Named entity recognition models (NER), are widely used for identifying named entities (e.g., individuals, locations, and other information) in text documents. Machine learning based NER models are increasingly being applied in privacy-sensitive applications that need automatic and scalable identification of sensitive information to redact text for data sharing. In this paper, we study the setting when NER models are available as a black-box service for identifying sensitive information in user documents and show that these models are vulnerable to membership inference on their training datasets. With updated pre-trained NER models from spaCy, we demonstrate two distinct membership attacks on these models. Our first attack capitalizes on unintended memorization in the NER's underlying neural network, a phenomenon NNs are known to be vulnerable to. Our second attack leverages a timing side-channel to target NER models that maintain vocabularies constructed from the training data. We show that different functional paths of words within the training dataset in contrast to words not previously seen have measurable differences in execution time. Revealing membership status of training samples has clear privacy implications, e.g., in text redaction, sensitive words or phrases to be found and removed, are at risk of being detected in the training dataset. Our experimental evaluation includes the redaction of both password and health data, presenting both security risks and privacy/regulatory issues. This is exacerbated by results that show memorization with only a single phrase. We achieved 70% AUC in our first attack on a text redaction use-case. We also show overwhelming success in the timing attack with 99.23% AUC. Finally we discuss potential mitigation approaches to realize the safe use of NER models in light of the privacy and security implications of membership inference attacks.

Human operators in human-robot teams are commonly perceived to be critical for mission success. To explore the direct and perceived impact of operator input on task success and team performance, 16 real-world missions (10 hrs) were conducted based on the DARPA Subterranean Challenge. These missions were to deploy a heterogeneous team of robots for a search task to locate and identify artifacts such as climbing rope, drills and mannequins representing human survivors. Two conditions were evaluated: human operators that could control the robot team with state-of-the-art autonomy (Human-Robot Team) compared to autonomous missions without human operator input (Robot-Autonomy). Human-Robot Teams were often in directed autonomy mode (70% of mission time), found more items, traversed more distance, covered more unique ground, and had a higher time between safety-related events. Human-Robot Teams were faster at finding the first artifact, but slower to respond to information from the robot team. In routine conditions, scores were comparable for artifacts, distance, and coverage. Reasons for intervention included creating waypoints to prioritise high-yield areas, and to navigate through error-prone spaces. After observing robot autonomy, operators reported increases in robot competency and trust, but that robot behaviour was not always transparent and understandable, even after high mission performance.

Neural networks have revolutionized the area of artificial intelligence and introduced transformative applications to almost every scientific field and industry. However, this success comes at a great price; the energy requirements for training advanced models are unsustainable. One promising way to address this pressing issue is by developing low-energy neuromorphic hardware that directly supports the algorithm's requirements. The intrinsic non-volatility, non-linearity, and memory of spintronic devices make them appealing candidates for neuromorphic devices. Here we focus on the reservoir computing paradigm, a recurrent network with a simple training algorithm suitable for computation with spintronic devices since they can provide the properties of non-linearity and memory. We review technologies and methods for developing neuromorphic spintronic devices and conclude with critical open issues to address before such devices become widely used.

Entrainment is the phenomenon by which an interlocutor adapts their speaking style to align with their partner in conversations. It has been found in different dimensions as acoustic, prosodic, lexical or syntactic. In this work, we explore and utilize the entrainment phenomenon to improve spoken dialogue systems for voice assistants. We first examine the existence of the entrainment phenomenon in human-to-human dialogues in respect to acoustic feature and then extend the analysis to emotion features. The analysis results show strong evidence of entrainment in terms of both acoustic and emotion features. Based on this findings, we implement two entrainment policies and assess if the integration of entrainment principle into a Text-to-Speech (TTS) system improves the synthesis performance and the user experience. It is found that the integration of the entrainment principle into a TTS system brings performance improvement when considering acoustic features, while no obvious improvement is observed when considering emotion features.

Large language models (LLMs) have been shown to be able to perform new tasks based on a few demonstrations or natural language instructions. While these capabilities have led to widespread adoption, most LLMs are developed by resource-rich organizations and are frequently kept from the public. As a step towards democratizing this powerful technology, we present BLOOM, a 176B-parameter open-access language model designed and built thanks to a collaboration of hundreds of researchers. BLOOM is a decoder-only Transformer language model that was trained on the ROOTS corpus, a dataset comprising hundreds of sources in 46 natural and 13 programming languages (59 in total). We find that BLOOM achieves competitive performance on a wide variety of benchmarks, with stronger results after undergoing multitask prompted finetuning. To facilitate future research and applications using LLMs, we publicly release our models and code under the Responsible AI License.

