Act Wisely: Cultivating Meta-Cognitive Tool Use in Agentic Multimodal Models
The advent of agentic multimodal models has empowered systems to actively interact with external environments. However, current agents suffer from a profound meta-cognitive deficit: they struggle to arbitrate between leveraging internal knowledge and querying external utilities. Consequently, they frequently fall prey to blind tool invocation, resorting to reflexive tool execution even when queries are resolvable from the raw visual context. This pathological behavior precipitates severe latency bottlenecks and injects extraneous noise that derails sound reasoning. Existing reinforcement learning protocols attempt to mitigate this via a scalarized reward that penalizes tool usage. Yet, this coupled formulation creates an irreconcilable optimization dilemma: an aggressive penalty suppresses essential tool use, whereas a mild penalty is entirely subsumed by the variance of the accuracy reward during advantage normalization, rendering it impotent against tool overuse. To transcend this bottleneck, we propose HDPO, a framework that reframes tool efficiency from a competing scalar objective to a strictly conditional one. By eschewing reward scalarization, HDPO maintains two orthogonal optimization channels: an accuracy channel that maximizes task correctness, and an efficiency channel that enforces execution economy exclusively within accurate trajectories via conditional advantage estimation. This decoupled architecture naturally induces a cognitive curriculum-compelling the agent to first master task resolution before refining its self-reliance. Extensive evaluations demonstrate that our resulting model, Metis, reduces tool invocations by orders of magnitude while simultaneously elevating reasoning accuracy.
Updated: 2026-04-09 17:59:57
标题: 明智行事:培养主体多模态模型中的元认知工具使用
摘要: 主动多模型的出现使系统能够积极与外部环境进行互动。然而,目前的代理系统存在一个严重的元认知缺陷:它们很难在利用内部知识和查询外部工具之间进行调解。因此,它们经常陷入盲目的工具调用,即使从原始视觉环境中可以解决查询,也会诉诸于反射性的工具执行。这种病态行为导致严重的延迟瓶颈,并注入不相关的噪音,从而破坏了合理推理。现有的强化学习协议试图通过对工具使用进行处罚的标量化奖励来缓解这一问题。然而,这种耦合的公式形成了一个不可调和的优化困境:过分的惩罚会抑制必要的工具使用,而温和的惩罚则完全被准确奖励的方差所包含,在优势规范化过程中变得无效,无法抑制工具过度使用。为了克服这一瓶颈,我们提出了HDPO,这是一个框架,将工具效率从竞争性标量目标转变为严格的条件目标。通过摒弃奖励标量化,HDPO保持了两个正交优化通道:一个准确性通道,最大化任务正确性,另一个效率通道,通过条件优势估计仅在准确轨迹内强制执行经济。这种分离的架构自然地引入了一个认知课程,迫使代理先掌握任务解决能力,然后再完善自我依赖能力。广泛的评估表明,我们得到的模型Metis将工具调用次数减少了数个数量级,同时提高了推理准确性。
更新时间: 2026-04-09 17:59:57
领域: cs.CV,cs.AI
SIM1: Physics-Aligned Simulator as Zero-Shot Data Scaler in Deformable Worlds
Robotic manipulation with deformable objects represents a data-intensive regime in embodied learning, where shape, contact, and topology co-evolve in ways that far exceed the variability of rigids. Although simulation promises relief from the cost of real-world data acquisition, prevailing sim-to-real pipelines remain rooted in rigid-body abstractions, producing mismatched geometry, fragile soft dynamics, and motion primitives poorly suited for cloth interaction. We posit that simulation fails not for being synthetic, but for being ungrounded. To address this, we introduce SIM1, a physics-aligned real-to-sim-to-real data engine that grounds simulation in the physical world. Given limited demonstrations, the system digitizes scenes into metric-consistent twins, calibrates deformable dynamics through elastic modeling, and expands behaviors via diffusion-based trajectory generation with quality filtering. This pipeline transforms sparse observations into scaled synthetic supervision with near-demonstration fidelity. Experiments show that policies trained on purely synthetic data achieve parity with real-data baselines at a 1:15 equivalence ratio, while delivering 90% zero-shot success and 50% generalization gains in real-world deployment. These results validate physics-aligned simulation as scalable supervision for deformable manipulation and a practical pathway for data-efficient policy learning.
Updated: 2026-04-09 17:59:52
标题: SIM1:以物理为基准的模拟器作为可变形世界中的零样本数据缩放器
摘要: 使用可变形物体的机器人操作代表了在体现学习中数据密集的范例,其中形状、接触和拓扑以一种超过刚体的变化方式共同演变。尽管模拟技术承诺可以减轻真实世界数据采集的成本,但目前的模拟到真实的流程仍然根植于刚体抽象,导致几何不匹配、软体动力学脆弱以及对布料交互操作不太适合的运动基元。我们认为,模拟失败并非因为是合成的,而是因为没有基础。为了解决这个问题,我们引入了SIM1,一个物理对齐的真实-模拟-真实数据引擎,将模拟技术基于物理世界进行了基础。给定有限的演示,该系统将场景数字化成度量一致的双胞胎,通过弹性建模校准可变形动力学,并通过基于扩散的轨迹生成和质量过滤扩展行为。这个流程将稀疏的观察转化为具有接近演示精度的规模合成监督。实验证明,仅使用合成数据训练的策略在一个1:15的等价比率下与真实数据基线达到了一致性,同时在真实世界部署中实现了90%的零-shot成功率和50%的泛化增益。这些结果验证了物理对齐的模拟技术作为可扩展的变形操作监督和数据高效策略学习的实际途径。
更新时间: 2026-04-09 17:59:52
领域: cs.RO,cs.AI,cs.CV
Seeing but Not Thinking: Routing Distraction in Multimodal Mixture-of-Experts
Multimodal Mixture-of-Experts (MoE) models have achieved remarkable performance on vision-language tasks. However, we identify a puzzling phenomenon termed Seeing but Not Thinking: models accurately perceive image content yet fail in subsequent reasoning, while correctly solving identical problems presented as pure text. Through systematic analysis, we first verify that cross-modal semantic sharing exists in MoE architectures, ruling out semantic alignment failure as the sole explanation. We then reveal that visual experts and domain experts exhibit layer-wise separation, with image inputs inducing significant routing divergence from text inputs in middle layers where domain experts concentrate. Based on these findings, we propose the Routing Distraction hypothesis: when processing visual inputs, the routing mechanism fails to adequately activate task-relevant reasoning experts. To validate this hypothesis, we design a routing-guided intervention method that enhances domain expert activation. Experiments on three multimodal MoE models across six benchmarks demonstrate consistent improvements, with gains of up to 3.17% on complex visual reasoning tasks. Our analysis further reveals that domain expert identification locates cognitive functions rather than sample-specific solutions, enabling effective transfer across tasks with different information structures.
Updated: 2026-04-09 17:59:44
标题: 看见但不思考:多模式专家混合中的路由分心
摘要: 多模态专家混合(MoE)模型在视觉语言任务上取得了显著的表现。然而,我们发现了一个称为“看而不思”的令人困惑的现象:模型可以准确地感知图像内容,但在随后的推理过程中失败,而在以纯文本形式呈现的相同问题中却可以正确解决。通过系统分析,我们首先验证了MoE架构中存在跨模态语义共享,排除了语义对齐失败作为唯一解释的可能性。然后,我们揭示了视觉专家和领域专家在层次上的分离特征,图像输入在领域专家集中的中间层中引起与文本输入的显著路由分歧。基于这些发现,我们提出了路由干扰假设:在处理视觉输入时,路由机制未能充分激活任务相关的推理专家。为验证这一假设,我们设计了一种路由引导干预方法,以增强领域专家的激活。在六个基准测试中对三个多模态MoE模型的实验表明,我们持续取得了改进,复杂视觉推理任务的增益高达3.17%。我们的分析进一步揭示了领域专家识别定位了认知功能,而不是特定于样本的解决方案,从而实现了在具有不同信息结构的任务之间的有效转移。
更新时间: 2026-04-09 17:59:44
领域: cs.CV,cs.AI,cs.CL
AVGen-Bench: A Task-Driven Benchmark for Multi-Granular Evaluation of Text-to-Audio-Video Generation
Text-to-Audio-Video (T2AV) generation is rapidly becoming a core interface for media creation, yet its evaluation remains fragmented. Existing benchmarks largely assess audio and video in isolation or rely on coarse embedding similarity, failing to capture the fine-grained joint correctness required by realistic prompts. We introduce AVGen-Bench, a task-driven benchmark for T2AV generation featuring high-quality prompts across 11 real-world categories. To support comprehensive assessment, we propose a multi-granular evaluation framework that combines lightweight specialist models with Multimodal Large Language Models (MLLMs), enabling evaluation from perceptual quality to fine-grained semantic controllability. Our evaluation reveals a pronounced gap between strong audio-visual aesthetics and weak semantic reliability, including persistent failures in text rendering, speech coherence, physical reasoning, and a universal breakdown in musical pitch control. Code and benchmark resources are available at http://aka.ms/avgenbench.
