-
Efficient and Distributed Large-Scale 3D Map Registration using Tomographic Features
Authors:
Halil Utku Unlu,
Anthony Tzes,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
A robust, resource-efficient, distributed, and minimally parameterized 3D map matching and merging algorithm is proposed. The suggested algorithm utilizes tomographic features from 2D projections of horizontal cross-sections of gravity-aligned local maps, and matches these projection slices at all possible height differences, enabling the estimation of four degrees of freedom in an efficient and p…
▽ More
A robust, resource-efficient, distributed, and minimally parameterized 3D map matching and merging algorithm is proposed. The suggested algorithm utilizes tomographic features from 2D projections of horizontal cross-sections of gravity-aligned local maps, and matches these projection slices at all possible height differences, enabling the estimation of four degrees of freedom in an efficient and parallelizable manner. The advocated algorithm improves state-of-the-art feature extraction and registration pipelines by an order of magnitude in memory use and execution time. Experimental studies are offered to investigate the efficiency of this 3D map merging scheme.
△ Less
Submitted 27 June, 2024;
originally announced June 2024.
-
NYU CTF Dataset: A Scalable Open-Source Benchmark Dataset for Evaluating LLMs in Offensive Security
Authors:
Minghao Shao,
Sofija Jancheska,
Meet Udeshi,
Brendan Dolan-Gavitt,
Haoran Xi,
Kimberly Milner,
Boyuan Chen,
Max Yin,
Siddharth Garg,
Prashanth Krishnamurthy,
Farshad Khorrami,
Ramesh Karri,
Muhammad Shafique
Abstract:
Large Language Models (LLMs) are being deployed across various domains today. However, their capacity to solve Capture the Flag (CTF) challenges in cybersecurity has not been thoroughly evaluated. To address this, we develop a novel method to assess LLMs in solving CTF challenges by creating a scalable, open-source benchmark database specifically designed for these applications. This database incl…
▽ More
Large Language Models (LLMs) are being deployed across various domains today. However, their capacity to solve Capture the Flag (CTF) challenges in cybersecurity has not been thoroughly evaluated. To address this, we develop a novel method to assess LLMs in solving CTF challenges by creating a scalable, open-source benchmark database specifically designed for these applications. This database includes metadata for LLM testing and adaptive learning, compiling a diverse range of CTF challenges from popular competitions. Utilizing the advanced function calling capabilities of LLMs, we build a fully automated system with an enhanced workflow and support for external tool calls. Our benchmark dataset and automated framework allow us to evaluate the performance of five LLMs, encompassing both black-box and open-source models. This work lays the foundation for future research into improving the efficiency of LLMs in interactive cybersecurity tasks and automated task planning. By providing a specialized dataset, our project offers an ideal platform for develo**, testing, and refining LLM-based approaches to vulnerability detection and resolution. Evaluating LLMs on these challenges and comparing with human performance yields insights into their potential for AI-driven cybersecurity solutions to perform real-world threat management. We make our dataset open source to public https://github.com/NYU-LLM-CTF/LLM_CTF_Database along with our playground automated framework https://github.com/NYU-LLM-CTF/llm_ctf_automation.
△ Less
Submitted 8 June, 2024;
originally announced June 2024.
-
CLIPScope: Enhancing Zero-Shot OOD Detection with Bayesian Scoring
Authors:
Hao Fu,
Naman Patel,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
Detection of out-of-distribution (OOD) samples is crucial for safe real-world deployment of machine learning models. Recent advances in vision language foundation models have made them capable of detecting OOD samples without requiring in-distribution (ID) images. However, these zero-shot methods often underperform as they do not adequately consider ID class likelihoods in their detection confiden…
▽ More
Detection of out-of-distribution (OOD) samples is crucial for safe real-world deployment of machine learning models. Recent advances in vision language foundation models have made them capable of detecting OOD samples without requiring in-distribution (ID) images. However, these zero-shot methods often underperform as they do not adequately consider ID class likelihoods in their detection confidence scoring. Hence, we introduce CLIPScope, a zero-shot OOD detection approach that normalizes the confidence score of a sample by class likelihoods, akin to a Bayesian posterior update. Furthermore, CLIPScope incorporates a novel strategy to mine OOD classes from a large lexical database. It selects class labels that are farthest and nearest to ID classes in terms of CLIP embedding distance to maximize coverage of OOD samples. We conduct extensive ablation studies and empirical evaluations, demonstrating state of the art performance of CLIPScope across various OOD detection benchmarks.
△ Less
Submitted 23 May, 2024;
originally announced May 2024.
-
Fine-tuning Pre-trained Named Entity Recognition Models For Indian Languages
Authors:
Sankalp Bahad,
Pruthwik Mishra,
Karunesh Arora,
Rakesh Chandra Balabantaray,
Dipti Misra Sharma,
Parameswari Krishnamurthy
Abstract:
Named Entity Recognition (NER) is a useful component in Natural Language Processing (NLP) applications. It is used in various tasks such as Machine Translation, Summarization, Information Retrieval, and Question-Answering systems. The research on NER is centered around English and some other major languages, whereas limited attention has been given to Indian languages. We analyze the challenges an…
▽ More
Named Entity Recognition (NER) is a useful component in Natural Language Processing (NLP) applications. It is used in various tasks such as Machine Translation, Summarization, Information Retrieval, and Question-Answering systems. The research on NER is centered around English and some other major languages, whereas limited attention has been given to Indian languages. We analyze the challenges and propose techniques that can be tailored for Multilingual Named Entity Recognition for Indian Languages. We present a human annotated named entity corpora of 40K sentences for 4 Indian languages from two of the major Indian language families. Additionally,we present a multilingual model fine-tuned on our dataset, which achieves an F1 score of 0.80 on our dataset on average. We achieve comparable performance on completely unseen benchmark datasets for Indian languages which affirms the usability of our model.
△ Less
Submitted 10 May, 2024; v1 submitted 8 May, 2024;
originally announced May 2024.
