This paper proposes an easy-to-compute upper bound for the overlap index between two probability distributions without requiring any knowledge of the distribution models. The computation of our bound is time-efficient and memory-efficient and only requires finite samples. The proposed bound shows its value in one-class classification and domain shift analysis. Specifically, in one-class classification, we build a novel one-class classifier by converting the bound into a confidence score function. Unlike most one-class classifiers, the training process is not needed for our classifier. Additionally, the experimental results show that our classifier \textcolor{\colorname}{can be accurate with} only a small number of in-class samples and outperforms many state-of-the-art methods on various datasets in different one-class classification scenarios. In domain shift analysis, we propose a theorem based on our bound. The theorem is useful in detecting the existence of domain shift and inferring data information. The detection and inference processes are both computation-efficient and memory-efficient. Our work shows significant promise toward broadening the applications of overlap-based metrics.

Concept bottleneck models (CBMs) (Koh et al. 2020) are interpretable neural networks that first predict labels for human-interpretable concepts relevant to the prediction task, and then predict the final label based on the concept label predictions.We extend CBMs to interactive prediction settings where the model can query a human collaborator for the label to some concepts. We develop an interaction policy that, at prediction time, chooses which concepts to request a label for so as to maximally improve the final prediction. We demonstrate thata simple policy combining concept prediction uncertainty and influence of the concept on the final prediction achieves strong performance and outperforms a static approach proposed in Koh et al. (2020) as well as active feature acquisition methods proposed in the literature. We show that the interactiveCBM can achieve accuracy gains of 5-10% with only 5 interactions over competitive baselines on the Caltech-UCSDBirds, CheXpert and OAI datasets.

We propose a framework in which multiple entities collaborate to build a machine learning model while preserving privacy of their data. The approach utilizes feature embeddings from shared/per-entity feature extractors transforming data into a feature space for cooperation between entities. We propose two specific methods and compare them with a baseline method. In Shared Feature Extractor (SFE) Learning, the entities use a shared feature extractor to compute feature embeddings of samples. In Locally Trained Feature Extractor (LTFE) Learning, each entity uses a separate feature extractor and models are trained using concatenated features from all entities. As a baseline, in Cooperatively Trained Feature Extractor (CTFE) Learning, the entities train models by sharing raw data. Secure multi-party algorithms are utilized to train models without revealing data or features in plain text. We investigate the trade-offs among SFE, LTFE, and CTFE in regard to performance, privacy leakage (using an off-the-shelf membership inference attack), and computational cost. LTFE provides the most privacy, followed by SFE, and then CTFE. Computational cost is lowest for SFE and the relative speed of CTFE and LTFE depends on network architecture. CTFE and LTFE provide the best accuracy. We use MNIST, a synthetic dataset, and a credit card fraud detection dataset for evaluations.

This paper considers adaptive radar electronic counter-counter measures (ECCM) to mitigate ECM by an adversarial jammer. Our ECCM approach models the jammer-radar interaction as a Principal Agent Problem (PAP), a popular economics framework for interaction between two entities with an information imbalance. In our setup, the radar does not know the jammer's utility. Instead, the radar learns the jammer's utility adaptively over time using inverse reinforcement learning. The radar's adaptive ECCM objective is two-fold (1) maximize its utility by solving the PAP, and (2) estimate the jammer's utility by observing its response. Our adaptive ECCM scheme uses deep ideas from revealed preference in micro-economics and principal agent problem in contract theory. Our numerical results show that, over time, our adaptive ECCM both identifies and mitigates the jammer's utility.

The vision community has explored numerous pose guided human editing methods due to their extensive practical applications. Most of these methods still use an image-to-image formulation in which a single image is given as input to produce an edited image as output. However, the problem is ill-defined in cases when the target pose is significantly different from the input pose. Existing methods then resort to in-painting or style transfer to handle occlusions and preserve content. In this paper, we explore the utilization of multiple views to minimize the issue of missing information and generate an accurate representation of the underlying human model. To fuse the knowledge from multiple viewpoints, we design a selector network that takes the pose keypoints and texture from images and generates an interpretable per-pixel selection map. After that, the encodings from a separate network (trained on a single image human reposing task) are merged in the latent space. This enables us to generate accurate, precise, and visually coherent images for different editing tasks. We show the application of our network on 2 newly proposed tasks - Multi-view human reposing, and Mix-and-match human image generation. Additionally, we study the limitations of single-view editing and scenarios in which multi-view provides a much better alternative.

