深层神经网络容易受到恶意微调攻击，例如数据中毒和后门攻击。因此，在最近的研究中，提出了如何检测神经网络模型的恶意微调。但是，它通常会对受保护模型的性能产生负面影响。因此，我们提出了一个新的神经网络脆弱的水印，没有模型性能降解。在水印过程中，我们训练具有特定损耗函数和秘密键的生成模型，以生成对目标分类器微调敏感的触发器。在验证过程中，我们采用了水印的分类器来获取每个脆弱的触发器的标签。然后，可以通过比较秘密键和标签来检测恶意微调。经典数据集和分类器上的实验表明，所提出的方法可以有效地检测模型恶意调整，而不会降解模型性能。

最近，深度学习方法在交通预测方面取得了长足的进步，但它们的性能取决于大量的历史数据。实际上，我们可能会面临数据稀缺问题。在这种情况下，深度学习模型无法获得令人满意的性能。转移学习是解决数据稀缺问题的一种有前途的方法。但是，流量预测中现有的转移学习方法主要基于常规网格数据，这不适用于流量网络中固有的图形数据。此外，现有的基于图的模型只能在道路网络中捕获共享的流量模式，以及如何学习节点特定模式也是一个挑战。在本文中，我们提出了一种新颖的传输学习方法来解决流量预测，几乎可以将知识从数据富的源域转移到数据范围的目标域。首先，提出了一个空间图形神经网络，该网络可以捕获不同道路网络的节点特异性时空交通模式。然后，为了提高转移的鲁棒性，我们设计了一种基于模式的转移策略，我们利用基于聚类的机制来提炼源域中的常见时空模式，并使用这些知识进一步提高了预测性能目标域。现实世界数据集的实验验证了我们方法的有效性。

对于学习图表表示，并非图中的所有详细结构都与给定的图形任务相关。与任务相关的结构可以是$本地化的$或$稀疏$，仅参与子图或以子图的交互作用（层次结构的角度）。图神经网络应该能够有效提取与任务相关的结构并与无关的部分不变，这对于通用消息传递GNN来说是具有挑战性的。在这项工作中，我们建议从原始图的一系列子图中学习图表表示，以更好地捕获与任务相关的子结构或分层结构，并跳过$ noisy $零件。为此，我们设计了软遮罩GNN层，以通过掩模机制提取所需的子图。软遮罩是在连续空间中定义的，以维持不同部分的重量并表征不同部分的权重。与现有的子图或分层表示方法和图形合并操作相比，软掩模GNN层不受固定样品或降低比率的限制，因此更灵活地提取具有任意尺寸的子图。公共图基准测试的广泛实验表明，软罩机制可以提高性能。它还提供了可解释性，使每个层中掩码的值可视化，使我们能够深入了解模型所学的结构。

我们提出了一种雷达惯性内径测量的方法，其使用连续时间框架来熔断来自多个汽车雷达的熔丝测量和惯性测量单元（IMU）。不利的天气条件对雷达传感器的操作性能不同，与相机和激光器传感器不同，对雷达传感器的操作性能没有显着影响。雷达在这种情况下的鲁棒性和乘客车辆雷达的普遍普遍激励我们来看看雷达用于自我运动估计。连续时间轨迹表示不仅应用于实现异构和异步多传感器融合的框架，还应用于通过能够计算封闭形式的姿势及其衍生物来实现高效优化，并且在任何特定时间沿着弹道。我们将我们的连续时间估计与来自离散时间雷达 - 惯性内径型方法的方法进行比较，并表明我们的连续时间方法优于离散时间方法。据我们所知，这是第一次将连续时间框架应用于雷达惯性内径术。

从原始理论上明确定义的频谱图卷积到随后的空间扰动消息传递模型，空间局部（在顶点域中）充当大多数图形神经网络（GNN）的基本原理。在频谱图卷积中，过滤器由多项式近似，其中$ k $-oder多项式涵盖$ k $ -hop邻居。在消息传递中，聚合中使用的各种邻居定义实际上是对空间局部信息的广泛探索。对于学习节点表示，拓扑距离似乎是必要的，因为它表征了节点之间的基本关系。但是，对于学习整个图表的陈述，是必要的吗？在这项工作中，我们表明，不需要这样的原则，它会阻碍大多数现有的GNN，从有效地编码图形结构。通过删除它，以及多项式滤波器的限制，由此产生的新架构在学习图表表示上显着提高了性能。我们还研究了图谱对信号的影响，并将各种现有改进解释为不同的频谱平滑技术。它用作空间理解，以定量测量频谱对输入信号的影响，与众所周知的光谱理解为高/低通滤波器。更重要的是，它在开发强大的图形表示模型上阐明了光线。

