Dataset distillation has emerged as a prominent technique to improve data efficiency when training machine learning models. It encapsulates the knowledge from a large dataset into a smaller synthetic dataset. A model trained on this smaller distilled dataset can attain comparable performance to a model trained on the original training dataset. However, the existing dataset distillation techniques mainly aim at achieving the best trade-off between resource usage efficiency and model utility. The security risks stemming from them have not been explored. This study performs the first backdoor attack against the models trained on the data distilled by dataset distillation models in the image domain. Concretely, we inject triggers into the synthetic data during the distillation procedure rather than during the model training stage, where all previous attacks are performed. We propose two types of backdoor attacks, namely NAIVEATTACK and DOORPING. NAIVEATTACK simply adds triggers to the raw data at the initial distillation phase, while DOORPING iteratively updates the triggers during the entire distillation procedure. We conduct extensive evaluations on multiple datasets, architectures, and dataset distillation techniques. Empirical evaluation shows that NAIVEATTACK achieves decent attack success rate (ASR) scores in some cases, while DOORPING reaches higher ASR scores (close to 1.0) in all cases. Furthermore, we conduct a comprehensive ablation study to analyze the factors that may affect the attack performance. Finally, we evaluate multiple defense mechanisms against our backdoor attacks and show that our attacks can practically circumvent these defense mechanisms.

Multivariate time series forecasting with hierarchical structure is pervasive in real-world applications, demanding not only predicting each level of the hierarchy, but also reconciling all forecasts to ensure coherency, i.e., the forecasts should satisfy the hierarchical aggregation constraints. Moreover, the disparities of statistical characteristics between levels can be huge, worsened by non-Gaussian distributions and non-linear correlations. To this extent, we propose a novel end-to-end hierarchical time series forecasting model, based on conditioned normalizing flow-based autoregressive transformer reconciliation, to represent complex data distribution while simultaneously reconciling the forecasts to ensure coherency. Unlike other state-of-the-art methods, we achieve the forecasting and reconciliation simultaneously without requiring any explicit post-processing step. In addition, by harnessing the power of deep model, we do not rely on any assumption such as unbiased estimates or Gaussian distribution. Our evaluation experiments are conducted on four real-world hierarchical datasets from different industrial domains (three public ones and a dataset from the application servers of Alipay's data center) and the preliminary results demonstrate efficacy of our proposed method.

In recent years, vision-centric perception has flourished in various autonomous driving tasks, including 3D detection, semantic map construction, motion forecasting, and depth estimation. Nevertheless, the latency of vision-centric approaches is too high for practical deployment (e.g., most camera-based 3D detectors have a runtime greater than 300ms). To bridge the gap between ideal research and real-world applications, it is necessary to quantify the trade-off between performance and efficiency. Traditionally, autonomous-driving perception benchmarks perform the offline evaluation, neglecting the inference time delay. To mitigate the problem, we propose the Autonomous-driving StreAming Perception (ASAP) benchmark, which is the first benchmark to evaluate the online performance of vision-centric perception in autonomous driving. On the basis of the 2Hz annotated nuScenes dataset, we first propose an annotation-extending pipeline to generate high-frame-rate labels for the 12Hz raw images. Referring to the practical deployment, the Streaming Perception Under constRained-computation (SPUR) evaluation protocol is further constructed, where the 12Hz inputs are utilized for streaming evaluation under the constraints of different computational resources. In the ASAP benchmark, comprehensive experiment results reveal that the model rank alters under different constraints, suggesting that the model latency and computation budget should be considered as design choices to optimize the practical deployment. To facilitate further research, we establish baselines for camera-based streaming 3D detection, which consistently enhance the streaming performance across various hardware. ASAP project page: https://github.com/JeffWang987/ASAP.

Ensemble learning serves as a straightforward way to improve the performance of almost any machine learning algorithm. Existing deep ensemble methods usually naively train many different models and then aggregate their predictions. This is not optimal in our view from two aspects: i) Naively training multiple models adds much more computational burden, especially in the deep learning era; ii) Purely optimizing each base model without considering their interactions limits the diversity of ensemble and performance gains. We tackle these issues by proposing deep negative correlation classification (DNCC), in which the accuracy and diversity trade-off is systematically controlled by decomposing the loss function seamlessly into individual accuracy and the correlation between individual models and the ensemble. DNCC yields a deep classification ensemble where the individual estimator is both accurate and negatively correlated. Thanks to the optimized diversities, DNCC works well even when utilizing a shared network backbone, which significantly improves its efficiency when compared with most existing ensemble systems. Extensive experiments on multiple benchmark datasets and network structures demonstrate the superiority of the proposed method.

