Mauro Sozio - "Fully-Dynamic Decision Trees"
Historically, machine learning (ML) algorithms have been developed assuming the input datasets to be static. However, as new data is collected or removed because being noisy or obsolete, one soon faces the need to efficiently update an ML model without sacrificing its accuracy. Decision trees are a cornerstone of ML and an essential tool in any ML library. Moreover, decision-tree based algorithms such as XGBoost and random forests have been consistently embraced in real-world applications and data challenges. In our talk, we present the first fully-dynamic algorithm that maintains an ``accurate'' decision tree with ``low'' amortized cost, over an arbitrary sequence of insertions and deletions of labeled examples. We also argue that our algorithm is optimal both in terms of memory usage and running time, up to polylogarithmic factors. We conclude our talk with an extensive experimental evaluation on real-world data showing the effectiveness of our approach. Our work (presented at AAAI23) represents one of the first studies on fully-dynamic supervised ML, which has been mostly unexplored so far, to the best of our knowledge.
Ankit Gangwal - "Modern Problems in Modern Mobile OSes"
This talk focuses on two of the most frequently used technologies on modern mobile devices, i.e., Bluetooth and password managers. The first part of the talk explains how an attacker can exploit BLE advertisements to exfiltrate information from BLE-enabled devices. In particular, our BLEWhisperer (ESORICS '22) attack establishes a communication medium between two devices without requiring any prior authentication or pairing. The talk will elucidate a proof-of-concept attack framework for the Android ecosystem. The second part of the talk presents a novel attack, called AutoSpill (CODASPY '23), on Android password managers to leak users' saved credentials during an autofill operation. AutoSpill conveniently dodges Android's secure autofill process and allows the attacker to get user credentials for free, i.e., the attacker does not even need to write the code to steal/phish credentials. The majority of popular Android password managers we considered in our experiments were found vulnerable to AutoSpill. Finally, the talk concludes with various practical countermeasures for both of our attacks.
Roberto Dessì - "Cross-Domain Image Captioning with Discriminative Finetuning"
Neural captioners are typically trained to mimic human image descriptions, without any awareness of the function that such descriptions might have, leading to biased and vague captions. In this talk, I’ll empirically show that adding a self-supervised objective to a neural captioner helps to recover a plain, visually descriptive language that is more informative about image contents. In particular, I’ll describe experiments where we take an out-of-the-box neural captioner, and we finetune it with a discriminative objective. Given a target image, the system must learn to produce a description that enables an out-of-the-box text-conditioned image retriever to identify the target image among a set of candidates. In terms of similarity to ground-truth human descriptions, the captions emerging from discriminative finetuning lag slightly behind those generated by the non-finetuned model, when the latter is trained and tested on the same caption dataset. However, when the model is used without further tuning to generate captions for out-of-domain datasets, the discriminatively-finetuned captioner generates descriptions that resemble human references more than those produced by the same captioner trained only with supervised learning and without finetuning. I’ll further show that, on the Conceptual Captions dataset, discriminatively finetuned captions are more helpful than either vanilla captions or ground-truth captions for human subjects tasked with an image discrimination task. If time allows, I’ll conclude the talk by drawing a connection between our work and reinforcement learning from human feedback (RLHF), a recently introduced method powering models like ChatGPT and InstructGPT.
Alessandro Brighente - "Security Issues of 5G Mobility and O-RAN"
Cellular networks have gone a long road in the development of solutions able to address previous-generation security and privacy issues. Compared to the previous generations, 5G is the first to carefully consider a large variety of threat vectors and attack surfaces, proposing a solution able to handle different types of attacks. However, as technology evolves, so do attackers’ strategies and capabilities, exposing hence novel security threats against last-generation networks. With the development of 6G, novel technologies and methodologies commit exclusively to achieving security and privacy. In this talk, I will present the 5G security and privacy issues related to mobility and its new architectures. In particular, I will first explore the implications of fake base station attacks in the handover management in 5G and propose a solution. I will then show a vulnerability in the Open Radio Access Network (O-RAN) leading to a link fabrication attack.
Emanuele Marconato - "Representation Learning for Concept-based Models"
Black-box models, like deep neural networks, are unreliable in safety-critical applications, where predictions must be based on the correct input-level attribution and have to adhere to the intended human explanations. Recent advances in Explainable AI have led to studying Concept-based models (CBMs), architectures that integrate high-level concepts to guarantee “ante-hoc” explainability. However, existing CBMs suffer from several limitations that compromise their interpretability.In this talk, I will discuss the current problems of SotA CBMs and present our solution, GlanceNets, new CBMs that align the concepts to the intended semantics by leveraging causal representation learning and out-of-distribution recognition. I will also shape possible future directions for improving Concept-based models.
