由于技术成本的降低和卫星发射的增加，卫星图像变得越来越流行和更容易获得。除了提供仁慈的目的外，还可以出于恶意原因（例如错误信息）使用卫星数据。事实上，可以依靠一般图像编辑工具来轻松操纵卫星图像。此外，随着深层神经网络（DNN）的激增，可以生成属于各种领域的现实合成图像，与合成生成的卫星图像的扩散有关的其他威胁正在出现。在本文中，我们回顾了关于卫星图像的产生和操纵的最新技术（SOTA）。特别是，我们既关注从头开始的合成卫星图像的产生，又要通过图像转移技术对卫星图像进行语义操纵，包括从一种类型的传感器到另一种传感器获得的图像的转换。我们还描述了迄今已研究的法医检测技术，以对合成图像伪造进行分类和检测。虽然我们主要集中在法医技术上明确定制的，该技术是针对AI生成的合成内容物的检测，但我们还审查了一些用于一般剪接检测的方法，这些方法原则上也可以用于发现AI操纵图像

我们提出了一种保护生成对抗网络（GAN）的知识产权（IP）的水印方法。目的是为GAN模型加水印，以便GAN产生的任何图像都包含一个无形的水印（签名），其在图像中的存在可以在以后的阶段检查以进行所有权验证。为了实现这一目标，在发电机的输出上插入了预先训练的CNN水印解码块。然后通过包括水印损失项来修改发电机损耗，以确保可以从生成的图像中提取规定的水印。水印是通过微调嵌入的，其时间复杂性降低。结果表明，我们的方法可以有效地将无形的水印嵌入生成的图像中。此外，我们的方法是一种通用方法，可以使用不同的GAN体系结构，不同的任务和输出图像的不同分辨率。我们还证明了嵌入式水印的良好鲁棒性能与几个后处理，其中包括JPEG压缩，噪声添加，模糊和色彩转换。

预测拍摄图片的国家有许多潜在的应用，例如对虚假索赔，冒名顶替者的识别，预防虚假信息运动，对假新闻的识别等等。先前的作品主要集中在拍摄图片的地理坐标的估计上。然而，从语义和法医学的角度来看，认识到已经拍摄图像的国家可能更重要，而不是确定其空间坐标。到目前为止，只有少数作品已经解决了这项任务，主要是依靠包含特征地标的图像，例如标志性的纪念碑。在上面的框架中，本文提供了两个主要贡献。首先，我们介绍了一个新的数据集，即Vippgeo数据集，其中包含近400万张图像，可用于训练DL模型进行国家分类。该数据集仅包含这种图像与国家识别的相关性，并且它是通过注意删除非显着图像（例如描绘面孔的图像或特定的非相关物体，例如飞机或船舶）来构建的。其次，我们使用数据集来训练深度学习架构，以将国家识别问题视为分类问题。我们执行的实验表明，我们的网络提供了比当前最新状态更好的结果。特别是，我们发现，要求网络直接识别该国提供比首先估算地理配位的更好的结果，然后使用它们将其追溯到拍摄图片的国家。

已提出水印，以保护深神经网络（DNNS）的知识产权（IPR）并跟踪其使用。已经提出了几种方法将水印嵌入网络的可训练参数（白盒水印）或网络与特定输入（黑盒水印）相应的网络实施的输入输出映射中。在这两种情况下，都可以实现针对微调，模型压缩以及更大的转移学习的鲁棒性，这是研究人员试图面对的最困难的挑战之一。在本文中，我们提出了一种具有强大鲁棒性特性的新的白色框，多位水印算法，包括用于转移学习的重新训练。借助新的信息编码策略，可以根据该固定权重分布水标的信息，其位置取决于秘密钥匙。托管水印的权重是在训练之前设置的，并且在整个训练过程中保持不变。从理论上优化了执行该消息的权重的分布，以确保水标重量与其他重量无法区分，同时保持其幅度尽可能大，以提高稳健性，以提高稳定性。我们进行了几项实验，证明了拟议方案提供高有效载荷的能力，几乎没有影响网络准确性，同时保留了重新使用网络修改的出色鲁棒性，包括用于转移学习的重新使用。

与令人印象深刻的进步触动了我们社会的各个方面，基于深度神经网络（DNN）的AI技术正在带来越来越多的安全问题。虽然在考试时间运行的攻击垄断了研究人员的初始关注，但是通过干扰培训过程来利用破坏DNN模型的可能性，代表了破坏训练过程的可能性，这是破坏AI技术的可靠性的进一步严重威胁。在后门攻击中，攻击者损坏了培训数据，以便在测试时间诱导错误的行为。然而，测试时间误差仅在存在与正确制作的输入样本对应的触发事件的情况下被激活。通过这种方式，损坏的网络继续正常输入的预期工作，并且只有当攻击者决定激活网络内隐藏的后门时，才会发生恶意行为。在过去几年中，后门攻击一直是强烈的研究活动的主题，重点是新的攻击阶段的发展，以及可能对策的提议。此概述文件的目标是审查发表的作品，直到现在，分类到目前为止提出的不同类型的攻击和防御。指导分析的分类基于攻击者对培训过程的控制量，以及防御者验证用于培训的数据的完整性，并监控DNN在培训和测试中的操作时间。因此，拟议的分析特别适合于参考他们在运营的应用方案的攻击和防御的强度和弱点。

