Projects

Understanding generalization through visualization

Neural networks can generalize to test data that aren’t seen during training. The origins of generalization are mysterious and have eluded understanding. We try to gain an intuitive grasp on generalization through carefully crafted experiments.

Continue reading

Attacks on copyright systems

We show that content control systems are vulnerable to adversarial attacks. Using small perturbations, we can fool important industrial systems like YouTube’s Content ID.

Continue reading

Adversarial training for FREE!

Adversarial training hardens neural nets against attacks, but it costs 10-100X more than regular training. We show how to do adversarial training with no added cost, and train a robust ImageNet model on a desktop computer in just a day.

Continue reading

Are adversarial examples inevitable?

A pattern has emerged in which the majority of adversarial defenses are quickly broken by new attacks. Given the lack of success at generating robust defenses, we are led to ask a fundamental question: Are adversarial attacks inevitable?

Continue reading

Stacked U-Nets: A simple architecture for image segmentation

Stacked U-Nets are simple, easy-to-train neural architecture for image segmentation and other image-to-image regression tasks. SUNets attain state of the art performance and fast inference with very few parameters.

Continue reading

Poison Frogs! Targeted Poisoning Attacks on Neural Networks

Data poisoning is an adversarial attack in which examples are added to the training set of a classifier to manipulate the behavior of the model at test time. We propose a new poisoning attack that is effective on neural nets, and can be executed by an outsider with no control over the training process.

Continue reading

Visualizing the Loss Landscape of Neural Nets

It is well known that certain neural network architectures produce loss functions that train easier and generalize better, but the reasons for this are not well understood. To understand this better, we explore the structure of neural loss functions using a range of visualization methods.

Continue reading

Stabilizing GANs with Prediction

Adversarial networks are notoriously hard to train, and simple training methods often collapse. We present a simple modification to the standard training method that increases stability. The method is provably stable for a class of saddle-point problems, and improves performance of numerous GANs.

Continue reading

PhasePack

PhasePack is a software library that implements a wide range of different phase retrieval algorithms and initialization methods. It can also produce comparisons between algorithms, and comes with empirical datasets for testing on real-world problems.

Continue reading

Training Quantized Nets: A Deeper Understanding

Neural net parameters can often be compressed down to just one single bit without a significant loss in network performance, yielding a huge reduction in memory footprint and computational workload. We develop a theory of quantized nets, and explain the performance of algorithms for weight quantization.

Continue reading