We introduce camouflaged data poisoning attacks, a new attack vector that arises in the context of machine unlearning and other settings when model retraining may be induced. An adversary first adds a few carefully crafted points to the training dataset such that the impact on the model's predictions is minimal. The adversary subsequently triggers a request to remove a subset of the introduced points at which point the attack is unleashed and the model's predictions are negatively affected. In particular, we consider clean-label targeted attacks (in which the goal is to cause the model to misclassify a specific test point) on datasets including CIFAR-10, Imagenette, and Imagewoof. This attack is realized by constructing camouflage datapoints that mask the effect of a poisoned dataset.

Since the recent success of Vision Transformers (ViTs), explorations toward transformer-style architectures have triggered the resurgence of modern ConvNets. In this work, we explore the representation ability of DNNs through the lens of interaction complexities. We empirically show that interaction complexity is an overlooked but essential indicator for visual recognition. Accordingly, a new family of efficient ConvNets, named MogaNet, is presented to pursue informative context mining in pure ConvNet-based models, with preferable complexity-performance trade-offs. In MogaNet, interactions across multiple complexities are facilitated and contextualized by leveraging two specially designed aggregation blocks in both spatial and channel interaction spaces. Extensive studies are conducted on ImageNet classification, COCO object detection, and ADE20K semantic segmentation tasks. The results demonstrate that our MogaNet establishes new state-of-the-art over other popular methods in mainstream scenarios and all model scales. Typically, the lightweight MogaNet-T achieves 80.0\% top-1 accuracy with only 1.44G FLOPs using a refined training setup on ImageNet-1K, surpassing ParC-Net-S by 1.4\% accuracy but saving 59\% (2.04G) FLOPs.

随着计算机视觉中深神经网络的显着进展，广泛研究了数据混合技术，以减轻培训数据量有限时降解概括的问题。但是，当前视觉工具箱中的混合策略尚未得到很好的组装。在本文中，我们建议\ texttt {OpenMixup}，这是一个开放源代码的多合一工具箱，用于使用混音，用于监督，半手术和自我监督的视觉表示学习。它提供了一个集成的模型设计和培训平台，包括一系列主要的网络体系结构和模块，数据混合增强方法的集合以及实用的模型分析工具。此外，我们还在各种数据集上提供标准的混合图像分类基准，这加快了从业者在同一设置下的最新方法中进行公平比较。源代码和用户文档可在\ url {https://github.com/westlake-ai/openmixup}上获得。

流动学习〜（ML）旨在从高维数据中找到低维的嵌入。以前的作品专注于具有简单和理想场景的手工艺品或简单的数据集；但是，我们发现它们在带有不足数据的现实世界数据集上的性能很差。通常，ML方法主要是对数据结构进行建模，并随后处理低维嵌入，在前步骤中，不足采样数据的局部连通性较差，而后来步骤中不适当的优化目标将导致\ emph {结构失真}和\ \ \ \ \ \ \ \ \ \ \ emph {不合适的嵌入}。为了解决这个问题，我们提出了深层局部流动性歧管嵌入（DLME），这是一种新型的ML框架，可通过减少失真来获得可靠的歧管嵌入。我们提出的DLME通过数据增强来构建语义歧管，并在其平滑框架的帮助下克服了\ emph {结构失真}问题。为了克服\ emph {不合适的嵌入}，我们为DLME设计了一个特定的损失，并在数学上表明它会根据我们提出的局部平坦度假设导致更合适的嵌入。在实验中，通过显示DLME对具有三种类型的数据集（玩具，生物学和图像）的下游分类，聚类和可视化任务的有效性，我们的实验结果表明，DLME胜过SOTA ML \＆Chortantive Learning（CL）方法（CL）方法。

队列研究越来越多地使用加速度计进行体育活动和久坐行为估计。这些设备往往比自我报告易于错误，可以全天捕获活动，并且是经济的。但是，在自由生活的情况下和受试者对象变化下，基于髋关节wor的数据估算久坐行为的先前方法通常是无效的或次优的。在本文中，我们提出了一个本地马尔可夫切换模型，该模型考虑了这种情况，并引入了一种姿势分类和久坐行为分析的一般程序，该程序自然适合该模型。我们的方法在时间序列中具有更改点检测方法，也是一个两个阶段分类步骤，将数据标记为3类（坐着，站立，步进）。通过严格的训练测试范例，我们表明我们的方法达到了80％的精度。此外，我们的方法是强大的，易于解释。

混合是深度神经网络的流行数据依赖性增强技术，其包含两个子任务，混合生成和分类。社区通常将混合限制在监督学习（SL）中，并且生成子任务的目的是固定到采样的对，而不是考虑整个数据歧管。为了克服这些限制，我们系统地研究了两个子任务的目标，并为SL和自我监督的学习（SSL）方案，命名为Samix的两个子任务和提出情景 - 激动化混合。具体而言，我们假设并验证混合生成的核心目标，因为优化来自其他类别的全球歧视的两个类之间的局部平滑度。基于这一发现，提出了$ \ eta $ -Balanced混合丢失，以进行两个子任务的互补培训。同时，生成子任务被参数化为可优化的模块，混音器，其利用注意机制来生成混合样本而无需标记依赖性。对SL和SSL任务的广泛实验表明SAMIX始终如一地优于大边距。

