Refine
Document Type
- Article (unreviewed) (14) (remove)
Has Fulltext
- no (14) (remove)
Is part of the Bibliography
- yes (14) (remove)
Keywords
- Export (2)
- Public Service Models (2)
- Adversarial examples (1)
- Bauökologie (1)
- Deep Reinforcement Learning (1)
- ECA (1)
- Export Credit Agency (1)
- Haustechnik (1)
- Pädagogik vs. Lernmaschinen (1)
- Torschleieranlage (1)
Institute
- Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) (5)
- IMLA - Institute for Machine Learning and Analytics (5)
- Fakultät Maschinenbau und Verfahrenstechnik (M+V) (4)
- Fakultät Elektrotechnik und Informationstechnik (E+I) (bis 03/2019) (2)
- Fakultät Wirtschaft (W) (2)
- INES - Institut für nachhaltige Energiesysteme (2)
- IfTI - Institute for Trade and Innovation (2)
- Fakultät Medien (M) (ab 22.04.2021) (1)
Open Access
- Bronze (14) (remove)
Assessing the robustness of deep neural networks against out-of-distribution inputs is crucial, especially in safety-critical domains like autonomous driving, but also in safety systems where malicious actors can digitally alter inputs to circumvent safety guards. However, designing effective out-of-distribution tests that encompass all possible scenarios while preserving accurate label information is a challenging task. Existing methodologies often entail a compromise between variety and constraint levels for attacks and sometimes even both. In a first step towards a more holistic robustness evaluation of image classification models, we introduce an attack method based on image solarization that is conceptually straightforward yet avoids jeopardizing the global structure of natural images independent of the intensity. Through comprehensive evaluations of multiple ImageNet models, we demonstrate the attack's capacity to degrade accuracy significantly, provided it is not integrated into the training augmentations. Interestingly, even then, no full immunity to accuracy deterioration is achieved. In other settings, the attack can often be simplified into a black-box attack with model-independent parameters. Defenses against other corruptions do not consistently extend to be effective against our specific attack.
Project website: https://github.com/paulgavrikov/adversarial_solarization
Fix your downsampling ASAP! Be natively more robust via Aliasing and Spectral Artifact free Pooling
(2023)
Convolutional neural networks encode images through a sequence of convolutions, normalizations and non-linearities as well as downsampling operations into potentially strong semantic embeddings. Yet, previous work showed that even slight mistakes during sampling, leading to aliasing, can be directly attributed to the networks' lack in robustness. To address such issues and facilitate simpler and faster adversarial training, [12] recently proposed FLC pooling, a method for provably alias-free downsampling - in theory. In this work, we conduct a further analysis through the lens of signal processing and find that such current pooling methods, which address aliasing in the frequency domain, are still prone to spectral leakage artifacts. Hence, we propose aliasing and spectral artifact-free pooling, short ASAP. While only introducing a few modifications to FLC pooling, networks using ASAP as downsampling method exhibit higher native robustness against common corruptions, a property that FLC pooling was missing. ASAP also increases native robustness against adversarial attacks on high and low resolution data while maintaining similar clean accuracy or even outperforming the baseline.
This paper presents the new Deep Reinforcement Learning (DRL) library RL-X and its application to the RoboCup Soccer Simulation 3D League and classic DRL benchmarks. RL-X provides a flexible and easy-to-extend codebase with self-contained single directory algorithms. Through the fast JAX-based implementations, RL-X can reach up to 4.5x speedups compared to well-known frameworks like Stable-Baselines3.
In an extensive research project, we have assessed the application of different service models by export credit agencies (ECAs) and export-import banks (EXIMs). We conducted interviews with 35 representatives of ECAs and EXIMs from 27 countries. The question guiding this study is: How do ECAs and EXIMs adopt public service models for supporting exporters? We conducted a holistic multiple case study, investigating if and how these organisations apply public service models developed by Schedler and Guenduez, and which roles of the state are relevant. We find that there is a variety of different service models used by ECAs and EXIMs, and that the service model approaches have great potential to learn from each other and innovate existing services.
