Brief

Researchers have developed a new framework to create certifiably robust deep learning classifiers by leveraging the latent structure within data representations. Their method proves that even approximate Gaussian mixture structures in pretrained models can yield robust classifiers with explicit bounds on accuracy degradation. This approach allows for the practical use of existing pretrained models without strict distributional assumptions, achieving competitive certified accuracy on benchmarks like CIFAR-10 and ImageNet while maintaining strong clean performance. AI

Researchers have developed PILOT, a novel adaptive optimizer for deep learning that adjusts its update strategy during training. Unlike traditional optimizers with fixed update rules, PILOT uses gradient-direction agreement to gauge training stability and modifies its approach based on whether gradients are stable, noisy, or inconsistent. Experiments on datasets like FashionMNIST and CIFAR-10 demonstrated that PILOT achieved superior accuracy compared to other optimizers across various convolutional neural network architectures. AI

This tutorial demonstrates how to implement and compare the FedAvg and FedProx federated learning algorithms using NVIDIA FLARE. The experiment utilizes a non-IID CIFAR-10 dataset, simulated by partitioning data with a Dirichlet distribution to mimic realistic label imbalance across clients. The guide details setting up the NVFlare environment, defining client-side scripts for local training and model exchange, and visualizing the global model's accuracy progression over training rounds. AI

Researchers have developed a new nonlinear transformation framework that can effectively learn from data previously considered unlearnable by deep learning models. This framework demonstrates significant improvements, ranging from 0.34% to 249.59%, in breaking various "unlearnable" datasets generated by twelve different data protection approaches. The findings suggest that current methods for preventing unauthorized data use are insufficient, highlighting an urgent need for more robust protection mechanisms. AI

Researchers have developed a new framework for adversarial attacks on AI models, focusing on hard-label black-box scenarios where only the top prediction is accessible. Their approach introduces a novel zero-query initialization strategy and a Pattern-Driven Optimization algorithm, grounded in theoretical analysis that links existing methods to gradient sign approximation. This method demonstrates superior efficiency and success rates compared to state-of-the-art attacks across various datasets and model types, including commercial APIs and CLIP models, while also showing robustness against data corruption and specialized tasks like segmentation. AI

Researchers have introduced FIRMA, a novel family of three federated learning protocols designed to enhance privacy and efficiency. The protocols address limitations in existing methods by enabling server-free operation, ensuring permanent privacy for classification heads, and implementing principled asymmetric neighbor weighting. Experiments across various configurations show FIRMA outperforming standard federated learning approaches, particularly in scenarios with label skew and heterogeneity. AI

Researchers have developed FAIR-Pruner, a new framework designed for automatic, layer-wise structured pruning of deep neural networks. This method adaptively allocates sparsity across network layers by using both removal-oriented and protection-oriented signals. Experiments across various datasets and model architectures, including vision models and a Qwen1.5-MoE model, demonstrate that FAIR-Pruner achieves strong accuracy-compression trade-offs. The framework is available as an open-source package. AI

Researchers have developed a new optimization algorithm called IAdaPID-ADG, designed to improve the convergence and stability of deep learning models. This novel optimizer integrates concepts from AMSGrad and DiffGrad, specifically a non-increasing effective learning rate and a gradient difference modulation factor, to address limitations inherited from the widely used Adam optimizer. Evaluations on benchmark and real-world datasets demonstrated that IAdaPID-ADG significantly outperforms existing optimizers. AI

Researchers have developed a new method called HF-KCU to efficiently remove a client's data contribution from federated learning models, addressing the computational burden of retraining. This approach approximates the influence function using Krylov subspace iterations, significantly reducing complexity and speeding up the process. A causal weighting mechanism ensures that only clients affected by the data deletion are updated, preserving model quality and enhancing privacy restoration, as demonstrated by membership inference attack success rates matching a retrained model. AI

