Arrived this week, now it’s super official @spectrum.ieee.org #ieee #SeniorMember

Front cover: Differential Privacy in Artificial Intelligence: From Theory to Practice, now Publishers

New differential #privacy textbook in town: "DP in Artificial Intelligence: From Theory to Practice", by @nandofioretto.bsky.social and @vanhentenryck.bsky.social. Open access, w/ chapters by @jubaz.bsky.social, @grahamrc.bsky.social, and @stein.ke!

www.nowpublishers.com/article/Book...

It is an important job! Good work 👊

You can see some simple stats below. Images that get tricked usually need just 3 iterations of PGD to break, and most models don't use even 100 - but there is a long tail in the iterations you need. Lucky fo rus, adaptive step sizes don't improve PGD so much, so we get this fun!

This results in real-world speedups; there are two slightly slower cases because the models just didn't cycle. But those are on CIFAR10, as the dimension goes up we see better results because more of the mass exists on the edge of the ∞-norm ball, making cycling easier.

As you perform more attack iterations, you see the advantage increase. If you want to do a standard 1k eval attacks against ImageNet, the naive PGD would be just as expensive as training the model, but now you can get the cost way down

A second simple observation is that when you do successfully attack an image, you can just stop. Shockingly, no code for PGD in any of the major frameworks checks for this! Once in a cycle you know the future, so also stop. So the complete procedure is very simple.

Why does it start to cycle? The solution point exists outside the L∞ ball, and can not be reached. When you use PGD and clip to the sign, you "normalize" the steps and enforce a grid of finite locations for the search to proceed from. Voila, you get cycles!

The crux of the paper is simple, you want a large max iteration count T, but you don't want ot use them all every time! When a model is robust under the L∞ norm, your perturbation starts to cycle in the corners, so you start to do redundant work!

Philip Doldo 's first @cvprconference.bsky.social paper, 𝑆𝑡𝑜𝑝 𝑊𝑎𝑙𝑘𝑖𝑛𝑔 𝑖𝑛 𝐶𝑖𝑟𝑐𝑙𝑒𝑠! 𝐵𝑎𝑖𝑙𝑖𝑛𝑔 𝑂𝑢𝑡 𝐸𝑎𝑟𝑙𝑦 𝑖𝑛 𝑃𝑟𝑜𝑗𝑒𝑐𝑡𝑒𝑑 𝐺𝑟𝑎𝑑𝑖𝑒𝑛𝑡 𝐷𝑒𝑠𝑐𝑒𝑛𝑡, is a rare free lunch for 10x faster AML 🧵👇 openaccess.thecvf.com/content/CVPR...

Utterly incredible thread by a pilot on when everything hits the fan with radios, radar, and "ATC Zero." threadreaderapp.com/thread/19196862270010533...

Very inclusive, we are all rank-n university graduates for some value of n!

Fits conveniently in your wallet!

I'm skipping a lot of nitty gritty details on how to make this over 10% more accurate then the next best option! So you should read them at arxiv.org/abs/2502.02759 and check RJ out int he future at TheWebConf !

But plurality voting like everyone else is lame. We want to be Bayesian about it, and scale up Independent Bayesian Classifier Combination to handle sparse data like we have - with the world's fastest and most scalable implementation!

Mostly, you wait for RJ to write a parser for almost every AV that exists to break out their responses into a standardized tokenization AND to record the relationships between AVs toa void double-voting!

You start with AV reports from your friendly neighborhood @virustotal.bsky.social , but you get conflicting answers /info that is unstandardized from every AV, what do you do?

Would you like to have the world's most accurate malware label predictor? RJ #BoozAllen has you covered w/ ClarAVy: A Tool for Scalable and Accurate Malware Family Labeling, arxiv.org/abs/2502.02759 work 🧵👇 to appear at thewebconf.org

Just had someone reach back 4 years later to say my advice was helpful to them and they just had their first @cvprconference.bsky.social paper accepted. So that is cool 😁

ai.umbc.edu/news/post/14...
Manas Gaur, Edward Raff, and Ali Mohammadi helped present a half-day tutorial at 2025 AAAI on Neurosymbolic AI and how it can be applied to LLMs to help solve key challenges in NLP tasks like explainability, grounding & instructability. See their slides & material here.

NeSy 2025 Conference Welcome to the OpenReview homepage for NeSy 2025 Conference

One more day until the paper submission deadline! ⏰

Time to dot those i's and send it off 🦕

OpenReview: openreview.net/group?id=nes...
Call for papers: 2025.nesyconf.org/call-for-pap...

agree that if a paper does convincingly a good service to a research community, that would be enough to warrant publication regardless of the complexity of the underlying idea. We concur with R3, in fact, that "high technical complexity does not necessarily mean novelty or good science.""

(2) the proposed method is very simple. Besides other minor issues, disagreement arises as to whether a very simple but useful idea, as the one proposed here, deserves being published in a prestigious scientific venue such as CVPR. We discussed this extensively during the AC triplet meeting and we

Don't know why @cvprconference.bsky.social meta-reviews took a bit to come up, but ❤️ mine!: "The reviewers have mixed feelings about this paper. They generally agree that: (1) the work described here has practical value (as it allows to speed up considerably the well-known PGD algorithm), and

🧵New paper on arXiv: Optimal Differentially Private Sampling of Unbounded Gaussians.

With @uwcheritoncs.bsky.social undergrad Valentio Iverson and PhD student Argyris Mouzakis (@argymouz.bsky.social).

The first O(d) algorithm for privately sampling arbitrary Gaussians! arxiv.org/abs/2503.01766 1/n

The paper if your curious, a lot of details that are easy to overlook and implicitly stated until you dig in! www.math.lsu.edu/~hozhang/pap... but this is apparently still the best line search for accurate solutions?

Makes sense, if you clear your cookies you aren't eating dominos - that's a competing food group that must be punished.

I'm currently working through/implementing the Hager Zhang line search b/c I need it for some research, and it's a monster! Would anyone care if I made a tech report on "so you want to implement LBFGs/CG just give me the details"? B/c its really not well documented anywhere.

The submission page for #ICCV2025 is now OPEN!

openreview.net/group?id=the...

So your paid in exposure right? I think it’s working! </humor>