-
Exploring News Summarization and Enrichment in a Highly Resource-Scarce Indian Language: A Case Study of Mizo
Authors:
Abhinaba Bala,
Ashok Urlana,
Rahul Mishra,
Parameswari Krishnamurthy
Abstract:
Obtaining sufficient information in one's mother tongue is crucial for satisfying the information needs of the users. While high-resource languages have abundant online resources, the situation is less than ideal for very low-resource languages. Moreover, the insufficient reporting of vital national and international events continues to be a worry, especially in languages with scarce resources, li…
▽ More
Obtaining sufficient information in one's mother tongue is crucial for satisfying the information needs of the users. While high-resource languages have abundant online resources, the situation is less than ideal for very low-resource languages. Moreover, the insufficient reporting of vital national and international events continues to be a worry, especially in languages with scarce resources, like \textbf{Mizo}. In this paper, we conduct a study to investigate the effectiveness of a simple methodology designed to generate a holistic summary for Mizo news articles, which leverages English-language news to supplement and enhance the information related to the corresponding news events. Furthermore, we make available 500 Mizo news articles and corresponding enriched holistic summaries. Human evaluation confirms that our approach significantly enhances the information coverage of Mizo news articles. The mizo dataset and code can be accessed at \url{https://github.com/barvin04/mizo_enrichment
△ Less
Submitted 25 April, 2024;
originally announced May 2024.
-
OffRAMPS: An FPGA-based Intermediary for Analysis and Modification of Additive Manufacturing Control Systems
Authors:
Jason Blocklove,
Md Raz,
Prithwish Basu Roy,
Hammond Pearce,
Prashanth Krishnamurthy,
Farshad Khorrami,
Ramesh Karri
Abstract:
Cybersecurity threats in Additive Manufacturing (AM) are an increasing concern as AM adoption continues to grow. AM is now being used for parts in the aerospace, transportation, and medical domains. Threat vectors which allow for part compromise are particularly concerning, as any failure in these domains would have life-threatening consequences. A major challenge to investigation of AM part-compr…
▽ More
Cybersecurity threats in Additive Manufacturing (AM) are an increasing concern as AM adoption continues to grow. AM is now being used for parts in the aerospace, transportation, and medical domains. Threat vectors which allow for part compromise are particularly concerning, as any failure in these domains would have life-threatening consequences. A major challenge to investigation of AM part-compromises comes from the difficulty in evaluating and benchmarking both identified threat vectors as well as methods for detecting adversarial actions. In this work, we introduce a generalized platform for systematic analysis of attacks against and defenses for 3D printers. Our "OFFRAMPS" platform is based on the open-source 3D printer control board "RAMPS." OFFRAMPS allows analysis, recording, and modification of all control signals and I/O for a 3D printer. We show the efficacy of OFFRAMPS by presenting a series of case studies based on several Trojans, including ones identified in the literature, and show that OFFRAMPS can both emulate and detect these attacks, i.e., it can both change and detect arbitrary changes to the g-code print commands.
△ Less
Submitted 23 April, 2024;
originally announced April 2024.
-
Sailing Through Point Clouds: Safe Navigation Using Point Cloud Based Control Barrier Functions
Authors:
Bolun Dai,
Rooholla Khorrambakht,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
The capability to navigate safely in an unstructured environment is crucial when deploying robotic systems in real-world scenarios. Recently, control barrier function (CBF) based approaches have been highly effective in synthesizing safety-critical controllers. In this work, we propose a novel CBF-based local planner comprised of two components: Vessel and Mariner. The Vessel is a novel scaling fa…
▽ More
The capability to navigate safely in an unstructured environment is crucial when deploying robotic systems in real-world scenarios. Recently, control barrier function (CBF) based approaches have been highly effective in synthesizing safety-critical controllers. In this work, we propose a novel CBF-based local planner comprised of two components: Vessel and Mariner. The Vessel is a novel scaling factor based CBF formulation that synthesizes CBFs using only point cloud data. The Mariner is a CBF-based preview control framework that is used to mitigate getting stuck in spurious equilibria during navigation. To demonstrate the efficacy of our proposed approach, we first compare the proposed point cloud based CBF formulation with other point cloud based CBF formulations. Then, we demonstrate the performance of our proposed approach and its integration with global planners using experimental studies on the Unitree B1 and Unitree Go2 quadruped robots in various environments.
△ Less
Submitted 26 March, 2024;
originally announced March 2024.
-
On the (In)feasibility of ML Backdoor Detection as an Hypothesis Testing Problem
Authors:
Georg Pichler,
Marco Romanelli,
Divya Prakash Manivannan,
Prashanth Krishnamurthy,
Farshad Khorrami,
Siddharth Garg
Abstract:
We introduce a formal statistical definition for the problem of backdoor detection in machine learning systems and use it to analyze the feasibility of such problems, providing evidence for the utility and applicability of our definition. The main contributions of this work are an impossibility result and an achievability result for backdoor detection. We show a no-free-lunch theorem, proving that…
▽ More
We introduce a formal statistical definition for the problem of backdoor detection in machine learning systems and use it to analyze the feasibility of such problems, providing evidence for the utility and applicability of our definition. The main contributions of this work are an impossibility result and an achievability result for backdoor detection. We show a no-free-lunch theorem, proving that universal (adversary-unaware) backdoor detection is impossible, except for very small alphabet sizes. Thus, we argue, that backdoor detection methods need to be either explicitly, or implicitly adversary-aware. However, our work does not imply that backdoor detection cannot work in specific scenarios, as evidenced by successful backdoor detection methods in the scientific literature. Furthermore, we connect our definition to the probably approximately correct (PAC) learnability of the out-of-distribution detection problem.
△ Less
Submitted 26 February, 2024;
originally announced February 2024.
-
Grounding LLMs For Robot Task Planning Using Closed-loop State Feedback
Authors:
Vineet Bhat,
Ali Umut Kaypak,
Prashanth Krishnamurthy,
Ramesh Karri,
Farshad Khorrami
Abstract:
Robotic planning algorithms direct agents to perform actions within diverse environments to accomplish a task. Large Language Models (LLMs) like PaLM 2, GPT-3.5, and GPT-4 have revolutionized this domain, using their embedded real-world knowledge to tackle complex tasks involving multiple agents and objects. This paper introduces an innovative planning algorithm that integrates LLMs into the robot…
▽ More
Robotic planning algorithms direct agents to perform actions within diverse environments to accomplish a task. Large Language Models (LLMs) like PaLM 2, GPT-3.5, and GPT-4 have revolutionized this domain, using their embedded real-world knowledge to tackle complex tasks involving multiple agents and objects. This paper introduces an innovative planning algorithm that integrates LLMs into the robotics context, enhancing task-focused execution and success rates. Key to our algorithm is a closed-loop feedback which provides real-time environmental states and error messages, crucial for refining plans when discrepancies arise. The algorithm draws inspiration from the human neural system, emulating its brain-body architecture by dividing planning across two LLMs in a structured, hierarchical fashion. Our method not only surpasses baselines within the VirtualHome Environment, registering a notable 35% average increase in task-oriented success rates, but achieves an impressive execution score of 85%, approaching the human-level benchmark of 94%. Moreover, effectiveness of the algorithm in real robot scenarios is shown using a realistic physics simulator and the Franka Research 3 Arm.
