会员推理（MI）攻击突出了当前神经网络随机培训方法中的隐私弱点。然而，它为什么出现。它们仅是不完美概括的自然结果吗？在培训期间，我们应该解决哪些根本原因以减轻这些攻击？为了回答此类问题，我们提出了第一种解释MI攻击及其基于原则性因果推理的概括的方法。我们提供因果图，以定量地解释以$ 6 $攻击变体获得的观察到的MI攻击性能。我们驳斥了几种先前的非量化假设，这些假设过于简化或过度估计潜在原因的影响，从而未能捕获几个因素之间的复杂相互作用。我们的因果模型还通过共同的因果因素显示了概括和MI攻击之间的新联系。我们的因果模型具有很高的预测能力（$ 0.90 $），即它们的分析预测与经常看不见的实验中的观察结果相匹配，这使得通过它们的分析成为务实的替代方案。

移动对象（DATMO）的检测和跟踪是自动驾驶环境感知的重要组成部分。虽然使用环绕视图摄像机的3D检测器只是蓬勃发展，但越来越多的趋势是使用不同的基于变压器的方法从透视图的2D特征图中学习3D空间中的查询。本文提出了稀疏的R-CNN 3D（SRCN3D），这是一种新颖的两阶段全横向卷积映射管道，用于环绕视图摄像机检测和跟踪。 SRCN3D采用了级联结构，具有固定数量的提案盒和提案潜在功能的双轨更新。预计提案框可以透视视图，以汇总感兴趣的区域（ROI）本地特征。基于此，提案功能通过动态实例交互式头部进行完善，然后生成分类，并应用于原始边界框。与先前的艺术相比，我们的稀疏功能采样模块仅利用本地2D功能来调整每个相应的3D提案盒，从而导致完整的稀疏范式。提案功能和外观特征均在数据关联过程中采用多刺激性3D多对象跟踪方法。 Nuscenes数据集的广泛实验证明了我们提出的SRCN3D检测器和跟踪器的有效性。代码可在https://github.com/synsin0/srcn3d上找到。

步态识别旨在通过相机来识别一个距离的人。随着深度学习的出现，步态识别的重大进步通过使用深度学习技术在许多情况下取得了鼓舞人心的成功。然而，对视频监视的越来越多的需求引入了更多的挑战，包括在各种方差下进行良好的识别，步态序列中的运动信息建模，由于协议方差，生物量标准安全性和预防隐私而引起的不公平性能比较。本文对步态识别的深度学习进行了全面的调查。我们首先介绍了从传统算法到深层模型的步态识别的奥德赛，从而提供了对步态识别系统的整个工作流程的明确知识。然后，从深度表示和建筑的角度讨论了步态识别的深入学习，并深入摘要。具体而言，深层步态表示分为静态和动态特征，而深度体系结构包括单流和多流架构。遵循我们提出的新颖性分类法，它可能有益于提供灵感并促进对步态认识的感知。此外，我们还提供了所有基于视觉的步态数据集和性能分析的全面摘要。最后，本文讨论了一些潜在潜在前景的开放问题。

步态是长距离识别个体的最有前途的生物识别技术之一。尽管大多数以前的方法都集中在识别轮廓上，但直接从RGB图像中提取步态特征的几种端到端方法表现更好。但是，我们证明了这些端到端方法可能不可避免地会遭受步态液化的噪音，即低级纹理和丰富多彩的信息。在实验上，我们设计了跨域评估以支持这种观点。在这项工作中，我们提出了一个名为Gaitedge的新颖端到端框架，该框架可以有效地阻止步态 - 近距离信息并发布端到端训练潜力。具体而言，Gaitede合成了行人分割网络的输出，然后将其馈送到随后的识别网络中，在该网络中，合成轮廓由身体的可训练边缘和固定内部室内装饰组成，以限制识别网络接收的信息。此外，对齐轮廓的步态嵌入了盖地，而不会失去不同的性能。关于CASIA-B和我们新建的TTG-200的实验结果表明，Gaitedge明显优于先前的方法，并提供了更实用的端到端范式。所有源代码均可在https://github.com/shiqiyu/opengait上获得。

Dataset distillation has emerged as a prominent technique to improve data efficiency when training machine learning models. It encapsulates the knowledge from a large dataset into a smaller synthetic dataset. A model trained on this smaller distilled dataset can attain comparable performance to a model trained on the original training dataset. However, the existing dataset distillation techniques mainly aim at achieving the best trade-off between resource usage efficiency and model utility. The security risks stemming from them have not been explored. This study performs the first backdoor attack against the models trained on the data distilled by dataset distillation models in the image domain. Concretely, we inject triggers into the synthetic data during the distillation procedure rather than during the model training stage, where all previous attacks are performed. We propose two types of backdoor attacks, namely NAIVEATTACK and DOORPING. NAIVEATTACK simply adds triggers to the raw data at the initial distillation phase, while DOORPING iteratively updates the triggers during the entire distillation procedure. We conduct extensive evaluations on multiple datasets, architectures, and dataset distillation techniques. Empirical evaluation shows that NAIVEATTACK achieves decent attack success rate (ASR) scores in some cases, while DOORPING reaches higher ASR scores (close to 1.0) in all cases. Furthermore, we conduct a comprehensive ablation study to analyze the factors that may affect the attack performance. Finally, we evaluate multiple defense mechanisms against our backdoor attacks and show that our attacks can practically circumvent these defense mechanisms.

