在过去的几年中，对抗性示例的检测一直是一个热门话题，因为它对于在关键应用程序中安全部署机器学习算法的重要性。但是，通常通过假设一个隐式已知的攻击策略来验证检测方法，这不一定要考虑现实生活中的威胁。确实，这可能导致对检测器性能的过度评估，并可能在竞争检测方案之间的比较中引起一些偏见。我们提出了一个新型的多武器框架，称为Mead，用于根据几种攻击策略来评估探测器，以克服这一限制。其中，我们利用三个新目标来产生攻击。所提出的性能指标基于最坏的情况：仅当正确识别所有不同攻击时，检测才成功。从经验上讲，我们展示了方法的有效性。此外，最先进的探测器获得的表现不佳，为一项新的令人兴奋的研究开放。

对抗性的鲁棒性已成为机器学习越来越兴趣的话题，因为观察到神经网络往往会变得脆弱。我们提出了对逆转防御的信息几何表述，并引入Fire，这是一种针对分类跨透明镜损失的新的Fisher-Rao正则化，这基于对应于自然和受扰动输入特征的软磁输出之间的测量距离。基于SoftMax分布类的信息几何特性，我们为二进制和多类案例提供了Fisher-Rao距离（FRD）的明确表征，并绘制了一些有趣的属性以及与标准正则化指标的连接。此外，对于一个简单的线性和高斯模型，我们表明，在精度 - 舒适性区域中的所有帕累托最佳点都可以通过火力达到，而其他最先进的方法则可以通过火灾。从经验上讲，我们评估了经过标准数据集拟议损失的各种分类器的性能，在清洁和健壮的表现方面同时提高了1 \％的改进，同时将培训时间降低了20 \％，而不是表现最好的方法。

由于共享数据也可能揭示敏感信息，因此数据收集爆炸提高了用户的严重隐私问题。隐私保留机制的主要目标是防止恶意第三方推断敏感信息，同时保持共享数据有用。在本文中，我们在时间序列数据和智能仪表（SMS）功耗测量的背景下研究了这个问题。虽然私有和释放变量之间的互信息（MI）已被用作常见的信息理论隐私度测量，但它无法捕获功耗时间序列数据中存在的因果时间依赖性。为了克服这种限制，我们将定向信息（DI）介绍在所考虑的环境中的一种更有意义的隐私措施，并提出了一种新的损失功能。然后使用对抗的侵犯框架进行优化，其中两个经常性神经网络（RNN），称为释放器和对手，受到相反的目标训练。我们对攻击者可以访问释放器使用的所有培训数据集的最坏情况下，从SMS测量中的实证研究从SMS测量，验证所提出的方法并显示隐私和实用程序之间的现有权衡。

每年医生对患者的基于形象的诊断需求越来越大，是最近的人工智能方法可以解决的问题。在这种情况下，我们在医学图像的自动报告领域进行了调查，重点是使用深神经网络的方法，了解：（1）数据集，（2）架构设计，（3）解释性和（4）评估指标。我们的调查确定了有趣的发展，也是留下挑战。其中，目前对生成的报告的评估尤为薄弱，因为它主要依赖于传统的自然语言处理（NLP）指标，这不准确地捕获医疗正确性。

智能仪表（SMS）能够几乎实时与实用程序提供者的功耗。这些细粒度的信号携带有关用户的敏感信息，从隐私观点提出了严重问题。在本文中，我们专注于实时隐私威胁，即尝试以在线方式从短信数据推断敏感信息的潜在攻击者。我们采用信息理论隐私措施，并表明它有效地限制了任何攻击者的表现。然后，我们提出了一种普遍的制定来设计一种私有化机制，可以通过向SMS测量增加最小的失真量来提供目标水平。另一方面，为了应对不同的应用，考虑灵活的失真度量。该配方导致一般损失函数，其使用深入学习的对抗性框架进行了优化，其中两个神经网络 - 被称为释放器和对手 - 受到相反的目标训练。然后执行详尽的经验研究以验证所提出的方法的性能，并将其与最先进的方法进行比较，以便占用检测隐私问题。最后，我们还研究了释放者和攻击者之间数据不匹配的影响。