Seit mehr als 40 Jahren wiederholen sich Diskussionen und Kontroversen über Sinn und Unsinn von Informationstechnik (IT) in Bildungseinrichtungen. Wurde bislang über das Arbeiten an und mit PC, Laptop oder Tablet debattiert, drehen sich aktuelle Diskussionen verstärkt um netzbasierte Anwendungen mit Rückkanal für Schülerdaten. Das Schüler*innenverhalten wird per Software ausgewertet, um Lehrinhalte automatisiert und „individualisiert“ anzupassen. Ergänzt werden solche Lernprogramme um Anwendungen der sogenannten „Künstliche Intelligenz“ (KI), die als „Lernbegleiter“ fungieren und zumindest perspektivisch fehlende Lehrkräfte ersetzen (sollen). Damit werden technische Systeme in Schulen etabliert, von denen nicht einmal mehr die Entwickler wissen, was diese Algorithmen genau tun.
Das erfordert einen kritisch-reflektierenden Diskurs. Dafür vertritt Ralf Lankau im vorliegenden Aufsatz die These, dass essenzielle Elemente der Bildung, wie die Erziehung zu Selbstbewusstsein, Reflexion und einer kritischen Bürgerschaft, mit solchen Lernprogrammen verloren gehen.
During pyrolysis, biomass is carbonised in the absence of oxygen to produce biochar with heat and/or electricity as co-products making pyrolysis one of the promising negative emission technologies to reach climate goals worldwide. This paper presents a simplified representation of pyrolysis and analyses the impact of this technology on the energy system. Results show that the use of pyrolysis can allow getting zero emissions with lower costs by making changes in the unit commitment of the power plants, e.g. conventional power plants are used differently, as the emissions will be compensated by biochar. Additionally, the process of pyrolysis can enhance the flexibility of energy systems, as it shows a correlation between the electricity generated by pyrolysis and the hydrogen installation capacity, being hydrogen used less when pyrolysis appears. The results indicate that pyrolysis, which is available on the market, integrates well into the energy system with a promising potential to sequester carbon.
Motivated by the recent trend towards the usage of larger receptive fields for more context-aware neural networks in vision applications, we aim to investigate how large these receptive fields really need to be. To facilitate such study, several challenges need to be addressed, most importantly: (i) We need to provide an effective way for models to learn large filters (potentially as large as the input data) without increasing their memory consumption during training or inference, (ii) the study of filter sizes has to be decoupled from other effects such as the network width or number of learnable parameters, and (iii) the employed convolution operation should be a plug-and-play module that can replace any conventional convolution in a Convolutional Neural Network (CNN) and allow for an efficient implementation in current frameworks. To facilitate such models, we propose to learn not spatial but frequency representations of filter weights as neural implicit functions, such that even infinitely large filters can be parameterized by only a few learnable weights. The resulting neural implicit frequency CNNs are the first models to achieve results on par with the state-of-the-art on large image classification benchmarks while executing convolutions solely in the frequency domain and can be employed within any CNN architecture. They allow us to provide an extensive analysis of the learned receptive fields. Interestingly, our analysis shows that, although the proposed networks could learn very large convolution kernels, the learned filters practically translate into well-localized and relatively small convolution kernels in the spatial domain.
Wärmepumpen sind eine Schlüsseltechnologie der Wärmewende. Durch die Nutzbarmachung von Umweltwärme und den Antrieb mit Elektrizität, die zunehmend aus erneuerbaren Energien gewonnen wird, kann die CO2-Intensität der Wärmeversorgung gesenkt werden. Eine Herausforderung besteht in der Anwendung in größeren Mehrfamilienbestandsgebäuden. Lösungsansätze und beispielhafte Umsetzungen werden hierzu vorgestellt.
Convolutional neural networks (CNN) define the state-of-the-art solution on many perceptual tasks. However, current CNN approaches largely remain vulnerable against adversarial perturbations of the input that have been crafted specifically to fool the system while being quasi-imperceptible to the human eye. In recent years, various approaches have been proposed to defend CNNs against such attacks, for example by model hardening or by adding explicit defence mechanisms. Thereby, a small “detector” is included in the network and trained on the binary classification task of distinguishing genuine data from data containing adversarial perturbations. In this work, we propose a simple and light-weight detector, which leverages recent findings on the relation between networks’ local intrinsic dimensionality (LID) and adversarial attacks. Based on a re-interpretation of the LID measure and several simple adaptations, we surpass the state-of-the-art on adversarial detection by a significant margin and reach almost perfect results in terms of F1-score for several networks and datasets. Sources available at: https://github.com/adverML/multiLID