Stefano Calzavara - "Formal security verification of tree-based classifiers"
Decision trees and tree ensembles are popular classification models for tabular data. Similar to other machine learning models, however, they are susceptible to evasion attacks at test time, where adversarial perturbations might transform inputs so that they get misclassified. In this talk, I present some recent results on the security verification of tree-based classifiers. First, I introduce a new security measure called resilience, which mitigates some of the issues of the traditional robustness measure, and I discuss how resilience can be soundly estimated for tree-based classifiers. Then, I introduce a new paradigm called "verifiable learning", which advocates the adoption of new training algorithms designed to learn models which are easy to verify. In particular, I present a new class of tree ensembles admitting security verification in polynomial time, thus escaping from classic NP-hardness results, and I discuss how such models can be trained and efficiently verified.
Luigi Loreti - "Photonic processors for arithmetic computation and matrix manipulation"
In this seminar, a novel optical computer design will be introduced, utilizing light phases as information carriers. This concept employs LCD spatial light modulators (SLMs) for phase shifting and integrated detectors for result analysis. It supports massive parallel computing and matrix-to-vector operations while maintaining low power consumption.
Wei Li - "Unlocking Generative AI with Ubiquitous Hardware and Open Software"
The presentation will cover the major opportunities of and challenges posed by recent Generative AI technologies such as ChatGPT and Stable Diffusion along with the hardware and software considerations of the increasingly resource-intensive Large Language Models (LLMs) with AI transformer at their core. This talk will cover AI systems from the algorithm down to gates – spanning AI model development, the underlying software frameworks that fuel fast model innovation, and finally the hardware covering CPUs, GPUs and accelerators that provide the huge volume of required compute power.
Nicola Dragoni - "Demystifying and Demythologizing Blockchain Technology"
This seminar will give a gentle, conceptual, and honest introduction to blockchain technology. Gentle means that the seminar is targeted at non-experts. Conceptual means the focus will be on key concepts instead of technicalities or one specific blockchain platform. Last but not least, honesty means that the seminar will not be the (usual) enthusiastic business talk about blockchain, but it will highlight misconceptions and dispel some common myths about blockchain.
Zorah Laehner - "Learning Functions on Manifolds and Correspondences via Quantum Annealing"
In this talk I will present my recent research, especially representing functions on manifolds through neural networks (the equivalent of NeRF but on manifolds) and using quantum annealing to solve problems in computer vision. First, we will look into how the function approximation power of neural networks can be used to define a continuous and differentiable texture representation on 3D shapes, how to optimize this and the theory behind why it works so well. The next part will be a short introduction into quantum annealing and its unique properties, how it can be used to solve correspondence problems, and why combining it with learning approaches makes sense.


Vitaly Shmatikov - "Can We Trust Machine Learning Models?"
Modern machine learning models achieve super-human accuracy on tasks such as image classification and natural-language generation, but accuracy does not tell the entire story of what these models are learning. In this talk, I will look at today's machine learning from a security and privacy perspective, and ask several fundamental questions. Could models trained on sensitive private data memorize and leak this data? When training involves crowd-sourced data, untrusted users, or third-party code, could models learn malicious functionality, causing them to produce incorrect or biased outputs? What damage could result from such compromised models? I will illustrate these vulnerabilities with concrete examples and discuss the benefits and tradeoffs of technologies (such as federated learning) that promise to protect the integrity and privacy of machine learning models and their training data. I will then outline practical approaches towards making trusted machine learning a reality.
Radia Perlman - "Network Protocols: Myths, Missteps, and Mysteries"
So much of what “everyone knows” about network protocols is actually false. For instance, why do we need both Ethernet and IP? The “obvious” answer is that IP is “layer 3” and Ethernet is “layer 2”, but in fact, once Ethernet stopped being a way for a few hundred nodes to share a single wire, and instead became a network of point-to-point links with switches forwarding between the links, “Ethernet” today should really be called a layer 3 protocol. So, why can’t we get rid of switches and connect all links with IP? Or why can’t we replace IP routers with Ethernet switches? Another topic is whether IP was the best layer 3 protocol, and whether IPv6 is simply a new version of IP, whereas, if the world had converted to CLNP (a 20-byte layer 3 protocol) in 1992, it would have been a major disruption to the Internet.
Artem Polyvyanyy - "Understanding Quality of Process Models Discovered from Event Data"
The quality of a discovered process model is commonly assessed in process mining against four quality criteria: precision, recall, generalization, and simplicity. In this talk, I give an overview of these four quality criteria and elaborate on the topics related to challenges associated with measuring the quality of discovered process models, desired properties for measures of the model quality, and results on evaluating the existing quality measures against the corresponding desired properties.
Shufang Zhu - "On the Power of LTLf in Assured Autonomy"
Assured Autonomy is a novel area that merges Artificial Intelligence (AI) and Formal Methods (FM), concerning building AI agents that autonomously deliberate how to act in a changing, incompletely known, unpredictable environment under formal guarantees. A popular specification language for describing formal guarantees is Linear Temporal Logic (LTL) from FM. However, LTL is interpreted over infinite traces (relating to non-terminating systems). Since AI agents are not dedicated to a single task in their complete life cycle, but are supposed to accomplish one task after another, AI applications often employ a finite-trace variant of LTL, denoted as LTLf. In particular, the study of LTLf synthesis brings the intellectual merit of achieving Assured Autonomy by allowing agents to automatically construct programs with guarantees to meet their tasks specified in LTLf. In this talk, I will review an evolving journey toward Assured Autonomy through LTLf synthesis. Starting from an attempt to devise a symbolic backward LTLf synthesis framework, which has demonstrated its significant efficiency in various applicable scenarios, the journey evolves into a forward LTLf synthesis technique that highlights several interesting avenues of future work in the context of Markovian Decision Process.
