最近的作品表明，基于GAN的变形攻击的可行性与基于具有里程碑意义的方法的成功率相似。这种新型的“深”形态可能需要开发新的足够检测器来保护面部识别系统。我们根据光谱特征和LBP直方图特征以及CNN模型探索简单的深色检测基准，包括在dataset和交叉数据库中。我们观察到，简单的基于LBP的系统已经在数据内设置中已经非常准确，但是与概括斗争，这种现象通过将其中的几个系统融合在一起而部分缓解了得分级别。我们得出的结论是，对GAN图像检测有效的有效的重新连接是最有效的总体，达到了完美的准确性。但是，我们注意到，基于LBP的系统保持一定的兴趣：除了其较低的计算要求和相对于CNN的可解释性增加，LBP+Resnet Fusions有时还会显示性能提高，而基于RESNET的性能也暗示基于LBP的系统可以集中精力关于有意义的信号，不一定是由CNN检测器拾取的。

后门攻击允许攻击者嵌入功能危害任何算法，机器学习与否的适当行为。这种隐藏的功能可能一直无效，用于正常使用该算法，直到被攻击者激活为止。鉴于隐形后门攻击是多么的，如果要在像边界或访问控制等关键的应用程序中部署此类网络，这些后门的后果可能会造成灾难性。在本文中，我们根据异常检测原理提出了一种新型的后式网络检测方法，涉及访问训练数据的清洁部分和训练有素的网络。我们在考虑各种触发器，位置和身份对时强调了它的潜力，而无需对后门及其设置的性质做出任何假设。我们在一个新颖的后盘网络数据集上测试我们的方法，并报告得分完美的可检测性结果。

自动面部识别是一个知名的研究领域。在该领域的最后三十年的深入研究中，已经提出了许多不同的面部识别算法。随着深度学习的普及及其解决各种不同问题的能力，面部识别研究人员集中精力在此范式下创建更好的模型。从2015年开始，最先进的面部识别就植根于深度学习模型。尽管有大规模和多样化的数据集可用于评估面部识别算法的性能，但许多现代数据集仅结合了影响面部识别的不同因素，例如面部姿势，遮挡，照明，面部表情和图像质量。当算法在这些数据集上产生错误时，尚不清楚哪些因素导致了此错误，因此，没有指导需要多个方向进行更多的研究。这项工作是我们以前在2014年开发的作品的后续作品，最终于2016年发表，显示了各种面部方面对面部识别算法的影响。通过将当前的最新技术与过去的最佳系统进行比较，我们证明了在强烈的遮挡下，某些类型的照明和强烈表达的面孔是深入学习算法所掌握的问题，而具有低分辨率图像的识别，极端的姿势变化和开放式识别仍然是一个开放的问题。为了证明这一点，我们使用六个不同的数据集和五种不同的面部识别算法以开源和可重现的方式运行一系列实验。我们提供了运行所有实验的源代码，这很容易扩展，因此在我们的评估中利用自己的深网只有几分钟的路程。

As automated face recognition applications tend towards ubiquity, there is a growing need to secure the sensitive face data used within these systems. This paper presents a survey of biometric template protection (BTP) methods proposed for securing face templates (images/features) in neural-network-based face recognition systems. The BTP methods are categorised into two types: Non-NN and NN-learned. Non-NN methods use a neural network (NN) as a feature extractor, but the BTP part is based on a non-NN algorithm, whereas NN-learned methods employ a NN to learn a protected template from the unprotected template. We present examples of Non-NN and NN-learned face BTP methods from the literature, along with a discussion of their strengths and weaknesses. We also investigate the techniques used to evaluate these methods in terms of the three most common BTP criteria: recognition accuracy, irreversibility, and renewability/unlinkability. The recognition accuracy of protected face recognition systems is generally evaluated using the same (empirical) techniques employed for evaluating standard (unprotected) biometric systems. However, most irreversibility and renewability/unlinkability evaluations are found to be based on theoretical assumptions/estimates or verbal implications, with a lack of empirical validation in a practical face recognition context. So, we recommend a greater focus on empirical evaluations to provide more concrete insights into the irreversibility and renewability/unlinkability of face BTP methods in practice. Additionally, an exploration of the reproducibility of the studied BTP works, in terms of the public availability of their implementation code and evaluation datasets/procedures, suggests that it would be difficult to faithfully replicate most of the reported findings. So, we advocate for a push towards reproducibility, in the hope of advancing face BTP research.

