-
The Influence of Dataset Partitioning on Dysfluency Detection Systems
Authors:
Sebastian P. Bayerl,
Dominik Wagner,
Elmar Nöth,
Tobias Bocklet,
Korbinian Riedhammer
Abstract:
This paper empirically investigates the influence of different data splits and splitting strategies on the performance of dysfluency detection systems. For this, we perform experiments using wav2vec 2.0 models with a classification head as well as support vector machines (SVM) in conjunction with the features extracted from the wav2vec 2.0 model to detect dysfluencies. We train and evaluate the sy…
▽ More
This paper empirically investigates the influence of different data splits and splitting strategies on the performance of dysfluency detection systems. For this, we perform experiments using wav2vec 2.0 models with a classification head as well as support vector machines (SVM) in conjunction with the features extracted from the wav2vec 2.0 model to detect dysfluencies. We train and evaluate the systems with different non-speaker-exclusive and speaker-exclusive splits of the Stuttering Events in Podcasts (SEP-28k) dataset to shed some light on the variability of results w.r.t. to the partition method used. Furthermore, we show that the SEP-28k dataset is dominated by only a few speakers, making it difficult to evaluate. To remedy this problem, we created SEP-28k-Extended (SEP-28k-E), containing semi-automatically generated speaker and gender information for the SEP-28k corpus, and suggest different data splits, each useful for evaluating other aspects of methods for dysfluency detection.
△ Less
Submitted 7 June, 2022;
originally announced June 2022.
-
BASALISC: Programmable Hardware Accelerator for BGV Fully Homomorphic Encryption
Authors:
Robin Geelen,
Michiel Van Beirendonck,
Hilder V. L. Pereira,
Brian Huffman,
Tynan McAuley,
Ben Selfridge,
Daniel Wagner,
Georgios Dimou,
Ingrid Verbauwhede,
Frederik Vercauteren,
David W. Archer
Abstract:
Fully Homomorphic Encryption (FHE) allows for secure computation on encrypted data. Unfortunately, huge memory size, computational cost and bandwidth requirements limit its practicality. We present BASALISC, an architecture family of hardware accelerators that aims to substantially accelerate FHE computations in the cloud. BASALISC is the first to implement the BGV scheme with fully-packed bootstr…
▽ More
Fully Homomorphic Encryption (FHE) allows for secure computation on encrypted data. Unfortunately, huge memory size, computational cost and bandwidth requirements limit its practicality. We present BASALISC, an architecture family of hardware accelerators that aims to substantially accelerate FHE computations in the cloud. BASALISC is the first to implement the BGV scheme with fully-packed bootstrap** -- the noise removal capability necessary for arbitrary-depth computation. It supports a customized version of bootstrap** that can be instantiated with hardware multipliers optimized for area and power.
BASALISC is a three-abstraction-layer RISC architecture, designed for a 1 GHz ASIC implementation and underway toward 150mm2 die tape-out in a 12nm GF process. BASALISC's four-layer memory hierarchy includes a two-dimensional conflict-free inner memory layer that enables 32 Tb/s radix-256 NTT computations without pipeline stalls. Its conflict-resolution permutation hardware is generalized and re-used to compute BGV automorphisms without throughput penalty. BASALISC also has a custom multiply-accumulate unit to accelerate BGV key switching.
The BASALISC toolchain comprises a custom compiler and a joint performance and correctness simulator. To evaluate BASALISC, we study its physical realizability, emulate and formally verify its core functional units, and we study its performance on a set of benchmarks. Simulation results show a speedup of more than 5,000 times over HElib -- a popular software FHE library.
△ Less
Submitted 25 July, 2023; v1 submitted 27 May, 2022;
originally announced May 2022.
-
More Recent Advances in (Hyper)Graph Partitioning
Authors:
Ümit V. Çatalyürek,
Karen D. Devine,
Marcelo Fonseca Faraj,
Lars Gottesbüren,
Tobias Heuer,
Henning Meyerhenke,
Peter Sanders,
Sebastian Schlag,
Christian Schulz,
Daniel Seemaier,
Dorothea Wagner
Abstract:
In recent years, significant advances have been made in the design and evaluation of balanced (hyper)graph partitioning algorithms. We survey trends of the last decade in practical algorithms for balanced (hyper)graph partitioning together with future research directions. Our work serves as an update to a previous survey on the topic. In particular, the survey extends the previous survey by also c…
▽ More
In recent years, significant advances have been made in the design and evaluation of balanced (hyper)graph partitioning algorithms. We survey trends of the last decade in practical algorithms for balanced (hyper)graph partitioning together with future research directions. Our work serves as an update to a previous survey on the topic. In particular, the survey extends the previous survey by also covering hypergraph partitioning and streaming algorithms, and has an additional focus on parallel algorithms.
△ Less
Submitted 30 June, 2022; v1 submitted 26 May, 2022;
originally announced May 2022.
-
Detecting Vocal Fatigue with Neural Embeddings
Authors:
Sebastian P. Bayerl,
Dominik Wagner,
Ilja Baumann,
Korbinian Riedhammer,
Tobias Bocklet
Abstract:
Vocal fatigue refers to the feeling of tiredness and weakness of voice due to extended utilization. This paper investigates the effectiveness of neural embeddings for the detection of vocal fatigue. We compare x-vectors, ECAPA-TDNN, and wav2vec 2.0 embeddings on a corpus of academic spoken English. Low-dimensional map**s of the data reveal that neural embeddings capture information about the cha…
▽ More
Vocal fatigue refers to the feeling of tiredness and weakness of voice due to extended utilization. This paper investigates the effectiveness of neural embeddings for the detection of vocal fatigue. We compare x-vectors, ECAPA-TDNN, and wav2vec 2.0 embeddings on a corpus of academic spoken English. Low-dimensional map**s of the data reveal that neural embeddings capture information about the change in vocal characteristics of a speaker during prolonged voice usage. We show that vocal fatigue can be reliably predicted using all three kinds of neural embeddings after only 50 minutes of continuous speaking when temporal smoothing and normalization are applied to the extracted embeddings. We employ support vector machines for classification and achieve accuracy scores of 81% using x-vectors, 85% using ECAPA-TDNN embeddings, and 82% using wav2vec 2.0 embeddings as input features. We obtain an accuracy score of 76%, when the trained system is applied to a different speaker and recording environment without any adaptation.
△ Less
Submitted 17 January, 2023; v1 submitted 7 April, 2022;
originally announced April 2022.
-
Detecting Dysfluencies in Stuttering Therapy Using wav2vec 2.0
Authors:
Sebastian P. Bayerl,
Dominik Wagner,
Elmar Nöth,
Korbinian Riedhammer
Abstract:
Stuttering is a varied speech disorder that harms an individual's communication ability. Persons who stutter (PWS) often use speech therapy to cope with their condition. Improving speech recognition systems for people with such non-typical speech or tracking the effectiveness of speech therapy would require systems that can detect dysfluencies while at the same time being able to detect speech tec…
▽ More
Stuttering is a varied speech disorder that harms an individual's communication ability. Persons who stutter (PWS) often use speech therapy to cope with their condition. Improving speech recognition systems for people with such non-typical speech or tracking the effectiveness of speech therapy would require systems that can detect dysfluencies while at the same time being able to detect speech techniques acquired in therapy. This paper shows that fine-tuning wav2vec 2.0 [1] for the classification of stuttering on a sizeable English corpus containing stuttered speech, in conjunction with multi-task learning, boosts the effectiveness of the general-purpose wav2vec 2.0 features for detecting stuttering in speech; both within and across languages. We evaluate our method on FluencyBank , [2] and the German therapy-centric Kassel State of Fluency (KSoF) [3] dataset by training Support Vector Machine classifiers using features extracted from the finetuned models for six different stuttering-related event types: blocks, prolongations, sound repetitions, word repetitions, interjections, and - specific to therapy - speech modifications. Using embeddings from the fine-tuned models leads to relative classification performance gains up to 27% w.r.t. F1-score.
△ Less
Submitted 16 June, 2022; v1 submitted 7 April, 2022;
originally announced April 2022.
-
Pseudo-gauges and relativistic spin hydrodynamics for interacting Dirac and Proca fields
Authors:
Nora Weickgenannt,
David Wagner,
Enrico Speranza
Abstract:
We present the explicit expressions of different pseudo-gauge transformations for Dirac and Proca fields considering a general interaction term. The particular case of the interaction of Dirac and Proca fields with a background electromagnetic field is also studied. Starting from the quantum kinetic theory with collisions derived from the Wigner-function formalism for massive spin-1/2 and spin-1 p…
▽ More
We present the explicit expressions of different pseudo-gauge transformations for Dirac and Proca fields considering a general interaction term. The particular case of the interaction of Dirac and Proca fields with a background electromagnetic field is also studied. Starting from the quantum kinetic theory with collisions derived from the Wigner-function formalism for massive spin-1/2 and spin-1 particles, we establish a connection between different pseudo-gauges and relativistic spin hydrodynamics. The physical implications of the various decompositions of orbital and spin angular momentum are discussed.
△ Less
Submitted 21 July, 2022; v1 submitted 4 April, 2022;
originally announced April 2022.