Efficient and robust control using spiking neural networks (SNNs) is still an open problem. Whilst behaviour of biological agents is produced through sparse and irregular spiking patterns, which provide both robust and efficient control, the activity patterns in most artificial spiking neural networks used for control are dense and regular -- resulting in potentially less efficient codes. Additionally, for most existing control solutions network training or optimization is necessary, even for fully identified systems, complicating their implementation in on-chip low-power solutions. The neuroscience theory of Spike Coding Networks (SCNs) offers a fully analytical solution for implementing dynamical systems in recurrent spiking neural networks -- while maintaining irregular, sparse, and robust spiking activity -- but it's not clear how to directly apply it to control problems. Here, we extend SCN theory by incorporating closed-form optimal estimation and control. The resulting networks work as a spiking equivalent of a linear-quadratic-Gaussian controller. We demonstrate robust spiking control of simulated spring-mass-damper and cart-pole systems, in the face of several perturbations, including input- and system-noise, system disturbances, and neural silencing. As our approach does not need learning or optimization, it offers opportunities for deploying fast and efficient task-specific on-chip spiking controllers with biologically realistic activity.

Algorithms that involve both forecasting and optimization are at the core of solutions to many difficult real-world problems, such as in supply chains (inventory optimization), traffic, and in the transition towards carbon-free energy generation in battery/load/production scheduling in sustainable energy systems. Typically, in these scenarios we want to solve an optimization problem that depends on unknown future values, which therefore need to be forecast. As both forecasting and optimization are difficult problems in their own right, relatively few research has been done in this area. This paper presents the findings of the ``IEEE-CIS Technical Challenge on Predict+Optimize for Renewable Energy Scheduling," held in 2021. We present a comparison and evaluation of the seven highest-ranked solutions in the competition, to provide researchers with a benchmark problem and to establish the state of the art for this benchmark, with the aim to foster and facilitate research in this area. The competition used data from the Monash Microgrid, as well as weather data and energy market data. It then focused on two main challenges: forecasting renewable energy production and demand, and obtaining an optimal schedule for the activities (lectures) and on-site batteries that lead to the lowest cost of energy. The most accurate forecasts were obtained by gradient-boosted tree and random forest models, and optimization was mostly performed using mixed integer linear and quadratic programming. The winning method predicted different scenarios and optimized over all scenarios jointly using a sample average approximation method.

A reduced order model of a generic submarine is presented. Computational fluid dynamics (CFD) results are used to create and validate a model that includes depth dependence and the effect of waves on the craft. The model and the procedure to obtain its coefficients are discussed, and examples of the data used to obtain the model coefficients are presented. An example of operation following a complex path is presented and results from the reduced order model are compared to those from an equivalent CFD calculation. The controller implemented to complete these maneuvers is also presented.

Neural machine translation (NMT) has become the de-facto standard in real-world machine translation applications. However, NMT models can unpredictably produce severely pathological translations, known as hallucinations, that seriously undermine user trust. It becomes thus crucial to implement effective preventive strategies to guarantee their proper functioning. In this paper, we address the problem of hallucination detection in NMT by following a simple intuition: as hallucinations are detached from the source content, they exhibit encoder-decoder attention patterns that are statistically different from those of good quality translations. We frame this problem with an optimal transport formulation and propose a fully unsupervised, plug-in detector that can be used with any attention-based NMT model. Experimental results show that our detector not only outperforms all previous model-based detectors, but is also competitive with detectors that employ large models trained on millions of samples.

As more and more conversational and translation systems are deployed in production, it is essential to implement and to develop effective control mechanisms guaranteeing their proper functioning and security. An essential component to ensure safe system behavior is out-of-distribution (OOD) detection, which aims at detecting whether an input sample is statistically far from the training distribution. Although OOD detection is a widely covered topic in classification tasks, it has received much less attention in text generation. This paper addresses the problem of OOD detection for machine translation and dialog generation from an operational perspective. Our contributions include: (i) RAINPROOF a Relative informAItioN Projection ODD detection framework; and (ii) a more operational evaluation setting for OOD detection. Surprisingly, we find that OOD detection is not necessarily aligned with task-specific measures. The OOD detector may filter out samples that are well processed by the model and keep samples that are not, leading to weaker performance. Our results show that RAINPROOF breaks this curse and achieve good results in OOD detection while increasing performance.