Avi Widgerson - "Imitation Games"
One of Alan Turing's most influential papers is his 1950 Computing machinery and intelligence, in which he introduces the famous "Turing test" for probing the nature of intelligence by evaluating the abilities of machines to behave as humans. In this test, which he calls the "Imitation Game," a (human) referee has to distinguish between two (remote and separate) entities, a human and a computer, only by observing answers to a sequence of arbitrary questions to each entity. This lecture will exposit, through examples from a surprisingly diverse array of settings, the remarkable power of this basic idea to understand many other concepts. I will discuss variations of the Imitation Game in which we change the nature of the referee, and of the objects to be distinguished, to yield different analogs of the Turing test. These new Imitation Games lead to novel, precise, and operative definitions of classical notions, including secret, knowledge, privacy, randomness, proof, fairness, and others. These definitions have in turn led to numerous results, applications, and understanding. Some, among many consequences of this fundamental paradigm, are the foundations of cryptography, the surprising discoveries on the power and limits of randomness, the recent influential notion of differential privacy, and breakthrough results on patterns in the prime numbers and navigation in networks. Central to each of these settings are computational and information theoretic limitations placed on the referee in the relevant Imitation Game. This lecture will survey some of these developments and speculate on future uses of this paradigm in science and society, in a way which is hopefully accessible without any specific background knowledge.
Danilo Francati - "Eluding Secure Aggregation in Federated Learning via Model Inconsistency"
Secure aggregation is a cryptographic protocol that securely computes the aggregation of its inputs. It is pivotal in keeping model updates private in federated learning. Indeed, the use of secure aggregation prevents the server from learning the value and the source of the individual model updates provided by the users, hampering inference and data attribution attacks. In this talk, I will show that a malicious server can easily elude secure aggregation as if the latter were not in place. In particular, I will present an attack strategy that allows the server to infer information on individual private training datasets, independently of the number of users participating in the secure aggregation. This makes it a concrete threat in large-scale, real-world federated learning applications. The attack strategy is generic and equally effective regardless of the secure aggregation protocol used. It exploits a vulnerability of the federated learning protocol caused by incorrect usage of secure aggregation and lack of parameter validation. This demonstrates that current implementations of federated learning with secure aggregation offer only a “false sense of security”.
Alan Dix - "Designing User Interactions with AI: Servant, Master or Symbiosis"
All AI ultimately affects people, in some cases deeply buried, in others interacting directly with users, whether physically, such as autonomous vehicles, or virtually, such as recommender systems. In these interactions, AI may be a servant, such as Alexa operating on command; or AI may be the master, such as gig-work platforms telling workers what to do. However, potentially the most productive interactions are a symbiosis, human and AI complementing one another. Designing human-in-the-loop systems changes the requirements of both AI algorithms and user interfaces. This talk will explore some design principles and examples in this exciting area.
Sher Muhammad Doudpota - "Natural Language Processing with Deep Learning"
Natural Language Processing (NLP) is a sub field of computer science that deals with extracting meaningful patterns from large amounts of text. Traditionally, rule based approaches have dominated in the field, however recently Deep Neural Networks have shown promising results when applied on different NLP tasks. The biggest advantage of applying deep learning on text is eliminating the need of feature engineering which needs domain expertise. With the advent of deep learning, we no more need manual feature engineering, rather algorithms based on neural networks automate the process. This seminar will give an overview to the participants about different applications of deep learning on varying tasks of nlp including sentiment analysis, topic modeling and creative side of AI that is text generation.
Maxime Parmentier - "Statistical model checking: genetic algorithm, spatio-temporal logic and sequential analysis"
Both computer programs and embedded systems become more and more complex with the progress of technological innovation. Cyber-physical systems, such as self-driving vehicles, communications satellites or medical robots, are not only expensive and difficult to produce, but they also have high requirements with respect to consistency, safety and efficiency. Making sure cyber-physical systems meet those requirements is therefore of the utmost importance and must be done as early as during the design stage of the production. While analyzing the design of a cyber-physical system or testing a prototype are valid (albeit potentially costly) strategies for small systems, they are completely unfeasible for most real-case examples. Thankfully, there exists another strategy: (statistical) model checking. With a model of the system, it is possible to simulate executions of the system and check if no execution violates a given property. The goal of this presentation is to present multiple new ideas and frameworks to solve important problems of statistical model checking: the local extremum problem, the spatiality problem, and the optimal stopping problem.