-
Inverse-Reynolds-Dominance approach to transient fluid dynamics
Authors:
David Wagner,
Andrea Palermo,
Victor E. Ambruş
Abstract:
We consider the evolution equations for the bulk viscous pressure, diffusion current and shear tensor derived within second-order relativistic dissipative hydrodynamics from kinetic theory. By matching the higher order moments directly to the dissipative quantities, all terms which are of second order in the Knudsen number Kn vanish, leaving only terms of order…
▽ More
We consider the evolution equations for the bulk viscous pressure, diffusion current and shear tensor derived within second-order relativistic dissipative hydrodynamics from kinetic theory. By matching the higher order moments directly to the dissipative quantities, all terms which are of second order in the Knudsen number Kn vanish, leaving only terms of order $\mathcal{O}(\textrm{Re}^{-1} \textrm{Kn})$ and $\mathcal{O}(\textrm{Re}^{-2})$ in the relaxation equations, where $\textrm{Re}^{-1}$ is the inverse Reynolds number. We therefore refer to this scheme as the Inverse-Reynolds-Dominance (IReD) approach. The remaining (non-vanishing) transport coefficients can be obtained exclusively in terms of the inverse of the collision matrix. This procedure fixes unambiguously the relaxation times of the dissipative quantities, which are no longer related to the eigenvalues of the inverse of the collision matrix. In particular, we find that the relaxation times corresponding to higher-order moments grow as their order increases, thereby contradicting the \textit{separation of scales} paradigm. The formal (up to second order) equivalence with the standard DNMR approach is proven and the connection between the IReD transport coefficients and the usual DNMR ones is established.
△ Less
Submitted 18 July, 2022; v1 submitted 23 March, 2022;
originally announced March 2022.
-
Relativistic second-order dissipative spin hydrodynamics from the method of moments
Authors:
Nora Weickgenannt,
David Wagner,
Enrico Speranza,
Dirk Rischke
Abstract:
We derive relativistic second-order dissipative fluid-dynamical equations of motion for massive spin-1/2 particles from kinetic theory using the method of moments. Besides the usual conservation laws for charge, energy, and momentum, such a theory of relativistic dissipative spin hydrodynamics features an equation of motion for the rank-3 spin tensor, which follows from the conservation of total a…
▽ More
We derive relativistic second-order dissipative fluid-dynamical equations of motion for massive spin-1/2 particles from kinetic theory using the method of moments. Besides the usual conservation laws for charge, energy, and momentum, such a theory of relativistic dissipative spin hydrodynamics features an equation of motion for the rank-3 spin tensor, which follows from the conservation of total angular momentum. Extending the conventional method of moments for spin-0 particles, we expand the spin-dependent distribution function near local equilibrium in terms of moments of the momentum and spin variables. We work to next-to-leading order in the Planck constant $\hbar$. As shown in previous work, at this order in $\hbar$ the Boltzmann equation for spin-1/2 particles features a nonlocal collision term. From the Boltzmann equation, we then obtain an infinite set of equations of motion for the irreducible moments of the deviation of the single-particle distribution function from local equilibrium. In order to close this system of moment equations, a truncation procedure is needed. We employ the "14+24-moment approximation", where "14" corresponds to the components of the charge current and the energy-momentum tensor and "24" to the components of the spin tensor, which completes the derivation of the equations of motion of second-order dissipative spin hydrodynamics. For applications to heavy-ion phenomenology, we also determine dissipative corrections to the Pauli-Lubanski vector.
△ Less
Submitted 25 October, 2022; v1 submitted 9 March, 2022;
originally announced March 2022.
-
Diffix Elm: Simple Diffix
Authors:
Paul Francis,
Sebastian Probst-Eide,
David Wagner,
Felix Bauer,
Cristian Berneanu,
Edon Gashi
Abstract:
Historically, strong data anonymization requires substantial domain expertise and custom design for the given data set and use case. Diffix is an anonymization framework designed to make strong data anonymization available to non-experts. This paper describes Diffix Elm, a version of Diffix that is very easy to use at the expense of query features. We describe Diffix Elm, and show that it provides…
▽ More
Historically, strong data anonymization requires substantial domain expertise and custom design for the given data set and use case. Diffix is an anonymization framework designed to make strong data anonymization available to non-experts. This paper describes Diffix Elm, a version of Diffix that is very easy to use at the expense of query features. We describe Diffix Elm, and show that it provides strong anonymity based on the General Data Protection Regulation (GDPR) criteria.
This document is the third version of Diffix Elm. The second version added ceiling, round, and bucket\_width functions (in addition to floor). This document adds the ability to protect multiple different kinds of protected entities (a feature not found in earlier versions of Diffix). It also adds counting distinct values for any column (rather than only the AID column).
△ Less
Submitted 20 June, 2022; v1 submitted 12 January, 2022;
originally announced January 2022.
-
SLIP: Self-supervision meets Language-Image Pre-training
Authors:
Norman Mu,
Alexander Kirillov,
David Wagner,
Saining Xie
Abstract:
Recent work has shown that self-supervised pre-training leads to improvements over supervised learning on challenging visual recognition tasks. CLIP, an exciting new approach to learning with language supervision, demonstrates promising performance on a wide variety of benchmarks. In this work, we explore whether self-supervised learning can aid in the use of language supervision for visual repres…
▽ More
Recent work has shown that self-supervised pre-training leads to improvements over supervised learning on challenging visual recognition tasks. CLIP, an exciting new approach to learning with language supervision, demonstrates promising performance on a wide variety of benchmarks. In this work, we explore whether self-supervised learning can aid in the use of language supervision for visual representation learning. We introduce SLIP, a multi-task learning framework for combining self-supervised learning and CLIP pre-training. After pre-training with Vision Transformers, we thoroughly evaluate representation quality and compare performance to both CLIP and self-supervised learning under three distinct settings: zero-shot transfer, linear classification, and end-to-end finetuning. Across ImageNet and a battery of additional datasets, we find that SLIP improves accuracy by a large margin. We validate our results further with experiments on different model sizes, training schedules, and pre-training datasets. Our findings show that SLIP enjoys the best of both worlds: better performance than self-supervision (+8.1% linear accuracy) and language supervision (+5.2% zero-shot accuracy).
△ Less
Submitted 23 December, 2021;
originally announced December 2021.
-
Smart(Sampling)Augment: Optimal and Efficient Data Augmentation for Semantic Segmentation
Authors:
Misgana Negassi,
Diane Wagner,
Alexander Reiterer
Abstract:
Data augmentation methods enrich datasets with augmented data to improve the performance of neural networks. Recently, automated data augmentation methods have emerged, which automatically design augmentation strategies. Existing work focuses on image classification and object detection, whereas we provide the first study on semantic image segmentation and introduce two new approaches: \textit{Sma…
▽ More
Data augmentation methods enrich datasets with augmented data to improve the performance of neural networks. Recently, automated data augmentation methods have emerged, which automatically design augmentation strategies. Existing work focuses on image classification and object detection, whereas we provide the first study on semantic image segmentation and introduce two new approaches: \textit{SmartAugment} and \textit{SmartSamplingAugment}. SmartAugment uses Bayesian Optimization to search over a rich space of augmentation strategies and achieves a new state-of-the-art performance in all semantic segmentation tasks we consider. SmartSamplingAugment, a simple parameter-free approach with a fixed augmentation strategy competes in performance with the existing resource-intensive approaches and outperforms cheap state-of-the-art data augmentation methods. Further, we analyze the impact, interaction, and importance of data augmentation hyperparameters and perform ablation studies, which confirm our design choices behind SmartAugment and SmartSamplingAugment. Lastly, we will provide our source code for reproducibility and to facilitate further research.
△ Less
Submitted 31 October, 2021;
originally announced November 2021.
-
Hopper: Modeling and Detecting Lateral Movement (Extended Report)
Authors:
Grant Ho,
Mayank Dhiman,
Devdatta Akhawe,
Vern Paxson,
Stefan Savage,
Geoffrey M. Voelker,
David Wagner
Abstract:
In successful enterprise attacks, adversaries often need to gain access to additional machines beyond their initial point of compromise, a set of internal movements known as lateral movement. We present Hopper, a system for detecting lateral movement based on commonly available enterprise logs. Hopper constructs a graph of login activity among internal machines and then identifies suspicious seque…
▽ More
In successful enterprise attacks, adversaries often need to gain access to additional machines beyond their initial point of compromise, a set of internal movements known as lateral movement. We present Hopper, a system for detecting lateral movement based on commonly available enterprise logs. Hopper constructs a graph of login activity among internal machines and then identifies suspicious sequences of loginsthat correspond to lateral movement. To understand the larger context of each login, Hopper employs an inference algorithm to identify the broader path(s) of movement that each login belongs to and the causal user responsible for performing a path's logins. Hopper then leverages this path inference algorithm, in conjunction with a set of detection rules and a new anomaly scoring algorithm, to surface the login paths most likely to reflect lateral movement. On a 15-month enterprise dataset consisting of over 780 million internal logins, Hop-per achieves a 94.5% detection rate across over 300 realistic attack scenarios, including one red team attack, while generating an average of <9 alerts per day. In contrast, to detect the same number of attacks, prior state-of-the-art systems would need to generate nearly 8x as many false positives.
