深度学习（DL）系统的安全性是一个极为重要的研究领域，因为它们正在部署在多个应用程序中，因为它们不断改善，以解决具有挑战性的任务。尽管有压倒性的承诺，但深度学习系统容易受到制作的对抗性例子的影响，这可能是人眼无法察觉的，但可能会导致模型错误分类。对基于整体技术的对抗性扰动的保护已被证明很容易受到更强大的对手的影响，或者证明缺乏端到端评估。在本文中，我们试图开发一种新的基于整体的解决方案，该解决方案构建具有不同决策边界的防御者模型相对于原始模型。通过（1）通过一种称为拆分和剃须的方法转换输入的分类器的合奏，以及（2）通过一种称为对比度功能的方法限制重要特征，显示出相对于相对于不同的梯度对抗性攻击，这减少了将对抗性示例从原始示例转移到针对同一类的防御者模型的机会。我们使用标准图像分类数据集（即MNIST，CIFAR-10和CIFAR-100）进行了广泛的实验，以实现最新的对抗攻击，以证明基于合奏的防御的鲁棒性。我们还在存在更强大的对手的情况下评估稳健性，该对手同时靶向合奏中的所有模型。已经提供了整体假阳性和误报的结果，以估计提出的方法的总体性能。

由于对抗性攻击的存在，深度学习分类器的安全性是一个关键的研究领域。这种攻击通常依赖于可转移性的原则，其中在代理分类器上制作的对手示例倾向于误导目标分类器，即使两个分类器都有相当不同的架构，也要误导目标分类器。抗逆性攻击的集合方法表明，对抗性示例的可能性不太可能在具有不同决策边界的集合中误导多个分类器。然而，最近的集合方法已被证明是易受强烈的对手或表现出缺乏结束到最终评估的影响。本文试图开发一种新的集合方法，该方法在训练过程中使用成对对手稳健的损失（PARL）功能来构造多种不同分类器。 PARL在同时在集合中的每个分类器中输入每个层的梯度。与之前的集合方法相比，建议的培训程序使PARL能够实现对黑盒转移攻击的更高稳健性，而不会对清洁实例的准确性产生不利影响。我们还评估了白盒攻击存在下的稳健性，其中使用目标分类器的参数制作了对抗示例。我们使用标准图像分类数据集在使用标准Reset20分类器培训的标准图像分类数据集目前，使用标准Reset20分类器，以展示所提出的集合方法的稳健性。

Due to the high activation sparsity and use of accumulates (AC) instead of expensive multiply-and-accumulates (MAC), neuromorphic spiking neural networks (SNNs) have emerged as a promising low-power alternative to traditional DNNs for several computer vision (CV) applications. However, most existing SNNs require multiple time steps for acceptable inference accuracy, hindering real-time deployment and increasing spiking activity and, consequently, energy consumption. Recent works proposed direct encoding that directly feeds the analog pixel values in the first layer of the SNN in order to significantly reduce the number of time steps. Although the overhead for the first layer MACs with direct encoding is negligible for deep SNNs and the CV processing is efficient using SNNs, the data transfer between the image sensors and the downstream processing costs significant bandwidth and may dominate the total energy. To mitigate this concern, we propose an in-sensor computing hardware-software co-design framework for SNNs targeting image recognition tasks. Our approach reduces the bandwidth between sensing and processing by 12-96x and the resulting total energy by 2.32x compared to traditional CV processing, with a 3.8% reduction in accuracy on ImageNet.

Spiking Neural networks (SNN) have emerged as an attractive spatio-temporal computing paradigm for a wide range of low-power vision tasks. However, state-of-the-art (SOTA) SNN models either incur multiple time steps which hinder their deployment in real-time use cases or increase the training complexity significantly. To mitigate this concern, we present a training framework (from scratch) for one-time-step SNNs that uses a novel variant of the recently proposed Hoyer regularizer. We estimate the threshold of each SNN layer as the Hoyer extremum of a clipped version of its activation map, where the clipping threshold is trained using gradient descent with our Hoyer regularizer. This approach not only downscales the value of the trainable threshold, thereby emitting a large number of spikes for weight update with a limited number of iterations (due to only one time step) but also shifts the membrane potential values away from the threshold, thereby mitigating the effect of noise that can degrade the SNN accuracy. Our approach outperforms existing spiking, binary, and adder neural networks in terms of the accuracy-FLOPs trade-off for complex image recognition tasks. Downstream experiments on object detection also demonstrate the efficacy of our approach.

Solute transport in porous media is relevant to a wide range of applications in hydrogeology, geothermal energy, underground CO2 storage, and a variety of chemical engineering systems. Due to the complexity of solute transport in heterogeneous porous media, traditional solvers require high resolution meshing and are therefore expensive computationally. This study explores the application of a mesh-free method based on deep learning to accelerate the simulation of solute transport. We employ Physics-informed Neural Networks (PiNN) to solve solute transport problems in homogeneous and heterogeneous porous media governed by the advection-dispersion equation. Unlike traditional neural networks that learn from large training datasets, PiNNs only leverage the strong form mathematical models to simultaneously solve for multiple dependent or independent field variables (e.g., pressure and solute concentration fields). In this study, we construct PiNN using a periodic activation function to better represent the complex physical signals (i.e., pressure) and their derivatives (i.e., velocity). Several case studies are designed with the intention of investigating the proposed PiNN's capability to handle different degrees of complexity. A manual hyperparameter tuning method is used to find the best PiNN architecture for each test case. Point-wise error and mean square error (MSE) measures are employed to assess the performance of PiNNs' predictions against the ground truth solutions obtained analytically or numerically using the finite element method. Our findings show that the predictions of PiNN are in good agreement with the ground truth solutions while reducing computational complexity and cost by, at least, three orders of magnitude.

