DOCSLIB.ORG

LECTURE #20: ADVERSARIAL TRAINING Administrivia

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
LECTURE #20: ADVERSARIAL TRAINING Administrivia DATA ANALYTICS USING DEEP LEARNING GT 8803 // FALL 2019 // JOY ARULRAJ LECTURE #20: ADVERSARIAL TRAINING administrivia • Reminders – Best project prize – Quiz cancelled – Guest lecture GT 8803 // Fall 2019 2 CREDITS • Slides based on a lecture by: – Ian Goodfellow @ Google Brain GT 8803 // Fall 2019 3 OVERVIEW • What are adversarial examples? • Why do they happen? • How can they be used to compromise machine learning systems? • What are the defenses? • How to use adversarial examples to improve machine learning (even without adversary)? GT 8803 // Fall 2019 4 ADVERSARIAL EXAMPLES GT 8803 // Fall 2019 5 Since 2013, deep neural networks have matched human performance at... ...recognizing objects and faces…. (Szegedy et al, 2014) (Taigmen et al, 2013) ...solving CAPTCHAS and reading addresses... (Goodfellow et al, 2013) (Goodfellow et al, 2013) and other tasks... GT 8803 // Fall 2019 6 Adversarial Examples Timeline: “Adversarial Classification” Dalvi et al 2004: fool spam filter “Evasion Attacks Against Machine Learning at Test Time” Biggio 2013: fool neural nets Szegedy et al 2013: fool ImageNet classifiers imperceptibly Goodfellow et al 2014: cheap, closed form attack GT 8803 // Fall 2019 7 Turning Objects into “Airplanes” GT 8803 // Fall 2019 8 Attacking a Linear Model GT 8803 // Fall 2019 9 Not just for neural nets • Linear models – Logistic regression – Softmax regression – SVMs • Decision trees • Nearest neighbors GT 8803 // Fall 2019 10 Adversarial Examples from Overfitting O O x x O x O x GT 8803 // Fall 2019 11 Adversarial Examples from Overfitting O O O O x x x O x GT 8803 // Fall 2019 12 Modern deep nets are very piecewise linear Rectified linear unit Maxout Carefully tuned sigmoid LSTM GT 8803 // Fall 2019 13 Nearly Linear Responses in Practice GT 8803 // Fall 2019 14 Small inter-class distances Clean Perturbation Corrupted example example Perturbation changes the true class Random perturbation does not change the class Perturbation changes the input to “rubbish class” All three perturbations have L2 norm 3.96 This is actually small. We typically use 7! GT 8803 // Fall 2019 15 The Fast Gradient Sign Method GT 8803 // Fall 2019 16 Maps of Adversarial and Random Cross-Sections (collaboration with David Warde-Farley and Nicolas Papernot) GT 8803 // Fall 2019 17 Maps of Adversarial Cross-Sections GT 8803 // Fall 2019 18 Maps of RANDOM Cross-Sections (collaboration with David Warde-Farley and Nicolas Papernot) GT 8803 // Fall 2019 19 Estimating the Subspace Dimensionality GT 8803 // Fall 2019 20 Clever Hans (“Clever Hans, Clever Algorithms,” Bob Sturm) GT 8803 // Fall 2019 21 Wrong almost everywhere GT 8803 // Fall 2019 22 Adversarial Examples for RL (Huang et al., 2017) GT 8803 // Fall 2019 23 High-Dimensional Linear Models Clean examples Adversarial examples Weights Signs of weights GT 8803 // Fall 2019 24 Linear Models of ImageNet (Andrej Karpathy, “Breaking Linear Classifiers on ImageNet”) GT 8803 // Fall 2019 25 RBFs behave more intuitively GT 8803 // Fall 2019 26 Cross-model, cross-dataset generalization GT 8803 // Fall 2019 27 Cross-technique transferability (Papernot 2016) GT 8803 // Fall 2019 28 Transferability Attack Target model with Train your own model