△ Less
Submitted 27 May, 2021;
originally announced May 2021.
-
Approximately Multiplicative Decompositions of Nuclear Maps
Authors:
Douglas A. Wagner
Abstract:
We expand upon work from many hands on the decomposition of nuclear maps. Such maps can be characterized by their ability to be approximately written as the composition of maps to and from matrices. Under certain conditions (such as quasidiagonality), we can find a decomposition whose maps behave nicely, by preserving multiplication up to an arbitrary degree of accuracy and being constructed from…
▽ More
We expand upon work from many hands on the decomposition of nuclear maps. Such maps can be characterized by their ability to be approximately written as the composition of maps to and from matrices. Under certain conditions (such as quasidiagonality), we can find a decomposition whose maps behave nicely, by preserving multiplication up to an arbitrary degree of accuracy and being constructed from order zero maps (as in the definition of nuclear dimension). We investigate these conditions and relate them to a W*-analog.
△ Less
Submitted 25 May, 2021;
originally announced May 2021.
-
Learning Security Classifiers with Verified Global Robustness Properties
Authors:
Yizheng Chen,
Shiqi Wang,
Yue Qin,
Xiao**g Liao,
Suman Jana,
David Wagner
Abstract:
Many recent works have proposed methods to train classifiers with local robustness properties, which can provably eliminate classes of evasion attacks for most inputs, but not all inputs. Since data distribution shift is very common in security applications, e.g., often observed for malware detection, local robustness cannot guarantee that the property holds for unseen inputs at the time of deploy…
▽ More
Many recent works have proposed methods to train classifiers with local robustness properties, which can provably eliminate classes of evasion attacks for most inputs, but not all inputs. Since data distribution shift is very common in security applications, e.g., often observed for malware detection, local robustness cannot guarantee that the property holds for unseen inputs at the time of deploying the classifier. Therefore, it is more desirable to enforce global robustness properties that hold for all inputs, which is strictly stronger than local robustness.
In this paper, we present a framework and tools for training classifiers that satisfy global robustness properties. We define new notions of global robustness that are more suitable for security classifiers. We design a novel booster-fixer training framework to enforce global robustness properties. We structure our classifier as an ensemble of logic rules and design a new verifier to verify the properties. In our training algorithm, the booster increases the classifier's capacity, and the fixer enforces verified global robustness properties following counterexample guided inductive synthesis.
We show that we can train classifiers to satisfy different global robustness properties for three security datasets, and even multiple properties at the same time, with modest impact on the classifier's performance. For example, we train a Twitter spam account classifier to satisfy five global robustness properties, with 5.4% decrease in true positive rate, and 0.1% increase in false positive rate, compared to a baseline XGBoost model that doesn't satisfy any property.
△ Less
Submitted 1 December, 2021; v1 submitted 24 May, 2021;
originally announced May 2021.
-
Fighting Gradients with Gradients: Dynamic Defenses against Adversarial Attacks
Authors:
Dequan Wang,
An Ju,
Evan Shelhamer,
David Wagner,
Trevor Darrell
Abstract:
Adversarial attacks optimize against models to defeat defenses. Existing defenses are static, and stay the same once trained, even while attacks change. We argue that models should fight back, and optimize their defenses against attacks at test time. We propose dynamic defenses, to adapt the model and input during testing, by defensive entropy minimization (dent). Dent alters testing, but not trai…
▽ More
Adversarial attacks optimize against models to defeat defenses. Existing defenses are static, and stay the same once trained, even while attacks change. We argue that models should fight back, and optimize their defenses against attacks at test time. We propose dynamic defenses, to adapt the model and input during testing, by defensive entropy minimization (dent). Dent alters testing, but not training, for compatibility with existing models and train-time defenses. Dent improves the robustness of adversarially-trained defenses and nominally-trained models against white-box, black-box, and adaptive attacks on CIFAR-10/100 and ImageNet. In particular, dent boosts state-of-the-art defenses by 20+ points absolute against AutoAttack on CIFAR-10 at $ε_\infty$ = 8/255.
△ Less
Submitted 18 May, 2021;
originally announced May 2021.
-
Initial Limit Datalog: a New Extensible Class of Decidable Constrained Horn Clauses
Authors:
Toby Cathcart Burn,
Luke Ong,
Steven Ramsay,
Dominik Wagner
Abstract:
We present initial limit Datalog, a new extensible class of constrained Horn clauses for which the satisfiability problem is decidable. The class may be viewed as a generalisation to higher-order logic (with a simple restriction on types) of the first-order language limit Datalog$_Z$ (a fragment of Datalog modulo linear integer arithmetic), but can be instantiated with any suitable background theo…
▽ More
We present initial limit Datalog, a new extensible class of constrained Horn clauses for which the satisfiability problem is decidable. The class may be viewed as a generalisation to higher-order logic (with a simple restriction on types) of the first-order language limit Datalog$_Z$ (a fragment of Datalog modulo linear integer arithmetic), but can be instantiated with any suitable background theory. For example, the fragment is decidable over any countable well-quasi-order with a decidable first-order theory, such as natural number vectors under componentwise linear arithmetic, and words of a bounded, context-free language ordered by the subword relation. Formulas of initial limit Datalog have the property that, under some assumptions on the background theory, their satisfiability can be witnessed by a new kind of term model which we call entwined structures. Whilst the set of all models is typically uncountable, the set of all entwined structures is recursively enumerable, and model checking is decidable.
△ Less
Submitted 29 April, 2021;
originally announced April 2021.
-
A Concise Guide on the Integration of Battery Electric Buses into Urban Bus Networks
Authors:
Nicolas Dirks,
Dennis Wagner,
Maximilian Schiffer,
Grit Walther
Abstract:
With the increasing market penetration of battery-electric buses into urban bus networks, practitioners face many novel planning problems. As a result, the interest in optimization-based decision-making for these planning problems increases but practitioners' requirements on planning solutions and current academic approaches often diverge. Against this background, this survey aims to provide a con…
▽ More
With the increasing market penetration of battery-electric buses into urban bus networks, practitioners face many novel planning problems. As a result, the interest in optimization-based decision-making for these planning problems increases but practitioners' requirements on planning solutions and current academic approaches often diverge. Against this background, this survey aims to provide a concise guide on optimization-based planning approaches for integrating battery-electric buses into urban bus networks for both practitioners and academics. First, we derive practitioners' requirements for integrating battery-electric buses from state-of-the-art specifications, project reports, and expert knowledge. Second, we analyze whether existing optimization-based planning models fulfill these practitioners' requirements. Based on this analysis, we carve out the existing gap between practice and research and discuss how to address these in future research.
△ Less
Submitted 21 April, 2021;
originally announced April 2021.
-
Nearest-Neighbor Queries in Customizable Contraction Hierarchies and Applications
Authors:
Valentin Buchhold,
Dorothea Wagner
Abstract:
Customizable contraction hierarchies are one of the most popular route planning frameworks in practice, due to their simplicity and versatility. In this work, we present a novel algorithm for finding k-nearest neighbors in customizable contraction hierarchies by systematically exploring the associated separator decomposition tree. Compared to previous bucket-based approaches, our algorithm require…
▽ More
Customizable contraction hierarchies are one of the most popular route planning frameworks in practice, due to their simplicity and versatility. In this work, we present a novel algorithm for finding k-nearest neighbors in customizable contraction hierarchies by systematically exploring the associated separator decomposition tree. Compared to previous bucket-based approaches, our algorithm requires much less target-dependent preprocessing effort. Moreover, we use our novel approach in two concrete applications. The first application are online k-closest point-of-interest queries, where the points of interest are only revealed at query time. We achieve query times of about 25 milliseconds on a continental road network, which is fast enough for interactive systems. The second application is travel demand generation. We show how to accelerate a recently introduced travel demand generator by a factor of more than 50 using our novel nearest-neighbor algorithm.
△ Less
Submitted 18 March, 2021;
originally announced March 2021.
-
Model-Agnostic Defense for Lane Detection against Adversarial Attack
Authors:
Henry Xu,
An Ju,
David Wagner
Abstract:
Susceptibility of neural networks to adversarial attack prompts serious safety concerns for lane detection efforts, a domain where such models have been widely applied. Recent work on adversarial road patches have successfully induced perception of lane lines with arbitrary form, presenting an avenue for rogue control of vehicle behavior. In this paper, we propose a modular lane verification syste…
▽ More
Susceptibility of neural networks to adversarial attack prompts serious safety concerns for lane detection efforts, a domain where such models have been widely applied. Recent work on adversarial road patches have successfully induced perception of lane lines with arbitrary form, presenting an avenue for rogue control of vehicle behavior. In this paper, we propose a modular lane verification system that can catch such threats before the autonomous driving system is misled while remaining agnostic to the particular lane detection model. Our experiments show that implementing the system with a simple convolutional neural network (CNN) can defend against a wide gamut of attacks on lane detection models. With a 10% impact to inference time, we can detect 96% of bounded non-adaptive attacks, 90% of bounded adaptive attacks, and 98% of patch attacks while preserving accurate identification at least 95% of true lanes, indicating that our proposed verification system is effective at mitigating lane detection security risks with minimal overhead.