Neural network-based approaches for solving partial differential equations (PDEs) have recently received special attention. However, the large majority of neural PDE solvers only apply to rectilinear domains, and do not systematically address the imposition of Dirichlet/Neumann boundary conditions over irregular domain boundaries. In this paper, we present a framework to neurally solve partial differential equations over domains with irregularly shaped (non-rectilinear) geometric boundaries. Our network takes in the shape of the domain as an input (represented using an unstructured point cloud, or any other parametric representation such as Non-Uniform Rational B-Splines) and is able to generalize to novel (unseen) irregular domains; the key technical ingredient to realizing this model is a novel approach for identifying the interior and exterior of the computational grid in a differentiable manner. We also perform a careful error analysis which reveals theoretical insights into several sources of error incurred in the model-building process. Finally, we showcase a wide variety of applications, along with favorable comparisons with ground truth solutions.

对图像分类器的最新基于模型的攻击压倒性地集中在单对象（即单个主体对象）图像上。与此类设置不同，我们解决了一个更实用的问题，即使用多对象（即多个主导对象）图像生成对抗性扰动，因为它们代表了大多数真实世界场景。我们的目标是设计一种攻击策略，该策略可以通过利用此类图像中固有的本地贴片差异来从此类自然场景中学习（例如，对象上的局部贴片在“人”上的局部贴片与在交通场景中的对象`自行车'之间的差异）。我们的关键想法是：为了误解对抗性的多对象图像，图像中的每个本地贴片都会使受害者分类器感到困惑。基于此，我们提出了一种新颖的生成攻击（称为局部斑块差异或LPD攻击），其中新颖的对比损失函数使用上述多对象场景特征空间的局部差异来优化扰动生成器。通过各种受害者卷积神经网络的各种实验，我们表明我们的方法在不同的白色盒子和黑色盒子设置下进行评估时，我们的方法优于基线生成攻击，具有高度可转移的扰动。

制作对抗性攻击的大多数方法都集中在具有单个主体对象的场景上（例如，来自Imagenet的图像）。另一方面，自然场景包括多个在语义上相关的主要对象。因此，探索设计攻击策略至关重要，这些攻击策略超出了在单对象场景上学习或攻击单对象受害者分类器。由于其固有的属性将扰动向未知模型的强大可传递性强，因此本文介绍了使用生成模型对多对象场景的对抗性攻击的第一种方法。为了代表输入场景中不同对象之间的关系，我们利用开源的预训练的视觉语言模型剪辑（对比语言图像 - 预训练），并动机利用语言中的编码语义来利用编码的语义空间与视觉空间一起。我们称这种攻击方法生成对抗性多对象场景攻击（GAMA）。 GAMA展示了剪辑模型作为攻击者的工具的实用性，以训练可强大的扰动发电机为多对象场景。使用联合图像文本功能来训练发电机，我们表明GAMA可以在各种攻击环境中制作有效的可转移扰动，以欺骗受害者分类器。例如，GAMA触发的错误分类比在黑框设置中的最新生成方法高出约16％，在黑框设置中，分类器体系结构和攻击者的数据分布都与受害者不同。我们的代码将很快公开提供。

在现实世界中的对话系统中，生成的响应必须满足几个互锁的限制：内容丰富，真实且易于控制。语言生成中的两个主要范式 - 神经语言建模和基于规则的一代 - 都难以满足这些约束。即使是最好的神经模型，也容易出现信息的幻觉和省略，而现有的基于规则的形式的形式使得很难编写既灵活又流利的语法。我们描述了对话响应产生的混合体系结构，结合了两种方法的优势。该体系结构有两个组件。首先，使用新的正式框架定义的基于规则的内容选择模型，称为数据流转导，该模型使用声明性规则将对话代理的计算（表示为数据流图）转换为代表上下文可接受响应空间的无上下文语法。其次，使用这些语法来限制神经语言模型的输出的受约束解码过程，该过程选择流利的话语。最终的系统在人类对流利，相关性和真实性的评估中的表现都优于基于规则的方法和学识渊博的方法。

在包括搜索在内的各种应用程序中，积极消费数字文档的研究范围为研究范围。传统上，文档中的搜索是作为文本匹配的问题施放的，忽略了结构化文档，表格等中常见的丰富布局和视觉提示。为此，我们提出了一个大多数未探索的问题：“我们可以搜索其他类似的snippets在目标文档页面中存在给定文档摘要的单个查询实例吗？”。我们建议单体将其作为单拍的摘要检测任务解决。单体融合了摘要和文档的视觉，文本和空间方式的上下文，以在目标文档中找到查询片段。我们进行了广泛的消融和实验，显示单体从一击对象检测（BHRL），模板匹配和文档理解（Layoutlmv3）中优于几个基线。由于目前的任务缺乏相关数据，因此我们对单体进行了编程生成的数据训练，该数据具有许多视觉上相似的查询片段和来自两个数据集的目标文档对 - Flamingo表单和PublayNet。我们还进行人类研究以验证生成的数据。