Mario Di Francesco - "Distributed Intelligence for Mobile Computing and the Internet of Things"
Distributed intelligence is a collaborative process to carry out different types of learning and inference tasks. Such a process enables heterogeneous and resource-constrained devices to realize diverse applications and services. This talk specifically focuses on two representative use cases of distributed intelligence in the context of mobile computing and the Internet of Things (IoT). The first one is improving user experience in mobile augmented reality through edge computing. The second use case is partitioning a pre-trained deep neural network for distributed inference in a fog network.


Multi-agent systems: from robotic to financial networks
A team of drones looking for survivors amidst the rubbles of an earthquake, a squad of mobile robots inspecting a field of interest, and algorithmic traders in a financial network apparently have little in common. In all these scenarios, however, the interplay among the multiple actors involved can be abstracted as a complex network of multiple interacting agents, with cooperative, opportunistic, or even antagonistic behaviors. In drone networks, multiple agents, mostly unmanned mobile devices, cooperate with each other to achieve a common goal or share a common view of ongoing phenomena in a field of interest. They may act opportunistically, trading-off their application task with their communication needs. Open research challenges include trajectory management, task assignment, and routing issues. In financial systems, traders, banks, and the stock exchange can also be abstracted in a model of interacting agents, often exhibiting interdependencies that can be studied with the tools of network science and multi-agent systems. This short talk sets out to describe some of the research goals I have enthusiastically pursued in the recent years, with a focus on the funded projects I have been working on.
Chatbots for software modelling
Chatbots are software services accessed via conversation in natural language. They are used to help in all kinds of procedures like booking flights, querying visa information or assigning tasks to developers. They can be embedded in webs and social networks, and be used from mobile devices without installing dedicated apps. In this seminar, we will see how to take advantage of chatbots and social networks to enable the collaborative creation of software models by groups of users. The process is assisted by modelling bots that orchestrate the collaboration and interpret the users' inputs (in natural language) to incrementally build a domain model. The advantages of this modelling approach include ubiquity of use, automation, assistance, natural user interaction, traceability of design decisions, possibility to incorporate coordination protocols, and seamless integration with the user's normal daily usage of social networks. We will showcase the tool SOCIO which supports this novel modelling paradigm.
Toward Data-Driven Self-Adaptive Spectrum-Aware Wireless Systems
The massive scale and strict performance requirements of next-generation wireless networks will require embedded devices to perform real-time fine-grained optimization of their spectrum usage. Yet, today's networking protocols and architectures are deeply rooted in inflexible designs, and utilize optimization models and strategies that are either too complex or too oversimplified to be fully effective in today's crowded spectrum environment. In this talk, we are going to introduce and discuss our recent research toward the design of data-driven self-adaptive spectrum-aware wireless systems, where transmitters and receivers use real-time deep learning to infer and optimize their networking parameters based on ongoing spectrum conditions. We will conclude the talk by discussing existing technical challenges and possible research directions.
Order! A tale of money, intrigue, and specifications
Mistrust over traditional financial institutions is motivating the development of decentralized financial infrastructures based on blockchains. In particular, Consortium blockchains (such as the Linux Foundation Hyperledger and Facebook’s diem) are emerging as the approach preferred by businesses. These systems allow only a well-known set of mutually distrustful parties to add blocks to the blockchain; in this way, they aim to retain the benefits of decentralization without embracing the cyberpunk philosophy that informed Nakamoto’s disruptive vision. At the core of consortium blockchains is State Machine Replication, a classic technique borrowed from fault tolerant distributed computing; to ensure the robustness of their infrastructure, consortium blockchains actually borrow the Byzantine-tolerant version of this technique, which guarantees that the blockchain will operate correctly even if as many as about a third of the contributing parties are bent on cheating. But, sometimes, "a borrowing is a sorrowing". I will discuss why Byzantine-tolerant state machine replication is fundamentally incapable of recognizing, never mind preventing, an ever present scourge of financial exchanges: the fraudulent manipulation of the order in which transactions are processed - and how its specification needs to be expanded to give it a fighting chance. But is it possible to completely eliminate the ability of Byzantine parties to engage in order manipulation? What meaningful ordering guarantees can be enforced? And at what cost?
Learning and accruing knowledge over time using modular architectures
One of the hallmarks of human intelligence is the ability to learn new tasks despite the paucity of direct supervision. Machine learning models have recently achieved impressive performance in this setting by using the following protocol: i) Collect a massive dataset, ii) Train a very large model and iii) Adapt to downstream tasks using very little, if any, task-specific labeled data. While this has been working remarkably well, it is still dissatisfying because the information present in each downstream task is never transformed into actual knowledge that can be leveraged to improve the prediction of subsequent downstream tasks. As a result, once in a while even larger models need to be retrained from scratch to account for the ever increasing amount of data. This begs two basic questions. First, what learning settings are useful to study knowledge accrual? And second, what methods are effective and efficient at learning from never-ending streams of data? In this talk, I will present a preliminary investigation in our quest to answer these questions. I will present experiments using anytime and continual learning with metrics accounting for both error rate and efficiency of learning through time. I will also discuss how modular architectures can strike good trade-offs in this setting. These networks, whose computation is expressed as the composition of basic modules, can naturally grow over time to account for new incoming data by simply adding new modules to the existing set of modules, and they can retain efficiency as the number of modules grow if only a small and constant number of modules is used at inference time. While these are admittedly baby steps towards our original goal, we hope to stimulate discussion and interest in our community about the fundamental question of how to represent and accrue knowledge over time.