△ Less
Submitted 28 February, 2021;
originally announced March 2021.
-
Modeling and Engineering Constrained Shortest Path Algorithms for Battery Electric Vehicles
Authors:
Moritz Baum,
Julian Dibbelt,
Dorothea Wagner,
Tobias Zündorf
Abstract:
We study the problem of computing constrained shortest paths for battery electric vehicles. Since battery capacities are limited, fastest routes are often infeasible. Instead, users are interested in fast routes on which the energy consumption does not exceed the battery capacity. For that, drivers can deliberately reduce speed to save energy. Hence, route planning should provide both path and spe…
▽ More
We study the problem of computing constrained shortest paths for battery electric vehicles. Since battery capacities are limited, fastest routes are often infeasible. Instead, users are interested in fast routes on which the energy consumption does not exceed the battery capacity. For that, drivers can deliberately reduce speed to save energy. Hence, route planning should provide both path and speed recommendations. To tackle the resulting NP-hard optimization problem, previous work trades correctness or accuracy of the underlying model for practical running times. We present a novel framework to compute optimal constrained shortest paths (without charging stops) for electric vehicles that uses more realistic physical models, while taking speed adaptation into account. Careful algorithm engineering makes the approach practical even on large, realistic road networks: We compute optimal solutions in less than a second for typical battery capacities, matching the performance of previous inexact methods. For even faster query times, the approach can easily be extended with heuristics that provide high quality solutions within milliseconds.
△ Less
Submitted 20 November, 2020;
originally announced November 2020.
-
Adversarial Examples for $k$-Nearest Neighbor Classifiers Based on Higher-Order Voronoi Diagrams
Authors:
Chawin Sitawarin,
Evgenios M. Kornaropoulos,
Dawn Song,
David Wagner
Abstract:
Adversarial examples are a widely studied phenomenon in machine learning models. While most of the attention has been focused on neural networks, other practical models also suffer from this issue. In this work, we propose an algorithm for evaluating the adversarial robustness of $k$-nearest neighbor classification, i.e., finding a minimum-norm adversarial example. Diverging from previous proposal…
▽ More
Adversarial examples are a widely studied phenomenon in machine learning models. While most of the attention has been focused on neural networks, other practical models also suffer from this issue. In this work, we propose an algorithm for evaluating the adversarial robustness of $k$-nearest neighbor classification, i.e., finding a minimum-norm adversarial example. Diverging from previous proposals, we take a geometric approach by performing a search that expands outwards from a given input point. On a high level, the search radius expands to the nearby Voronoi cells until we find a cell that classifies differently from the input point. To scale the algorithm to a large $k$, we introduce approximation steps that find perturbations with smaller norm, compared to the baselines, in a variety of datasets. Furthermore, we analyze the structural properties of a dataset where our approach outperforms the competition.
△ Less
Submitted 1 November, 2021; v1 submitted 19 November, 2020;
originally announced November 2020.
-
Spectroscopic orbit determination of the long-periodic binary system $θ$ Cep
Authors:
R. Bischoff,
M. Mugrauer,
O. Lux,
T. Zehe,
T. Heyne,
D. Wagner,
M. Geymeier
Abstract:
In 2015 a radial velocity monitoring campaign was started in order to redetermine and/or constrain the orbital solutions of spectroscopic binary systems. The observations were carried out at the University Observatory Jena with the Échelle spectrograph FLECHAS. The results from the main part of our target sample are already published. For the final target of this campaign, $θ$ Cep, we can now pres…
▽ More
In 2015 a radial velocity monitoring campaign was started in order to redetermine and/or constrain the orbital solutions of spectroscopic binary systems. The observations were carried out at the University Observatory Jena with the Échelle spectrograph FLECHAS. The results from the main part of our target sample are already published. For the final target of this campaign, $θ$ Cep, we can now present an orbital solution based on a homogeneously covered radial velocity curve. The period of this single-lined spectroscopic binary turns out to be significantly larger and the orbit is much more eccentric compared to the given values in the 9th Catalogue of Spectroscopic Binary Orbits.
△ Less
Submitted 10 November, 2020;
originally announced November 2020.
-
Fast, Exact and Scalable Dynamic Ridesharing
Authors:
Valentin Buchhold,
Peter Sanders,
Dorothea Wagner
Abstract:
We study the problem of servicing a set of ride requests by dispatching a set of shared vehicles, which is faced by ridesharing companies such as Uber and Lyft. Solving this problem at a large scale might be crucial in the future for effectively using large fleets of autonomous vehicles. Since finding a solution for the entire set of requests that minimizes the total driving time is NP-complete, m…
▽ More
We study the problem of servicing a set of ride requests by dispatching a set of shared vehicles, which is faced by ridesharing companies such as Uber and Lyft. Solving this problem at a large scale might be crucial in the future for effectively using large fleets of autonomous vehicles. Since finding a solution for the entire set of requests that minimizes the total driving time is NP-complete, most practical approaches process the requests one by one. Each request is inserted into any vehicle's route such that the increase in driving time is minimized. Although this variant is solvable in polynomial time, it still takes considerable time in current implementations, even when inexact filtering heuristics are used. In this work, we present a novel algorithm for finding best insertions, based on (customizable) contraction hierarchies with local buckets. Our algorithm finds provably exact solutions, is still 30 times faster than a state-of-the-art algorithm currently used in industry and academia, and scales much better. When used within iterative transport simulations, our algorithm decreases the simulation time for largescale scenarios with many requests from days to hours.
△ Less
Submitted 17 June, 2021; v1 submitted 4 November, 2020;
originally announced November 2020.
-
Hyperparameter Transfer Across Developer Adjustments
Authors:
Danny Stoll,
Jörg K. H. Franke,
Diane Wagner,
Simon Selg,
Frank Hutter
Abstract:
After developer adjustments to a machine learning (ML) algorithm, how can the results of an old hyperparameter optimization (HPO) automatically be used to speedup a new HPO? This question poses a challenging problem, as developer adjustments can change which hyperparameter settings perform well, or even the hyperparameter search space itself. While many approaches exist that leverage knowledge obt…
▽ More
After developer adjustments to a machine learning (ML) algorithm, how can the results of an old hyperparameter optimization (HPO) automatically be used to speedup a new HPO? This question poses a challenging problem, as developer adjustments can change which hyperparameter settings perform well, or even the hyperparameter search space itself. While many approaches exist that leverage knowledge obtained on previous tasks, so far, knowledge from previous development steps remains entirely untapped. In this work, we remedy this situation and propose a new research framework: hyperparameter transfer across adjustments (HT-AA). To lay a solid foundation for this research framework, we provide four simple HT-AA baseline algorithms and eight benchmarks changing various aspects of ML algorithms, their hyperparameter search spaces, and the neural architectures used. The best baseline, on average and depending on the budgets for the old and new HPO, reaches a given performance 1.2--2.6x faster than a prominent HPO algorithm without transfer. As HPO is a crucial step in ML development but requires extensive computational resources, this speedup would lead to faster development cycles, lower costs, and reduced environmental impacts. To make these benefits available to ML developers off-the-shelf and to facilitate future research on HT-AA, we provide python packages for our baselines and benchmarks.
△ Less
Submitted 25 October, 2020;
originally announced October 2020.
-
The Lockdown Effect: Implications of the COVID-19 Pandemic on Internet Traffic
Authors:
Anja Feldmann,
Oliver Gasser,
Franziska Lichtblau,
Enric Pujol,
Ingmar Poese,
Christoph Dietzel,
Daniel Wagner,
Matthias Wichtlhuber,
Juan Tapiador,
Narseo Vallina-Rodriguez,
Oliver Hohlfeld,
Georgios Smaragdakis
Abstract:
Due to the COVID-19 pandemic, many governments imposed lock downs that forced hundreds of millions of citizens to stay at home. The implementation of confinement measures increased Internet traffic demands of residential users, in particular, for remote working, entertainment, commerce, and education, which, as a result, caused traffic shifts in the Internet core. In this paper, using data from a…
▽ More
Due to the COVID-19 pandemic, many governments imposed lock downs that forced hundreds of millions of citizens to stay at home. The implementation of confinement measures increased Internet traffic demands of residential users, in particular, for remote working, entertainment, commerce, and education, which, as a result, caused traffic shifts in the Internet core. In this paper, using data from a diverse set of vantage points (one ISP, three IXPs, and one metropolitan educational network), we examine the effect of these lockdowns on traffic shifts. We find that the traffic volume increased by 15-20% almost within a week--while overall still modest, this constitutes a large increase within this short time period. However, despite this surge, we observe that the Internet infrastructure is able to handle the new volume, as most traffic shifts occur outside of traditional peak hours. When looking directly at the traffic sources, it turns out that, while hypergiants still contribute a significant fraction of traffic, we see (1) a higher increase in traffic of non-hypergiants, and (2) traffic increases in applications that people use when at home, such as Web conferencing, VPN, and gaming. While many networks see increased traffic demands, in particular, those providing services to residential users, academic networks experience major overall decreases. Yet, in these networks, we can observe substantial increases when considering applications associated to remote working and lecturing.
△ Less
Submitted 5 October, 2020; v1 submitted 25 August, 2020;
originally announced August 2020.