Researchers have developed a new pipeline called GOEN that improves the detection of out-of-distribution inputs in machine learning systems. This method combines multi-scale features, L2 normalization, Mahalanobis distance, and a calibration head trained with real out-of-distribution examples. Their findings indicate that CenterLoss, a common regularizer for feature compactness, actually degrades out-of-distribution detection performance, while GOEN-NoCenterLoss achieved a superior OOD AUROC of 0.9483 on CIFAR-10 benchmarks. AI

Researchers have developed AutoMCU, a novel system that leverages LLM-based multi-agent approaches to customize neural networks for microcontroller units (MCUs). This method prioritizes feasibility by integrating vendor toolchain feedback early in the design process, significantly reducing the search cost and time compared to traditional hardware-aware neural architecture search methods. AutoMCU has demonstrated competitive accuracy on benchmark datasets and successful deployment on STM32 microcontrollers, making edge intelligence more accessible. AI

A new research paper investigates how the allocation of sparsity in neural networks impacts their ability to recover accuracy after pruning, especially when labeled retraining data is unavailable. The study compares different sparsity allocation methods like ERK and LAMP across various datasets and architectures, finding that the choice of allocation significantly affects post-repair accuracy. Researchers identified a critical transition regime where standard repair methods begin to fail, highlighting the need to jointly consider pruning allocation and repair strategies. AI

Researchers have developed a new auditing framework for machine learning algorithms that claim Rényi differential privacy (RDP). This framework uses the Donsker-Varadhan (DV) estimator to directly measure Rényi divergence, providing explicit confidence intervals for RDP auditing. The proposed method achieves information-theoretically optimal sample-complexity guarantees and shows empirical improvements over existing black-box methods, particularly for challenging small and moderate Rényi orders. AI

Researchers have developed a new adversarial attack method called Mixed Dynamic Spiking Estimation (MDSE) specifically for Spiking Neural Networks (SNNs). This attack demonstrates that the effectiveness of white-box adversarial attacks on SNNs is heavily influenced by the choice of surrogate gradient estimator. The MDSE attack is designed to exploit multiple surrogate gradient estimators simultaneously, enabling it to generate adversarial examples that can fool both SNNs and traditional non-SNN models like Vision Transformers and CNNs. AI

Researchers have developed a new method called GAMR (Geometric-Aware Manifold Regularization) to improve deep neural network performance when trained on datasets with noisy labels. Unlike existing methods that passively filter data, GAMR actively synthesizes virtual outlier samples to create distinct boundaries between data manifolds. This geometric approach enhances the separation between correctly labeled and mislabeled data, leading to more robust feature representations. The technique has shown state-of-the-art results on benchmarks like CIFAR-10, particularly under challenging noise conditions, and also improves out-of-distribution detection capabilities. AI

Researchers have developed a new framework to analyze the distributional robustness of deep neural networks, a key challenge for real-world AI deployment. The framework models interactions between layer weights and activations using Bernoulli distributions, with class separation serving as a proxy for robustness. Experiments on CIFAR-10 and ImageNet demonstrate that the proposed metrics can differentiate between networks that have memorized training data and those that have not, and show that distributional shifts reduce separation. AI

Researchers have introduced SpikingMoE, a novel framework that combines Spiking Neural Networks (SNNs) with a Mixture-of-Experts (MoE) architecture. This approach utilizes a spike-driven prompt (SDprompt) for biologically plausible, input-dependent routing of information to different expert modules. Designed for neuromorphic hardware, SpikingMoE aims to enhance energy efficiency in visual recognition tasks while maintaining competitive performance, achieving high accuracy on CIFAR-10 and CIFAR-100 datasets. AI

Researchers have developed a new method to attribute specific computational functions to microcircuits within biological neural networks, using the zebrafish tectal microcircuit as a model. By analyzing signal propagation and simulating network perturbations, they identified distinct subcircuits responsible for energy-efficient processing and robustness. These attributed functions were then integrated into artificial neural networks, demonstrating improved performance under reduced computation and input noise. AI