Substitute model unknown weights, mimicking target machine learning model with known, algorithm, training differentiable function set; maybe non-differentiable Deploy adversarial Adversarial crafting examples against the against substitute target; transferability property results in them Adversarial succeeding examples GT 8803 // Fall 2019 29 (Papernot 2016) GT 8803 // Fall 2019 30 Enhancing Transfer With Ensembles (Liu et al, 2016) GT 8803 // Fall 2019 31 Adversarial Examples in the Human Brain These are concentric circles, not intertwined spirals. (Pinna and Gregory, 2002) GT 8803 // Fall 2019 32 Practical Attacks • Fool real classifiers trained by remotely hosted API (MetaMind, Amazon, Google) • Fool malware detector networks • Display adversarial examples in the physical world and fool machine learning systems that perceive them through a camera GT 8803 // Fall 2019 33 Adversarial Examples in the Physical World GT 8803 // Fall 2019 34 Failed defenses Generative Removing perturbation pretraining with an autoencoder Adding noise at test time Ensembles Confidence-reducing Error correcting perturbation at test time codes Multiple glimpses Weight decay Double backprop Adding noise Various at train time non-linear units Dropout GT 8803 // Fall 2019 35 Generative Modeling is not SufficienT GT 8803 // Fall 2019 36 Universal approximator theorem Neural nets can represent either function: Maximum likelihood doesn’t cause them to learn the right function. But we can fix that... GT 8803 // Fall 2019 37 ADVERSARIAL TRAINING GT 8803 // Fall 2019 38 Training on Adversarial Examples GT 8803 // Fall 2019 39 Adversarial Training of other Models • Linear models: SVM / linear regression cannot learn a step function, so adversarial training is less useful, very similar to weight decay • k-NN: adversarial training is prone to overfitting. • Takeway: neural nets can actually become more secure than other models. Adversarially trained neural nets have the best empirical success rate on adversarial examples of any machine learning model. GT 8803 // Fall 2019 40 Weaknesses Persist GT 8803 // Fall 2019 41 Adversarial Training Labeled as bird Still has same label (bird) Decrease probability of bird class GT 8803 // Fall 2019 42 Virtual Adversarial Training Unlabeled; model New guess should guesses it’s probably match old guess a bird, maybe a plane (probably bird, maybe plane) Adversarial perturbation intended to change the guess GT 8803 // Fall 2019 43 Text Classification with VAT RCV1 Misclassification Rate 8.00 7.70 7.50 7.40 7.20 7.12 7.00 7.05 6.97 6.68 6.50 6.00 Earlier SOTA Our baseline Virtual Both + Adversarial bidirectional model Zoomed in for legibility GT 8803 // Fall 2019 44 Universal engineering machine (model-based optimization) Make new inventions by finding input that Training data Extrapolation maximizes model’s predicted performance GT 8803 // Fall 2019 45 cleverhans Open-source library available at: https://github.com/openai/cleverhans Built on top of TensorFlow (Theano support anticipated) Standard implementation of attacks, for adversarial training and reproducible benchmarks GT 8803 // Fall 2019 46 Conclusion • Attacking is easy • Defending is difficult • Adversarial training provides regularization and semi-supervised learning • The out-of-domain input problem is a bottleneck for model-based optimization generally GT 8803 // Fall 2019 47.