-
A Large-Scale Analysis of Attacker Activity in Compromised Enterprise Accounts
Authors:
Neil Shah,
Grant Ho,
Marco Schweighauser,
M. H. Afifi,
Asaf Cidon,
David Wagner
Abstract:
We present a large-scale characterization of attacker activity across 111 real-world enterprise organizations. We develop a novel forensic technique for distinguishing between attacker activity and benign activity in compromised enterprise accounts that yields few false positives and enables us to perform fine-grained analysis of attacker behavior. Applying our methods to a set of 159 compromised…
▽ More
We present a large-scale characterization of attacker activity across 111 real-world enterprise organizations. We develop a novel forensic technique for distinguishing between attacker activity and benign activity in compromised enterprise accounts that yields few false positives and enables us to perform fine-grained analysis of attacker behavior. Applying our methods to a set of 159 compromised enterprise accounts, we quantify the duration of time attackers are active in accounts and examine thematic patterns in how attackers access and leverage these hijacked accounts. We find that attackers frequently dwell in accounts for multiple days to weeks, suggesting that delayed (non-real-time) detection can still provide significant value. Based on an analysis of the attackers' timing patterns, we observe two distinct modalities in how attackers access compromised accounts, which could be explained by the existence of a specialized market for hijacked enterprise accounts: where one class of attackers focuses on compromising and selling account access to another class of attackers who exploit the access such hijacked accounts provide. Ultimately, our analysis sheds light on the state of enterprise account hijacking and highlights fruitful directions for a broader space of detection methods, ranging from new features that home in on malicious account behavior to the development of non-real-time detection methods that leverage malicious activity after an attack's initial point of compromise to more accurately identify attacks.
△ Less
Submitted 28 July, 2020;
originally announced July 2020.
-
Bombus Species Image Classification
Authors:
Venkat Margapuri,
George Lavezzi,
Robert Stewart,
Dan Wagner
Abstract:
Entomologists, ecologists and others struggle to rapidly and accurately identify the species of bumble bees they encounter in their field work and research. The current process requires the bees to be mounted, then physically shipped to a taxonomic expert for proper categorization. We investigated whether an image classification system derived from transfer learning can do this task. We used Googl…
▽ More
Entomologists, ecologists and others struggle to rapidly and accurately identify the species of bumble bees they encounter in their field work and research. The current process requires the bees to be mounted, then physically shipped to a taxonomic expert for proper categorization. We investigated whether an image classification system derived from transfer learning can do this task. We used Google Inception, Oxford VGG16 and VGG19 and Microsoft ResNet 50. We found Inception and VGG classifiers were able to make some progress at identifying bumble bee species from the available data, whereas ResNet was not. Individual classifiers achieved accuracies of up to 23% for single species identification and 44% top-3 labels, where a composite model performed better, 27% and 50%. We feel the performance was most hampered by our limited data set of 5,000-plus labeled images of 29 species, with individual species represented by 59 -315 images.
△ Less
Submitted 9 June, 2020;
originally announced June 2020.
-
Tunable and precise two-bunch generation at FLASHForward
Authors:
S. Schröder,
K. Ludwig,
A. Aschikhin,
R. D'Arcy,
M. Dinter,
P. Gonzalez,
S. Karstensen,
A. Knetsch,
V. Libov,
C. A. Lindstrøm,
F. Marutzky,
P. Niknejadi,
A. Rahali,
L. Schaper,
A. Schleiermacher,
B. Schmidt,
S. Thiele,
A. de Zubiaurre Wagner,
S. Wesch,
J. Osterhoff
Abstract:
Beam-driven plasma-wakefield acceleration based on external injection has the potential to significantly reduce the size of future accelerators. Stability and quality of the acceleration process substantially depends on the incoming bunch parameters. Precise control of the current profile is essential for optimising energy-transfer efficiency and preserving energy spread. At the FLASHForward facil…
▽ More
Beam-driven plasma-wakefield acceleration based on external injection has the potential to significantly reduce the size of future accelerators. Stability and quality of the acceleration process substantially depends on the incoming bunch parameters. Precise control of the current profile is essential for optimising energy-transfer efficiency and preserving energy spread. At the FLASHForward facility, driver--witness bunch pairs of adjustable bunch length and separation are generated by a set of collimators in a dispersive section, which enables fs-level control of the longitudinal bunch profile. The design of the collimator apparatus and its commissioning is presented.
△ Less
Submitted 25 May, 2020;
originally announced May 2020.
-
Measures and LMIs for Adaptive Control Validation
Authors:
Daniel Wagner,
Didier Henrion,
Martin Hrom{č}ík
Abstract:
Occupation measures and linear matrix inequality (LMI) relax-ations (called the moment sums of squares or Lasserre hierarchy) have been used previously as a means for solving control law verification and validation (VV) problems. However, these methods have been restricted to relatively simple control laws and a limited number of states. In this document, we extend these methods to model reference…
▽ More
Occupation measures and linear matrix inequality (LMI) relax-ations (called the moment sums of squares or Lasserre hierarchy) have been used previously as a means for solving control law verification and validation (VV) problems. However, these methods have been restricted to relatively simple control laws and a limited number of states. In this document, we extend these methods to model reference adaptive control (MRAC) configurations typical of the aircraft industry. The main contribution is a validation scheme that exploits the specific nonlinearities and structure of MRAC. A nonlinear F-16 plant is used for illustration. LMI relaxations solved by off-the-shelf-software are compared to traditional Monte-Carlo simulations.
△ Less
Submitted 19 May, 2020;
originally announced May 2020.
-
Minority Reports Defense: Defending Against Adversarial Patches
Authors:
Michael McCoyd,
Won Park,
Steven Chen,
Neil Shah,
Ryan Roggenkemper,
Minjune Hwang,
Jason Xinyu Liu,
David Wagner
Abstract:
Deep learning image classification is vulnerable to adversarial attack, even if the attacker changes just a small patch of the image. We propose a defense against patch attacks based on partially occluding the image around each candidate patch location, so that a few occlusions each completely hide the patch. We demonstrate on CIFAR-10, Fashion MNIST, and MNIST that our defense provides certified…
▽ More
Deep learning image classification is vulnerable to adversarial attack, even if the attacker changes just a small patch of the image. We propose a defense against patch attacks based on partially occluding the image around each candidate patch location, so that a few occlusions each completely hide the patch. We demonstrate on CIFAR-10, Fashion MNIST, and MNIST that our defense provides certified security against patch attacks of a certain size.
△ Less
Submitted 28 April, 2020;
originally announced April 2020.
-
Densities of Almost Surely Terminating Probabilistic Programs are Differentiable Almost Everywhere
Authors:
Carol Mak,
C. -H. Luke Ong,
Hugo Paquet,
Dominik Wagner
Abstract:
We study the differential properties of higher-order statistical probabilistic programs with recursion and conditioning. Our starting point is an open problem posed by Hongseok Yang: what class of statistical probabilistic programs have densities that are differentiable almost everywhere? To formalise the problem, we consider Statistical PCF (SPCF), an extension of call-by-value PCF with real numb…
▽ More
We study the differential properties of higher-order statistical probabilistic programs with recursion and conditioning. Our starting point is an open problem posed by Hongseok Yang: what class of statistical probabilistic programs have densities that are differentiable almost everywhere? To formalise the problem, we consider Statistical PCF (SPCF), an extension of call-by-value PCF with real numbers, and constructs for sampling and conditioning. We give SPCF a sampling-style operational semantics a la Borgstrom et al., and study the associated weight (commonly referred to as the density) function and value function on the set of possible execution traces. Our main result is that almost-surely terminating SPCF programs, generated from a set of primitive functions (e.g. the set of analytic functions) satisfying mild closure properties, have weight and value functions that are almost-everywhere differentiable. We use a stochastic form of symbolic execution to reason about almost-everywhere differentiability. A by-product of this work is that almost-surely terminating deterministic (S)PCF programs with real parameters denote functions that are almost-everywhere differentiable. Our result is of practical interest, as almost-everywhere differentiability of the density function is required to hold for the correctness of major gradient-based inference algorithms.
△ Less
Submitted 21 June, 2021; v1 submitted 8 April, 2020;
originally announced April 2020.
-
Zip** Segment Trees
Authors:
Lukas Barth,
Dorothea Wagner
Abstract:
Stabbing queries in sets of intervals are usually answered using segment trees. A dynamic variant of segment trees has been presented by van Kreveld and Overmars, which uses red-black trees to do rebalancing operations. This paper presents zip** segment trees - dynamic segment trees based on zip trees, which were recently introduced by Tarjan et al. To facilitate zip** segment trees, we show h…
▽ More
Stabbing queries in sets of intervals are usually answered using segment trees. A dynamic variant of segment trees has been presented by van Kreveld and Overmars, which uses red-black trees to do rebalancing operations. This paper presents zip** segment trees - dynamic segment trees based on zip trees, which were recently introduced by Tarjan et al. To facilitate zip** segment trees, we show how to uphold certain segment tree properties during the operations of a zip tree. We present an in-depth experimental evaluation and comparison of dynamic segment trees based on red-black trees, weight-balanced trees and several variants of the novel zip** segment trees. Our results indicate that zip** segment trees perform better than rotation-based alternatives.