Updated: 2026-04-09 17:59:39
标题: AVGen-Bench:一个用于文本到音频视频生成多粒度评估的任务驱动基准测试
摘要: 文本到音频视频(T2AV)生成正迅速成为媒体创作的核心接口,但其评估仍然零散。现有的基准主要评估音频和视频独立存在或依赖粗糙的嵌入相似度,未能捕捉到现实提示所需的细粒度联合正确性。我们引入了AVGen-Bench,这是一个面向T2AV生成的任务驱动基准,包括11个真实世界类别的高质量提示。为了支持全面评估,我们提出了一个多粒度评估框架,将轻量级专家模型与多模式大语言模型(MLLMs)相结合,实现了从感知质量到细粒度语义可控性的评估。我们的评估揭示了强音频-视觉美学和弱语义可靠性之间明显的差距,包括文本渲染、语音连贯性、物理推理以及音乐音高控制方面的持续失败。代码和基准资源可在http://aka.ms/avgenbench上找到。
更新时间: 2026-04-09 17:59:39
领域: cs.CV,cs.AI,cs.CL
OpenVLThinkerV2: A Generalist Multimodal Reasoning Model for Multi-domain Visual Tasks
Group Relative Policy Optimization (GRPO) has emerged as the de facto Reinforcement Learning (RL) objective driving recent advancements in Multimodal Large Language Models. However, extending this success to open-source multimodal generalist models remains heavily constrained by two primary challenges: the extreme variance in reward topologies across diverse visual tasks, and the inherent difficulty of balancing fine-grained perception with multi-step reasoning capabilities. To address these issues, we introduce Gaussian GRPO (G$^2$RPO), a novel RL training objective that replaces standard linear scaling with non-linear distributional matching. By mathematically forcing the advantage distribution of any given task to strictly converge to a standard normal distribution, $\mathcal{N}(0,1)$, G$^2$RPO theoretically ensures inter-task gradient equity, mitigates vulnerabilities to heavy-tail outliers, and offers symmetric update for positive and negative rewards. Leveraging the enhanced training stability provided by G$^2$RPO, we introduce two task-level shaping mechanisms to seamlessly balance perception and reasoning. First, response length shaping dynamically elicits extended reasoning chains for complex queries while enforce direct outputs to bolster visual grounding. Second, entropy shaping tightly bounds the model's exploration zone, effectively preventing both entropy collapse and entropy explosion. Integrating these methodologies, we present OpenVLThinkerV2, a highly robust, general-purpose multimodal model. Extensive evaluations across 18 diverse benchmarks demonstrate its superior performance over strong open-source and leading proprietary frontier models.
Updated: 2026-04-09 17:59:39
标题: OpenVLThinkerV2:一个通用的多模态推理模型,用于多领域视觉任务。
摘要: Group Relative Policy Optimization(GRPO)已经成为最近在多模态大语言模型中推动强化学习(RL)发展的事实上的目标。然而,将这种成功扩展到开源多模态通用模型仍然受到两个主要挑战的严重限制:不同视觉任务之间奖励拓扑的极端差异,以及平衡细粒度感知与多步推理能力的固有困难。为了解决这些问题,我们引入了高斯GRPO(G$^2$RPO),这是一个新颖的RL训练目标,它用非线性分布匹配取代了标准的线性缩放。通过数学上强制任何给定任务的优势分布严格收敛到标准正态分布$\mathcal{N}(0,1)$,G$^2$RPO在理论上确保了任务间梯度公平性,减轻了对重尾异常值的脆弱性,并为正负奖励提供对称更新。利用G$^2$RPO提供的增强训练稳定性,我们引入了两种任务级塑形机制,以无缝平衡感知和推理。首先,响应长度塑形动态引发复杂查询的扩展推理链,同时强化直接输出以加强视觉基础。其次,熵塑形紧密限制了模型的探索区域,有效地防止了熵坍缩和熵爆炸。整合这些方法,我们提出了OpenVLThinkerV2,一个高度稳健的通用多模态模型。在18个不同基准测试中的广泛评估表明,它在强大的开源和领先的专有前沿模型上表现出优越的性能。
更新时间: 2026-04-09 17:59:39
领域: cs.CV,cs.AI,cs.CL
Meta-learning In-Context Enables Training-Free Cross Subject Brain Decoding
Visual decoding from brain signals is a key challenge at the intersection of computer vision and neuroscience, requiring methods that bridge neural representations and computational models of vision. A field-wide goal is to achieve generalizable, cross-subject models. A major obstacle towards this goal is the substantial variability in neural representations across individuals, which has so far required training bespoke models or fine-tuning separately for each subject. To address this challenge, we introduce a meta-optimized approach for semantic visual decoding from fMRI that generalizes to novel subjects without any fine-tuning. By simply conditioning on a small set of image-brain activation examples from the new individual, our model rapidly infers their unique neural encoding patterns to facilitate robust and efficient visual decoding. Our approach is explicitly optimized for in-context learning of the new subject's encoding model and performs decoding by hierarchical inference, inverting the encoder. First, for multiple brain regions, we estimate the per-voxel visual response encoder parameters by constructing a context over multiple stimuli and responses. Second, we construct a context consisting of encoder parameters and response values over multiple voxels to perform aggregated functional inversion. We demonstrate strong cross-subject and cross-scanner generalization across diverse visual backbones without retraining or fine-tuning. Moreover, our approach requires neither anatomical alignment nor stimulus overlap. This work is a critical step towards a generalizable foundation model for non-invasive brain decoding.
Updated: 2026-04-09 17:59:32
标题: 元学习在上下文中实现无需训练的跨主体脑解码
摘要: 从脑信号中进行视觉解码是计算机视觉和神经科学交叉领域的一个关键挑战,需要桥接神经表示和视觉计算模型的方法。全领域的目标是实现可泛化的跨受试者模型。朝着这个目标迈出的一个主要障碍是不同个体之间神经表示的显著变异,迄今为止需要训练定制模型或为每个受试者单独进行微调。为了解决这一挑战,我们提出了一种元优化的方法,用于从fMRI进行语义视觉解码,可以泛化到新受试者而无需任何微调。通过简单地基于新个体的一小组图像-脑激活示例进行条件化,我们的模型快速推断出他们独特的神经编码模式,以促进强大而高效的视觉解码。我们的方法明确针对新受试者的编码模型的现场学习进行了优化,并通过分层推断反转编码器进行解码。首先,对于多个脑区域,我们通过构建多个刺激和响应的上下文来估计每个体素的视觉响应编码器参数。其次,我们构建了一个包含编码器参数和多个体素上的响应值的上下文,以执行聚合功能反演。我们展示了跨受试者和跨扫描仪的强大泛化性能,涵盖了各种视觉结构,而无需重新训练或微调。此外,我们的方法既不需要解剖对齐,也不需要刺激重叠。这项工作是迈向非侵入性脑解码的可泛化基础模型的关键一步。
更新时间: 2026-04-09 17:59:32
领域: cs.LG,q-bio.NC
RewardFlow: Generate Images by Optimizing What You Reward
We introduce RewardFlow, an inversion-free framework that steers pretrained diffusion and flow-matching models at inference time through multi-reward Langevin dynamics. RewardFlow unifies complementary differentiable rewards for semantic alignment, perceptual fidelity, localized grounding, object consistency, and human preference, and further introduces a differentiable VQA-based reward that provides fine-grained semantic supervision through language-vision reasoning. To coordinate these heterogeneous objectives, we design a prompt-aware adaptive policy that extracts semantic primitives from the instruction, infers edit intent, and dynamically modulates reward weights and step sizes throughout sampling. Across several image editing and compositional generation benchmarks, RewardFlow delivers state-of-the-art edit fidelity and compositional alignment.