We introduce a new tool for stochastic convex optimization (SCO): a Reweighted Stochastic Query (ReSQue) estimator for the gradient of a function convolved with a (Gaussian) probability density. Combining ReSQue with recent advances in ball oracle acceleration [CJJJLST20, ACJJS21], we develop algorithms achieving state-of-the-art complexities for SCO in parallel and private settings. For a SCO objective constrained to the unit ball in $\mathbb{R}^d$, we obtain the following results (up to polylogarithmic factors). We give a parallel algorithm obtaining optimization error $\epsilon_{\text{opt}}$ with $d^{1/3}\epsilon_{\text{opt}}^{-2/3}$ gradient oracle query depth and $d^{1/3}\epsilon_{\text{opt}}^{-2/3} + \epsilon_{\text{opt}}^{-2}$ gradient queries in total, assuming access to a bounded-variance stochastic gradient estimator. For $\epsilon_{\text{opt}} \in [d^{-1}, d^{-1/4}]$, our algorithm matches the state-of-the-art oracle depth of [BJLLS19] while maintaining the optimal total work of stochastic gradient descent. We give an $(\epsilon_{\text{dp}}, \delta)$-differentially private algorithm which, given $n$ samples of Lipschitz loss functions, obtains near-optimal optimization error and makes $\min(n, n^2\epsilon_{\text{dp}}^2 d^{-1}) + \min(n^{4/3}\epsilon_{\text{dp}}^{1/3}, (nd)^{2/3}\epsilon_{\text{dp}}^{-1})$ queries to the gradients of these functions. In the regime $d \le n \epsilon_{\text{dp}}^{2}$, where privacy comes at no cost in terms of the optimal loss up to constants, our algorithm uses $n + (nd)^{2/3}\epsilon_{\text{dp}}^{-1}$ queries and improves recent advancements of [KLL21, AFKT21]. In the moderately low-dimensional setting $d \le \sqrt n \epsilon_{\text{dp}}^{3/2}$, our query complexity is near-linear.

New architecture GPUs like A100 are now equipped with multi-instance GPU (MIG) technology, which allows the GPU to be partitioned into multiple small, isolated instances. This technology provides more flexibility for users to support both deep learning training and inference workloads, but efficiently utilizing it can still be challenging. The vision of this paper is to provide a more comprehensive and practical benchmark study for MIG in order to eliminate the need for tedious manual benchmarking and tuning efforts. To achieve this vision, the paper presents MIGPerf, an open-source tool that streamlines the benchmark study for MIG. Using MIGPerf, the authors conduct a series of experiments, including deep learning training and inference characterization on MIG, GPU sharing characterization, and framework compatibility with MIG. The results of these experiments provide new insights and guidance for users to effectively employ MIG, and lay the foundation for further research on the orchestration of hybrid training and inference workloads on MIGs. The code and results are released on https://github.com/MLSysOps/MIGProfiler. This work is still in progress and more results will be published soon.

Domain adaptive detection aims to improve the generalization of detectors on target domain. To reduce discrepancy in feature distributions between two domains, recent approaches achieve domain adaption through feature alignment in different granularities via adversarial learning. However, they neglect the relationship between multiple granularities and different features in alignment, degrading detection. Addressing this, we introduce a unified multi-granularity alignment (MGA)-based detection framework for domain-invariant feature learning. The key is to encode the dependencies across different granularities including pixel-, instance-, and category-levels simultaneously to align two domains. Specifically, based on pixel-level features, we first develop an omni-scale gated fusion (OSGF) module to aggregate discriminative representations of instances with scale-aware convolutions, leading to robust multi-scale detection. Besides, we introduce multi-granularity discriminators to identify where, either source or target domains, different granularities of samples come from. Note that, MGA not only leverages instance discriminability in different categories but also exploits category consistency between two domains for detection. Furthermore, we present an adaptive exponential moving average (AEMA) strategy that explores model assessments for model update to improve pseudo labels and alleviate local misalignment problem, boosting detection robustness. Extensive experiments on multiple domain adaption scenarios validate the superiority of MGA over other approaches on FCOS and Faster R-CNN detectors. Code will be released at https://github.com/tiankongzhang/MGA.

In the scenario of black-box adversarial attack, the target model's parameters are unknown, and the attacker aims to find a successful adversarial perturbation based on query feedback under a query budget. Due to the limited feedback information, existing query-based black-box attack methods often require many queries for attacking each benign example. To reduce query cost, we propose to utilize the feedback information across historical attacks, dubbed example-level adversarial transferability. Specifically, by treating the attack on each benign example as one task, we develop a meta-learning framework by training a meta-generator to produce perturbations conditioned on benign examples. When attacking a new benign example, the meta generator can be quickly fine-tuned based on the feedback information of the new task as well as a few historical attacks to produce effective perturbations. Moreover, since the meta-train procedure consumes many queries to learn a generalizable generator, we utilize model-level adversarial transferability to train the meta-generator on a white-box surrogate model, then transfer it to help the attack against the target model. The proposed framework with the two types of adversarial transferability can be naturally combined with any off-the-shelf query-based attack methods to boost their performance, which is verified by extensive experiments.

Cashews are grown by over 3 million smallholders in more than 40 countries worldwide as a principal source of income. As the third largest cashew producer in Africa, Benin has nearly 200,000 smallholder cashew growers contributing 15% of the country's national export earnings. However, a lack of information on where and how cashew trees grow across the country hinders decision-making that could support increased cashew production and poverty alleviation. By leveraging 2.4-m Planet Basemaps and 0.5-m aerial imagery, newly developed deep learning algorithms, and large-scale ground truth datasets, we successfully produced the first national map of cashew in Benin and characterized the expansion of cashew plantations between 2015 and 2021. In particular, we developed a SpatioTemporal Classification with Attention (STCA) model to map the distribution of cashew plantations, which can fully capture texture information from discriminative time steps during a growing season. We further developed a Clustering Augmented Self-supervised Temporal Classification (CASTC) model to distinguish high-density versus low-density cashew plantations by automatic feature extraction and optimized clustering. Results show that the STCA model has an overall accuracy of 80% and the CASTC model achieved an overall accuracy of 77.9%. We found that the cashew area in Benin has doubled from 2015 to 2021 with 60% of new plantation development coming from cropland or fallow land, while encroachment of cashew plantations into protected areas has increased by 70%. Only half of cashew plantations were high-density in 2021, suggesting high potential for intensification. Our study illustrates the power of combining high-resolution remote sensing imagery and state-of-the-art deep learning algorithms to better understand tree crops in the heterogeneous smallholder landscape.