Load more

Recommended publications
  • Training Autoencoders by Alternating Minimization
    Under review as a conference paper at ICLR 2018 TRAINING AUTOENCODERS BY ALTERNATING MINI- MIZATION Anonymous authors Paper under double-blind review ABSTRACT We present DANTE, a novel method for training neural networks, in particular autoencoders, using the alternating minimization principle. DANTE provides a distinct perspective in lieu of traditional gradient-based backpropagation techniques commonly used to train deep networks. It utilizes an adaptation of quasi-convex optimization techniques to cast autoencoder training as a bi-quasi-convex optimiza- tion problem. We show that for autoencoder configurations with both differentiable (e.g. sigmoid) and non-differentiable (e.g. ReLU) activation functions, we can perform the alternations very effectively. DANTE effortlessly extends to networks with multiple hidden layers and varying network configurations. In experiments on standard datasets, autoencoders trained using the proposed method were found to be very promising and competitive to traditional backpropagation techniques, both in terms of quality of solution, as well as training speed. 1 INTRODUCTION For much of the recent march of deep learning, gradient-based backpropagation methods, e.g. Stochastic Gradient Descent (SGD) and its variants, have been the mainstay of practitioners. The use of these methods, especially on vast amounts of data, has led to unprecedented progress in several areas of artificial intelligence. On one hand, the intense focus on these techniques has led to an intimate understanding of hardware requirements and code optimizations needed to execute these routines on large datasets in a scalable manner. Today, myriad off-the-shelf and highly optimized packages exist that can churn reasonably large datasets on GPU architectures with relatively mild human involvement and little bootstrap effort.
    [Show full text]
  • Deep Learning Based Computer Generated Face Identification Using
    applied sciences Article Deep Learning Based Computer Generated Face Identification Using Convolutional Neural Network L. Minh Dang 1, Syed Ibrahim Hassan 1, Suhyeon Im 1, Jaecheol Lee 2, Sujin Lee 1 and Hyeonjoon Moon 1,* 1 Department of Computer Science and Engineering, Sejong University, Seoul 143-747, Korea; [email protected] (L.M.D.); [email protected] (S.I.H.); [email protected] (S.I.); [email protected] (S.L.) 2 Department of Information Communication Engineering, Sungkyul University, Seoul 143-747, Korea; [email protected] * Correspondence: [email protected] Received: 30 October 2018; Accepted: 10 December 2018; Published: 13 December 2018 Abstract: Generative adversarial networks (GANs) describe an emerging generative model which has made impressive progress in the last few years in generating photorealistic facial images. As the result, it has become more and more difficult to differentiate between computer-generated and real face images, even with the human’s eyes. If the generated images are used with the intent to mislead and deceive readers, it would probably cause severe ethical, moral, and legal issues. Moreover, it is challenging to collect a dataset for computer-generated face identification that is large enough for research purposes because the number of realistic computer-generated images is still limited and scattered on the internet. Thus, a development of a novel decision support system for analyzing and detecting computer-generated face images generated by the GAN network is crucial. In this paper, we propose a customized convolutional neural network, namely CGFace, which is specifically designed for the computer-generated face detection task by customizing the number of convolutional layers, so it performs well in detecting computer-generated face images.
    [Show full text]
  • Matrix Calculus
    Appendix D Matrix Calculus From too much study, and from extreme passion, cometh madnesse. Isaac Newton [205, §5] − D.1 Gradient, Directional derivative, Taylor series D.1.1 Gradients Gradient of a differentiable real function f(x) : RK R with respect to its vector argument is defined uniquely in terms of partial derivatives→ ∂f(x) ∂x1 ∂f(x) , ∂x2 RK f(x) . (2053) ∇ . ∈ . ∂f(x) ∂xK while the second-order gradient of the twice differentiable real function with respect to its vector argument is traditionally called the Hessian; 2 2 2 ∂ f(x) ∂ f(x) ∂ f(x) 2 ∂x1 ∂x1∂x2 ··· ∂x1∂xK 2 2 2 ∂ f(x) ∂ f(x) ∂ f(x) 2 2 K f(x) , ∂x2∂x1 ∂x2 ··· ∂x2∂xK S (2054) ∇ . ∈ . .. 2 2 2 ∂ f(x) ∂ f(x) ∂ f(x) 2 ∂xK ∂x1 ∂xK ∂x2 ∂x ··· K interpreted ∂f(x) ∂f(x) 2 ∂ ∂ 2 ∂ f(x) ∂x1 ∂x2 ∂ f(x) = = = (2055) ∂x1∂x2 ³∂x2 ´ ³∂x1 ´ ∂x2∂x1 Dattorro, Convex Optimization Euclidean Distance Geometry, Mεβoo, 2005, v2020.02.29. 599 600 APPENDIX D. MATRIX CALCULUS The gradient of vector-valued function v(x) : R RN on real domain is a row vector → v(x) , ∂v1(x) ∂v2(x) ∂vN (x) RN (2056) ∇ ∂x ∂x ··· ∂x ∈ h i while the second-order gradient is 2 2 2 2 , ∂ v1(x) ∂ v2(x) ∂ vN (x) RN v(x) 2 2 2 (2057) ∇ ∂x ∂x ··· ∂x ∈ h i Gradient of vector-valued function h(x) : RK RN on vector domain is → ∂h1(x) ∂h2(x) ∂hN (x) ∂x1 ∂x1 ··· ∂x1 ∂h1(x) ∂h2(x) ∂hN (x) h(x) , ∂x2 ∂x2 ··· ∂x2 ∇ .
