Conformal Prediction under Ambiguous Ground Truth, UC Berkeley (Invited Talk). [Slides]
Evaluating and Calibrating AI Models Under Uncertain Ground Truth, University of Pennsylvania PRECISE Seminar (Invited Talk). [Slides]
Conformal Training and Conformal Prediction with Ambiguous Ground Truth, Vanderbilt Machine Learning Seminar Series (Invited Talk). [Slides]
Conformal Training and Conformal Prediction with Ambiguous Ground Truth, StatML — University of Oxford and Imperial College London CDT (Invited Talk). [Slides]
Learning Optimal Conformal Classifiers, Vanderbilt Machine Learning Seminar Series (Invited Talk). [Slides]
Learning Optimal Conformal Classifiers, Dataiku (Invited Talk). [Slides]
Learning Optimal Conformal Classifiers, ICLR. [Slides]
Conformal Training: Learning Optimcal Conformal Classifiers, International Seminar on Distribution-Free Statistics (Invited Talk). [Recording]
Adversarial Robustness, Weight Robustness and Flatness, Math Machine Learning seminar MPI MiS + UCLA (Invited Talk). [Recording]
Relating Adversarial Robustness and Flat Minima, ICCV. [Recording]
Random Bit Errors for Energy-Efficient DNN Accelerators, CVPR CV-AML Workshop (Outstanding Paper Talk). [Recording]
Random Bit Errors for Energy-Efficient DNN Accelerators, MLSys. [Recording]
Random and Adversarial Bit Error Robustness of DNNs, TU Dortmund (Invited Talk). [Slides]
Confidence-Calibrated Adversarial Training and Bit Error Robustness for Energy-Efficient DNNs, Lorentz Center Workshop on Robust Artificial Intelligence (Invited Talk). [Recording]
Confidence-Calibrated Adversarial Training / Mitigating Random Bit Errors in Quantized Weights, Qian Xuesen Laboratory (China Academy of Space Technology, Invited Talk). [Slides]
Confidence-Calibrated Adversarial Training / Mitigating Random Bit Errors in Quantized Weights, Qualcomm (Invited Talk, Part of Qualcomm Innovation Fellowship). [Slides]
Confidence-Calibrated Adversarial Training, ICML Workshop on Uncertainty and Robustness in Deep Learning (Contributed Talk).
Confidence-Calibrated Adversarial Training, ICML. [Recording]
Confidence-Calibrated Adversarial Training, University of Tübingen (Invited Talk). [Slides]
Confidence-Calibrated Adversarial Training, Bosch Center for AI (Invited Talk). [Slides]
Weakly-Supervised Shape Completion, ZF Friedrichshafen (Invited Talk, Part of MINT Award IT 2018, German).
Weakly-Supervised Shape Completion, Max Planck Institute for Intelligent Systems (Master Thesis Talk). [Slides]
Weakly-Supervised Shape Completion, RWTH Aachen University (Master Thesis Talk). [Slides]
As part of the Qualcomm Innovation Fellowship 2019, I have a talk on the research produced throughout the academic year 2019/2020. This talk covers two exciting works on robustness: robustness against various types of adversarial examples using confidence-calibrated adversarial training (CCAT) and robustness against bit errors in the model’s quantized weights. The latter can be shown to be important to reduce the energy-consumption of accelerators for neural networks. In this article, I want to share the slides corresponding to the talk.
In June this year, my work on bit error robustness of deep neural networks (DNNs) was recognized as outstanding paper at the CVPR’21 Workshop on Adversarial Machine Learning in Real-World Computer Vision Systems and Online Challenges (AML-CV). Thus, as part of the workshop, I prepared a 15 minute talk highlighting how robustness against bit errors in DNN weights can improve the energy-efficiency of DNN accelerators. In this article, I want to share the recording.
In this MLSys’21 paper, we consider the robustness of deep neural networks (DNN) against bit errors in their quantized weights. This is relevant in the context of DNN accelerators, i.e., specialized hardware for DNN inference: In order to reduce energy consumption, the accelerator’s memory may be operated at very low voltages. However, this induces exponentially increasing rates of bit errors that directly affect the DNN weights, reducing accuracy significantly. We propose a robust fixed-point quantization scheme, weight clipping as regularization during training and random bit error training to improve bit error robustness. This article shares my talk recorded for MLSys’21.
In April, I was invited to talk about my work on random or adversarial bit error robustness of (quantized) deep neural networks in Katharina Morik’s group at TU Dortmund. The talk is motivated by DNN accelerators, specialized chips for DNN inference. In order to reduce energy-efficiency, DNNs are required to be robust to random bit errors occurring in the quantized weights. Moreover, RowHammer-like attacks require robustness against adversarial bit errors, as well. While a recording is not available, this article shares the slides used for the presentation.
In January, I had the opportunity to interact with many other robustness researchers from academia and industry at the Robust Artificial Intelligence Workshop. As part of the workshop, organized by Airbus AI Research and TNO (Netherlands applied research organization), I also prepared a presentation talking about two of my PhD projects: confidence-calibrated adversarial training (CCAT) and bit error robustness of neural networks to enable low-energy neural network accelerators. In this article, I want to share the presentation; all other talks from the workshop can be found here.
In October this year, I was invited to talk at IBM’s FOCA workshop about my latest research on bit error robustness of (quantized) DNN weights. Here, the goal is to develop DNN accelerators capable to operating at low-voltage. However, lowering voltage induces bit errors in the accelerators’ memory. While such bit errors can be avoided through hardware mechanisms, such approaches are usually costly in terms of energy and area. Thus, training DNNs robust to such bit errors would enable low-voltage operation, reducing energy consumption, without the need for hardware techniques. In this 5-minute talk, I give a short overview.
In our ICML’20 paper, confidence-calibrated adversarial training (CCAT) addresses two problems of “regular” adversarial training. First, robustness against adversarial examples unseen during training is improved and second, clean accuracy is increased. CCAT biases the model towards predicting low-confidence on adversarial examples such that adversarial examples can be rejected by confidence thresholding. This article shares my talk on CCAT as recorded for ICML’20.
Confidence-calibrated adversarial training (CCAT) addresses two problems when training on adversarial examples: the lack of robustness against adversarial examples unseen during training, and the reduced (clean) accuracy. In particular, CCAT biases the model towards predicting low-confidence on adversarial examples such that adversarial examples can be rejected by confidence thresholding. In this article, I want to share the slides of the corresponding ICML talk.
Recently, I had the opportunity to present my work on confidence-calibrated adversarial training at the Bosch Center for Artifical Intelligence and the University of Tübingen, specifically, the newly formed Tübingen AI Center. As part of the talk, I outlined the motivation and strengths of confidence-calibrated adversarial training compared to standard adversarial training: robustness against previously unseen attacks and improved accuracy. I also touched on the difficulties faced during robustness evaluation. This article provides the corresponding slides and gives a short overview of the talk.
At at the Max Planck Institute for Informatics, PhD students — which are enrolled in the Saarbrücken Graduate School for Computer Science — have to pass a qualification exam. In this article, I want to share the slides of my qualification exam talk.