本文提出了一种保护用于代表基于神经网络的面部验证系统中的人面的敏感面嵌入的方法。 PolyProtect使用基于由用户特定系数和指数参数参数化的多变量多项式的映射将映射变换为更安全的模板。在这项工作中，在合作用户移动面验证上下文中的两个开源面部识别系统中，在最艰难的威胁模型中对PolyProtect进行评估，该模型具有完全通知的攻击者，具有完全了解系统和其所有参数。结果表明，可以调整聚类以在多保护面部验证系统的识别准确性和多保护模板的不可逆转之间实现令人满意的权衡。此外，示出了聚保模板可有效地解释，特别是如果以非天真的方式选择在聚类映射中使用的用户特定参数。评估使用实用方法进行了实用方法，以在实践中将方法的鲁棒性展示在该方法的侵略性保护方案中。使用公开可用的代码，此工作完全可再现：https://gitlab.idiap.ch/bob/bob.paper.polyprotect_2021。

We describe a Physics-Informed Neural Network (PINN) that simulates the flow induced by the astronomical tide in a synthetic port channel, with dimensions based on the Santos - S\~ao Vicente - Bertioga Estuarine System. PINN models aim to combine the knowledge of physical systems and data-driven machine learning models. This is done by training a neural network to minimize the residuals of the governing equations in sample points. In this work, our flow is governed by the Navier-Stokes equations with some approximations. There are two main novelties in this paper. First, we design our model to assume that the flow is periodic in time, which is not feasible in conventional simulation methods. Second, we evaluate the benefit of resampling the function evaluation points during training, which has a near zero computational cost and has been verified to improve the final model, especially for small batch sizes. Finally, we discuss some limitations of the approximations used in the Navier-Stokes equations regarding the modeling of turbulence and how it interacts with PINNs.

The number of international benchmarking competitions is steadily increasing in various fields of machine learning (ML) research and practice. So far, however, little is known about the common practice as well as bottlenecks faced by the community in tackling the research questions posed. To shed light on the status quo of algorithm development in the specific field of biomedical imaging analysis, we designed an international survey that was issued to all participants of challenges conducted in conjunction with the IEEE ISBI 2021 and MICCAI 2021 conferences (80 competitions in total). The survey covered participants' expertise and working environments, their chosen strategies, as well as algorithm characteristics. A median of 72% challenge participants took part in the survey. According to our results, knowledge exchange was the primary incentive (70%) for participation, while the reception of prize money played only a minor role (16%). While a median of 80 working hours was spent on method development, a large portion of participants stated that they did not have enough time for method development (32%). 25% perceived the infrastructure to be a bottleneck. Overall, 94% of all solutions were deep learning-based. Of these, 84% were based on standard architectures. 43% of the respondents reported that the data samples (e.g., images) were too large to be processed at once. This was most commonly addressed by patch-based training (69%), downsampling (37%), and solving 3D analysis tasks as a series of 2D tasks. K-fold cross-validation on the training set was performed by only 37% of the participants and only 50% of the participants performed ensembling based on multiple identical models (61%) or heterogeneous models (39%). 48% of the respondents applied postprocessing steps.

Topic modeling is widely used for analytically evaluating large collections of textual data. One of the most popular topic techniques is Latent Dirichlet Allocation (LDA), which is flexible and adaptive, but not optimal for e.g. short texts from various domains. We explore how the state-of-the-art BERTopic algorithm performs on short multi-domain text and find that it generalizes better than LDA in terms of topic coherence and diversity. We further analyze the performance of the HDBSCAN clustering algorithm utilized by BERTopic and find that it classifies a majority of the documents as outliers. This crucial, yet overseen problem excludes too many documents from further analysis. When we replace HDBSCAN with k-Means, we achieve similar performance, but without outliers.

Existing analyses of neural network training often operate under the unrealistic assumption of an extremely small learning rate. This lies in stark contrast to practical wisdom and empirical studies, such as the work of J. Cohen et al. (ICLR 2021), which exhibit startling new phenomena (the "edge of stability" or "unstable convergence") and potential benefits for generalization in the large learning rate regime. Despite a flurry of recent works on this topic, however, the latter effect is still poorly understood. In this paper, we take a step towards understanding genuinely non-convex training dynamics with large learning rates by performing a detailed analysis of gradient descent for simplified models of two-layer neural networks. For these models, we provably establish the edge of stability phenomenon and discover a sharp phase transition for the step size below which the neural network fails to learn "threshold-like" neurons (i.e., neurons with a non-zero first-layer bias). This elucidates one possible mechanism by which the edge of stability can in fact lead to better generalization, as threshold neurons are basic building blocks with useful inductive bias for many tasks.

We introduce the XPER (eXplainable PERformance) methodology to measure the specific contribution of the input features to the predictive or economic performance of a model. Our methodology offers several advantages. First, it is both model-agnostic and performance metric-agnostic. Second, XPER is theoretically founded as it is based on Shapley values. Third, the interpretation of the benchmark, which is inherent in any Shapley value decomposition, is meaningful in our context. Fourth, XPER is not plagued by model specification error, as it does not require re-estimating the model. Fifth, it can be implemented either at the model level or at the individual level. In an application based on auto loans, we find that performance can be explained by a surprisingly small number of features. XPER decompositions are rather stable across metrics, yet some feature contributions switch sign across metrics. Our analysis also shows that explaining model forecasts and model performance are two distinct tasks.