    [Show full text]
  • Differentiability in Several Variables: Summary of Basic Concepts
    DIFFERENTIABILITY IN SEVERAL VARIABLES: SUMMARY OF BASIC CONCEPTS 3 3 1. Partial derivatives If f : R ! R is an arbitrary function and a = (x0; y0; z0) 2 R , then @f f(a + tj) ¡ f(a) f(x ; y + t; z ) ¡ f(x ; y ; z ) (1) (a) := lim = lim 0 0 0 0 0 0 @y t!0 t t!0 t etc.. provided the limit exists. 2 @f f(t;0)¡f(0;0) Example 1. for f : R ! R, @x (0; 0) = limt!0 t . Example 2. Let f : R2 ! R given by ( 2 x y ; (x; y) 6= (0; 0) f(x; y) = x2+y2 0; (x; y) = (0; 0) Then: @f f(t;0)¡f(0;0) 0 ² @x (0; 0) = limt!0 t = limt!0 t = 0 @f f(0;t)¡f(0;0) ² @y (0; 0) = limt!0 t = 0 Note: away from (0; 0), where f is the quotient of differentiable functions (with non-zero denominator) one can apply the usual rules of derivation: @f 2xy(x2 + y2) ¡ 2x3y (x; y) = ; for (x; y) 6= (0; 0) @x (x2 + y2)2 2 2 2. Directional derivatives. If f : R ! R is a map, a = (x0; y0) 2 R and v = ®i + ¯j is a vector in R2, then by definition f(a + tv) ¡ f(a) f(x0 + t®; y0 + t¯) ¡ f(x0; y0) (2) @vf(a) := lim = lim t!0 t t!0 t Example 3. Let f the function from the Example 2 above. Then for v = ®i + ¯j a unit vector (i.e.
    [Show full text]
  • Lipschitz Recurrent Neural Networks
    Published as a conference paper at ICLR 2021 LIPSCHITZ RECURRENT NEURAL NETWORKS N. Benjamin Erichson Omri Azencot Alejandro Queiruga ICSI and UC Berkeley Ben-Gurion University Google Research [email protected] [email protected] [email protected] Liam Hodgkinson Michael W. Mahoney ICSI and UC Berkeley ICSI and UC Berkeley [email protected] [email protected] ABSTRACT Viewing recurrent neural networks (RNNs) as continuous-time dynamical sys- tems, we propose a recurrent unit that describes the hidden state’s evolution with two parts: a well-understood linear component plus a Lipschitz nonlinearity. This particular functional form facilitates stability analysis of the long-term behavior of the recurrent unit using tools from nonlinear systems theory. In turn, this en- ables architectural design decisions before experimentation. Sufficient conditions for global stability of the recurrent unit are obtained, motivating a novel scheme for constructing hidden-to-hidden matrices. Our experiments demonstrate that the Lipschitz RNN can outperform existing recurrent units on a range of bench- mark tasks, including computer vision, language modeling and speech prediction tasks. Finally, through Hessian-based analysis we demonstrate that our Lipschitz recurrent unit is more robust with respect to input and parameter perturbations as compared to other continuous-time RNNs. 1 INTRODUCTION Many interesting problems exhibit temporal structures that can be modeled with recurrent neural networks (RNNs), including problems in robotics, system identification, natural language process- ing, and machine learning control. In contrast to feed-forward neural networks, RNNs consist of one or more recurrent units that are designed to have dynamical (recurrent) properties, thereby enabling them to acquire some form of internal memory.