对抗性示例的可转移性是应用这种攻击基于真实环境中的深度学习（DL）的多媒体取证（MMF）技术应用这种攻击的关键问题。事实上，对攻击者没有全面了解待攻击系统的情况，对侵犯柜台取证攻击的部署也会开辟道路。一些初步作品表明，对基于CNN的图像取证检测器的对抗示例通常是不可转移的，至少当采用最受欢迎的库中实现的攻击的基本版本时。在本文中，我们介绍了一般的策略，以提高攻击的强度，并在这种强度变化时评估其可转化性。我们通过实验表明，通过这种方式，攻击可转让性可以在很大程度上增加，以牺牲更大的变形。我们的研究证实了甚至在多媒体取证方案中存在对抗性示例所带来的安全威胁，因此要求新的防御策略来提高基于DL的MMF技术的安全性。

We develop the first fully dynamic algorithm that maintains a decision tree over an arbitrary sequence of insertions and deletions of labeled examples. Given $\epsilon > 0$ our algorithm guarantees that, at every point in time, every node of the decision tree uses a split with Gini gain within an additive $\epsilon$ of the optimum. For real-valued features the algorithm has an amortized running time per insertion/deletion of $O\big(\frac{d \log^3 n}{\epsilon^2}\big)$, which improves to $O\big(\frac{d \log^2 n}{\epsilon}\big)$ for binary or categorical features, while it uses space $O(n d)$, where $n$ is the maximum number of examples at any point in time and $d$ is the number of features. Our algorithm is nearly optimal, as we show that any algorithm with similar guarantees uses amortized running time $\Omega(d)$ and space $\tilde{\Omega} (n d)$. We complement our theoretical results with an extensive experimental evaluation on real-world data, showing the effectiveness of our algorithm.

We consider the nonlinear inverse problem of learning a transition operator $\mathbf{A}$ from partial observations at different times, in particular from sparse observations of entries of its powers $\mathbf{A},\mathbf{A}^2,\cdots,\mathbf{A}^{T}$. This Spatio-Temporal Transition Operator Recovery problem is motivated by the recent interest in learning time-varying graph signals that are driven by graph operators depending on the underlying graph topology. We address the nonlinearity of the problem by embedding it into a higher-dimensional space of suitable block-Hankel matrices, where it becomes a low-rank matrix completion problem, even if $\mathbf{A}$ is of full rank. For both a uniform and an adaptive random space-time sampling model, we quantify the recoverability of the transition operator via suitable measures of incoherence of these block-Hankel embedding matrices. For graph transition operators these measures of incoherence depend on the interplay between the dynamics and the graph topology. We develop a suitable non-convex iterative reweighted least squares (IRLS) algorithm, establish its quadratic local convergence, and show that, in optimal scenarios, no more than $\mathcal{O}(rn \log(nT))$ space-time samples are sufficient to ensure accurate recovery of a rank-$r$ operator $\mathbf{A}$ of size $n \times n$. This establishes that spatial samples can be substituted by a comparable number of space-time samples. We provide an efficient implementation of the proposed IRLS algorithm with space complexity of order $O(r n T)$ and per-iteration time complexity linear in $n$. Numerical experiments for transition operators based on several graph models confirm that the theoretical findings accurately track empirical phase transitions, and illustrate the applicability and scalability of the proposed algorithm.

Robot assistants are emerging as high-tech solutions to support people in everyday life. Following and assisting the user in the domestic environment requires flexible mobility to safely move in cluttered spaces. We introduce a new approach to person following for assistance and monitoring. Our methodology exploits an omnidirectional robotic platform to detach the computation of linear and angular velocities and navigate within the domestic environment without losing track of the assisted person. While linear velocities are managed by a conventional Dynamic Window Approach (DWA) local planner, we trained a Deep Reinforcement Learning (DRL) agent to predict optimized angular velocities commands and maintain the orientation of the robot towards the user. We evaluate our navigation system on a real omnidirectional platform in various indoor scenarios, demonstrating the competitive advantage of our solution compared to a standard differential steering following.

With the increasing demand for predictable and accountable Artificial Intelligence, the ability to explain or justify recommender systems results by specifying how items are suggested, or why they are relevant, has become a primary goal. However, current models do not explicitly represent the services and actors that the user might encounter during the overall interaction with an item, from its selection to its usage. Thus, they cannot assess their impact on the user's experience. To address this issue, we propose a novel justification approach that uses service models to (i) extract experience data from reviews concerning all the stages of interaction with items, at different granularity levels, and (ii) organize the justification of recommendations around those stages. In a user study, we compared our approach with baselines reflecting the state of the art in the justification of recommender systems results. The participants evaluated the Perceived User Awareness Support provided by our service-based justification models higher than the one offered by the baselines. Moreover, our models received higher Interface Adequacy and Satisfaction evaluations by users having different levels of Curiosity or low Need for Cognition (NfC). Differently, high NfC participants preferred a direct inspection of item reviews. These findings encourage the adoption of service models to justify recommender systems results but suggest the investigation of personalization strategies to suit diverse interaction needs.