Motivated by mitigating potentially harmful impacts of technologies, the AI community has formulated and accepted mathematical definitions for certain pillars of accountability: e.g. privacy, fairness, and model transparency. Yet, we argue this is fundamentally misguided because these definitions are imperfect, siloed constructions of the human values they hope to proxy, while giving the guise that those values are sufficiently embedded in our technologies. Under popularized methods, tensions arise when practitioners attempt to achieve each pillar of fairness, privacy, and transparency in isolation or simultaneously. In this position paper, we push for redirection. We argue that the AI community needs to consider all the consequences of choosing certain formulations of these pillars -- not just the technical incompatibilities, but also the effects within the context of deployment. We point towards sociotechnical research for frameworks for the latter, but push for broader efforts into implementing these in practice.

Large language models (LLMs) have been shown to be able to perform new tasks based on a few demonstrations or natural language instructions. While these capabilities have led to widespread adoption, most LLMs are developed by resource-rich organizations and are frequently kept from the public. As a step towards democratizing this powerful technology, we present BLOOM, a 176B-parameter open-access language model designed and built thanks to a collaboration of hundreds of researchers. BLOOM is a decoder-only Transformer language model that was trained on the ROOTS corpus, a dataset comprising hundreds of sources in 46 natural and 13 programming languages (59 in total). We find that BLOOM achieves competitive performance on a wide variety of benchmarks, with stronger results after undergoing multitask prompted finetuning. To facilitate future research and applications using LLMs, we publicly release our models and code under the Responsible AI License.

Seizure type identification is essential for the treatment and management of epileptic patients. However, it is a difficult process known to be time consuming and labor intensive. Automated diagnosis systems, with the advancement of machine learning algorithms, have the potential to accelerate the classification process, alert patients, and support physicians in making quick and accurate decisions. In this paper, we present a novel multi-path seizure-type classification deep learning network (MP-SeizNet), consisting of a convolutional neural network (CNN) and a bidirectional long short-term memory neural network (Bi-LSTM) with an attention mechanism. The objective of this study was to classify specific types of seizures, including complex partial, simple partial, absence, tonic, and tonic-clonic seizures, using only electroencephalogram (EEG) data. The EEG data is fed to our proposed model in two different representations. The CNN was fed with wavelet-based features extracted from the EEG signals, while the Bi-LSTM was fed with raw EEG signals to let our MP-SeizNet jointly learns from different representations of seizure data for more accurate information learning. The proposed MP-SeizNet was evaluated using the largest available EEG epilepsy database, the Temple University Hospital EEG Seizure Corpus, TUSZ v1.5.2. We evaluated our proposed model across different patient data using three-fold cross-validation and across seizure data using five-fold cross-validation, achieving F1 scores of 87.6% and 98.1%, respectively.

将模型参数适应传入数据流是深度学习可伸缩性的关键因素。有趣的是，在线设置中的先前持续学习策略无意中将其更新的参数锚定在本地参数子空间中，以记住旧任务，否则会偏离子空间并忘记。从这个观察结果，我们在构建多个参数模式和每个模式分配任务之间建立了权衡。模式优化的任务分配（MOTA），我们的贡献适应策略，并行训练多个模式，然后优化每个模式的任务分配。我们从经验上证明了基线连续学习策略以及各种分配变化的改进，即子人群，领域和任务转变。

有效的自定义合并技术可以积极地修剪特征图的尺寸，从而减少用于资源约束计算机视觉应用程序的推理计算和内存足迹，最近已获得了显着的牵引力。但是，先前的合并作品仅提取激活图的局部环境，从而限制了它们的有效性。相比之下，我们提出了一种新型的非本地自我煽动合并方法，该方法可用作标准合并层的液位替换，例如最大/平均池或跨性别卷积。所提出的自我发项模块使用斑块嵌入，多头自我注意力和空间通道恢复，然后进行乙状结肠激活和指数软效果。这种自我注意的机制有效地聚集了在下采样过程中非本地激活斑之间的依赖性。具有各种卷积神经网络（CNN）体系结构的标准对象分类和检测任务的广泛实验证明了我们所提出的机制优于最先进的（SOTA）合并技术。特别是，我们超过了在Imabilenet-V2上不同变体上的现有合并技术的测试准确性，平均平均为1.2％。随着初始层中激活图的激进下采样（可减少记忆消耗的22倍），与具有ISO-MEMORY足迹的SOTA技术相比，我们的方法的测试准确性提高了1.43％。这使我们的模型可以在内存受限的设备中部署，例如微型控制器（不会失去明显的精度），因为初始激活映射会消耗大量的芯片内存储器，用于复杂视觉任务所需的高分辨率图像。我们提出的合并方法还利用了通道修剪的想法，以进一步减少记忆足迹。