△ Less
Submitted 13 February, 2024;
originally announced February 2024.
-
Assessing Translation capabilities of Large Language Models involving English and Indian Languages
Authors:
Vandan Mujadia,
Ashok Urlana,
Yash Bhaskar,
Penumalla Aditya Pavani,
Kukkapalli Shravya,
Parameswari Krishnamurthy,
Dipti Misra Sharma
Abstract:
Generative Large Language Models (LLMs) have achieved remarkable advancements in various NLP tasks. In this work, our aim is to explore the multilingual capabilities of large language models by using machine translation as a task involving English and 22 Indian languages. We first investigate the translation capabilities of raw large language models, followed by exploring the in-context learning c…
▽ More
Generative Large Language Models (LLMs) have achieved remarkable advancements in various NLP tasks. In this work, our aim is to explore the multilingual capabilities of large language models by using machine translation as a task involving English and 22 Indian languages. We first investigate the translation capabilities of raw large language models, followed by exploring the in-context learning capabilities of the same raw models. We fine-tune these large language models using parameter efficient fine-tuning methods such as LoRA and additionally with full fine-tuning. Through our study, we have identified the best performing large language model for the translation task involving LLMs, which is based on LLaMA.
Our results demonstrate significant progress, with average BLEU scores of 13.42, 15.93, 12.13, 12.30, and 12.07, as well as CHRF scores of 43.98, 46.99, 42.55, 42.42, and 45.39, respectively, using 2-stage fine-tuned LLaMA-13b for English to Indian languages on IN22 (conversational), IN22 (general), flores200-dev, flores200-devtest, and newstest2019 testsets. Similarly, for Indian languages to English, we achieved average BLEU scores of 14.03, 16.65, 16.17, 15.35 and 12.55 along with chrF scores of 36.71, 40.44, 40.26, 39.51, and 36.20, respectively, using fine-tuned LLaMA-13b on IN22 (conversational), IN22 (general), flores200-dev, flores200-devtest, and newstest2019 testsets. Overall, our findings highlight the potential and strength of large language models for machine translation capabilities, including for languages that are currently underrepresented in LLMs.
△ Less
Submitted 15 November, 2023;
originally announced November 2023.
-
LipSim: A Provably Robust Perceptual Similarity Metric
Authors:
Sara Ghazanfari,
Alexandre Araujo,
Prashanth Krishnamurthy,
Farshad Khorrami,
Siddharth Garg
Abstract:
Recent years have seen growing interest in develo** and applying perceptual similarity metrics. Research has shown the superiority of perceptual metrics over pixel-wise metrics in aligning with human perception and serving as a proxy for the human visual system. On the other hand, as perceptual metrics rely on neural networks, there is a growing concern regarding their resilience, given the esta…
▽ More
Recent years have seen growing interest in develo** and applying perceptual similarity metrics. Research has shown the superiority of perceptual metrics over pixel-wise metrics in aligning with human perception and serving as a proxy for the human visual system. On the other hand, as perceptual metrics rely on neural networks, there is a growing concern regarding their resilience, given the established vulnerability of neural networks to adversarial attacks. It is indeed logical to infer that perceptual metrics may inherit both the strengths and shortcomings of neural networks. In this work, we demonstrate the vulnerability of state-of-the-art perceptual similarity metrics based on an ensemble of ViT-based feature extractors to adversarial attacks. We then propose a framework to train a robust perceptual similarity metric called LipSim (Lipschitz Similarity Metric) with provable guarantees. By leveraging 1-Lipschitz neural networks as the backbone, LipSim provides guarded areas around each data point and certificates for all perturbations within an $\ell_2$ ball. Finally, a comprehensive set of experiments shows the performance of LipSim in terms of natural and certified scores and on the image retrieval application. The code is available at https://github.com/SaraGhazanfari/LipSim.
△ Less
Submitted 29 March, 2024; v1 submitted 27 October, 2023;
originally announced October 2023.
-
Differentiable Optimization Based Time-Varying Control Barrier Functions for Dynamic Obstacle Avoidance
Authors:
Bolun Dai,
Rooholla Khorrambakht,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
Control barrier functions (CBFs) provide a simple yet effective way for safe control synthesis. Recently, work has been done using differentiable optimization (diffOpt) based methods to systematically construct CBFs for static obstacle avoidance tasks between geometric shapes. In this work, we extend the application of diffOpt CBFs to perform dynamic obstacle avoidance tasks. We show that by using…
▽ More
Control barrier functions (CBFs) provide a simple yet effective way for safe control synthesis. Recently, work has been done using differentiable optimization (diffOpt) based methods to systematically construct CBFs for static obstacle avoidance tasks between geometric shapes. In this work, we extend the application of diffOpt CBFs to perform dynamic obstacle avoidance tasks. We show that by using the time-varying CBF (TVCBF) formulation, we can perform obstacle avoidance for dynamic geometric obstacles. Additionally, we show how to extend the TVCBF constraint to consider measurement noise and actuation limits. To demonstrate the efficacy of our proposed approach, we first compare its performance with a model predictive control based method and a circular CBF based method on a simulated dynamic obstacle avoidance task. Then, we demonstrate the performance of our proposed approach in experimental studies using a 7-degree-of-freedom Franka Research 3 robotic manipulator.
△ Less
Submitted 23 January, 2024; v1 submitted 29 September, 2023;
originally announced September 2023.