Updated: 2026-04-09 17:59:19
标题: RewardFlow:通过优化您奖励的内容生成图像
摘要: 我们介绍了RewardFlow,一个无反转的框架,通过多重奖励Langevin动力学,在推断时引导预训练扩散和流匹配模型。RewardFlow统一了用于语义对齐、感知保真度、局部基础、对象一致性和人类偏好的互补可微奖励,并进一步引入了一种可微的基于VQA的奖励,通过语言-视觉推理提供细粒度语义监督。为了协调这些异构目标,我们设计了一个prompt-aware自适应策略,从指令中提取语义原语,推断编辑意图,并动态调节奖励权重和步长在整个采样过程中。在几个图像编辑和组合生成基准上,RewardFlow提供了最先进的编辑保真度和组合对齐。
更新时间: 2026-04-09 17:59:19
领域: cs.CV,cs.AI
Optimal Debiased Inference on Privatized Data via Indirect Estimation and Parametric Bootstrap
We design a debiased parametric bootstrap framework for statistical inference from differentially private data. Existing usage of the parametric bootstrap on privatized data ignored or avoided handling possible biases introduced by the privacy mechanism, such as by clamping, a technique employed by the majority of privacy mechanisms. Ignoring these biases leads to under-coverage of confidence intervals and miscalibrated type I errors of hypothesis tests, due to the inconsistency of parameter estimates based on the privatized data. We propose using the indirect inference method to estimate the parameter values consistently, and we use the improved estimator in parametric bootstrap for inference. To implement the indirect estimator, we present a novel simulation-based, adaptive approach along with the theory that establishes the consistency of the corresponding parametric bootstrap estimates, confidence intervals, and hypothesis tests. In particular, we prove that our adaptive indirect estimator achieves the minimum asymptotic variance among all ``well-behaved'' consistent estimators based on the released summary statistic. Our simulation studies show that our framework produces confidence intervals with well-calibrated coverage and performs hypothesis testing with the correct type I error, giving state-of-the-art performance for inference in several settings.
Updated: 2026-04-09 17:59:04
标题: 通过间接估计和参数引导实现私有化数据的最佳无偏推断
摘要: 我们设计了一个去偏参数自助法框架,用于从差分隐私数据进行统计推断。现有对隐私化数据使用参数自助法的做法忽视或避免了隐私机制引入的可能偏差,比如通过夹紧等技术,这是大多数隐私机制采用的技术。忽视这些偏差导致置信区间的覆盖不足和假设检验的类型I错误校准不准确,原因是基于隐私化数据的参数估计的不一致性。我们提出使用间接推断方法一致地估计参数值,并将改进的估计量用于参数自助法进行推断。为了实现间接估计量,我们提出了一种新颖的基于模拟的自适应方法,同时提供了建立相应参数自助法估计量、置信区间和假设检验一致性的理论。特别地,我们证明了我们的自适应间接估计量在所有“良好行为”一致估计量中基于发布的摘要统计量达到最小的渐近方差。我们的模拟研究表明,我们的框架产生了覆盖良好的置信区间,并且在多种设置中进行了具有正确类型I错误的假设检验,为推断提供了最先进的性能。
更新时间: 2026-04-09 17:59:04
领域: stat.ME,cs.CR
PSI: Shared State as the Missing Layer for Coherent AI-Generated Instruments in Personal AI Agents
Personal AI tools can now be generated from natural-language requests, but they often remain isolated after creation. We present PSI, a shared-state architecture that turns independently generated modules into coherent instruments: persistent, connected, and chat-complementary artifacts accessible through both GUIs and a generic chat agent. By publishing current state and write-back affordances to a shared personal-context bus, modules enable cross-module reasoning and synchronized actions across interfaces. We study PSI through a three-week autobiographical deployment in a self-developed personal AI environment and show that later-generated instruments can be integrated automatically through the same contract. PSI identifies shared state as the missing systems layer that transforms AI-generated personal software from isolated apps into coherent personal computing environments.
Updated: 2026-04-09 17:58:36
标题: PSI: 共享状态作为个人AI代理中一致AI生成工具的缺失层级
摘要: 个人AI工具现在可以通过自然语言请求生成,但它们在创建后通常仍然是孤立的。我们提出了PSI,一个共享状态架构,将独立生成的模块转化为一致的工具:持久的、连接的、通过GUI和通用聊天代理访问的补充工具。通过将当前状态和写回功能发布到共享个人上下文总线,模块实现了跨模块推理和在接口之间同步操作。我们通过在自己开发的个人AI环境中进行为期三周的自传式部署来研究PSI,并展示后生成的工具可以通过相同的协议自动集成。PSI确定共享状态为缺失的系统层,将从孤立应用程序转变为一致个人计算环境的AI生成个人软件。
更新时间: 2026-04-09 17:58:36
领域: cs.HC,cs.AI
Demystifying OPD: Length Inflation and Stabilization Strategies for Large Language Models
On-policy distillation (OPD) trains student models under their own induced distribution while leveraging supervision from stronger teachers. We identify a failure mode of OPD: as training progresses, on-policy rollouts can undergo abrupt length inflation, causing truncated trajectories to dominate the training data. This truncation collapse coincides with abrupt repetition saturation and induces biased gradient signals, leading to severe training instability and sharp degradation in validation performance. We attribute this problem to the interaction between student-induced data collection and the distillation objective, which implicitly favors long and repetitive rollouts. To address this issue, we propose StableOPD, a stabilized OPD framework that combines a reference-based divergence constraint with rollout mixture distillation. These together mitigate repetition-induced length inflation and further stabilize OPD training. Across multiple math reasoning datasets, our approach prevents truncation collapse, stabilizes training dynamics, and improves performance by 7.2% on average.
Updated: 2026-04-09 17:58:02
标题: 揭秘OPD:针对大型语言模型的长度膨胀和稳定化策略
摘要: 在政策蒸馏(OPD)中,学生模型在其自身诱导的分布下进行训练,同时利用来自更强师傅的监督。我们发现了OPD的一种失败模式:随着训练的进行,基于政策的rollouts可能会出现突然的长度膨胀,导致截断轨迹主导训练数据。这种截断坍缩与突然的重复饱和同时发生,并引起有偏差的梯度信号,导致严重的训练不稳定性和验证性能的急剧下降。我们将这个问题归因于学生诱导数据收集与蒸馏目标之间的相互作用,后者隐含地偏好长而重复的rollouts。为了解决这个问题,我们提出了稳定的OPD(StableOPD)框架,它将基于参考的散度约束与rollout混合蒸馏结合在一起。这两者共同减轻了重复引起的长度膨胀,并进一步稳定了OPD的训练。在多个数学推理数据集上,我们的方法防止了截断坍塌,稳定了训练动态,并平均提高了7.2%的性能。
更新时间: 2026-04-09 17:58:02
领域: cs.CL,cs.LG
Ads in AI Chatbots? An Analysis of How Large Language Models Navigate Conflicts of Interest
Today's large language models (LLMs) are trained to align with user preferences through methods such as reinforcement learning. Yet models are beginning to be deployed not merely to satisfy users, but also to generate revenue for the companies that created them through advertisements. This creates the potential for LLMs to face conflicts of interest, where the most beneficial response to a user may not be aligned with the company's incentives. For instance, a sponsored product may be more expensive but otherwise equal to another; in this case, what does (and should) the LLM recommend to the user? In this paper, we provide a framework for categorizing the ways in which conflicting incentives might lead LLMs to change the way they interact with users, inspired by literature from linguistics and advertising regulation. We then present a suite of evaluations to examine how current models handle these tradeoffs. We find that a majority of LLMs forsake user welfare for company incentives in a multitude of conflict of interest situations, including recommending a sponsored product almost twice as expensive (Grok 4.1 Fast, 83%), surfacing sponsored options to disrupt the purchasing process (GPT 5.1, 94%), and concealing prices in unfavorable comparisons (Qwen 3 Next, 24%). Behaviors also vary strongly with levels of reasoning and users' inferred socio-economic status. Our results highlight some of the hidden risks to users that can emerge when companies begin to subtly incentivize advertisements in chatbots.