The Pit and the Pendulum - Part II
In the second seminar, I will discuss the tension between providing strong isolation guarantees (which greatly simplify the task of programming concurrent applications) and trying to maximize these applications' performance. Since the elegant foundations of transaction processing were established in the mid 70's with the notion of serializability and the codification of the ACID (Atomicity, Consistency, Isolation, Durability) paradigm, performance has not been considered one of ACID's strong suits, especially for distributed data stores. Indeed, the NoSQL/BASE movement that started a decade ago with Amazon's Dynamo was born out of frustration with the limited scalability of traditional ACID solutions, only to become itself a source of frustration once the challenges of programming applications in this new paradigm began to sink in. But how fundamental is this dichotomy between performance and ease of programming? In my talk, I'll share with you the intellectual journey my students and embarked on trying to overcome the traditional terms of this classic tradeoff.
The Pit and the Pendulum - Part I
The cloud datastores that support today's service economy offer applications the ability to program using a transactional interface. Transactions are groupings of operations that take effect atomically: either all operations take effect or none do. They simplify program development as they allow developers to group related operations into one single atomic unit. For performance, modern datastores allow multiple transactions to execute concurrently. Isolation then defines a contract that regulates the interaction between these concurrent transactions. Indeed, isolation is important also in many machine learning algorithms that iteratively transform some global state, such as model parameters or variable assignment. When these updates are structured as transactions, they can be executed concurrently to achieve greater scalability, relying on isolation to maintain the semantics and theoretical properties of the original serial algorithm. But what guarantees should isolation offer? And how expensive is it to enforce them? In my first seminar, I will discuss the fascinating history of our community's attempts at formalizing isolation. You'll meet giants like Jim Gray and Barbara Liskov, Turing award winners who wrestled with this challenge, and you'll see what you think about our recent attempt to venture where such giants have trod.
Knowledge Discovery from Graphs and Networks
In this talk, I will present some recent research directions that I have been exploring. One common denominator is the notion of graph or network. I'll start by describing my activities in the field of knowledge graphs (KG), graphs organized as a set of triples of the form (subject, predicate, object), where the predicate denotes some semantic relationship between the subject and the object (e.g., Stanley Kubrick, director, A Clockwork Orange). I'll discuss why existing approaches to learning low-level representations (or embeddings) for subject/object and predicates are sub-optimal when it comes to learning representations of triples as a whole; I'll show how to transform a KG into its triple-centric version by taking into account the semantics edges. Hence, I will describe two triple embedding learning architectures useful for downstream tasks such as triple verification; one based on biased random walks and the other based on graph neural networks. Next, I will discuss how to improve any existing semantic-oblivion embedding approach based on random walks by superimposing an abstract notion of neighborhood, based on an arbitrary node similarity measure. Finally, in the landscape of networks, I will describe ongoing research activities on a new topic called community deception, which is about how to hide a community (set of nodes) from social network analysis tools. I'll discuss some techniques based on carefully selected edge updates and their extension to attributed networks.
Abstractions and Their Compilers
An abstraction in computer science is a data model plus a "programming language"; the language is often far simpler than a general-purpose programming language. We shall consider four different ways that abstractions have been used. Especially important are "declarative abstractions," where you say what you want done but not how to do it. These abstractions require clever compilation, including some powerful optimization techniques, if they are to be used in practice. We shall talk about three such declarative abstractions: regular expressions, and their compilation into finite automata, context-free grammars and their compilation into shift-reduce parsers, and the relational model of data, and its compilation into executable code.
From Computational Argumentation to Explanation
Computational argumentation is a well-established field in (mostly symbolic) AI focusing on defining argumentation frameworks comprising sets of arguments and dialectical relations between them (e.g. of attack and, in addition or instead, of support), as well as so-called semantics (e.g. amounting to definitions of dialectically acceptable sets of arguments or of dialectical strength of arguments, satisfying desirable dialectical properties such as that supports against an argument should strengthen it). In this talk I will overview our recent efforts towards deploying computational argumentation to obtain and deliver to users explanations of different formats for a variety of systems, including data-driven classifiers. I will also argue that explainable AI (XAI) , which has witnessed unprecedented growth in AI in recent years, can be ideally supported by computational argumentation models whose dialectical nature matches well some basic desirable features of explanatory activities.