    [Show full text]
  • Neural Networks
    School of Computer Science 10-601B Introduction to Machine Learning Neural Networks Readings: Matt Gormley Bishop Ch. 5 Lecture 15 Murphy Ch. 16.5, Ch. 28 October 19, 2016 Mitchell Ch. 4 1 Reminders 2 Outline • Logistic Regression (Recap) • Neural Networks • Backpropagation 3 RECALL: LOGISTIC REGRESSION 4 Using gradient ascent for linear Recall… classifiers Key idea behind today’s lecture: 1. Define a linear classifier (logistic regression) 2. Define an objective function (likelihood) 3. Optimize it with gradient descent to learn parameters 4. Predict the class with highest probability under the model 5 Using gradient ascent for linear Recall… classifiers This decision function isn’t Use a differentiable function differentiable: instead: 1 T pθ(y =1t)= h(t)=sign(θ t) | 1+2tT( θT t) − sign(x) 1 logistic(u) ≡ −u 1+ e 6 Using gradient ascent for linear Recall… classifiers This decision function isn’t Use a differentiable function differentiable: instead: 1 T pθ(y =1t)= h(t)=sign(θ t) | 1+2tT( θT t) − sign(x) 1 logistic(u) ≡ −u 1+ e 7 Recall… Logistic Regression Data: Inputs are continuous vectors of length K. Outputs are discrete. (i) (i) N K = t ,y where t R and y 0, 1 D { }i=1 ∈ ∈ { } Model: Logistic function applied to dot product of parameters with input vector. 1 pθ(y =1t)= | 1+2tT( θT t) − Learning: finds the parameters that minimize some objective function. θ∗ = argmin J(θ) θ Prediction: Output is the most probable class. yˆ = `;Kt pθ(y t) y 0,1 | ∈{ } 8 NEURAL NETWORKS 9 Learning highly non-linear functions f: X à Y l f might be non-linear
    [Show full text]
  • Jointly Clustering with K-Means and Learning Representations
    Deep k-Means: Jointly clustering with k-Means and learning representations Maziar Moradi Fard Univ. Grenoble Alpes, CNRS, Grenoble INP – LIG [email protected] Thibaut Thonet Univ. Grenoble Alpes, CNRS, Grenoble INP – LIG [email protected] Eric Gaussier Univ. Grenoble Alpes, CNRS, Grenoble INP – LIG, Skopai [email protected] Abstract We study in this paper the problem of jointly clustering and learning representations. As several previous studies have shown, learning representations that are both faithful to the data to be clustered and adapted to the clustering algorithm can lead to better clustering performance, all the more so that the two tasks are performed jointly. We propose here such an approach for k-Means clustering based on a continuous reparametrization of the objective function that leads to a truly joint solution. The behavior of our approach is illustrated on various datasets showing its efficacy in learning representations for objects while clustering them. 1 Introduction Clustering is a long-standing problem in the machine learning and data mining fields, and thus accordingly fostered abundant research. Traditional clustering methods, e.g., k-Means [23] and Gaussian Mixture Models (GMMs) [6], fully rely on the original data representations and may then be ineffective when the data points (e.g., images and text documents) live in a high-dimensional space – a problem commonly known as the curse of dimensionality. Significant progress has been arXiv:1806.10069v2 [cs.LG] 12 Dec 2018 made in the last decade or so to learn better, low-dimensional data representations [13].
