|
Week 13: Knowledge Integration
Reading tasks
A Semantic Loss Function for Deep Learning with Symbolic Knowledge [ Link ]
SpecGuard: Specification Aware Recovery for Robotic Autonomous Vehicles from Physical Attacks [ Link ]
Informed Machine Learning - A Taxonomy and Survey of Integrating Prior Knowledge into Learning Systems [ Link ]
Week 12: ML Interpretebility
Reading tasks
A Survey for Machine Learning Security to Securing Machine Learning for CPS [ Link ]
Asymmetry Vulnerability and Physical Attacks on Online Map Construction for Autonomous Driving [ Link ]
Week 11: Reinforcement Learning
Reading tasks
Mastering the game of Go with deep neural networks and tree search [ Link ]
Adversarial Policies: Attacking Deep Reinforcement Learning [ Link ]
Week 9: Adversarial ML
Reading tasks
L-HAWK: A Controllable Physical Adversarial Patch Against a Long-Distance Target [ Link ]
Generative Adversarial Nets [ Link ]
Week 8: Safety Monitoring in CPS
Reading tasks
Attacks against process control systems: risk assessment, detection, and response [ Link ]
Recovery-Guaranteed Sensor Attack Detection for Cyber-Physical Systems [ Link ]
Blog Post 1: Attacks against PCS
This work presents a unified workflow for securing process control systems that couples
risk assessment, physics-aware detection, and automatic response.
Risk is quantified as expected loss under plausible attack scenarios to prioritize protection of
high-criticality sensors (notably pressure). Detection compares measured outputs with model-based
predictions to form residuals and uses a CUSUM statistic to surface slow, stealthy manipulations.
Upon an alarm, a conservative response replaces compromised measurements with trusted estimates to
keep the plant within constraints until operators intervene.
[Read more ...]
Examples: Machine Learning Applications
Reading tasks
Deep Residual Learning for Image Recognition [ Link ]
Attention Is All You Need [ Link ]
Blog Post 2: Transformer
This paper introduces a novel sequence transduction model architecture named the Transformer.
This architecture is based solely on attention mechanisms, eliminating the need for recursion and convolution.
The model addresses the limitations of sequence models that rely on recursive processes, which perform poorly in parallelization and computational efficiency for longer sequences.
The Transformer adopts an encoder-decoder structure, where the encoder consists of identical layers with multi-head self-attention and fully connected feed-forward networks,
while the decoder mirrors this structure but adds a multi-head attention layer on the encoder's output; utilizing scaled dot-product attention and multi-head attention,
the model computes the importance of key-value pairs based on queries and allows joint attention across different subspaces,
with encoder-decoder attention enabling the decoder to focus on all input positions,
self-attention improving contextual understanding by attending to all positions within layers,
and positional encodings ensuring the model captures the order of tokens in a sequence.
[Read more ...]
Blog Post 1: ResNet
As the number of layers of neural networks increases, the problems of overfitting, gradient vanishing, and gradient explosion often occur, so this article came into being. In this paper, the concept of deep residual networks (ResNets) is proposed. By introducing "shortcut connections," this study solves the problem of gradient vanishing in deep network training and has an important impact on the field of deep learning. The method of the paper explicitly redefines the network layers as learning residual functions relative to the inputs. By learning residuals, the network can be optimized more easily and can train deeper models more efficiently. Therefore, this method can help solve the performance degradation problem that may occur when the network layer increases. In addition, the article displays the experimental part. The model shows significant improvements in handling large-scale visual recognition tasks like ImageNet and CIFAR-10. The application of deep residual networks in major visual recognition competitions like ILSVRC and COCO 2015 further proves their power and wide applicability.
[Read more ...]
|