Few Shot Instance Segmentation (FSIS) requires models to detect and segment novel classes with limited several support examples. In this work, we explore a simple yet unified solution for FSIS as well as its incremental variants, and introduce a new framework named Reference Twice (RefT) to fully explore the relationship between support/query features based on a Transformer-like framework. Our key insights are two folds: Firstly, with the aid of support masks, we can generate dynamic class centers more appropriately to re-weight query features. Secondly, we find that support object queries have already encoded key factors after base training. In this way, the query features can be enhanced twice from two aspects, i.e., feature-level and instance-level. In particular, we firstly design a mask-based dynamic weighting module to enhance support features and then propose to link object queries for better calibration via cross-attention. After the above steps, the novel classes can be improved significantly over our strong baseline. Additionally, our new framework can be easily extended to incremental FSIS with minor modification. When benchmarking results on the COCO dataset for FSIS, gFSIS, and iFSIS settings, our method achieves a competitive performance compared to existing approaches across different shots, e.g., we boost nAP by noticeable +8.2/+9.4 over the current state-of-the-art FSIS method for 10/30-shot. We further demonstrate the superiority of our approach on Few Shot Object Detection. Code and model will be available.

Nowadays, time-stamped web documents related to a general news query floods spread throughout the Internet, and timeline summarization targets concisely summarizing the evolution trajectory of events along the timeline. Unlike traditional document summarization, timeline summarization needs to model the time series information of the input events and summarize important events in chronological order. To tackle this challenge, in this paper, we propose a Unified Timeline Summarizer (UTS) that can generate abstractive and extractive timeline summaries in time order. Concretely, in the encoder part, we propose a graph-based event encoder that relates multiple events according to their content dependency and learns a global representation of each event. In the decoder part, to ensure the chronological order of the abstractive summary, we propose to extract the feature of event-level attention in its generation process with sequential information remained and use it to simulate the evolutionary attention of the ground truth summary. The event-level attention can also be used to assist in extracting summary, where the extracted summary also comes in time sequence. We augment the previous Chinese large-scale timeline summarization dataset and collect a new English timeline dataset. Extensive experiments conducted on these datasets and on the out-of-domain Timeline 17 dataset show that UTS achieves state-of-the-art performance in terms of both automatic and human evaluations.

In this tutorial paper, we look into the evolution and prospect of network architecture and propose a novel conceptual architecture for the 6th generation (6G) networks. The proposed architecture has two key elements, i.e., holistic network virtualization and pervasive artificial intelligence (AI). The holistic network virtualization consists of network slicing and digital twin, from the aspects of service provision and service demand, respectively, to incorporate service-centric and user-centric networking. The pervasive network intelligence integrates AI into future networks from the perspectives of networking for AI and AI for networking, respectively. Building on holistic network virtualization and pervasive network intelligence, the proposed architecture can facilitate three types of interplay, i.e., the interplay between digital twin and network slicing paradigms, between model-driven and data-driven methods for network management, and between virtualization and AI, to maximize the flexibility, scalability, adaptivity, and intelligence for 6G networks. We also identify challenges and open issues related to the proposed architecture. By providing our vision, we aim to inspire further discussions and developments on the potential architecture of 6G.

In this paper, we investigate the joint device activity and data detection in massive machine-type communications (mMTC) with a one-phase non-coherent scheme, where data bits are embedded in the pilot sequences and the base station simultaneously detects active devices and their embedded data bits without explicit channel estimation. Due to the correlated sparsity pattern introduced by the non-coherent transmission scheme, the traditional approximate message passing (AMP) algorithm cannot achieve satisfactory performance. Therefore, we propose a deep learning (DL) modified AMP network (DL-mAMPnet) that enhances the detection performance by effectively exploiting the pilot activity correlation. The DL-mAMPnet is constructed by unfolding the AMP algorithm into a feedforward neural network, which combines the principled mathematical model of the AMP algorithm with the powerful learning capability, thereby benefiting from the advantages of both techniques. Trainable parameters are introduced in the DL-mAMPnet to approximate the correlated sparsity pattern and the large-scale fading coefficient. Moreover, a refinement module is designed to further advance the performance by utilizing the spatial feature caused by the correlated sparsity pattern. Simulation results demonstrate that the proposed DL-mAMPnet can significantly outperform traditional algorithms in terms of the symbol error rate performance.

Deploying reliable deep learning techniques in interdisciplinary applications needs learned models to output accurate and ({even more importantly}) explainable predictions. Existing approaches typically explicate network outputs in a post-hoc fashion, under an implicit assumption that faithful explanations come from accurate predictions/classifications. We have an opposite claim that explanations boost (or even determine) classification. That is, end-to-end learning of explanation factors to augment discriminative representation extraction could be a more intuitive strategy to inversely assure fine-grained explainability, e.g., in those neuroimaging and neuroscience studies with high-dimensional data containing noisy, redundant, and task-irrelevant information. In this paper, we propose such an explainable geometric deep network dubbed as NeuroExplainer, with applications to uncover altered infant cortical development patterns associated with preterm birth. Given fundamental cortical attributes as network input, our NeuroExplainer adopts a hierarchical attention-decoding framework to learn fine-grained attentions and respective discriminative representations to accurately recognize preterm infants from term-born infants at term-equivalent age. NeuroExplainer learns the hierarchical attention-decoding modules under subject-level weak supervision coupled with targeted regularizers deduced from domain knowledge regarding brain development. These prior-guided constraints implicitly maximizes the explainability metrics (i.e., fidelity, sparsity, and stability) in network training, driving the learned network to output detailed explanations and accurate classifications. Experimental results on the public dHCP benchmark suggest that NeuroExplainer led to quantitatively reliable explanation results that are qualitatively consistent with representative neuroimaging studies.