    [Show full text]
  • Differentiability of the Convolution
    Differentiability of the convolution. Pablo Jimenez´ Rodr´ıguez Universidad de Valladolid March, 8th, 2019 Pablo Jim´enezRodr´ıguez Differentiability of the convolution Definition Let L1[−1; 1] be the set of the 2-periodic functions f so that R 1 −1 jf (t)j dt < 1: Given f ; g 2 L1[−1; 1], the convolution of f and g is the function Z 1 f ∗ g(x) = f (t)g(x − t) dt −1 Pablo Jim´enezRodr´ıguez Differentiability of the convolution Definition Let L1[−1; 1] be the set of the 2-periodic functions f so that R 1 −1 jf (t)j dt < 1: Given f ; g 2 L1[−1; 1], the convolution of f and g is the function Z 1 f ∗ g(x) = f (t)g(x − t) dt −1 Pablo Jim´enezRodr´ıguez Differentiability of the convolution Definition Let L1[−1; 1] be the set of the 2-periodic functions f so that R 1 −1 jf (t)j dt < 1: Given f ; g 2 L1[−1; 1], the convolution of f and g is the function Z 1 f ∗ g(x) = f (t)g(x − t) dt −1 Pablo Jim´enezRodr´ıguez Differentiability of the convolution Definition Let L1[−1; 1] be the set of the 2-periodic functions f so that R 1 −1 jf (t)j dt < 1: Given f ; g 2 L1[−1; 1], the convolution of f and g is the function Z 1 f ∗ g(x) = f (t)g(x − t) dt −1 Pablo Jim´enezRodr´ıguez Differentiability of the convolution If f is Lipschitz, then f ∗ g is Lipschitz.
    [Show full text]
  • The Simple Essence of Automatic Differentiation
    The Simple Essence of Automatic Differentiation CONAL ELLIOTT, Target, USA Automatic differentiation (AD) in reverse mode (RAD) is a central component of deep learning and other uses of large-scale optimization. Commonly used RAD algorithms such as backpropagation, however, are complex and stateful, hindering deep understanding, improvement, and parallel execution. This paper develops a simple, generalized AD algorithm calculated from a simple, natural specification. The general algorithm is then specialized by varying the representation of derivatives. In particular, applying well-known constructions to a naive representation yields two RAD algorithms that are far simpler than previously known. In contrast to commonly used RAD implementations, the algorithms defined here involve no graphs, tapes, variables, partial derivatives, or mutation. They are inherently parallel-friendly, correct by construction, and usable directly from an existing programming language with no need for new data types or programming style, thanks to use of an AD-agnostic compiler plugin. CCS Concepts: · Mathematics of computing → Differential calculus; · Theory of computation → Program reasoning; Program specifications; Additional Key Words and Phrases: automatic differentiation, program calculation, category theory ACM Reference Format: Conal Elliott. 2018. The Simple Essence of Automatic Differentiation. Proc. ACM Program. Lang. 2, ICFP, Article 70 (September 2018), 29 pages. https://doi.org/10.1145/3236765 1 INTRODUCTION Accurate, efficient, and reliable computation of derivatives has become increasingly important over the last several years, thanks in large part to the successful use of backpropagation in machine learning, including multi-layer neural networks, also known as łdeep learningž [Goodfellow et al. 2016; Lecun et al. 2015]. Backpropagation is a specialization and independent invention of the reverse mode of automatic differentiation (AD) and is used to tune a parametric model to closely match observed data, using gradient descent (or stochastic gradient descent).