-
R-LPIPS: An Adversarially Robust Perceptual Similarity Metric
Authors:
Sara Ghazanfari,
Siddharth Garg,
Prashanth Krishnamurthy,
Farshad Khorrami,
Alexandre Araujo
Abstract:
Similarity metrics have played a significant role in computer vision to capture the underlying semantics of images. In recent years, advanced similarity metrics, such as the Learned Perceptual Image Patch Similarity (LPIPS), have emerged. These metrics leverage deep features extracted from trained neural networks and have demonstrated a remarkable ability to closely align with human perception whe…
▽ More
Similarity metrics have played a significant role in computer vision to capture the underlying semantics of images. In recent years, advanced similarity metrics, such as the Learned Perceptual Image Patch Similarity (LPIPS), have emerged. These metrics leverage deep features extracted from trained neural networks and have demonstrated a remarkable ability to closely align with human perception when evaluating relative image similarity. However, it is now well-known that neural networks are susceptible to adversarial examples, i.e., small perturbations invisible to humans crafted to deliberately mislead the model. Consequently, the LPIPS metric is also sensitive to such adversarial examples. This susceptibility introduces significant security concerns, especially considering the widespread adoption of LPIPS in large-scale applications. In this paper, we propose the Robust Learned Perceptual Image Patch Similarity (R-LPIPS) metric, a new metric that leverages adversarially trained deep features. Through a comprehensive set of experiments, we demonstrate the superiority of R-LPIPS compared to the classical LPIPS metric. The code is available at https://github.com/SaraGhazanfari/R-LPIPS.
△ Less
Submitted 31 July, 2023; v1 submitted 27 July, 2023;
originally announced July 2023.
-
Differential Analysis of Triggers and Benign Features for Black-Box DNN Backdoor Detection
Authors:
Hao Fu,
Prashanth Krishnamurthy,
Siddharth Garg,
Farshad Khorrami
Abstract:
This paper proposes a data-efficient detection method for deep neural networks against backdoor attacks under a black-box scenario. The proposed approach is motivated by the intuition that features corresponding to triggers have a higher influence in determining the backdoored network output than any other benign features. To quantitatively measure the effects of triggers and benign features on de…
▽ More
This paper proposes a data-efficient detection method for deep neural networks against backdoor attacks under a black-box scenario. The proposed approach is motivated by the intuition that features corresponding to triggers have a higher influence in determining the backdoored network output than any other benign features. To quantitatively measure the effects of triggers and benign features on determining the backdoored network output, we introduce five metrics. To calculate the five-metric values for a given input, we first generate several synthetic samples by injecting the input's partial contents into clean validation samples. Then, the five metrics are computed by using the output labels of the corresponding synthetic samples. One contribution of this work is the use of a tiny clean validation dataset. Having the computed five metrics, five novelty detectors are trained from the validation dataset. A meta novelty detector fuses the output of the five trained novelty detectors to generate a meta confidence score. During online testing, our method determines if online samples are poisoned or not via assessing their meta confidence scores output by the meta novelty detector. We show the efficacy of our methodology through a broad range of backdoor attacks, including ablation studies and comparison to existing approaches. Our methodology is promising since the proposed five metrics quantify the inherent differences between clean and poisoned samples. Additionally, our detection method can be incrementally improved by appending more metrics that may be proposed to address future advanced attacks.
△ Less
Submitted 14 July, 2023; v1 submitted 11 July, 2023;
originally announced July 2023.
-
REMaQE: Reverse Engineering Math Equations from Executables
Authors:
Meet Udeshi,
Prashanth Krishnamurthy,
Hammond Pearce,
Ramesh Karri,
Farshad Khorrami
Abstract:
Cybersecurity attacks on embedded devices for industrial control systems and cyber-physical systems may cause catastrophic physical damage as well as economic loss. This could be achieved by infecting device binaries with malware that modifies the physical characteristics of the system operation. Mitigating such attacks benefits from reverse engineering tools that recover sufficient semantic knowl…
▽ More
Cybersecurity attacks on embedded devices for industrial control systems and cyber-physical systems may cause catastrophic physical damage as well as economic loss. This could be achieved by infecting device binaries with malware that modifies the physical characteristics of the system operation. Mitigating such attacks benefits from reverse engineering tools that recover sufficient semantic knowledge in terms of mathematical equations of the implemented algorithm. Conventional reverse engineering tools can decompile binaries to low-level code, but offer little semantic insight. This paper proposes the REMaQE automated framework for reverse engineering of math equations from binary executables. Improving over state-of-the-art, REMaQE handles equation parameters accessed via registers, the stack, global memory, or pointers, and can reverse engineer object-oriented implementations such as C++ classes. Using REMaQE, we discovered a bug in the Linux kernel thermal monitoring tool "tmon". To evaluate REMaQE, we generate a dataset of 25,096 binaries with math equations implemented in C and Simulink. REMaQE successfully recovers a semantically matching equation for all 25,096 binaries. REMaQE executes in 0.48 seconds on average and in up to 2 seconds for complex equations. Real-time execution enables integration in an interactive math-oriented reverse engineering workflow.
△ Less
Submitted 11 April, 2024; v1 submitted 11 May, 2023;
originally announced May 2023.
-
Safe Navigation and Obstacle Avoidance Using Differentiable Optimization Based Control Barrier Functions
Authors:
Bolun Dai,
Rooholla Khorrambakht,
Prashanth Krishnamurthy,
Vinícius Gonçalves,
Anthony Tzes,
Farshad Khorrami
Abstract:
Control barrier functions (CBFs) have been widely applied to safety-critical robotic applications. However, the construction of control barrier functions for robotic systems remains a challenging task. Recently, collision detection using differentiable optimization has provided a way to compute the minimum uniform scaling factor that results in an intersection between two convex shapes and to also…
▽ More
Control barrier functions (CBFs) have been widely applied to safety-critical robotic applications. However, the construction of control barrier functions for robotic systems remains a challenging task. Recently, collision detection using differentiable optimization has provided a way to compute the minimum uniform scaling factor that results in an intersection between two convex shapes and to also compute the Jacobian of the scaling factor. In this letter, we propose a framework that uses this scaling factor, with an offset, to systematically define a CBF for obstacle avoidance tasks. We provide theoretical analyses of the continuity and continuous differentiability of the proposed CBF. We empirically evaluate the proposed CBF's behavior and show that the resulting optimal control problem is computationally efficient, which makes it applicable for real-time robotic control. We validate our approach, first using a 2D mobile robot example, then on the Franka-Emika Research 3 (FR3) robot manipulator both in simulation and experiment.
△ Less
Submitted 21 November, 2023; v1 submitted 17 April, 2023;
originally announced April 2023.