Large language models (LLMs) have been shown to be able to perform new tasks based on a few demonstrations or natural language instructions. While these capabilities have led to widespread adoption, most LLMs are developed by resource-rich organizations and are frequently kept from the public. As a step towards democratizing this powerful technology, we present BLOOM, a 176B-parameter open-access language model designed and built thanks to a collaboration of hundreds of researchers. BLOOM is a decoder-only Transformer language model that was trained on the ROOTS corpus, a dataset comprising hundreds of sources in 46 natural and 13 programming languages (59 in total). We find that BLOOM achieves competitive performance on a wide variety of benchmarks, with stronger results after undergoing multitask prompted finetuning. To facilitate future research and applications using LLMs, we publicly release our models and code under the Responsible AI License.

增加片上光子神经网络（PNN）的层数对于改善其模型性能至关重要。但是，网络隐藏层的连续级联导致更大的集成光子芯片区域。为了解决此问题，我们提出了光学神经常规微分方程（ON-ON-ON-OD-ON-OD-ON-OD-ON-OD-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ODINE），该架构用光ODE求解器参数化了隐藏层的连续动力学。 On-Ode包括PNN，然后是光子积分器和光反馈回路，可以配置为代表残留的神经网络（RESNET）和复发性神经网络，并有效地降低了芯片面积占用率。对于基于干扰的光电非线性隐藏层，数值实验表明，单个隐藏层ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ON-ONE表示与图像分类任务中的两层光学重新系统大致相同。此外，Onode提高了基于衍射的全光线性隐藏层的模型分类精度。 On-Eod的时间依赖性动力学属性进一步应用于高精度的轨迹预测。

自我监督的学习（SSL）通过大量未标记的数据的先知，在各种医学成像任务上取得了出色的性能。但是，对于特定的下游任务，仍然缺乏有关如何选择合适的借口任务和实现细节的指令书。在这项工作中，我们首先回顾了医学成像分析领域中自我监督方法的最新应用。然后，我们进行了广泛的实验，以探索SSL中的四个重要问题用于医学成像，包括（1）自我监督预处理对不平衡数据集的影响，（2）网络体系结构，（3）上游任务对下游任务和下游任务和下游任务的适用性（4）SSL和常用政策用于深度学习的堆叠效果，包括数据重新采样和增强。根据实验结果，提出了潜在的指南，以在医学成像中进行自我监督预处理。最后，我们讨论未来的研究方向并提出问题，以了解新的SSL方法和范式时要注意。

详细的肺气道分割是支撑周围肺癌病变的支撑室干预和治疗的临床重要任务。卷积神经网络（CNN）是医学图像分析的有前途的工具，但对于出现不平衡功能分布的情况，案件的性能较差，这对于气道数据是正确的，因为气管和主要支气管在大部分voxels中占主导支气管和远端节段支气管仅占用一小部分。在本文中，我们提出了一个可区分的拓扑保存距离变换（DTPDT）框架，以提高气道分割的性能。首先提出了拓扑保存的替代（TPS）学习策略，以均衡课堂分布的培训进度。此外，卷积距离变换（CDT）旨在识别具有提高灵敏度的破裂现象，从而最大程度地减少了预测和地面真实之间距离图的变化。提出的方法已通过公开可用的参考气道细分数据集进行验证。

与传统的详尽搜索相反，选择性搜索第一群集文档将文档分为几个组，然后通过查询对所有文档进行详尽的搜索，以限制在一个组或仅几组中执行的搜索。选择性搜索旨在减少现代大规模搜索系统中的延迟和计算。在这项研究中，我们提出了MICO，这是一个使用搜索日志的最小监督，用于选择性搜索的相互信息共同培训框架。经过培训，MICO不仅会将文档聚集，还可以将看不见的查询路由到相关群集以进行有效检索。在我们的经验实验中，MICO显着提高了选择性搜索的多个指标的性能，并且超过了许多现有的竞争基线。

关于神经体系结构搜索（NAS）的现有研究主要集中于有效地搜索具有更好性能的网络体系结构。几乎没有取得进展，以系统地了解NAS搜索的架构是否对隐私攻击是强大的，而丰富的工作已经表明，人类设计的架构容易受到隐私攻击。在本文中，我们填补了这一空白，并系统地衡量了NAS体系结构的隐私风险。利用我们的测量研究中的见解，我们进一步探索了基于细胞的NAS架构的细胞模式，并评估细胞模式如何影响NAS搜索架构的隐私风险。通过广泛的实验，我们阐明了如何针对隐私攻击设计强大的NAS体系结构，还提供了一种通用方法，以了解NAS搜索的体系结构与其他隐私风险之间的隐藏相关性。