Landscape and Training Dynamics of DNNs: lessons from physics-inspired methods
Despite their formidable success in recent years, a fundamental understanding of deep neural networks (DNNs) is still lacking. Open questions include the origin of the slowness of the training dynamics, and the relationship between the dimensionality of parameter space and number of training examples, since DNNs empirically generalize very well even when over-parametrized. A popular way to address these issues is to study the topology of the cost function (the loss landscape) and the properties of the algorithm used for training (usually stochastic gradient descent, SGD). Here, we use methods and results coming from the physics of disordered systems, in particular glasses and sphere packings. On one hand, we are able to understand to what extent DNNs resemble widely studied physical systems. On the other hand, we use this knowledge to identify properties of the learning dynamics and of the landscape. In particular, through the study of time correlation functions in weight space, we argue that the slow dynamics is not due to barrier crossing, but rather to an increasingly large number of null-gradient directions, and we show that, at the end of learning, the system is diffusing at the bottom of the landscape. We also find that DNNs exhibit a phase transition between over- and under-parametrized regimes, where perfect fitting can or cannot be achieved. We show that in this overparametrized phase there cannot be spurious local minima. In the vicinity of this transition, properties of the curvature of the loss function minima are critical. This kind of knowledge can be used both as a basis for a more grounded understanding of DNNs and for hands-on requirements such as hyperparameter optimization and model selection.
Fences and RMRs Required for Synchronization
Compiler optimizations that execute memory accesses out of (program) order often lead to incorrect execution of concurrent programs. These re-orderings are prohibited by inserting costly fence (memory barrier) instructions. The inherent Fence Complexity is a good estimate of an algorithm's time complexity, as is its RMR complexity: the number of Remote Memory References the algorithm must issue. When write instructions are executed in order, as in the Total Store Order (TSO) model, it is possible to implement a lock (and other objects) using only one RAW fence and an optimal O(n log n) RMR complexity. However, when store instructions may be re-ordered, as in the Partial Store Order (PSO) model, we prove that there is an inherent tradeoff between fence and RMR complexities. The proof relies on an interesting encoding argument.
Network archeology: on revealing the past of random trees
Networks are often naturally modeled by random processes in which nodes of the network are added one-by-one, according to some random rule. Uniform and preferential attachment trees are among the simplest examples of such dynamically growing networks. The statistical problems we address in this talk regard discovering the past of the network when a present-day snapshot is observed. Such problems are sometimes termed "network archeology". We present a few results that show that, even in gigantic networks, a lot of information is preserved from the very early days. Gabor Lugosi is an ICREA research professor at the Department of Economics, Pompeu Fabra University, Barcelona. He graduated in electrical engineering at the Technical University of Budapest in 1987, and received his Ph.D. from the Hungarian Academy of Sciences in 1991. His research main interests include the theory of machine learning, combinatorial statistics, inequalities in probability, random graphs and random structures, and information theory.
Model Based Design of Safety and Mission Critical Systems
Many software based control systems are indeed safety or mission critical systems. Examples are: aerospace, transportation, medical devices, financial systems. In this talk I will outline my research activity as for model based synthesis and verification of software based control systems and show how the general purpose algorithms and tools developed have been used in specific application domains.
Safe and Efficient Exploration in Reinforcement Learning
At the heart of Reinforcement Learning lies the challenge of trading exploration -- collecting data for identifying better models -- and exploitation -- using the estimate to make decisions. In simulated environments (e.g., games), exploration is primarily a computational concern. In real-world settings, exploration is costly, and a potentially dangerous proposition, as it requires experimenting with actions that have unknown consequences. In this talk, I will present our work towards rigorously reasoning about safety of exploration in reinforcement learning. I will discuss a model-free approach, where we seek to optimize an unknown reward function subject to unknown constraints. Both reward and constraints are revealed through noisy experiments, and safety requires that no infeasible action is chosen at any point. I will also discuss model-based approaches, where we learn about system dynamics through exploration, yet need to verify safety of the estimated policy. Our approaches use Bayesian inference over the objective, constraints and dynamics, and -- under some regularity conditions -- are guaranteed to be both safe and complete, i.e., converge to a natural notion of reachable optimum. I will also present recent results harnessing the model uncertainty for improving efficiency of exploration, and show experiments on safely and efficiently tuning cyber-physical systems in a data-driven manner. Andreas Krause is a Professor of Computer Science at ETH Zurich, where he leads the Learning & Adaptive Systems Group. He also serves as Academic Co-Director of the Swiss Data Science Center. Before that he was an Assistant Professor of Computer Science at Caltech. He received his Ph.D. in Computer Science from Carnegie Mellon University (2008) and his Diplom in Computer Science and Mathematics from the Technical University of Munich, Germany (2004). He is a Microsoft Research Faculty Fellow and a Kavli Frontiers Fellow of the US National Academy of Sciences. He received ERC Starting Investigator and ERC Consolidator grants, the Deutscher Mustererkennungspreis, an NSF CAREER award, the Okawa Foundation Research Grant recognizing top young researchers in telecommunications as well as the ETH Golden Owl teaching award. His research on machine learning and adaptive systems has received awards at several premier conferences and journals, including the ACM SIGKDD Test of Time award 2019. Andreas Krause served as Program Co-Chair for ICML 2018, and is regularly serving as Area Chair or Senior Program Committee member for ICML, NeurIPS, AAAI and IJCAI, and as Action Editor for the Journal of Machine Learning Research.