-
TBAM: Towards An Agent-Based Model to Enrich Twitter Data
Authors:
Usman Anjum,
Vladimir Zadorozhny,
Prashant Krishnamurthy
Abstract:
Twitter (one example of microblogging) is widely being used by researchers to understand human behavior, specifically how people behave when a significant event occurs and how it changes user microblogging patterns. The changing microblogging behavior can reveal patterns that can help in detecting real-world events. However, the Twitter data that is available has limitations, such as, it is incomp…
▽ More
Twitter (one example of microblogging) is widely being used by researchers to understand human behavior, specifically how people behave when a significant event occurs and how it changes user microblogging patterns. The changing microblogging behavior can reveal patterns that can help in detecting real-world events. However, the Twitter data that is available has limitations, such as, it is incomplete and noisy and the samples are irregular. In this paper we create a model, called Twitter Behavior Agent-Based Model (TBAM) to simulate Twitter pattern and behavior using Agent-Based Modeling (ABM). The generated data from ABM simulations can be used in place or to complement the real-world data toward improving the accuracy of event detection. We confirm the validity of our model by finding the cross-correlation between the real data collected from Twitter and the data generated using TBAM.
△ Less
Submitted 31 January, 2023;
originally announced February 2023.
-
An Upper Bound for the Distribution Overlap Index and Its Applications
Authors:
Hao Fu,
Prashanth Krishnamurthy,
Siddharth Garg,
Farshad Khorrami
Abstract:
This paper proposes an easy-to-compute upper bound for the overlap index between two probability distributions without requiring any knowledge of the distribution models. The computation of our bound is time-efficient and memory-efficient and only requires finite samples. The proposed bound shows its value in one-class classification and domain shift analysis. Specifically, in one-class classifica…
▽ More
This paper proposes an easy-to-compute upper bound for the overlap index between two probability distributions without requiring any knowledge of the distribution models. The computation of our bound is time-efficient and memory-efficient and only requires finite samples. The proposed bound shows its value in one-class classification and domain shift analysis. Specifically, in one-class classification, we build a novel one-class classifier by converting the bound into a confidence score function. Unlike most one-class classifiers, the training process is not needed for our classifier. Additionally, the experimental results show that our classifier can be accurate with only a small number of in-class samples and outperform many state-of-the-art methods on various datasets in different one-class classification scenarios. In domain shift analysis, we propose a theorem based on our bound. The theorem is useful in detecting the existence of domain shift and inferring data information. The detection and inference processes are both computation-efficient and memory-efficient. Our work shows significant promise toward broadening the applications of overlap-based metrics.
△ Less
Submitted 11 February, 2023; v1 submitted 16 December, 2022;
originally announced December 2022.
-
Privacy-Preserving Collaborative Learning through Feature Extraction
Authors:
Alireza Sarmadi,
Hao Fu,
Prashanth Krishnamurthy,
Siddharth Garg,
Farshad Khorrami
Abstract:
We propose a framework in which multiple entities collaborate to build a machine learning model while preserving privacy of their data. The approach utilizes feature embeddings from shared/per-entity feature extractors transforming data into a feature space for cooperation between entities. We propose two specific methods and compare them with a baseline method. In Shared Feature Extractor (SFE) L…
▽ More
We propose a framework in which multiple entities collaborate to build a machine learning model while preserving privacy of their data. The approach utilizes feature embeddings from shared/per-entity feature extractors transforming data into a feature space for cooperation between entities. We propose two specific methods and compare them with a baseline method. In Shared Feature Extractor (SFE) Learning, the entities use a shared feature extractor to compute feature embeddings of samples. In Locally Trained Feature Extractor (LTFE) Learning, each entity uses a separate feature extractor and models are trained using concatenated features from all entities. As a baseline, in Cooperatively Trained Feature Extractor (CTFE) Learning, the entities train models by sharing raw data. Secure multi-party algorithms are utilized to train models without revealing data or features in plain text. We investigate the trade-offs among SFE, LTFE, and CTFE in regard to performance, privacy leakage (using an off-the-shelf membership inference attack), and computational cost. LTFE provides the most privacy, followed by SFE, and then CTFE. Computational cost is lowest for SFE and the relative speed of CTFE and LTFE depends on network architecture. CTFE and LTFE provide the best accuracy. We use MNIST, a synthetic dataset, and a credit card fraud detection dataset for evaluations.
△ Less
Submitted 12 December, 2022;
originally announced December 2022.
-
Learning a Better Control Barrier Function
Authors:
Bolun Dai,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
Control barrier functions (CBFs) are widely used in safety-critical controllers. However, constructing a valid CBF is challenging, especially under nonlinear or non-convex constraints and for high relative degree systems. Meanwhile, finding a conservative CBF that only recovers a portion of the true safe set is usually possible. In this work, starting from a "conservative" handcrafted CBF (HCBF),…
▽ More
Control barrier functions (CBFs) are widely used in safety-critical controllers. However, constructing a valid CBF is challenging, especially under nonlinear or non-convex constraints and for high relative degree systems. Meanwhile, finding a conservative CBF that only recovers a portion of the true safe set is usually possible. In this work, starting from a "conservative" handcrafted CBF (HCBF), we develop a method to find a CBF that recovers a reasonably larger portion of the safe set. Since the learned CBF controller is not guaranteed to be safe during training iterations, we use a model predictive controller (MPC) to ensure safety during training. Using the collected trajectory data containing safe and unsafe interactions, we train a neural network to estimate the difference between the HCBF and a CBF that recovers a closer solution to the true safe set. With our proposed approach, we can generate safe controllers that are less conservative and computationally more efficient. We validate our approach on two systems: a second-order integrator and a ball-on-beam.
△ Less
Submitted 11 October, 2022; v1 submitted 11 May, 2022;
originally announced May 2022.
-
Spotting Anomalous Trades in NFT Markets: The Case of NBA Topshot
Authors:
Konstantinos Pelechrinis,
Xin Liu,
Prashant Krishnamurthy,
Amy Babay
Abstract:
Non-Fungible Token (NFT) markets are one of the fastest growing digital markets today, with the sales during the third quarter of 2021 exceeding $10 billions! Nevertheless, these emerging markets - similar to traditional emerging marketplaces - can be seen as a great opportunity for illegal activities (e.g., money laundering, sale of illegal goods etc.). In this study we focus on a specific market…
▽ More
Non-Fungible Token (NFT) markets are one of the fastest growing digital markets today, with the sales during the third quarter of 2021 exceeding $10 billions! Nevertheless, these emerging markets - similar to traditional emerging marketplaces - can be seen as a great opportunity for illegal activities (e.g., money laundering, sale of illegal goods etc.). In this study we focus on a specific marketplace, namely NBA TopShot, that facilitates the purchase and (peer-to-peer) trading of sports collectibles. Our objective is to build a framework that is able to label peer-to-peer transactions on the platform as anomalous or not. To achieve our objective we begin by building a model for the profit to be made by selling a specific collectible on the platform. We then use RFCDE - a random forest model for the conditional density of the dependent variable - to model the errors from the profit models. This step allows us to estimate the probability of a transaction being anomalous. We finally label as anomalous any transaction whose aforementioned probability is less than 1%. Given the absence of ground truth for evaluating the model in terms of its classification of transactions, we analyze the trade networks formed from these anomalous transactions and compare it with the full trade network of the platform. Our results indicate that these two networks are statistically different when it comes to network metrics such as, edge density, closure, node centrality and node degree distribution. This network analysis provides additional evidence that these transactions do not follow the same patterns that the rest of the trades on the platform follow. However, we would like to emphasize here that this does not mean that these transactions are also illegal. These transactions will need to be further audited from the appropriate entities to verify whether or not they are illicit.