△ Less
Submitted 7 April, 2020;
originally announced April 2020.
-
Engineering Exact Quasi-Threshold Editing
Authors:
Lars Gottesbüren,
Michael Hamann,
Philipp Schoch,
Ben Strasser,
Dorothea Wagner,
Sven Zühlsdorf
Abstract:
Quasi-threshold graphs are $\{C_4, P_4\}$-free graphs, i.e., they do not contain any cycle or path of four nodes as an induced subgraph. We study the $\{C_4, P_4\}$-free editing problem, which is the problem of finding a minimum number of edge insertions or deletions to transform an input graph into a quasi-threshold graph. This problem is NP-hard but fixed-parameter tractable (FPT) in the number…
▽ More
Quasi-threshold graphs are $\{C_4, P_4\}$-free graphs, i.e., they do not contain any cycle or path of four nodes as an induced subgraph. We study the $\{C_4, P_4\}$-free editing problem, which is the problem of finding a minimum number of edge insertions or deletions to transform an input graph into a quasi-threshold graph. This problem is NP-hard but fixed-parameter tractable (FPT) in the number of edits by using a branch-and-bound algorithm and admits a simple integer linear programming formulation (ILP). Both methods are also applicable to the general $F$-free editing problem for any finite set of graphs $F$. For the FPT algorithm, we introduce a fast heuristic for computing high-quality lower bounds and an improved branching strategy. For the ILP, we engineer several variants of row generation. We evaluate both methods for quasi-threshold editing on a large set of protein similarity graphs. For most instances, our optimizations speed up the FPT algorithm by one to three orders of magnitude. The running time of the ILP, that we solve using Gurobi, becomes only slightly faster. With all optimizations, the FPT algorithm is slightly faster than the ILP, even when listing all solutions. Additionally, we show that for almost all graphs, solutions of the previously proposed quasi-threshold editing heuristic QTM are close to optimal.
△ Less
Submitted 31 March, 2020;
originally announced March 2020.
-
Advanced Flow-Based Multilevel Hypergraph Partitioning
Authors:
Lars Gottesbüren,
Michael Hamann,
Sebastian Schlag,
Dorothea Wagner
Abstract:
The balanced hypergraph partitioning problem is to partition a hypergraph into $k$ disjoint blocks of bounded size such that the sum of the number of blocks connected by each hyperedge is minimized. We present an improvement to the flow-based refinement framework of KaHyPar-MF, the current state-of-the-art multilevel $k$-way hypergraph partitioning algorithm for high-quality solutions. Our improve…
▽ More
The balanced hypergraph partitioning problem is to partition a hypergraph into $k$ disjoint blocks of bounded size such that the sum of the number of blocks connected by each hyperedge is minimized. We present an improvement to the flow-based refinement framework of KaHyPar-MF, the current state-of-the-art multilevel $k$-way hypergraph partitioning algorithm for high-quality solutions. Our improvement is based on the recently proposed HyperFlowCutter algorithm for computing bipartitions of unweighted hypergraphs by solving a sequence of incremental maximum flow problems. Since vertices and hyperedges are aggregated during the coarsening phase, refinement algorithms employed in the multilevel setting must be able to handle both weighted hyperedges and weighted vertices -- even if the initial input hypergraph is unweighted. We therefore enhance HyperFlowCutter to handle weighted instances and propose a technique for computing maximum flows directly on weighted hypergraphs.
We compare the performance of two configurations of our new algorithm with KaHyPar-MF and seven other partitioning algorithms on a comprehensive benchmark set with instances from application areas such as VLSI design, scientific computing, and SAT solving. Our first configuration, KaHyPar-HFC, computes slightly better solutions than KaHyPar-MF using significantly less running time. The second configuration, KaHyPar-HFC*, computes solutions of significantly better quality and is still slightly faster than KaHyPar-MF. Furthermore, in terms of solution quality, both configurations also outperform all other competing partitioners.
△ Less
Submitted 26 March, 2020;
originally announced March 2020.
-
Measures and LMIs for Lateral F-16 MRAC Validation
Authors:
Daniel Wagner,
Didier Henrion,
Martin Hromčík
Abstract:
Occupation measures and linear matrix inequality (LMI) relax-ations (called the moment sums of squares or Lasserre hierarchy) are state-of-the-art methods for verification and validation (VV) in aerospace. In this document, we extend these results to a full F-16 closed-loop nonlinear dutch roll polynomial model complete with model reference adaptive control (MRAC). This is done through a new techn…
▽ More
Occupation measures and linear matrix inequality (LMI) relax-ations (called the moment sums of squares or Lasserre hierarchy) are state-of-the-art methods for verification and validation (VV) in aerospace. In this document, we extend these results to a full F-16 closed-loop nonlinear dutch roll polynomial model complete with model reference adaptive control (MRAC). This is done through a new technique of approximating the reference trajectory by exploiting sparse ordinary differential equations (ODEs) with parsimony. The VV problem is then solved directly using moment LMI relaxations and off-the-shelf-software. The main results are then compared to their numerical counterparts obtained using traditional Monte-Carlo simulations.
△ Less
Submitted 25 March, 2020;
originally announced March 2020.
-
SAT: Improving Adversarial Training via Curriculum-Based Loss Smoothing
Authors:
Chawin Sitawarin,
Supriyo Chakraborty,
David Wagner
Abstract:
Adversarial training (AT) has become a popular choice for training robust networks. However, it tends to sacrifice clean accuracy heavily in favor of robustness and suffers from a large generalization error. To address these concerns, we propose Smooth Adversarial Training (SAT), guided by our analysis on the eigenspectrum of the loss Hessian. We find that curriculum learning, a scheme that emphas…
▽ More
Adversarial training (AT) has become a popular choice for training robust networks. However, it tends to sacrifice clean accuracy heavily in favor of robustness and suffers from a large generalization error. To address these concerns, we propose Smooth Adversarial Training (SAT), guided by our analysis on the eigenspectrum of the loss Hessian. We find that curriculum learning, a scheme that emphasizes on starting "easy" and gradually ram** up on the "difficulty" of training, smooths the adversarial loss landscape for a suitably chosen difficulty metric. We present a general formulation for curriculum learning in the adversarial setting and propose two difficulty metrics based on the maximal Hessian eigenvalue (H-SAT) and the softmax probability (P-SA). We demonstrate that SAT stabilizes network training even for a large perturbation norm and allows the network to operate at a better clean accuracy versus robustness trade-off curve compared to AT. This leads to a significant improvement in both clean accuracy and robustness compared to AT, TRADES, and other baselines. To highlight a few results, our best model improves normal and robust accuracy by 6% and 1% on CIFAR-100 compared to AT, respectively. On Imagenette, a ten-class subset of ImageNet, our model outperforms AT by 23% and 3% on normal and robust accuracy respectively.
△ Less
Submitted 8 November, 2021; v1 submitted 18 March, 2020;
originally announced March 2020.
-
Minimum-Norm Adversarial Examples on KNN and KNN-Based Models
Authors:
Chawin Sitawarin,
David Wagner
Abstract:
We study the robustness against adversarial examples of kNN classifiers and classifiers that combine kNN with neural networks. The main difficulty lies in the fact that finding an optimal attack on kNN is intractable for typical datasets. In this work, we propose a gradient-based attack on kNN and kNN-based defenses, inspired by the previous work by Sitawarin & Wagner [1]. We demonstrate that our…
▽ More
We study the robustness against adversarial examples of kNN classifiers and classifiers that combine kNN with neural networks. The main difficulty lies in the fact that finding an optimal attack on kNN is intractable for typical datasets. In this work, we propose a gradient-based attack on kNN and kNN-based defenses, inspired by the previous work by Sitawarin & Wagner [1]. We demonstrate that our attack outperforms their method on all of the models we tested with only a minimal increase in the computation time. The attack also beats the state-of-the-art attack [2] on kNN when k > 1 using less than 1% of its running time. We hope that this attack can be used as a new baseline for evaluating the robustness of kNN and its variants.
△ Less
Submitted 14 March, 2020;
originally announced March 2020.
-
Spectroscopic characterization of nine binary star systems as well as HIP107136 and HIP107533
Authors:
T. Heyne,
M. Mugrauer,
R. Bischoff,
D. Wagner,
S. Hoffmann,
O. Lux,
V. Munz,
M. Geymeier,
R. Neuhäuser
Abstract:
We present the results of our 2nd radial velocity monitoring campaign, carried out with the Échelle spectrograph FLECHAS at the University Observatory Jena in the course of the Großschwabhausen binary survey between December 2016 and June 2018. The aim of this project is to obtain precise radial velocity measurements for spectroscopic binary stars in order to redetermine, verify, improve and const…
▽ More
We present the results of our 2nd radial velocity monitoring campaign, carried out with the Échelle spectrograph FLECHAS at the University Observatory Jena in the course of the Großschwabhausen binary survey between December 2016 and June 2018. The aim of this project is to obtain precise radial velocity measurements for spectroscopic binary stars in order to redetermine, verify, improve and constrain their Keplerian orbital solutions. In this paper we describe the observations, data reduction and analysis and present the results of this project. In total, we have taken 721 RV measurements of 11 stars and derived well determined orbital solutions for 9 systems (7 single-, and 2 double-lined spectroscopic binaries) with periods in the range between 2 and 70 days. In addition, we could rule out the orbital solutions for the previously classified spectroscopic binary systems HIP107136 and HIP107533, whose radial velocities are found to be constant on the km/s-level over a span of time of more than 500 days. In the case of HIP2225 a significant change of its systematic velocity is detected between our individual observing epochs, indicating the presence of an additional companion, which is located on a wider orbit in this system.
