-
Generative Social Choice
Authors:
Sara Fish,
Paul Gölz,
David C. Parkes,
Ariel D. Procaccia,
Gili Rusak,
Itai Shapira,
Manuel Wüthrich
Abstract:
Traditionally, social choice theory has only been applicable to choices among a few predetermined alternatives but not to more complex decisions such as collectively selecting a textual statement. We introduce generative social choice, a framework that combines the mathematical rigor of social choice theory with the capability of large language models to generate text and extrapolate preferences.…
▽ More
Traditionally, social choice theory has only been applicable to choices among a few predetermined alternatives but not to more complex decisions such as collectively selecting a textual statement. We introduce generative social choice, a framework that combines the mathematical rigor of social choice theory with the capability of large language models to generate text and extrapolate preferences. This framework divides the design of AI-augmented democratic processes into two components: first, proving that the process satisfies rigorous representation guarantees when given access to oracle queries; second, empirically validating that these queries can be approximately implemented using a large language model. We apply this framework to the problem of generating a slate of statements that is representative of opinions expressed as free-form text; specifically, we develop a democratic process with representation guarantees and use this process to represent the opinions of participants in a survey about chatbot personalization. We find that 93 out of 100 participants feel "mostly" or "perfectly" represented by the slate of five statements we extracted.
△ Less
Submitted 28 November, 2023; v1 submitted 3 September, 2023;
originally announced September 2023.
-
Unique Exams: Designing assessments for integrity and fairness
Authors:
Gili Rusak,
Lisa Yan
Abstract:
Educators have faced new challenges in effective course assessment during the recent, unprecedented shift to remote online learning during the COVID-19 pandemic. In place of typical proctored, timed exams, instructors must now rethink their methodology for assessing course-level learning goals. Are exams appropriate---or even feasible---in this new online, open-internet learning environment? In th…
▽ More
Educators have faced new challenges in effective course assessment during the recent, unprecedented shift to remote online learning during the COVID-19 pandemic. In place of typical proctored, timed exams, instructors must now rethink their methodology for assessing course-level learning goals. Are exams appropriate---or even feasible---in this new online, open-internet learning environment? In this experience paper, we discuss the unique exams framework: our framework for upholding exam integrity and student privacy. In our Probability for Computer Scientists Course at an R1 University, we developed autogenerated, unique exams where each student had the same four problem skeletons with unique numeric variations per problem. Without changing the process of the traditional exam, unique exams provide a layer of security for both students and instructors about exam reliability for any classroom environment---in-person or online. In addition to sharing our experience designing unique exams, we also present a simple end-to-end tool and example question templates for different CS subjects that other instructors can adapt to their own courses.
△ Less
Submitted 3 September, 2020;
originally announced September 2020.
-
AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning
Authors:
Florian Tramèr,
Pascal Dupré,
Gili Rusak,
Giancarlo Pellegrino,
Dan Boneh
Abstract:
Perceptual ad-blocking is a novel approach that detects online advertisements based on their visual content. Compared to traditional filter lists, the use of perceptual signals is believed to be less prone to an arms race with web publishers and ad networks. We demonstrate that this may not be the case. We describe attacks on multiple perceptual ad-blocking techniques, and unveil a new arms race t…
▽ More
Perceptual ad-blocking is a novel approach that detects online advertisements based on their visual content. Compared to traditional filter lists, the use of perceptual signals is believed to be less prone to an arms race with web publishers and ad networks. We demonstrate that this may not be the case. We describe attacks on multiple perceptual ad-blocking techniques, and unveil a new arms race that likely disfavors ad-blockers. Unexpectedly, perceptual ad-blocking can also introduce new vulnerabilities that let an attacker bypass web security boundaries and mount DDoS attacks.
We first analyze the design space of perceptual ad-blockers and present a unified architecture that incorporates prior academic and commercial work. We then explore a variety of attacks on the ad-blocker's detection pipeline, that enable publishers or ad networks to evade or detect ad-blocking, and at times even abuse its high privilege level to bypass web security boundaries.
On one hand, we show that perceptual ad-blocking must visually classify rendered web content to escape an arms race centered on obfuscation of page markup. On the other, we present a concrete set of attacks on visual ad-blockers by constructing adversarial examples in a real web page context. For seven ad-detectors, we create perturbed ads, ad-disclosure logos, and native web content that misleads perceptual ad-blocking with 100% success rates. In one of our attacks, we demonstrate how a malicious user can upload adversarial content, such as a perturbed image in a Facebook post, that fools the ad-blocker into removing another users' non-ad content.
Moving beyond the Web and visual domain, we also build adversarial examples for AdblockRadio, an open source radio client that uses machine learning to detects ads in raw audio streams.
△ Less
Submitted 26 August, 2019; v1 submitted 7 November, 2018;
originally announced November 2018.
-
AST-Based Deep Learning for Detecting Malicious PowerShell
Authors:
Gili Rusak,
Abdullah Al-Dujaili,
Una-May O'Reilly
Abstract:
With the celebrated success of deep learning, some attempts to develop effective methods for detecting malicious PowerShell programs employ neural nets in a traditional natural language processing setup while others employ convolutional neural nets to detect obfuscated malicious commands at a character level. While these representations may express salient PowerShell properties, our hypothesis is…
▽ More
With the celebrated success of deep learning, some attempts to develop effective methods for detecting malicious PowerShell programs employ neural nets in a traditional natural language processing setup while others employ convolutional neural nets to detect obfuscated malicious commands at a character level. While these representations may express salient PowerShell properties, our hypothesis is that tools from static program analysis will be more effective. We propose a hybrid approach combining traditional program analysis (in the form of abstract syntax trees) and deep learning. This poster presents preliminary results of a fundamental step in our approach: learning embeddings for nodes of PowerShell ASTs. We classify malicious scripts by family type and explore embedded program vector representations.
△ Less
Submitted 3 October, 2018;
originally announced October 2018.
-
Painting Outside the Box: Image Outpainting with GANs
Authors:
Mark Sabini,
Gili Rusak
Abstract:
The challenging task of image outpainting (extrapolation) has received comparatively little attention in relation to its cousin, image inpainting (completion). Accordingly, we present a deep learning approach based on Iizuka et al. for adversarially training a network to hallucinate past image boundaries. We use a three-phase training schedule to stably train a DCGAN architecture on a subset of th…
▽ More
The challenging task of image outpainting (extrapolation) has received comparatively little attention in relation to its cousin, image inpainting (completion). Accordingly, we present a deep learning approach based on Iizuka et al. for adversarially training a network to hallucinate past image boundaries. We use a three-phase training schedule to stably train a DCGAN architecture on a subset of the Places365 dataset. In line with Iizuka et al., we also use local discriminators to enhance the quality of our output. Once trained, our model is able to outpaint $128 \times 128$ color images relatively realistically, thus allowing for recursive outpainting. Our results show that deep learning approaches to image outpainting are both feasible and promising.
△ Less
Submitted 25 August, 2018;
originally announced August 2018.