△ Less
Submitted 8 February, 2022;
originally announced February 2022.
-
Pop Quiz! Can a Large Language Model Help With Reverse Engineering?
Authors:
Hammond Pearce,
Benjamin Tan,
Prashanth Krishnamurthy,
Farshad Khorrami,
Ramesh Karri,
Brendan Dolan-Gavitt
Abstract:
Large language models (such as OpenAI's Codex) have demonstrated impressive zero-shot multi-task capabilities in the software domain, including code explanation. In this work, we examine if this ability can be used to help with reverse engineering. Specifically, we investigate prompting Codex to identify the purpose, capabilities, and important variable names or values from code, even when the cod…
▽ More
Large language models (such as OpenAI's Codex) have demonstrated impressive zero-shot multi-task capabilities in the software domain, including code explanation. In this work, we examine if this ability can be used to help with reverse engineering. Specifically, we investigate prompting Codex to identify the purpose, capabilities, and important variable names or values from code, even when the code is produced through decompilation. Alongside an examination of the model's responses in answering open-ended questions, we devise a true/false quiz framework to characterize the performance of the language model. We present an extensive quantitative analysis of the measured performance of the language model on a set of program purpose identification and information extraction tasks: of the 136,260 questions we posed, it answered 72,754 correctly. A key takeaway is that while promising, LLMs are not yet ready for zero-shot reverse engineering.
△ Less
Submitted 2 February, 2022;
originally announced February 2022.
-
ESAFE: Enterprise Security and Forensics at Scale
Authors:
Bernard McShea,
Kevin Wright,
Denley Lam,
Steve Schmidt,
Anna Choromanska,
Devansh Bisla,
Shihong Fang,
Alireza Sarmadi,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
Securing enterprise networks presents challenges in terms of both their size and distributed structure. Data required to detect and characterize malicious activities may be diffused and may be located across network and endpoint devices. Further, cyber-relevant data routinely exceeds total available storage, bandwidth, and analysis capability, often by several orders of magnitude. Real-time detect…
▽ More
Securing enterprise networks presents challenges in terms of both their size and distributed structure. Data required to detect and characterize malicious activities may be diffused and may be located across network and endpoint devices. Further, cyber-relevant data routinely exceeds total available storage, bandwidth, and analysis capability, often by several orders of magnitude. Real-time detection of threats within or across very large enterprise networks is not simply an issue of scale, but also a challenge due to the variable nature of malicious activities and their presentations. The system seeks to develop a hierarchy of cyber reasoning layers to detect malicious behavior, characterize novel attack vectors and present an analyst with a contextualized human-readable output from a series of machine learning models. We developed machine learning algorithms for scalable throughput and improved recall for our Multi-Resolution Joint Optimization for Enterprise Security and Forensics (ESAFE) solution. This Paper will provide an overview of ESAFE's Machine Learning Modules, Attack Ontologies, and Automated Smart Alert generation which provide multi-layer reasoning over cross-correlated sensors for analyst consumption.
△ Less
Submitted 7 December, 2021;
originally announced December 2021.
-
Learning Locomotion Controllers for Walking Using Deep FBSDE
Authors:
Bolun Dai,
Virinchi Roy Surabhi,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
In this paper, we propose a deep forward-backward stochastic differential equation (FBSDE) based control algorithm for locomotion tasks. We also include state constraints in the FBSDE formulation to impose stable walking solutions or other constraints that one may want to consider (e.g., energy). Our approach utilizes a deep neural network (i.e., LSTM) to solve, in general, high-dimensional Hamilt…
▽ More
In this paper, we propose a deep forward-backward stochastic differential equation (FBSDE) based control algorithm for locomotion tasks. We also include state constraints in the FBSDE formulation to impose stable walking solutions or other constraints that one may want to consider (e.g., energy). Our approach utilizes a deep neural network (i.e., LSTM) to solve, in general, high-dimensional Hamilton-Jacobi-Bellman (HJB) equation resulting from the stated optimal control problem. As compared to traditional methods, our proposed method provides a higher computational efficiency in real-time; thus yielding higher frequency implementation of the closed-loop controllers. The efficacy of our approach is shown on a linear inverted pendulum model (LIPM) for walking. Even though we are deploying a simplified model of walking, the methodology is applicable to generalized and complex models for walking and other control/optimization tasks in robotic systems. Simulation studies have been provided to show the effectiveness of the proposed methodology.
△ Less
Submitted 16 July, 2021;
originally announced July 2021.
-
Bait and Switch: Online Training Data Poisoning of Autonomous Driving Systems
Authors:
Naman Patel,
Prashanth Krishnamurthy,
Siddharth Garg,
Farshad Khorrami
Abstract:
We show that by controlling parts of a physical environment in which a pre-trained deep neural network (DNN) is being fine-tuned online, an adversary can launch subtle data poisoning attacks that degrade the performance of the system. While the attack can be applied in general to any perception task, we consider a DNN based traffic light classifier for an autonomous car that has been trained in on…
▽ More
We show that by controlling parts of a physical environment in which a pre-trained deep neural network (DNN) is being fine-tuned online, an adversary can launch subtle data poisoning attacks that degrade the performance of the system. While the attack can be applied in general to any perception task, we consider a DNN based traffic light classifier for an autonomous car that has been trained in one city and is being fine-tuned online in another city. We show that by injecting environmental perturbations that do not modify the traffic lights themselves or ground-truth labels, the adversary can cause the deep network to learn spurious concepts during the online learning phase. The attacker can leverage the introduced spurious concepts in the environment to cause the model's accuracy to degrade during operation; therefore, causing the system to malfunction.