△ Less
Submitted 11 December, 2019;
originally announced December 2019.
-
Space-Efficient, Fast and Exact Routing in Time-Dependent Road Networks
Authors:
Ben Strasser,
Dorothea Wagner,
Tim Zeitz
Abstract:
We study the problem of quickly computing point-to-point shortest paths in massive road networks with traffic predictions. Incorporating traffic predictions into routing allows, for example, to avoid commuter traffic congestions. Existing techniques follow a two-phase approach: In a preprocessing step, an index is built. The index depends on the road network and the traffic patterns but not on the…
▽ More
We study the problem of quickly computing point-to-point shortest paths in massive road networks with traffic predictions. Incorporating traffic predictions into routing allows, for example, to avoid commuter traffic congestions. Existing techniques follow a two-phase approach: In a preprocessing step, an index is built. The index depends on the road network and the traffic patterns but not on the path start and end. The latter are the input of the query phase, in which shortest paths are computed. All existing techniques have large index size, slow query running times or may compute suboptimal paths. In this work, we introduce CATCHUp (Customizable Approximated Time-dependent Contraction Hierarchies through Unpacking), the first algorithm that simultaneously achieves all three objectives.The core idea of CATCHUp is to store paths instead of travel times at shortcuts. Shortcut travel times are derived lazily from the stored paths. We perform an experimental study on a set of real world instances and compare our approach with state-of-the-art techniques. Our approach achieves the fastest preprocessing, competitive query running times and up to 38 times smaller indexes than competing approaches.
△ Less
Submitted 26 March, 2021; v1 submitted 28 October, 2019;
originally announced October 2019.
-
Shortest Feasible Paths with Charging Stops for Battery Electric Vehicles
Authors:
Moritz Baum,
Julian Dibbelt,
Andreas Gemsa,
Dorothea Wagner,
Tobias Zündorf
Abstract:
We study the problem of minimizing overall trip time for battery electric vehicles in road networks. As battery capacity is limited, stops at charging stations may be inevitable. Careful route planning is crucial, since charging stations are scarce and recharging is time-consuming. We extend the Constrained Shortest Path problem for electric vehicles with realistic models of charging stops, includ…
▽ More
We study the problem of minimizing overall trip time for battery electric vehicles in road networks. As battery capacity is limited, stops at charging stations may be inevitable. Careful route planning is crucial, since charging stations are scarce and recharging is time-consuming. We extend the Constrained Shortest Path problem for electric vehicles with realistic models of charging stops, including varying charging power and battery swap** stations. While the resulting problem is NP-hard, we propose a combination of algorithmic techniques to achieve good performance in practice. Extensive experimental evaluation shows that our approach (CHArge) enables computation of optimal solutions on realistic inputs, even of continental scale. Finally, we investigate heuristic variants of CHArge that derive high-quality routes in well below a second on sensible instances.
△ Less
Submitted 22 October, 2019;
originally announced October 2019.
-
Engineering Top-Down Weight-Balanced Trees
Authors:
Lukas Barth,
Dorothea Wagner
Abstract:
Weight-balanced trees are a popular form of self-balancing binary search trees. Their popularity is due to desirable guarantees, for example regarding the required work to balance annotated trees.
While usual weight-balanced trees perform their balancing operations in a bottom-up fashion after a modification to the tree is completed, there exists a top-down variant which performs these balancing…
▽ More
Weight-balanced trees are a popular form of self-balancing binary search trees. Their popularity is due to desirable guarantees, for example regarding the required work to balance annotated trees.
While usual weight-balanced trees perform their balancing operations in a bottom-up fashion after a modification to the tree is completed, there exists a top-down variant which performs these balancing operations during descend. This variant has so far received only little attention. We provide an in-depth analysis and engineering of these top-down weight-balanced trees, demonstrating their superior performance. We also gaining insights into how the balancing parameters necessary for a weight-balanced tree should be chosen - with the surprising observation that it is often beneficial to choose parameters which are not feasible in the sense of the correctness proofs for the rebalancing algorithm.
△ Less
Submitted 28 October, 2019; v1 submitted 17 October, 2019;
originally announced October 2019.
-
Detecting and Characterizing Lateral Phishing at Scale
Authors:
Grant Ho,
Asaf Cidon,
Lior Gavish,
Marco Schweighauser,
Vern Paxson,
Stefan Savage,
Geoffrey M. Voelker,
David Wagner
Abstract:
We present the first large-scale characterization of lateral phishing attacks, based on a dataset of 113 million employee-sent emails from 92 enterprise organizations. In a lateral phishing attack, adversaries leverage a compromised enterprise account to send phishing emails to other users, benefitting from both the implicit trust and the information in the hijacked user's account. We develop a cl…
▽ More
We present the first large-scale characterization of lateral phishing attacks, based on a dataset of 113 million employee-sent emails from 92 enterprise organizations. In a lateral phishing attack, adversaries leverage a compromised enterprise account to send phishing emails to other users, benefitting from both the implicit trust and the information in the hijacked user's account. We develop a classifier that finds hundreds of real-world lateral phishing emails, while generating under four false positives per every one-million employee-sent emails. Drawing on the attacks we detect, as well as a corpus of user-reported incidents, we quantify the scale of lateral phishing, identify several thematic content and recipient targeting strategies that attackers follow, illuminate two types of sophisticated behaviors that attackers exhibit, and estimate the success rate of these attacks. Collectively, these results expand our mental models of the 'enterprise attacker' and shed light on the current state of enterprise phishing attacks.
△ Less
Submitted 2 October, 2019;
originally announced October 2019.
-
Efficient Computation of Multi-Modal Public Transit Traffic Assignments using ULTRA
Authors:
Jonas Sauer,
Dorothea Wagner,
Tobias Zündorf
Abstract:
We study the problem of computing public transit traffic assignments in a multi-modal setting: Given a public transit timetable, an additional unrestricted transfer mode (in our case walking), and a set of origin-destination pairs, we aim to compute the utilization of every vehicle in the network. While it has been shown that considering unrestricted transfers can significantly improve journeys, c…
▽ More
We study the problem of computing public transit traffic assignments in a multi-modal setting: Given a public transit timetable, an additional unrestricted transfer mode (in our case walking), and a set of origin-destination pairs, we aim to compute the utilization of every vehicle in the network. While it has been shown that considering unrestricted transfers can significantly improve journeys, computing such journeys efficiently remains algorithmically challenging. Since traffic assignments require the computation of millions of shortest paths, using a multi-modal network has previously not been feasible. A recently proposed approach (ULTRA) enables efficient algorithms with UnLimited TRAnsfers at the cost of a short preprocessing phase. In this work we combine the ULTRA approach with a state-of-the-art assignment algorithm, making multi-modal assignments practical. Careful algorithm engineering results in a new public transit traffic assignment algorithm that even outperforms the algorithm it builds upon, while enabling unlimited walking which has not been considered previously. We conclude our work with an extensive evaluation of the algorithm, showing its versatility and efficiency. On our real world instance, the algorithm computes over 15 million unique journeys in less than 17 seconds.
△ Less
Submitted 18 September, 2019;
originally announced September 2019.
-
Engineering Negative Cycle Canceling for Wind Farm Cabling
Authors:
Sascha Gritzbach,
Torsten Ueckerdt,
Dorothea Wagner,
Franziska Wegner,
Matthias Wolf
Abstract:
In a wind farm turbines convert wind energy into electrical energy. The generation of each turbine is transmitted, possibly via other turbines, to a substation that is connected to the power grid. On every possible interconnection there can be at most one of various different cable types. Each type comes with a cost per unit length and with a capacity. Designing a cost-minimal cable layout for a w…
▽ More
In a wind farm turbines convert wind energy into electrical energy. The generation of each turbine is transmitted, possibly via other turbines, to a substation that is connected to the power grid. On every possible interconnection there can be at most one of various different cable types. Each type comes with a cost per unit length and with a capacity. Designing a cost-minimal cable layout for a wind farm to feed all turbine production into the power grid is called the Wind Farm Cabling Problem (WCP).
We consider a formulation of WCP as a flow problem on a graph where the cost of a flow on an edge is modeled by a step function originating from the cable types. Recently, we presented a proof-of-concept for a negative cycle canceling-based algorithm for WCP [14]. We extend key steps of that heuristic and build a theoretical foundation that explains how this heuristic tackles the problems arising from the special structure of WCP.
A thorough experimental evaluation identifies the best setup of the algorithm and compares it to existing methods from the literature such as Mixed-integer Linear Programming (MILP) and Simulated Annealing (SA). The heuristic runs in a range of half a millisecond to approximately one and a half minutes on instances with up to 500 turbines. It provides solutions of similar quality compared to both competitors with running times of one hour and one day. When comparing the solution quality after a running time of two seconds, our algorithm outperforms the MILP- and SA-approaches, which allows it to be applied in interactive wind farm planning.