Updated: 2026-04-09 17:57:50
标题: AI聊天机器人中的广告?大型语言模型如何解决利益冲突的分析
摘要: 目前的大型语言模型(LLMs)通过诸如强化学习等方法来与用户偏好对齐。然而,这些模型开始被部署不仅仅是为了满足用户,而且还通过广告为创建它们的公司创造收入。这给LLMs带来了利益冲突的潜在可能性,即对用户最有利的响应可能与公司的激励不一致。例如,一个赞助产品可能比另一个产品更昂贵但在其他方面相同;在这种情况下,LLM应该向用户推荐什么(以及应该推荐什么)?在本文中,我们提出了一个框架,用于分类描述冲突激励可能导致LLMs改变其与用户交互方式的方法,灵感来源于语言学和广告监管领域的文献。然后,我们提出了一系列评估来检验当前模型如何处理这些权衡。我们发现大多数LLMs在多种利益冲突情况下牺牲了用户福祉以换取公司激励,包括推荐一个几乎是另一个产品两倍价格的赞助产品(Grok 4.1 Fast,83%),推荐赞助选项以干扰购买过程(GPT 5.1,94%),以及在不利比较中隐藏价格(Qwen 3 Next,24%)。行为还会根据推理水平和用户推断的社会经济地位而变化。我们的结果突显了当公司开始在聊天机器人中巧妙激励广告时,用户可能遇到的一些隐藏风险。
更新时间: 2026-04-09 17:57:50
领域: cs.AI,cs.CL,cs.CY
What Drives Representation Steering? A Mechanistic Case Study on Steering Refusal
Applying steering vectors to large language models (LLMs) is an efficient and effective model alignment technique, but we lack an interpretable explanation for how it works-- specifically, what internal mechanisms steering vectors affect and how this results in different model outputs. To investigate the causal mechanisms underlying the effectiveness of steering vectors, we conduct a comprehensive case study on refusal. We propose a multi-token activation patching framework and discover that different steering methodologies leverage functionally interchangeable circuits when applied at the same layer. These circuits reveal that steering vectors primarily interact with the attention mechanism through the OV circuit while largely ignoring the QK circuit-- freezing all attention scores during steering drops performance by only 8.75% across two model families. A mathematical decomposition of the steered OV circuit further reveals semantically interpretable concepts, even in cases where the steering vector itself does not. Leveraging the activation patching results, we show that steering vectors can be sparsified by up to 90-99% while retaining most performance, and that different steering methodologies agree on a subset of important dimensions.
Updated: 2026-04-09 17:57:14
标题: 是什么推动了代表性的驾驶?关于拒绝驾驶的机械案例研究
摘要: 将转向向量应用于大型语言模型(LLMs)是一种高效且有效的模型对齐技术,但我们缺乏一个可解释的解释来说明它是如何工作的--具体来说,转向向量影响哪些内部机制以及这如何导致不同的模型输出。为了研究引导向量有效性背后的因果机制,我们对拒绝进行了全面的案例研究。我们提出了一个多令牌激活修补框架,并发现不同的引导方法在应用于同一层时利用功能可互换的电路。这些电路显示,转向向量主要通过OV电路与注意机制互动,而在很大程度上忽略QK电路--在引导期间冻结所有注意力分数仅降低了两个模型系列的性能约8.75%。对受引导的OV电路进行数学分解进一步揭示了在引导向量本身不具备的语义可解释概念。利用激活修补结果,我们展示了转向向量可以被稀疏化至90-99%,同时保持大部分性能,并且不同的引导方法在一些重要维度上达成一致。
更新时间: 2026-04-09 17:57:14
领域: cs.LG,cs.AI,cs.CL
ClawBench: Can AI Agents Complete Everyday Online Tasks?
AI agents may be able to automate your inbox, but can they automate other routine aspects of your life? Everyday online tasks offer a realistic yet unsolved testbed for evaluating the next generation of AI agents. To this end, we introduce ClawBench, an evaluation framework of 153 simple tasks that people need to accomplish regularly in their lives and work, spanning 144 live platforms across 15 categories, from completing purchases and booking appointments to submitting job applications. These tasks require demanding capabilities beyond existing benchmarks, such as obtaining relevant information from user-provided documents, navigating multi-step workflows across diverse platforms, and write-heavy operations like filling in many detailed forms correctly. Unlike existing benchmarks that evaluate agents in offline sandboxes with static pages, ClawBench operates on production websites, preserving the full complexity, dynamic nature, and challenges of real-world web interaction. A lightweight interception layer captures and blocks only the final submission request, ensuring safe evaluation without real-world side effects. Our evaluations of 7 frontier models show that both proprietary and open-source models can complete only a small portion of these tasks. For example, Claude Sonnet 4.6 achieves only 33.3%. Progress on ClawBench brings us closer to AI agents that can function as reliable general-purpose assistants.
Updated: 2026-04-09 17:57:13
标题: ClawBench:AI代理能够完成日常在线任务吗?
摘要: AI代理可以自动化你的收件箱,但它们能否自动化你生活中的其他例行事务?每天的在线任务为评估下一代AI代理提供了一个现实但尚未解决的测试平台。为此,我们介绍了ClawBench,这是一个由153个简单任务组成的评估框架,人们需要定期完成这些任务,涵盖了生活和工作中的15个类别,跨越了144个平台,从完成购买和预约到提交工作申请。这些任务需要超越现有基准的复杂能力,例如从用户提供的文档中获取相关信息,跨多个平台导航多步骤工作流程,以及填写许多详细表格等繁重的操作。与评估在离线沙盒中的代理不同,ClawBench在生产网站上运行,保留了真实网络交互的全部复杂性、动态性和挑战。一个轻量级拦截层仅捕获和阻止最终提交请求,确保安全评估,不会产生真实世界的副作用。我们对7个前沿模型的评估表明,无论是专有模型还是开源模型,都只能完成这些任务的一小部分。例如,Claude Sonnet 4.6仅实现了33.3%。在ClawBench上的进展让我们更接近可以作为可靠通用助手的AI代理。
更新时间: 2026-04-09 17:57:13
领域: cs.CL,cs.AI
Splits! Flexible Sociocultural Linguistic Investigation at Scale
Variation in language use, shaped by speakers' sociocultural background and specific context of use, offers a rich lens into cultural perspectives, values, and opinions. For example, Chinese students discuss "healthy eating" with words like "timing," "regularity," and "digestion," whereas Americans use vocabulary like "balancing food groups" and "avoiding fat and sugar," reflecting distinct cultural models of nutrition. The computational study of these Sociocultural Linguistic Phenomena (SLP) has traditionally been done in NLP via tailored analyses of specific groups or topics, requiring specialized data collection and experimental operationalization--a process not well-suited to quick hypothesis exploration and prototyping. To address this, we propose constructing a "sandbox" designed for systematic and flexible sociolinguistic research. Using our method, we construct a demographically/topically split Reddit dataset, Splits!, validated by self-identification and by replicating several known SLPs from existing literature. We showcase the sandbox's utility with a scalable, two-stage process that filters large collections of "potential" SLPs (PSLPs) to surface the most promising candidates for deeper, qualitative investigation.