△ Less
Submitted 7 December, 2020; v1 submitted 8 November, 2020;
originally announced November 2020.
-
Detecting Backdoors in Neural Networks Using Novel Feature-Based Anomaly Detection
Authors:
Hao Fu,
Akshaj Kumar Veldanda,
Prashanth Krishnamurthy,
Siddharth Garg,
Farshad Khorrami
Abstract:
This paper proposes a new defense against neural network backdooring attacks that are maliciously trained to mispredict in the presence of attacker-chosen triggers. Our defense is based on the intuition that the feature extraction layers of a backdoored network embed new features to detect the presence of a trigger and the subsequent classification layers learn to mispredict when triggers are dete…
▽ More
This paper proposes a new defense against neural network backdooring attacks that are maliciously trained to mispredict in the presence of attacker-chosen triggers. Our defense is based on the intuition that the feature extraction layers of a backdoored network embed new features to detect the presence of a trigger and the subsequent classification layers learn to mispredict when triggers are detected. Therefore, to detect backdoors, the proposed defense uses two synergistic anomaly detectors trained on clean validation data: the first is a novelty detector that checks for anomalous features, while the second detects anomalous map**s from features to outputs by comparing with a separate classifier trained on validation data. The approach is evaluated on a wide range of backdoored networks (with multiple variations of triggers) that successfully evade state-of-the-art defenses. Additionally, we evaluate the robustness of our approach on imperceptible perturbations, scalability on large-scale datasets, and effectiveness under domain shift. This paper also shows that the defense can be further improved using data augmentation.
△ Less
Submitted 4 November, 2020;
originally announced November 2020.
-
Hardware Trojan Detection Using Controlled Circuit Aging
Authors:
Virinchi Roy Surabhi,
Prashanth Krishnamurthy,
Hussam Amrouch,
Kanad Basu,
Jörg Henkel,
Ramesh Karri,
Farshad Khorrami
Abstract:
This paper reports a novel approach that uses transistor aging in an integrated circuit (IC) to detect hardware Trojans. When a transistor is aged, it results in delays along several paths of the IC. This increase in delay results in timing violations that reveal as timing errors at the output of the IC during its operation. We present experiments using aging-aware standard cell libraries to illus…
▽ More
This paper reports a novel approach that uses transistor aging in an integrated circuit (IC) to detect hardware Trojans. When a transistor is aged, it results in delays along several paths of the IC. This increase in delay results in timing violations that reveal as timing errors at the output of the IC during its operation. We present experiments using aging-aware standard cell libraries to illustrate the usefulness of the technique in detecting hardware Trojans. Combining IC aging with over-clocking produces a pattern of bit errors at the IC output by the induced timing violations. We use machine learning to learn the bit error distribution at the output of a clean IC. We differentiate the divergence in the pattern of bit errors because of a Trojan in the IC from this baseline distribution. We simulate the golden IC and show robustness to IC-to-IC manufacturing variations. The approach is effective and can detect a Trojan even if we place it far off the critical paths. Results on benchmarks from the Trust-hub show a detection accuracy of $\geq$99%.
△ Less
Submitted 20 April, 2020; v1 submitted 6 April, 2020;
originally announced April 2020.
-
NNoculation: Catching BadNets in the Wild
Authors:
Akshaj Kumar Veldanda,
Kang Liu,
Benjamin Tan,
Prashanth Krishnamurthy,
Farshad Khorrami,
Ramesh Karri,
Brendan Dolan-Gavitt,
Siddharth Garg
Abstract:
This paper proposes a novel two-stage defense (NNoculation) against backdoored neural networks (BadNets) that, repairs a BadNet both pre-deployment and online in response to backdoored test inputs encountered in the field. In the pre-deployment stage, NNoculation retrains the BadNet with random perturbations of clean validation inputs to partially reduce the adversarial impact of a backdoor. Post-…
▽ More
This paper proposes a novel two-stage defense (NNoculation) against backdoored neural networks (BadNets) that, repairs a BadNet both pre-deployment and online in response to backdoored test inputs encountered in the field. In the pre-deployment stage, NNoculation retrains the BadNet with random perturbations of clean validation inputs to partially reduce the adversarial impact of a backdoor. Post-deployment, NNoculation detects and quarantines backdoored test inputs by recording disagreements between the original and pre-deployment patched networks. A CycleGAN is then trained to learn transformations between clean validation and quarantined inputs; i.e., it learns to add triggers to clean validation images. Backdoored validation images along with their correct labels are used to further retrain the pre-deployment patched network, yielding our final defense. Empirical evaluation on a comprehensive suite of backdoor attacks show that NNoculation outperforms all state-of-the-art defenses that make restrictive assumptions and only work on specific backdoor attacks, or fail on adaptive attacks. In contrast, NNoculation makes minimal assumptions and provides an effective defense, even under settings where existing defenses are ineffective due to attackers circumventing their restrictive assumptions.
△ Less
Submitted 15 November, 2021; v1 submitted 19 February, 2020;
originally announced February 2020.
-
Adversarial Learning-Based On-Line Anomaly Monitoring for Assured Autonomy
Authors:
Naman Patel,
Apoorva Nandini Saridena,
Anna Choromanska,
Prashanth Krishnamurthy,
Farshad Khorrami
Abstract:
The paper proposes an on-line monitoring framework for continuous real-time safety/security in learning-based control systems (specifically application to a unmanned ground vehicle). We monitor validity of map**s from sensor inputs to actuator commands, controller-focused anomaly detection (CFAM), and from actuator commands to sensor inputs, system-focused anomaly detection (SFAM). CFAM is an im…
▽ More
The paper proposes an on-line monitoring framework for continuous real-time safety/security in learning-based control systems (specifically application to a unmanned ground vehicle). We monitor validity of map**s from sensor inputs to actuator commands, controller-focused anomaly detection (CFAM), and from actuator commands to sensor inputs, system-focused anomaly detection (SFAM). CFAM is an image conditioned energy based generative adversarial network (EBGAN) in which the energy based discriminator distinguishes between proper and anomalous actuator commands. SFAM is based on an action condition video prediction framework to detect anomalies between predicted and observed temporal evolution of sensor data. We demonstrate the effectiveness of the approach on our autonomous ground vehicle for indoor environments and on Udacity dataset for outdoor environments.