Automatic Synthesis of Controllers for Cyber-Physical Systems
A Cyber-Physical System (sometimes also called hybrid system) is composed of physical subsystems and software subsystems. Many Cyber-Physical Systems are indeed control systems: the software part is designed to control the physical part, so that some desired behavior is achieved. Applications of such Cyber-Physical Control Systems are ubiquitous: smart grids, electrical engineering, aerospace, automotive, biology, and so on. Recently, many methodologies have been presented on automatically synthesizing controllers for Cyber-Physical Systems. Such methodologies take as input a description of the physical part (plant) of a Cyber-Physical Control System, a set of requirements for the software part (controller), a set of desired behaviors for the closed-loop system (controller + plant), and output the actual software for the controller, which is guaranteed to meet all given specifications. In this talk, I will present a selection of such methodologies, mainly focusing on my own contributions.
Adaptive Communication for Battery-Free IoT devices
With the ever-growing usage of batteries in the IoT era, the need for more eco-friendly technologies is clear. RF-powered computing enables the redesign of personal computing devices in a battery-less manner. While there has been substantial work on the underlying methods for RF-powered computing, practical applications of this technology has largely been limited to scenarios that involve simple tasks. This talk discusses how RFID technology, typically used to implement object identification and counting, can be exploited to realize a battery-free smart home. In particular, this talk considers the coexistence of several battery-free devices, with different transmission requirements - periodic, event-based, and real-time - and proposes a new approach to dynamically collect information from devices without requiring any a priori knowledge of the environment.
Learning to rank results optimally in search and recommendation engines
Consider the scenario where an algorithm is given a context, and then it must select a slate of relevant results to display. As four special cases, the context may be a search query, a slot for an advertisement, a social media user, or an opportunity to show recommendations. We want to compare many alternative ranking functions that select results in different ways. However, A/B testing with traffic from real users is expensive. This research provides a method to use traffic that was exposed to a past ranking function to obtain an unbiased estimate of the utility of a hypothetical new ranking function. The method is a purely offline computation, and relies on assumptions that are quite reasonable. We show further how to design a ranking function that is the best possible, given the same assumptions. Learning optimal rankings for search results given queries is a special case. Experimental findings on data logged by a real-world e-commerce web site are positive.
Corso di 24 ore di "Scrittura tecnico-scientifica" (corso in lingua italiana)


Harnessing the Power of (Knowledge) Graphs
The Web, traditionally viewed as a vast repository of documents, is being transformed into a huge database by the massive presence of structured data. New research challenges arise in this information space due to the intrinsic decentralized data creation and management, the lack of superimposed schema, and the availability of huge volumes of data covering diverse domains. In this talk, I will give an overview of my research activities in the areas of graph querying and explanation languages, knowledge discovery from graphs, and social networks. I will also outline some ongoing research activities centered around the marriage between machine learning and knowledge representation and reasoning.
Limits and Structure of Learnability and Provability
I will describe my two main areas of research: Learning in the Limit and Reverse Mathematics. Learning in the limit is one of the main computational models of learnability. A learner is modeled by a computational device which inductively generates hypotheses about an input language and stabilizes in the limit on a correct guess. Contrary to other models of learning, this model allows to decide questions of the following type: Is it the case that some learning constraint or learning strategy is necessary for learning some language class? I will discuss the case of so-called "U-shaped learning", a prominent and as-of-yet not well-understood feature of human learning in many contexts. The study of the effective (or computable) content and relative strength of theorems is one of the main areas of recent research in Computable Mathematics and Reverse Mathematics. I will outline a framework in which the following questions can be addressed: Given two theorems, is one stronger than the other or are they equivalent? Is it the case that one theorem is reducible to the other by a computable reduction? Given a problem, what is the complexity of its solutions to computable instances? I will discuss the case of Hindman's Finite Sums Theorem, which is the subject of a number of long-standing open problems in the area.
Power Efficient Machine Learning in Silicon
Power efficiency is a key aspect in computer systems both in high-end servers and in portable devices. The focus of this talk is to discuss how the numerical formats of data impacts the energy efficiency of the computation, and how to trade-off accuracy with power savings. Machine Learning and Deep Learning are used as case studies to present the key ideas and the benefits derived by a flexible format to represent numerical data.
Round Compression for Parallel Matching Algorithms
For over a decade now we have been witnessing the success of massive parallel computation (MPC) frameworks, such as MapReduce, Hadoop, Dryad, or Spark. One of the reasons for their success is the fact that these frameworks are able to accurately capture the nature of large-scale computation. In particular, compared to the classic distributed algorithms or PRAM models, these frameworks allow for much more local computation. The fundamental question that arises in this context is though: can we leverage this additional power to obtain even faster parallel algorithms? A prominent example here is the fundamental graph problem of finding maximum matching. It is well known that in the PRAM model one can compute a 2-approximate maximum matching in O(log n) rounds. However, the exact complexity of this problem in the MPC framework is still far from understood. Lattanzi et al. showed that if each machine has n^{1+Ω(1)} memory, this problem can also be solved 2-approximately in a constant number of rounds. These techniques, as well as the approaches developed in the follow up work, seem though to get stuck in a fundamental way at roughly O(log n) rounds once we enter the near-linear memory regime. It is thus entirely possible that in this regime, which captures in particular the case of sparse graph computations, the best MPC round complexity matches what one can already get in the PRAM model, without the need to take advantage of the extra local computation power. In this talk, we finally show how to refute that perplexing possibility. That is, we break the above O(log n) round complexity bound even in the case of slightly sublinear memory per machine. This is a joint work with Jakub Łącki, Aleksander Mądry, Slobodan Mitrović, Krzysztof Onak, and Piotr Sankowski, which appeared at STOC'2018.