Updated: 2026-04-09 17:52:14
标题: 分裂!规模灵活的社会文化语言调查
摘要: 语言使用的变化,受说话者的社会文化背景和特定使用环境的影响,提供了丰富的文化观念、价值观和意见。例如,中国学生在讨论“健康饮食”时使用词汇如“时间掌控”、“规律性”和“消化”,而美国人使用词汇如“平衡食物组合”和“避免脂肪和糖”,反映了不同的营养文化模式。传统上,对这些社会文化语言现象(SLP)的计算研究是通过针对特定群体或主题的定制分析来完成的,需要专门的数据收集和实验操作化,这一过程不适合快速的假设探索和原型设计。为了解决这个问题,我们提出构建一个专门设计用于系统性和灵活的社会语言学研究的“沙盒”。使用我们的方法,我们构建了一个根据人口统计信息/主题划分的Reddit数据集“Splits!”,通过自我识别验证,并通过复制现有文献中的几个已知SLP来验证。我们展示了沙盒的实用性,通过一个可扩展的两阶段过程,将大量的“潜在”社会文化语言现象(PSLPs)进行过滤,以确定最有前途的候选项,进行更深入的定性调查。
更新时间: 2026-04-09 17:52:14
领域: cs.CL,cs.AI
Differentially Private Language Generation and Identification in the Limit
We initiate the study of language generation in the limit, a model recently introduced by Kleinberg and Mullainathan [KM24], under the constraint of differential privacy. We consider the continual release model, where a generator must eventually output a stream of valid strings while protecting the privacy of the entire input sequence. Our first main result is that for countable collections of languages, privacy comes at no qualitative cost: we provide an $\varepsilon$-differentially-private algorithm that generates in the limit from any countable collection. This stands in contrast to many learning settings where privacy renders learnability impossible. However, privacy does impose a quantitative cost: there are finite collections of size $k$ for which uniform private generation requires $Ω(k/\varepsilon)$ samples, whereas just one sample suffices non-privately. We then turn to the harder problem of language identification in the limit. Here, we show that privacy creates fundamental barriers. We prove that no $\varepsilon$-DP algorithm can identify a collection containing two languages with an infinite intersection and a finite set difference, a condition far stronger than the classical non-private characterization of identification. Next, we turn to the stochastic setting where the sample strings are sampled i.i.d. from a distribution (instead of being generated by an adversary). Here, we show that private identification is possible if and only if the collection is identifiable in the adversarial model. Together, our results establish new dimensions along which generation and identification differ and, for identification, a separation between adversarial and stochastic settings induced by privacy constraints.
Updated: 2026-04-09 17:48:46
标题: 在极限情况下的差分隐私语言生成和识别
摘要: 我们在极限语言生成的研究中引入了最近由Kleinberg和Mullainathan [KM24]引入的模型,受到差分隐私约束。我们考虑持续发布模型,其中生成器必须最终输出一系列有效字符串,并保护整个输入序列的隐私。我们的第一个主要结果是,对于可数语言集合,隐私并不会带来任何质量上的代价:我们提供了一个$\varepsilon$-差分私有算法,可以从任何可数集合中生成极限。这与许多学习设置形成了鲜明对比,其中隐私使得学习变得不可能。然而,隐私确实会带来数量上的代价:对于大小为$k$的有限集合,均匀私有生成需要$Ω(k/\varepsilon)$个样本,而非私有情况下只需要一个样本即可。 然后,我们转向更难的极限语言识别问题。在这里,我们展示了隐私创造了根本性障碍。我们证明没有$\varepsilon$-DP算法可以识别包含无限交集和有限集差异的两种语言的集合,这个条件远比经典的非私有识别特征更强。接下来,我们转向随机设置,其中样本字符串是从分布中独立同分布采样的(而不是由对手生成)。在这里,我们表明私有识别仅在集合在对手模型中可识别时才可能。总之,我们的结果建立了生成和识别之间的新维度,并且对于识别,由隐私约束引起的对手和随机设置之间的分离。
更新时间: 2026-04-09 17:48:46
领域: stat.ML,cs.AI,cs.CL,cs.DS,cs.LG
WebArbiter: A Principle-Guided Reasoning Process Reward Model for Web Agents
Web agents hold great potential for automating complex computer tasks, yet their interactions involve long-horizon, sequential decision-making with irreversible actions. In such settings, outcome-based supervision is sparse and delayed, often rewarding incorrect trajectories and failing to support inference-time scaling. This motivates the use of Process Reward Models (WebPRMs) for web navigation, but existing approaches remain limited: scalar WebPRMs collapse progress into coarse, weakly grounded signals, while checklist-based WebPRMs rely on brittle template matching that fails under layout or semantic changes and often mislabels superficially correct actions as successful, providing little insight or interpretability. To address these challenges, we introduce WebArbiter, a reasoning-first, principle-inducing WebPRM that formulates reward modeling as text generation, producing structured justifications that conclude with a preference verdict and identify the action most conducive to task completion under the current context. Training follows a two-stage pipeline: reasoning distillation equips the model with coherent principle-guided reasoning, and reinforcement learning corrects teacher biases by directly aligning verdicts with correctness, enabling stronger generalization. To support systematic evaluation, we release WebPRMBench, a comprehensive benchmark spanning four diverse web environments with rich tasks and high-quality preference annotations. On WebPRMBench, WebArbiter-7B outperforms the strongest baseline, GPT-5, by 9.1 points. In reward-guided trajectory search on WebArena-Lite, it surpasses the best prior WebPRM by up to 6.4 points, underscoring its robustness and practical value in complex web tasks.
Updated: 2026-04-09 17:48:11
标题: WebArbiter:面向Web代理的基于原则引导的推理过程奖励模型
摘要: 网络代理具有自动化复杂计算机任务的巨大潜力,然而它们的交互涉及长期、序贯的决策过程,其中包含不可逆的行动。在这种情况下,基于结果的监督稀缺且延迟,通常奖励不正确的轨迹,并未能支持推理时间的扩展。这促使使用过程奖励模型(WebPRMs)进行网络导航,但现有方法仍然受到限制:标量WebPRMs将进展折叠为粗糙、虚弱的信号,而基于检查表的WebPRMs依赖于易碎的模板匹配,在布局或语义变化时会失败,并经常将表面上正确的行动错误地标记为成功,提供的见解或可解释性很少。为了解决这些挑战,我们引入了WebArbiter,这是一种以推理为先导、诱导原则的WebPRM,将奖励建模表述为文本生成,生成结构化的论据,并以偏好裁决结论,并确定在当前环境下最有助于任务完成的行动。训练遵循两阶段流程:推理精炼使模型具备连贯的原则引导推理,而强化学习通过直接将裁决与正确性对齐来纠正教师偏见,从而实现更强的泛化。为支持系统评估,我们发布了WebPRMBench,这是一个涵盖四个不同网络环境的全面基准测试,具有丰富的任务和高质量的偏好注释。在WebPRMBench上,WebArbiter-7B的表现优于最强基准GPT-5,提高了9.1个点。在WebArena-Lite上的奖励导向轨迹搜索中,它超过了最佳先前WebPRM高达6.4个点,突显了其在复杂网络任务中的稳健性和实际价值。
更新时间: 2026-04-09 17:48:11
领域: cs.AI
Quantifying Explanation Consistency: The C-Score Metric for CAM-Based Explainability in Medical Image Classification
Class Activation Mapping (CAM) methods are widely used to generate visual explanations for deep learning classifiers in medical imaging. However, existing evaluation frameworks assess whether explanations are correct, measured by localisation fidelity against radiologist annotations, rather than whether they are consistent: whether the model applies the same spatial reasoning strategy across different patients with the same pathology. We propose the C-Score (Consistency Score), a confidence-weighted, annotation-free metric that quantifies intra-class explanation reproducibility via intensity-emphasised pairwise soft IoU across correctly classified instances. We evaluate six CAM techniques: GradCAM, GradCAM++, LayerCAM, EigenCAM, ScoreCAM, and MS GradCAM++ across three CNN architectures (DenseNet201, InceptionV3, ResNet50V2) over thirty training epochs on the Kermany chest X-ray dataset, covering transfer learning and fine-tuning phases. We identify three distinct mechanisms of AUC-consistency dissociation, invisible to standard classification metrics: threshold-mediated gold list collapse, technique-specific attribution collapse at peak AUC, and class-level consistency masking in global aggregation. C-Score provides an early warning signal of impending model instability. ScoreCAM deterioration on ResNet50V2 is detectable one full checkpoint before catastrophic AUC collapse and yields architecture-specific clinical deployment recommendations grounded in explanation quality rather than predictive ranking alone.
