原始图。因此，我们提出了野蛮人，一种新颖的框架和一种安装这种链接预测攻击的方法。野蛮人将对手的目标制定为一项优化任务，从而达到了攻击的有效性与所需的恶意资源的稀疏之间的平衡。在现实世界和合成数据集上进行的广泛实验表明，通过野蛮人实施的对抗性攻击确实达到了很高的攻击成功率，但使用少量恶性节点。最后，尽管这些攻击需要完全了解目标模型，但我们表明它们可以成功地转移到其他黑框方法以进行链接预测。

深度学习体系结构的令人印象深刻的性能与模型复杂性的大量增加有关。需要对数百万个参数进行调整，并相应地进行训练和推理时间扩展。但是需要进行大规模的微调吗？在本文中，专注于图像分类，我们考虑了一种简单的转移学习方法利用预卷积特征作为快速内核方法的输入。我们将这种方法称为最佳调整，因为只有内核分类器经过培训。通过执行2500多个培训过程，我们表明这种最佳调整方法提供了可比的精度W.R.T.进行微调，训练时间较小在一个和两个数量级之间。这些结果表明，顶级调整为中小型数据集中的微调提供了有用的替代方法，尤其是在训练效率至关重要的情况下。

监测原位浮游生物的种群对于保留水生生态系统至关重要。浮游生物微生物实际上易受较小的环境扰动的影响，可以反映出随之而来的形态学和动力学修饰。如今，高级自动或半自动采集系统的可用性已允许生产越来越多的浮游生物图像数据。由于大量获得的数据和浮游生物的数字，因此，采用机器学习算法来对此类数据进行分类。为了应对这些挑战，我们提出了有效的无监督学习管道，以提供浮游生物微生物的准确分类。我们构建一组图像描述符，利用两步过程。首先，对预先训练的神经网络提取的功能进行了跨自动编码器（VAE）的培训。然后，我们将学习的潜在空间用作聚类的图像描述符。我们将方法与最新的无监督方法进行了比较，其中一组预定义的手工特征用于浮游生物图像的聚类。所提出的管道优于我们分析中包含的所有浮游生物数据集的基准算法，提供了更好的图像嵌入属性。

许多涉及某种形式的3D视觉感知的机器人任务极大地受益于对工作环境的完整知识。但是，机器人通常必须应对非结构化的环境，并且由于工作空间有限，混乱或对象自我划分，它们的车载视觉传感器只能提供不完整的信息。近年来，深度学习架构的形状完成架构已开始将牵引力作为从部分视觉数据中推断出完整的3D对象表示的有效手段。然而，大多数现有的最新方法都以体素电网形式提供了固定的输出分辨率，这与神经网络输出阶段的大小严格相关。尽管这足以完成某些任务，例如导航，抓握和操纵的障碍需要更精细的分辨率，并且简单地扩大神经网络输出在计算上是昂贵的。在本文中，我们通过基于隐式3D表示的对象形状完成方法来解决此限制，该方法为每个重建点提供了置信值。作为第二个贡献，我们提出了一种基于梯度的方法，用于在推理时在任意分辨率下有效地采样这种隐式函数。我们通过将重建的形状与地面真理进行比较，并通过在机器人握把管道中部署形状完成算法来实验验证我们的方法。在这两种情况下，我们将结果与最先进的形状完成方法进行了比较。