△ Less
Submitted 28 July, 2023; v1 submitted 6 August, 2019;
originally announced August 2019.
-
Stateful Detection of Black-Box Adversarial Attacks
Authors:
Steven Chen,
Nicholas Carlini,
David Wagner
Abstract:
The problem of adversarial examples, evasion attacks on machine learning classifiers, has proven extremely difficult to solve. This is true even when, as is the case in many practical settings, the classifier is hosted as a remote service and so the adversary does not have direct access to the model parameters.
This paper argues that in such settings, defenders have a much larger space of action…
▽ More
The problem of adversarial examples, evasion attacks on machine learning classifiers, has proven extremely difficult to solve. This is true even when, as is the case in many practical settings, the classifier is hosted as a remote service and so the adversary does not have direct access to the model parameters.
This paper argues that in such settings, defenders have a much larger space of actions than have been previously explored. Specifically, we deviate from the implicit assumption made by prior work that a defense must be a stateless function that operates on individual examples, and explore the possibility for stateful defenses.
To begin, we develop a defense designed to detect the process of adversarial example generation. By kee** a history of the past queries, a defender can try to identify when a sequence of queries appears to be for the purpose of generating an adversarial example. We then introduce query blinding, a new class of attacks designed to bypass defenses that rely on such a defense approach.
We believe that expanding the study of adversarial examples from stateless classifiers to stateful systems is not only more realistic for many black-box settings, but also gives the defender a much-needed advantage in responding to the adversary.
△ Less
Submitted 12 July, 2019;
originally announced July 2019.
-
Evaluation of a Flow-Based Hypergraph Bipartitioning Algorithm
Authors:
Lars Gottesbüren,
Michael Hamann,
Dorothea Wagner
Abstract:
In this paper, we propose HyperFlowCutter, an algorithm for balanced hypergraph bipartitioning. It is based on minimum S-T hyperedge cuts and maximum flows. It computes a sequence of bipartitions that optimize cut size and balance in the Pareto sense, being able to trade one for the other. HyperFlowCutter builds on the FlowCutter algorithm for partitioning graphs. We propose additional features, s…
▽ More
In this paper, we propose HyperFlowCutter, an algorithm for balanced hypergraph bipartitioning. It is based on minimum S-T hyperedge cuts and maximum flows. It computes a sequence of bipartitions that optimize cut size and balance in the Pareto sense, being able to trade one for the other. HyperFlowCutter builds on the FlowCutter algorithm for partitioning graphs. We propose additional features, such as handling disconnected hypergraphs, novel methods for obtaining starting S,T pairs as well as an approach to refine a given partition with HyperFlowCutter. Our main contribution is ReBaHFC, a new algorithm which obtains an initial partition with the fast multilevel hypergraph partitioner PaToH and then improves it using HyperFlowCutter as a refinement algorithm. ReBaHFC is able to significantly improve the solution quality of PaToH at little additional running time. The solution quality is only marginally worse than that of the best-performing hypergraph partitioners KaHyPar and hMETIS, while being one order of magnitude faster. Thus ReBaHFC offers a new time-quality trade-off in the current spectrum of hypergraph partitioners. For the special case of perfectly balanced bipartitioning, only the much slower plain HyperFlowCutter yields slightly better solutions than ReBaHFC, while only PaToH is faster than ReBaHFC.
△ Less
Submitted 3 July, 2019;
originally announced July 2019.
-
Faster and Better Nested Dissection Orders for Customizable Contraction Hierarchies
Authors:
Lars Gottesbüren,
Michael Hamann,
Tim Niklas Uhl,
Dorothea Wagner
Abstract:
Graph partitioning has many applications. We consider the acceleration of shortest path queries in road networks using Customizable Contraction Hierarchies (CCH). It is based on computing a nested dissection order by recursively dividing the road network into parts. Recently, with FlowCutter and Inertial Flow, two flow-based graph bipartitioning algorithms have been proposed for road networks. Whi…
▽ More
Graph partitioning has many applications. We consider the acceleration of shortest path queries in road networks using Customizable Contraction Hierarchies (CCH). It is based on computing a nested dissection order by recursively dividing the road network into parts. Recently, with FlowCutter and Inertial Flow, two flow-based graph bipartitioning algorithms have been proposed for road networks. While FlowCutter achieves high-quality results and thus fast query times, it is rather slow. Inertial Flow is particularly fast due to the use of geographical information while still achieving decent query times. We combine the techniques of both algorithms to achieve more than six times faster preprocessing times than FlowCutter and even faster queries on the Europe road network. We show that using 16 cores of a shared-memory machine, this preprocessing needs four minutes.
△ Less
Submitted 2 July, 2019; v1 submitted 27 June, 2019;
originally announced June 2019.
-
Defending Against Adversarial Examples with K-Nearest Neighbor
Authors:
Chawin Sitawarin,
David Wagner
Abstract:
Robustness is an increasingly important property of machine learning models as they become more and more prevalent. We propose a defense against adversarial examples based on a k-nearest neighbor (kNN) on the intermediate activation of neural networks. Our scheme surpasses state-of-the-art defenses on MNIST and CIFAR-10 against l2-perturbation by a significant margin. With our models, the mean per…
▽ More
Robustness is an increasingly important property of machine learning models as they become more and more prevalent. We propose a defense against adversarial examples based on a k-nearest neighbor (kNN) on the intermediate activation of neural networks. Our scheme surpasses state-of-the-art defenses on MNIST and CIFAR-10 against l2-perturbation by a significant margin. With our models, the mean perturbation norm required to fool our MNIST model is 3.07 and 2.30 on CIFAR-10. Additionally, we propose a simple certifiable lower bound on the l2-norm of the adversarial perturbation using a more specific version of our scheme, a 1-NN on representations learned by a Lipschitz network. Our model provides a nontrivial average lower bound of the perturbation norm, comparable to other schemes on MNIST with similar clean accuracy.
△ Less
Submitted 18 March, 2020; v1 submitted 22 June, 2019;
originally announced June 2019.
-
UnLimited TRAnsfers for Multi-Modal Route Planning: An Efficient Solution
Authors:
Moritz Baum,
Valentin Buchhold,
Jonas Sauer,
Dorothea Wagner,
Tobias Zündorf
Abstract:
We study a multimodal journey planning scenario consisting of a public transit network and a transfer graph which represents a secondary transportation mode (e.g., walking, cycling, e-scooter). The objective is to compute Pareto-optimal journeys with respect to arrival time and the number of used public transit trips. While various existing algorithms can efficiently compute optimal journeys in ei…
▽ More
We study a multimodal journey planning scenario consisting of a public transit network and a transfer graph which represents a secondary transportation mode (e.g., walking, cycling, e-scooter). The objective is to compute Pareto-optimal journeys with respect to arrival time and the number of used public transit trips. While various existing algorithms can efficiently compute optimal journeys in either a pure public transit network or a pure transfer graph, combining the two increases running times significantly. Existing approaches therefore typically only support limited walking between stops, either by imposing a maximum transfer distance or by requiring the transfer graph to be transitively closed. To overcome these shortcomings, we propose a novel preprocessing technique called ULTRA (UnLimited TRAnsfers): Given an unlimited transfer graph, which may represent any non-schedule-based transportation mode, ULTRA computes a small number of transfer shortcuts that are provably sufficient for computing a Pareto set of optimal journeys. These transfer shortcuts can be integrated into a variety of state-of-the-art public transit algorithms, establishing the ULTRA-Query algorithm family. Our extensive experimental evaluation shows that ULTRA improves these algorithms from limited to unlimited transfers without sacrificing query speed. This is true not just for walking, but also for faster transfer modes such as bicycle or car. Compared to the state of the art for multimodal journey planning, the fastest ULTRA-based algorithm achieves a speedup of an order of magnitude.
△ Less
Submitted 1 February, 2023; v1 submitted 11 June, 2019;
originally announced June 2019.
-
On the Robustness of Deep K-Nearest Neighbors
Authors:
Chawin Sitawarin,
David Wagner
Abstract:
Despite a large amount of attention on adversarial examples, very few works have demonstrated an effective defense against this threat. We examine Deep k-Nearest Neighbor (DkNN), a proposed defense that combines k-Nearest Neighbor (kNN) and deep learning to improve the model's robustness to adversarial examples. It is challenging to evaluate the robustness of this scheme due to a lack of efficient…
▽ More
Despite a large amount of attention on adversarial examples, very few works have demonstrated an effective defense against this threat. We examine Deep k-Nearest Neighbor (DkNN), a proposed defense that combines k-Nearest Neighbor (kNN) and deep learning to improve the model's robustness to adversarial examples. It is challenging to evaluate the robustness of this scheme due to a lack of efficient algorithm for attacking kNN classifiers with large k and high-dimensional data. We propose a heuristic attack that allows us to use gradient descent to find adversarial examples for kNN classifiers, and then apply it to attack the DkNN defense as well. Results suggest that our attack is moderately stronger than any naive attack on kNN and significantly outperforms other attacks on DkNN.
△ Less
Submitted 19 March, 2019;
originally announced March 2019.