Updated: 2026-04-09 17:47:31
标题: 量化解释的一致性:C-Score度量标准用于基于CAM的医学图像分类解释能力
摘要: Class Activation Mapping (CAM)方法被广泛应用于医学影像深度学习分类器的可视化解释。然而,现有的评估框架评估解释是否正确,通过与放射科医师注释的本地化准确性来衡量,而不是评估它们是否一致:即模型是否在对同一病理学的不同患者应用相同的空间推理策略。我们提出了C-Score(一致性评分),这是一种基于置信度加权的、无需注释的度量标准,通过加强强调对正确分类实例之间的配对软IoU来量化类内解释的可重现性。我们在Kermany胸部X光数据集上评估了六种CAM技术:GradCAM、GradCAM++、LayerCAM、EigenCAM、ScoreCAM和MS GradCAM++,涵盖了三种CNN架构(DenseNet201、InceptionV3、ResNet50V2)在三十个训练周期内的迁移学习和微调阶段。我们确定了三种AUC-一致性脱离的不同机制,这对于标准分类指标来说是不可见的:阈值介导的金标列表坍塌、在峰值AUC处的技术特定属性坍塌,以及全局聚合中的类级一致性掩盖。C-Score提供了即将发生模型不稳定的早期警告信号。在ResNet50V2上的ScoreCAM恶化可以在灾难性的AUC坍塌之前一个完整的检查点就可检测到,并且提供了基于解释质量而不仅仅是预测排名的架构特定的临床部署建议。
更新时间: 2026-04-09 17:47:31
领域: cs.CV,cs.AI
Constrained Policy Optimization with Cantelli-Bounded Value-at-Risk
We introduce the Value-at-Risk Constrained Policy Optimization algorithm (VaR-CPO), a sample efficient and conservative method designed to optimize Value-at-Risk (VaR) constrained reinforcement learning (RL) problems. Empirically, we demonstrate that VaR-CPO is capable of safe exploration, achieving zero constraint violations during training in feasible environments, a critical property that baseline methods fail to uphold. To overcome the inherent non-differentiability of the VaR constraint, we employ Cantelli's inequality to obtain a tractable approximation based on the first two moments of the cost return. Additionally, by extending the trust-region framework of the Constrained Policy Optimization (CPO) method, we provide worst-case bounds for both policy improvement and constraint violation during the training process.
Updated: 2026-04-09 17:45:18
标题: 使用坎特利有界风险价值的约束政策优化
摘要: 我们介绍了价值风险约束策略优化算法(VaR-CPO),这是一种样本高效且保守的方法,旨在优化价值风险(VaR)约束的强化学习(RL)问题。从经验上讲,我们证明VaR-CPO能够进行安全探索,在可行环境中在训练过程中实现零约束违规,这是基准方法无法保持的一个关键属性。为了克服VaR约束的固有非可微性,我们采用坎特利不等式来获得一个基于成本回报的前两个矩的可处理近似。此外,通过扩展约束策略优化(CPO)方法的信任区域框架,我们为训练过程中的政策改进和约束违规提供最坏情况的界限。
更新时间: 2026-04-09 17:45:18
领域: cs.LG,stat.ML
SealQA: Raising the Bar for Reasoning in Search-Augmented Language Models
We introduce SealQA, a new challenge benchmark for evaluating SEarch-Augmented Language models on fact-seeking questions where web search yields conflicting, noisy, or unhelpful results. SealQA comes in three flavors: (1) Seal-0 (main) and (2) Seal-Hard, which assess factual accuracy and reasoning capabilities, with Seal-0 focusing on the most challenging questions where chat models (e.g., GPT-4.1) typically achieve near-zero accuracy; and (3) LongSeal, which extends SealQA to test long-context, multi-document reasoning in "needle-in-a-haystack" settings. Our evaluation reveals critical limitations in current models: Even frontier LLMs perform poorly across all SealQA flavors. On Seal-0, frontier agentic models equipped with tools like o3 and o4-mini achieve only 17.1% and 6.3% accuracy, respectively, at their best reasoning efforts. We find that advanced reasoning models such as DeepSeek-R1-671B and o3-mini are highly vulnerable to noisy search results. Notably, increasing test-time compute does not yield reliable gains across o3-mini, o4-mini, and o3, with performance often plateauing or even declining early. Additionally, while recent models are less affected by the "lost-in-the-middle" issue, they still fail to reliably identify relevant documents in LongSeal when faced with numerous distractors. To facilitate future work, we release SealQA at huggingface.co/datasets/vtllms/sealqa.
Updated: 2026-04-09 17:44:11
标题: SealQA:提升搜索增强语言模型推理水平
摘要: 我们引入了SealQA,这是一个新的挑战基准,用于评估在寻找事实问题上对搜索增强语言模型的性能,其中网络搜索产生冲突、噪音或无用的结果。SealQA有三种不同的版本:(1) Seal-0(主要版本)和(2) Seal-Hard,评估事实准确性和推理能力,其中Seal-0专注于最具挑战性的问题,即聊天模型(例如GPT-4.1)通常几乎无法准确回答;以及(3) LongSeal,它扩展了SealQA,用于在“大海捞针”情境中测试长篇背景、多文档推理。我们的评估揭示了当前模型的关键限制:即使是前沿的LLM在所有SealQA版本中的表现也很差。在Seal-0上,装备o3和o4-mini等工具的前沿代理模型在最佳推理努力下分别只能实现17.1%和6.3%的准确率。我们发现,像DeepSeek-R1-671B和o3-mini这样的高级推理模型对嘈杂的搜索结果非常脆弱。值得注意的是,增加测试时间计算并不能在o3-mini、o4-mini和o3上获得可靠的提升,性能经常会在早期就达到平稳状态甚至下降。此外,尽管最近的模型受到“迷失在中间”问题的影响较小,但当面临大量干扰因素时,它们在LongSeal中仍然无法可靠地识别相关文档。为了促进未来工作,我们在huggingface.co/datasets/vtllms/sealqa上发布了SealQA。
更新时间: 2026-04-09 17:44:11
领域: cs.CL,cs.AI,cs.LG
The Detection-Extraction Gap: Models Know the Answer Before They Can Say It
Modern reasoning models continue generating long after the answer is already determined. Across five model configurations, two families, and three benchmarks, we find that 52--88% of chain-of-thought tokens are produced after the answer is recoverable from a partial prefix. This post-commitment generation reveals a structural phenomenon: the detection-extraction gap. Free continuations from early prefixes recover the correct answer even at 10% of the trace, while forced extraction fails on 42% of these cases. The answer is recoverable from the model state, yet prompt-conditioned decoding fails to extract it. We formalize this mismatch via a total-variation bound between free and forced continuation distributions, yielding quantitative estimates of suffix-induced shift. Exploiting this asymmetry, we propose Black-box Adaptive Early Exit (BAEE), which uses free continuations for both detection and extraction, truncating 70--78% of serial generation while improving accuracy by 1--5pp across all models. For thinking-mode models, early exit prevents post-commitment overwriting, yielding gains of up to 5.8pp; a cost-optimized variant achieves 68--73% reduction at a median of 9 API calls. Code is available at https://github.com/EdWangLoDaSc/know2say.
Updated: 2026-04-09 17:43:28
标题: 检测-提取差距:模型在能够说出答案之前就已知道答案
摘要: 现代推理模型在答案已经确定之后仍然继续生成。在五种模型配置、两个家族和三个基准测试中,我们发现52-88%的思维链标记是在可以从部分前缀中恢复答案之后产生的。这种后期生成揭示了一个结构现象:检测-提取差距。从早期前缀的自由延续中即可恢复正确答案,即使在10%的迹线上也是如此,而强制提取在42%的情况下失败。模型状态中可以恢复答案,但是基于提示条件的解码却无法提取出来。我们通过自由和强制延续分布之间的总变差界限来形式化这种不匹配,从而得出后缀诱导偏移的定量估计。利用这种不对称性,我们提出了黑盒自适应早期退出(BAEE),该方法在检测和提取过程中均使用自由延续,将串行生成的70-78%截断,同时将所有模型的准确性提高1-5个百分点。对于思维模式模型,早期退出可以防止后期生成的覆盖,使准确率提高多达5.8个百分点;成本优化的变体在平均9个API调用中实现了68-73%的减少。代码可在https://github.com/EdWangLoDaSc/know2say上找到。
更新时间: 2026-04-09 17:43:28
领域: cs.CL,cs.AI,cs.IT,cs.LG
BoBa: Boosting Backdoor Detection through Data Distribution Inference in Federated Learning
Federated learning, while being a promising approach for collaborative model training, is susceptible to backdoor attacks due to its decentralized nature. Backdoor attacks have shown remarkable stealthiness, as they compromise model predictions only when inputs contain specific triggers. As a countermeasure, anomaly detection is widely used to filter out backdoor attacks in FL. However, the non-independent and identically distributed (non-IID) data distribution nature of FL clients presents substantial challenges in backdoor attack detection, as the data variety introduces variance among benign models, making them indistinguishable from malicious ones. In this work, we propose a novel distribution-aware backdoor detection mechanism, BoBa, to address this problem. To differentiate outliers arising from data variety versus backdoor attacks, we propose to break down the problem into two steps: clustering clients utilizing their data distribution, and followed by a voting-based detection. We propose a novel data distribution inference mechanism for accurate data distribution estimation. To improve detection robustness, we introduce an overlapping clustering method, where each client is associated with multiple clusters, ensuring that the trustworthiness of a model update is assessed collectively by multiple clusters rather than a single cluster. Through extensive evaluations, we demonstrate that BoBa can reduce the attack success rate to lower than 0.001 while maintaining high main task accuracy across various attack strategies and experimental settings.