事实证明，数据混合对提高深神经网络的概括能力是有效的。虽然早期方法通过手工制作的策略（例如线性插值）混合样品，但最新方法利用显着性信息通过复杂的离线优化来匹配混合样品和标签。但是，在精确的混合政策和优化复杂性之间进行了权衡。为了应对这一挑战，我们提出了一个新颖的自动混合（Automix）框架，其中混合策略被参数化并直接实现最终分类目标。具体而言，Automix将混合分类重新定义为两个子任务（即混合样品生成和混合分类）与相应的子网络，并在双层优化框架中求解它们。对于这一代，可学习的轻质混合发电机Mix Block旨在通过在相应混合标签的直接监督下对贴片的关系进行建模，以生成混合样品。为了防止双层优化的降解和不稳定性，我们进一步引入了动量管道以端到端的方式训练汽车。与在各种分类场景和下游任务中的最新图像相比，九个图像基准的广泛实验证明了汽车的优势。

由于复杂的骨骼年龄评估过程，在临床实践中，骨骼年龄评估具有挑战性。当前的自动骨龄年龄评估方法设计了很少考虑诊断物流，因此可能会产生某些无法解释的隐藏状态和输出。因此，医生很难与此类模型合作，因为很难检查模型预测的正确性。在这项工作中，我们提出了一个新的基于图的深度学习框架，用于使用手动X光片，称为Mimitator（DI）。 DI的结构旨在使用评分方法（例如Tanner-Whitehouse方法）来学习医生的诊断后勤，以进行骨骼年龄评估。具体而言，DI的卷积捕获了X光片上感兴趣的解剖区域（ROI）的局部特征，并通过我们提出的基于解剖学的组卷积预测了ROI评分，总结了骨骼年龄预测。此外，我们开发了一个新型的基于双图的注意模块，以计算ROI特征的患者特定注意力和ROI分数的上下文注意力。据我们所知，DI是遵循评分方法的第一个自动骨骼年龄评估框架，而没有完全监督的手部X光片。只有骨骼年龄监督的手动X光片上的实验证明DI可以通过稀疏参数实现出色的性能并提供更多的可解释性。

Face Anti-spoofing (FAS) is essential to secure face recognition systems from various physical attacks. However, recent research generally focuses on short-distance applications (i.e., phone unlocking) while lacking consideration of long-distance scenes (i.e., surveillance security checks). In order to promote relevant research and fill this gap in the community, we collect a large-scale Surveillance High-Fidelity Mask (SuHiFiMask) dataset captured under 40 surveillance scenes, which has 101 subjects from different age groups with 232 3D attacks (high-fidelity masks), 200 2D attacks (posters, portraits, and screens), and 2 adversarial attacks. In this scene, low image resolution and noise interference are new challenges faced in surveillance FAS. Together with the SuHiFiMask dataset, we propose a Contrastive Quality-Invariance Learning (CQIL) network to alleviate the performance degradation caused by image quality from three aspects: (1) An Image Quality Variable module (IQV) is introduced to recover image information associated with discrimination by combining the super-resolution network. (2) Using generated sample pairs to simulate quality variance distributions to help contrastive learning strategies obtain robust feature representation under quality variation. (3) A Separate Quality Network (SQN) is designed to learn discriminative features independent of image quality. Finally, a large number of experiments verify the quality of the SuHiFiMask dataset and the superiority of the proposed CQIL.

Non-linear state-space models, also known as general hidden Markov models, are ubiquitous in statistical machine learning, being the most classical generative models for serial data and sequences in general. The particle-based, rapid incremental smoother PaRIS is a sequential Monte Carlo (SMC) technique allowing for efficient online approximation of expectations of additive functionals under the smoothing distribution in these models. Such expectations appear naturally in several learning contexts, such as likelihood estimation (MLE) and Markov score climbing (MSC). PARIS has linear computational complexity, limited memory requirements and comes with non-asymptotic bounds, convergence results and stability guarantees. Still, being based on self-normalised importance sampling, the PaRIS estimator is biased. Our first contribution is to design a novel additive smoothing algorithm, the Parisian particle Gibbs PPG sampler, which can be viewed as a PaRIS algorithm driven by conditional SMC moves, resulting in bias-reduced estimates of the targeted quantities. We substantiate the PPG algorithm with theoretical results, including new bounds on bias and variance as well as deviation inequalities. Our second contribution is to apply PPG in a learning framework, covering MLE and MSC as special examples. In this context, we establish, under standard assumptions, non-asymptotic bounds highlighting the value of bias reduction and the implicit Rao--Blackwellization of PPG. These are the first non-asymptotic results of this kind in this setting. We illustrate our theoretical results with numerical experiments supporting our claims.