This talk will be divided in two parts. The first part will explain the main properties of blockchain applications. During the second part, we will show how blockchain properties can have an impact on security and show some examples of past vulnerabilities suffered by blockchain-based systems.
Dynamic graph algorithms and complexity (a survey)
In this talk I will attempt to answer the following questions I have been asked quite often: What are the current challenges in dynamic graph algorithms? What are good starting points for people who want to try working in this field? The talk will focus on challenges for basic graph problems (e.g. connectivity, shortest paths, maximum matching), and will survey some existing upper and lower bound results and techniques.
Space-based systems play an important role in our daily life and business. The trend is likely to rely on the use of space based systems in a growing number of services or applications that can be either safety-of-life critical or business and mission-critical. The security measures implemented in space-based systems may turn out to be insufficient to guarantee the information assurance properties, in particular confidentiality (if required by the data policy), availability and integrity of these services/applications. The various and possible cyber-attacks on space segments, ground stations and its control segments are meanwhile well known and experienced in many cases. We address the Cybersecurity specific aspects of space missions, the specific threats to space mission from cyberspace, and analyze the set of all the possible countermeasures.
Strong coresets for k-median and subspace clustering: Goodbye dimension
I will start my talk with an introduction to the area of coresets for clustering problems, give basic definitions and explain how coresets can be used to obtain distributed and streaming algorithms. During my talk, I will mostly focus on a commonly used coreset definition that has been introduced by Har-Peled and Mazumdar: A coreset is a weighted set S of points such that for all sets C of k centers we have (1-eps) cost(P,C) <= cost(S,C) <= (1+eps) cost(P,C), where cost(P,C) is the sum of distances of the points in P to their closest center in C. Then I will present a new algorithm to compute coresets that have a similar for-all guarantee as in the above definition and that consist of a number of points that is independent of the size of the input point set P and the dimension of the input space d. Joint work with David Woodruff.
Stochastic Incremental Algorithms for Optimal Transport with SON Regularizer
Optimal Transport (OT) is a classic area in probability and statistics for transferring mass from one probability distribution to another. Recently OT has been very successfully used for domain adaptation in many applications in computer vision, texture analysis, tomographic reconstruction and clustering. We introduce a new regularizer OT which is tailored to better preserve the class structure. We give the first theoretical guarantees for an OT scheme that respects class structure. We give an accelerated proximal--projection scheme for this formulation with the proximal operator in closed form to give a highly scalable algorithm for computing optimal transport plans. Our experiments show that the new regularizer preserves class structure better and is more robust compared to previous regularizers.
Distributed algorithms for hybrid networks
I will introduce a new communication model, called hybrid network, in which the nodes have the choice between two communication modes: a local mode that allows them to exchange messages with nearby nodes, and a global mode where communication between any pair of nodes is possible, but the amount of communication is limited. This can be motivated, for instance, by wireless networks in which we combine direct device-to-device communication with communication via the cellular infrastructure. I will show how to quickly build up a low-diameter, low-degree network of global edges (i.e., connections established via the global communication mode) on top of any network of local edges (i.e., connections given by the local communication mode) so that various problems such as computing minimum spanning trees and shortest paths can be solved much more efficiently than by just using the local edges. This is joint work with various colleagues including John Augustine, Fabian Kuhn, and Mohsen Ghaffari.


Manuel Mazo Espinosa Jr. - Symbolic abstractions of control systems' timing behaviour
With the advent of the Internet-of-things and Cyber-Physical Systems everywhere, there has arisen a renewed interest on the study of networked control systems (NCS). NCS are systems in which measurements from sensors are sent through a communications network to a control unit to compute corrective actions for the system being monitored, actions which are again relayed through a network to actuators. In the past decade a shift of perspective in the design and analysis of NCS has emerged in order to make the use of communications bandwidth as efficient as possible. The idea is to move away from the traditional approach employing pre-determined (usually periodic) update times, to designs in which the time instants at which the control loop is closed is determined by the sensors themselves. This has resulted in what has been named “event-based control” (EBC). Despite of the many promising results of EBC designs I will argue that the unpredictability of the communications traffic they generate is a critical bottleneck to exploit EBC’s potential benefits. To solve this critical problem, I will describe our recent results on the construction of abstractions (in the form of timed automata) capturing the communications traffic of EBC. I will then describe how such abstractions can help in the design of more efficient EBC systems and schedulers for them.

© Università degli Studi di Roma "La Sapienza" - Piazzale Aldo Moro 5, 00185 Roma