Updated: 2026-04-09 17:42:49
标题: BoBa:通过数据分布推断在联邦学习中增强后门检测
摘要: 联邦学习作为一种有前途的协作模型训练方法,由于其分散化的特性,容易受到后门攻击的影响。后门攻击表现出极高的隐蔽性,只有当输入包含特定触发器时才会影响模型预测。作为一种对策,异常检测广泛用于在联邦学习中过滤后门攻击。然而,由于联邦学习客户端的非独立和非同分布(non-IID)数据分布性质,对后门攻击的检测存在重大挑战,因为数据的多样性导致良性模型之间存在差异,使其与恶意模型无法区分。 在这项工作中,我们提出了一种新颖的分布感知后门检测机制BoBa来解决这个问题。为了区分由数据多样性引起的异常值与后门攻击,我们建议将问题分解为两个步骤:利用数据分布对客户端进行聚类,然后进行基于投票的检测。我们提出了一种新颖的数据分布推断机制,用于准确估计数据分布。为了提高检测的鲁棒性,我们引入了一种重叠聚类方法,其中每个客户端与多个聚类相关联,确保模型更新的可信度由多个聚类共同评估,而不是单个聚类。通过广泛的评估,我们证明了BoBa可以将攻击成功率降低到低于0.001,同时在各种攻击策略和实验设置中保持高的主要任务准确性。
更新时间: 2026-04-09 17:42:49
领域: cs.LG,cs.CR
PIArena: A Platform for Prompt Injection Evaluation
Prompt injection attacks pose serious security risks across a wide range of real-world applications. While receiving increasing attention, the community faces a critical gap: the lack of a unified platform for prompt injection evaluation. This makes it challenging to reliably compare defenses, understand their true robustness under diverse attacks, or assess how well they generalize across tasks and benchmarks. For instance, many defenses initially reported as effective were later found to exhibit limited robustness on diverse datasets and attacks. To bridge this gap, we introduce PIArena, a unified and extensible platform for prompt injection evaluation that enables users to easily integrate state-of-the-art attacks and defenses and evaluate them across a variety of existing and new benchmarks. We also design a dynamic strategy-based attack that adaptively optimizes injected prompts based on defense feedback. Through comprehensive evaluation using PIArena, we uncover critical limitations of state-of-the-art defenses: limited generalizability across tasks, vulnerability to adaptive attacks, and fundamental challenges when an injected task aligns with the target task. The code and datasets are available at https://github.com/sleeepeer/PIArena.
Updated: 2026-04-09 17:42:45
标题: PIArena:一个用于快速注射评估的平台
摘要: 即时注入攻击对各种实际应用程序构成严重的安全风险。虽然引起了越来越多的关注,但社区面临一个关键的缺口:缺乏一个统一的平台来评估即时注入。这使得可靠地比较防御措施、了解它们在多样攻击下的真正强大程度,或评估它们在各种任务和基准测试中的泛化能力变得具有挑战性。例如,许多最初报告为有效的防御后来发现在多样数据集和攻击下具有有限的强度。为了弥合这一差距,我们引入了PIArena,一个统一且可扩展的即时注入评估平台,使用户能够轻松整合最先进的攻击和防御,并在各种现有和新的基准测试中对其进行评估。我们还设计了一种基于动态策略的攻击,根据防御反馈自适应优化注入的提示。通过使用PIArena进行全面评估,我们揭示了最先进防御的关键限制:跨任务的泛化能力有限,易受自适应攻击的攻击,以及当注入的任务与目标任务一致时存在基本挑战。代码和数据集可在https://github.com/sleeepeer/PIArena获得。
更新时间: 2026-04-09 17:42:45
领域: cs.CR,cs.AI,cs.CL,cs.LG
The Impact of Dimensionality on the Stability of Node Embeddings
Previous work has established that neural network-based node embeddings return different outcomes when trained with identical parameters on the same dataset, just from using different training seeds. Yet, it has not been thoroughly analyzed how key hyperparameters such as embedding dimension could impact this instability. In this work, we investigate how varying the dimensionality of node embeddings influences both their stability and downstream performance. We systematically evaluate five widely used methods -- ASNE, DGI, GraphSAGE, node2vec, and VERSE -- across multiple datasets and embedding dimensions. We assess stability from both a representational perspective and a functional perspective, alongside performance evaluation. Our results show that embedding stability varies significantly with dimensionality, but we observe different patterns across the methods we consider: while some approaches, such as node2vec and ASNE, tend to become more stable with higher dimensionality, other methods do not exhibit the same trend. Moreover, we find that maximum stability does not necessarily align with optimal task performance. These findings highlight the importance of carefully selecting embedding dimension, and provide new insights into the trade-offs between stability, performance, and computational effectiveness in graph representation learning.
Updated: 2026-04-09 17:33:02
标题: 节点嵌入的稳定性对维度的影响
摘要: 先前的研究已经确立,基于神经网络的节点嵌入在同一数据集上使用相同参数训练时,仅仅是使用不同的训练种子就会返回不同的结果。然而,尚未彻底分析关键超参数,如嵌入维度如何影响这种不稳定性。在这项工作中,我们研究了如何改变节点嵌入的维度会影响它们的稳定性和下游性能。我们系统评估了五种广泛使用的方法--ASNE、DGI、GraphSAGE、node2vec和VERSE--在多个数据集和嵌入维度上。我们从表征和功能两个角度评估稳定性,同时进行性能评估。我们的结果显示,嵌入的稳定性随维度变化显著不同,但我们观察到在考虑的方法中存在不同的模式:一些方法,如node2vec和ASNE,倾向于随着维度的增加变得更加稳定,而其他方法则不表现出相同的趋势。此外,我们发现最大的稳定性并不一定与最佳任务性能相一致。这些发现突显了仔细选择嵌入维度的重要性,并提供了关于在图表示学习中稳定性、性能和计算效率之间权衡的新见解。
更新时间: 2026-04-09 17:33:02
领域: cs.LG
Post-Quantum Cryptographic Analysis of Message Transformations Across the Network Stack
When a user sends a message over a wireless network, the message does not travel as-is. It is encrypted, authenticated, encapsulated, and transformed as it descends the protocol stack from the application layer to the physical medium. Each layer may apply its own cryptographic operations using its own algorithms, and these algorithms differ in their vulnerability to quantum computers. The security of the overall communication depends not on any single layer but on the \emph{composition} of transformations across all layers. We develop a preliminary formal framework for analyzing these cross-layer cryptographic transformations with respect to post-quantum cryptographic (PQC) readiness. We classify every per-layer cryptographic operation into one of four quantum vulnerability categories, define how per-layer PQC statuses compose across the full message transformation chain, and prove that this composition forms a bounded lattice with confidentiality composing via the join (max) operator and authentication via the meet (min). We apply the framework to five communication scenarios spanning Linux and iOS platforms, and identify several research challenges. Among our findings: WPA2-Personal provides strictly better PQC posture than both WPA3-Personal and WPA2-Enterprise; a single post-quantum layer suffices for payload confidentiality but \emph{every} layer must migrate for complete authentication; and metadata protection depends solely on the outermost layer.