△ Less
Submitted 11 November, 2018;
originally announced November 2018.
-
Sponsored Search Auctions with Rich Ads
Authors:
Ruggiero Cavallo,
Prabhakar Krishnamurthy,
Maxim Sviridenko,
Christopher A. Wilkens
Abstract:
The generalized second price (GSP) auction has served as the core selling mechanism for sponsored search ads for over a decade. However, recent trends expanding the set of allowed ad formats---to include a variety of sizes, decorations, and other distinguishing features---have raised critical problems for GSP-based platforms. Alternatives such as the Vickrey-Clarke-Groves (VCG) auction raise diffe…
▽ More
The generalized second price (GSP) auction has served as the core selling mechanism for sponsored search ads for over a decade. However, recent trends expanding the set of allowed ad formats---to include a variety of sizes, decorations, and other distinguishing features---have raised critical problems for GSP-based platforms. Alternatives such as the Vickrey-Clarke-Groves (VCG) auction raise different complications because they fundamentally change the way prices are computed. In this paper we report on our efforts to redesign a search ad selling system from the ground up in this new context, proposing a mechanism that optimizes an entire slate of ads globally and computes prices that achieve properties analogous to those held by GSP in the original, simpler setting of uniform ads. A careful algorithmic coupling of allocation-optimization and pricing-computation allows our auction to operate within the strict timing constraints inherent in real-time ad auctions. We report performance results of the auction in Yahoo's Gemini Search platform.
△ Less
Submitted 20 January, 2017;
originally announced January 2017.
-
Gaming the Game: Honeypot Venues Against Cheaters in Location-based Social Networks
Authors:
Konstantinos Pelechrinis,
Prashant Krishnamurthy,
Ke Zhang
Abstract:
The proliferation of location-based social networks (LBSNs) has provided the community with an abundant source of information that can be exploited and used in many different ways. LBSNs offer a number of conveniences to its participants, such as - but not limited to - a list of places in the vicinity of a user, recommendations for an area never explored before provided by other peers, tracking of…
▽ More
The proliferation of location-based social networks (LBSNs) has provided the community with an abundant source of information that can be exploited and used in many different ways. LBSNs offer a number of conveniences to its participants, such as - but not limited to - a list of places in the vicinity of a user, recommendations for an area never explored before provided by other peers, tracking of friends, monetary rewards in the form of special deals from the venues visited as well as a cheap way of advertisement for the latter. However, service convenience and security have followed disjoint paths in LBSNs and users can misuse the offered features. The major threat for the service providers is that of fake check-ins. Users can easily manipulate the localization module of the underlying application and declare their presence in a counterfeit location. The incentives for these behaviors can be both earning monetary as well as virtual rewards. Therefore, while fake check-ins driven from the former motive can cause monetary losses, those aiming in virtual rewards are also harmful. In particular, they can significantly degrade the services offered from the LBSN providers (such as recommendations) or third parties using these data (e.g., urban planners). In this paper, we propose and analyze a honeypot venue-based solution, enhanced with a challenge-response scheme, that flags users who are generating fake spatial information. We believe that our work will stimulate further research on this important topic and will provide new directions with regards to possible solutions.
△ Less
Submitted 16 October, 2012;
originally announced October 2012.
-
Cognitive Radio Networks: Realistic or Not?
Authors:
Konstantinos Pelechrinis,
Prashant Krishnamurthy,
Martin Weiss,
Taied Znati
Abstract:
A large volume of research has been conducted in the cognitive radio (CR) area the last decade. However, the deployment of a commercial CR network is yet to emerge. A large portion of the existing literature does not build on real world scenarios, hence, neglecting various important interactions of the research with commercial telecommunication networks. For instance, a lot of attention has been p…
▽ More
A large volume of research has been conducted in the cognitive radio (CR) area the last decade. However, the deployment of a commercial CR network is yet to emerge. A large portion of the existing literature does not build on real world scenarios, hence, neglecting various important interactions of the research with commercial telecommunication networks. For instance, a lot of attention has been paid to spectrum sensing as the front line functionality that needs to be completed in an efficient and accurate manner to enable an opportunistic CR network architecture. This is necessary to detect the existence of spectrum holes without which no other procedure can be fulfilled. However, simply sensing (cooperatively or not) the energy received from a primary transmitter cannot enable correct dynamic spectrum access. For example, the low strength of a primary transmitter's signal does not assure that there will be no interference to a nearby primary receiver. In addition, the presence of a primary transmitter's signal does not mean that CR network users cannot access the spectrum since there might not be any primary receiver in the vicinity. Despite the existing elegant and clever solutions to the DSA problem no robust, implementable scheme has emerged. In this paper, we challenge the basic premises of the proposed schemes. We further argue that addressing the technical challenges we face in deploying robust CR networks can only be achieved if we radically change the way we design their basic functionalities. In support of our argument, we present a set of real-world scenarios, inspired by realistic settings in commercial telecommunications networks, focusing on spectrum sensing as a basic and critical functionality in the deployment of CRs. We use these scenarios to show why existing DSA paradigms are not amenable to realistic deployment in complex wireless environments.
△ Less
Submitted 10 September, 2012;
originally announced September 2012.
-
Gene Expression Time Course Clustering with Countably Infinite Hidden Markov Models
Authors:
Matthew Beal,
Praveen Krishnamurthy
Abstract:
Most existing approaches to clustering gene expression time course data treat the different time points as independent dimensions and are invariant to permutations, such as reversal, of the experimental time course. Approaches utilizing HMMs have been shown to be helpful in this regard, but are hampered by having to choose model architectures with appropriate complexities. Here we propose for a cl…
▽ More
Most existing approaches to clustering gene expression time course data treat the different time points as independent dimensions and are invariant to permutations, such as reversal, of the experimental time course. Approaches utilizing HMMs have been shown to be helpful in this regard, but are hampered by having to choose model architectures with appropriate complexities. Here we propose for a clustering application an HMM with a countably infinite state space; inference in this model is possible by recasting it in the hierarchical Dirichlet process (HDP) framework (Teh et al. 2006), and hence we call it the HDP-HMM. We show that the infinite model outperforms model selection methods over finite models, and traditional time-independent methods, as measured by a variety of external and internal indices for clustering on two large publicly available data sets. Moreover, we show that the infinite models utilize more hidden states and employ richer architectures (e.g. state-to-state transitions) without the damaging effects of overfitting.
△ Less
Submitted 27 June, 2012;
originally announced June 2012.