    [Show full text]
  • Expressivity of Deep Neural Networks∗
    Expressivity of Deep Neural Networks∗ Ingo G¨uhring yz Mones Raslan yz Gitta Kutyniokzx 10/07/2020 Abstract In this review paper, we give a comprehensive overview of the large variety of approximation results for neural networks. Approximation rates for classical function spaces as well as benefits of deep neural networks over shallow ones for specifically structured function classes are discussed. While the main body of existing results is for general feedforward architectures, we also review approximation results for convolutional, residual and recurrent neural networks. Keywords: approximation, expressivity, deep vs. shallow, function classes 1 Introduction While many aspects of the success of deep learning still lack a comprehensive mathematical explanation, the approximation properties1 of neural networks have been studied since around 1960 and are relatively well understood. Statistical learning theory formalizes the problem of approximating - in this context also called learning - a function from a finite set of samples. Next to statistical and algorithmic considerations, approximation theory plays a major role for the analysis of statistical learning problems. We will clarify this in the following by introducing some fundamental notions.2 Assume that X is an input space and Y a target space, L : Y × Y ! [0; 1] is a loss function and P(X ;Y) a (usually unknown) probability distribution on some σ-algebra of X × Y. We then aim at finding a minimizer of the risk functional3 Z X R : Y ! [0; 1]; f 7! L (f(x); y) dP(X ;Y)(x; y); X ×Y X induced by L and P(X ;Y) (where Y denotes the set of all functions from X to Y).
    [Show full text]
  • Differentiable Programming for Piecewise Polynomial
    Under review as a conference paper at ICLR 2021 DIFFERENTIABLE PROGRAMMING FOR PIECEWISE POLYNOMIAL FUNCTIONS Anonymous authors Paper under double-blind review ABSTRACT The paradigm of differentiable programming has significantly enhanced the scope of machine learning via the judicious use of gradient-based optimization. How- ever, standard differentiable programming methods (such as autodiff) typically require that the machine learning models be differentiable, limiting their applica- bility. We introduce a new, principled approach to extend gradient-based optimiza- tion to piecewise smooth models, such as k-histograms, splines, and segmentation maps. We derive an accurate form of the weak Jacobian of such functions and show that it exhibits a block-sparse structure that can be computed implicitly and efficiently. We show that using the redesigned Jacobian leads to improved per- formance in applications such as denoising with piecewise polynomial regression models, data-free generative model training, and image segmentation. 1 INTRODUCTION Motivation: Differentiable programming has been proposed as a paradigm shift in algorithm design. The main idea is to leverage gradient-based optimization to optimize the parameters of the algo- rithm, allowing for end-to-end trainable systems (such as deep neural networks) to exploit structure and patterns in data and achieve better performance. This approach has found use in a large va- riety of applications such as scientific computing (Innes, 2020; Innes et al., 2019; Schafer et al., 2020), image processing (Li et al., 2018b), physics engines (Degrave et al., 2017), computational simulations (Alnæs et al., 2015), and graphics (Li et al., 2018a; Chen et al., 2019). One way to leverage differential programming modules is to encode additional structural priors as “layers” in a larger machine learning model.
    [Show full text]
  • GAN and What It Is?
    Basics: Why GAN and what it is? The Optimization Problem of GANs How to Train GANs: An Odyssey How to Evaluate GANs? An Application Tour of GANs Summary and Open Challenges Outline Basics: Why GAN and what it is? Generative vs. Discriminative Models • Given a distribution of inputs X and labels Y • Discriminative: model the conditional distribution P(Y | X). • Generative networks model the joint distribution P(X , Y). • If the model understands the joint distribution P(X ,Y), then it • can calculate P(Y | X) using Bayes rule • can perform other tasks like P(X | Y), i.e., generating data from the label (called “conditional generation” in GANs) • understands the distribution better than a discriminative model, a scientific philosophy called “analysis by synthesis” “The analysis of the patterns generated by the world in any modality, with all their naturally occurring complexity and ambiguity, with the goal of reconstructing the processes, objects and events that produced them” - David Mumford Generative vs. Discriminative Models • Even if you only have X, you can still build a generative model • … making generative modeling amendable to unsupervised/semi-supervised representation learning • Not every problem is discriminative, but all problems could be generative! • However, generative modeling is harder! • Map from X to Y is typically many to one • Map from Y to X is typically one to many • Dimensionality of X typically >> dimensionality of Y • Hence compared to estimating P(Y | X), the estimation of P(X, Y) usually runs into the “curse of dimensionality” Setup of Generative Models Autoregressive Models RNNs for Autoregressive Language Modeling PixelRNN (van der Oord et al.
    [Show full text]