语言模型既展示了定量的改进，又展示了新的定性功能，随着规模的增加。尽管它们具有潜在的变革性影响，但这些新能力的特征却很差。为了为未来的研究提供信息，为破坏性的新模型能力做准备，并改善社会有害的效果，至关重要的是，我们必须了解目前和近乎未来的能力和语言模型的局限性。为了应对这一挑战，我们介绍了超越模仿游戏基准（Big Bench）。 Big Bench目前由204个任务组成，由132家机构的442位作者贡献。任务主题是多样的，从语言学，儿童发展，数学，常识性推理，生物学，物理学，社会偏见，软件开发等等。 Big-Bench专注于被认为超出当前语言模型的功能的任务。我们评估了OpenAI的GPT型号，Google内部密集变压器体系结构和大型基础上的开关稀疏变压器的行为，跨越了数百万到数十亿个参数。此外，一个人类专家评估者团队执行了所有任务，以提供强大的基准。研究结果包括：模型性能和校准都随规模改善，但绝对的术语（以及与评估者的性能相比）；在模型类中的性能非常相似，尽管带有稀疏性。逐渐和预测的任务通常涉及大量知识或记忆成分，而在临界规模上表现出“突破性”行为的任务通常涉及多个步骤或组成部分或脆性指标；社交偏见通常会随着含糊不清的环境而随着规模而增加，但这可以通过提示来改善。

在本文中，我们提出了一个动态的级联编码器自动语音识别（ASR）模型，该模型统一了不同部署方案的模型。此外，该模型可以显着降低模型尺寸和功耗而不会损失质量。也就是说，使用动态级联编码器模型，我们探索了三种技术，以最大程度地提高每个模型大小的性能：1）在共享编码器时为每个子模型使用单独的解码器；2）使用漏斗 - 提高编码器效率；3）平衡因果关系的大小，以提高质量和适合部署限制。总体而言，与基线级联编码器模型相比，拟议的大中等模型的尺寸较小30％，并将功耗降低了33％。统一大型，中和小型模型的三重大小模型可实现37％的总尺寸减少，而质量损失最小，同时大大减少了拥有单独模型的工程工作。

我们引入了一种新方法，用于纳米光器设备的逆设计，该方法可以确保由此产生的设计满足严格的长度限制，包括商业半导体铸造厂所需的最小宽度和间距约束。该方法采用了几个概念，从机器学习中，将拓扑优化的问题与严格的长度限制转变为无约束的随机梯度优化问题。具体而言，我们引入了一种有条件的发电机，用于可行设计，并采用直通估计器将梯度反向传播到潜在设计。我们通过设计几个常见的集成光子组件来证明我们方法的性能和可靠性。

部署在野外的机器学习系统通常在源分布上培训，但部署在不同的目标分布上。未标记的数据可以是用于缓解这些分布班次的强大的利用点，因为它通常比标记数据更具可用。然而，未标记数据的现有分配转换基准不反映现实世界应用中出现的方案的广度。在这项工作中，我们介绍了Wilds 2.0更新，该更新在分发转移的野外基准中扩展了10个数据集中的8个，以包括将在部署中逼真获得的策划未标记数据。为了保持一致性，标记的培训，验证和测试集以及评估度量与原始野外基准中的标记与评估度量完全相同。这些数据集涵盖了广泛的应用程序（从组织学到野生动物保护），任务（分类，回归和检测）和方式（照片，卫星图像，显微镜载玻片，文本，分子图）。我们系统地基准测试最先进的方法，可以利用未标记的数据，包括域不变，自我培训和自我监督方法，并表明他们在野外的成功2.0是有限的。为了方便方法开发和评估，我们提供了一个自动化数据加载的开源包，并包含本文中使用的所有模型架构和方法。代码和排行榜可在https://wilds.stanford.edu获得。

最近已经提出了与紧急磁化动态的互连磁纳环阵列用于储层计算应用，但是对于它们进行计算有用，必须可以优化其动态响应。在这里，我们使用一种现象学模型来证明可以通过调整使用旋转磁场将数据的缩放和输入速率控制到系统中的超级参数来优化这些储存器。我们使用任务独立的指标来评估每组上的这些超参数的戒指的计算能力，并展示这些指标如何直接关联与口头和书面识别任务中的性能相关联。然后，我们通过扩展储库的输出来包括环阵列磁态的多个并发度量，可以进一步改善这些度量。