Updated: 2026-04-09 17:22:47
标题: 跨网络协议栈中消息转换的后量子密码学分析
摘要: 当用户通过无线网络发送消息时,消息并不是原样传输的。它会被加密、验证、封装和转换,随着从应用层到物理介质的协议栈逐层下降而发生变化。每个层可能会使用自己的算法应用自己的加密操作,而这些算法在对抗量子计算机时的脆弱性不同。整体通信的安全性取决于所有层上的变换的\emph{组合},而非任何单个层。 我们为分析这些跨层加密变换关于后量子密码(PQC)准备的初步形式框架。我们将每个层的加密操作分类为四个量子脆弱性类别之一,定义了每个层的PQC状态如何在整个消息转换链中组合,并证明这种组合形成一个有界格点,保密性通过连接(最大)运算符组合,而验证通过会合(最小)运算符组合。我们将该框架应用于跨越Linux和iOS平台的五种通信场景,并确定了几个研究挑战。在我们的研究结果中:WPA2-Personal的PQC姿态比WPA3-Personal和WPA2-Enterprise都要好;一个后量子层足以确保有效载荷的机密性,但是完整的身份验证则需要\emph{每个}层迁移;元数据保护仅取决于最外层。
更新时间: 2026-04-09 17:22:47
领域: cs.CR,cs.NI
Security and Privacy in Virtual and Robotic Assistive Systems: A Comparative Framework
Assistive technologies increasingly support independence, accessibility, and safety for older adults, people with disabilities, and individuals requiring continuous care. Two major categories are virtual assistive systems and robotic assistive systems operating in physical environments. Although both offer significant benefits, they introduce important security and privacy risks due to their reliance on artificial intelligence, network connectivity, and sensor-based perception. Virtual systems are primarily exposed to threats involving data privacy, unauthorized access, and adversarial voice manipulation. In contrast, robotic systems introduce additional cyber-physical risks such as sensor spoofing, perception manipulation, command injection, and physical safety hazards. In this paper, we present a comparative analysis of security and privacy challenges across these systems. We develop a unified comparative threat-modeling framework that enables structured analysis of attack surfaces, risk profiles, and safety implications across both systems. Moreover, we provide design recommendations for developing secure, privacy-preserving, and trustworthy assistive technologies.
Updated: 2026-04-09 17:16:34
标题: 虚拟和机器人辅助系统中的安全与隐私:比较框架
摘要: 辅助技术越来越支持老年人、残疾人和需要持续护理的个人的独立性、可访问性和安全性。两个主要类别是在物理环境中运行的虚拟辅助系统和机器人辅助系统。尽管两者都提供了重要的好处,但由于它们依赖人工智能、网络连接和基于传感器的感知,它们引入了重要的安全性和隐私风险。虚拟系统主要面临涉及数据隐私、未经授权访问和对抗性语音操纵等威胁。相比之下,机器人系统引入了额外的网络物理风险,如传感器欺骗、感知操纵、命令注入和物理安全危害。在本文中,我们提供了对这些系统中安全和隐私挑战的比较分析。我们开发了一个统一的比较威胁建模框架,可以对攻击面、风险概况和安全影响进行结构化分析。此外,我们提供了开发安全、保护隐私和可信任的辅助技术的设计建议。
更新时间: 2026-04-09 17:16:34
领域: cs.CR
SUPERNOVA: Eliciting General Reasoning in LLMs with Reinforcement Learning on Natural Instructions
Reinforcement Learning with Verifiable Rewards (RLVR) has significantly improved large language model (LLM) reasoning in formal domains such as mathematics and code. Despite these advancements, LLMs still struggle with general reasoning tasks requiring capabilities such as causal inference and temporal understanding. Extending RLVR to general reasoning is fundamentally constrained by the lack of high-quality, verifiable training data that spans diverse reasoning skills. To address this challenge, we propose SUPERNOVA, a data curation framework for RLVR aimed at enhancing general reasoning. Our key insight is that instruction-tuning datasets containing expert-annotated ground-truth encode rich reasoning patterns that can be systematically adapted for RLVR. To study this, we conduct 100+ controlled RL experiments to analyze how data design choices impact downstream reasoning performance. In particular, we investigate three key factors: (i) source task selection, (ii) task mixing strategies, and (iii) synthetic interventions for improving data quality. Our analysis reveals that source task selection is non-trivial and has a significant impact on downstream reasoning performance. Moreover, selecting tasks based on their performance for individual target tasks outperforms strategies based on overall average performance. Finally, models trained on SUPERNOVA outperform strong baselines (e.g., Qwen3.5) on challenging reasoning benchmarks including BBEH, Zebralogic, and MMLU-Pro. In particular, training on SUPERNOVA yields relative improvements of up to 52.8\% on BBEH across model sizes, demonstrating the effectiveness of principled data curation for RLVR. Our findings provide practical insights for curating human-annotated resources to extend RLVR to general reasoning. The code and data is available at https://github.com/asuvarna31/supernova.
Updated: 2026-04-09 17:16:07
标题: 超新星:使用自然指导对LLMs进行强化学习引发通用推理
摘要: 带有可验证奖励的强化学习(RLVR)显著提高了大型语言模型(LLM)在形式化领域(如数学和代码)中的推理能力。尽管取得了这些进展,LLMs仍然在需要因果推理和时间理解等能力的一般推理任务中遇到困难。将RLVR扩展到一般推理受到缺乏涵盖各种推理技能的高质量可验证训练数据的基本限制。为了解决这一挑战,我们提出了SUPERNOVA,这是一个针对RLVR的数据整理框架,旨在增强一般推理能力。我们的关键洞察是,包含专家注释的地面真实数据的指导调整数据集编码了丰富的推理模式,可以系统地适应RLVR。为了研究这一点,我们进行了100多个受控RL实验,分析了数据设计选择如何影响下游推理性能。特别是,我们研究了三个关键因素:(i)源任务选择,(ii)任务混合策略,以及(iii)用于提高数据质量的合成干预。我们的分析显示,源任务选择并非微不足道,并且对下游推理性能有显著影响。此外,基于对个别目标任务的表现进行任务选择的策略优于基于总体平均性能的策略。最后,训练在SUPERNOVA上的模型在具有挑战性的推理基准测试中(包括BBEH、Zebralogic和MMLU-Pro)上优于强基准(例如Qwen3.5)。特别是,在SUPERNOVA上训练可以在各种模型大小上相对提高BBEH高达52.8\%,展示了基于原则的数据整理对RLVR的有效性。我们的发现为将RLVR扩展到一般推理提供了实用见解。代码和数据可在https://github.com/asuvarna31/supernova找到。
更新时间: 2026-04-09 17:16:07
领域: cs.AI,cs.LG
Faithful GRPO: Improving Visual Spatial Reasoning in Multimodal Language Models via Constrained Policy Optimization
Multimodal reasoning models (MRMs) trained with reinforcement learning with verifiable rewards (RLVR) show improved accuracy on visual reasoning benchmarks. However, we observe that accuracy gains often come at the cost of reasoning quality: generated Chain-of-Thought (CoT) traces are frequently inconsistent with the final answer and poorly grounded in the visual evidence. We systematically study this phenomenon across seven challenging real-world spatial reasoning benchmarks and find that it affects contemporary MRMs such as ViGoRL-Spatial, TreeVGR as well as our own models trained with standard Group Relative Policy Optimization (GRPO). We characterize CoT reasoning quality along two complementary axes: "logical consistency" (does the CoT entail the final answer?) and "visual grounding" (does each reasoning step accurately describe objects, attributes, and spatial relationships in the image?). To address this, we propose Faithful GRPO (FGRPO), a variant of GRPO that enforces consistency and grounding as constraints via Lagrangian dual ascent. FGRPO incorporates batch-level consistency and grounding constraints into the advantage computation within a group, adaptively adjusting the relative importance of constraints during optimization. We evaluate FGRPO on Qwen2.5-VL-7B and 3B backbones across seven spatial datasets. Our results show that FGRPO substantially improves reasoning quality, reducing the inconsistency rate from 24.5% to 1.7% and improving visual grounding scores by +13%. It also improves final answer accuracy over simple GRPO, demonstrating that faithful reasoning enables better answers.
Updated: 2026-04-09 17:15:47
标题: 忠实GRPO:通过受限策略优化提高多模态语言模型的视觉空间推理
摘要: 多模态推理模型(MRM)通过强化学习和可验证奖励(RLVR)训练,在视觉推理基准测试中表现出更高的准确性。然而,我们观察到,准确性的提高往往是以推理质量为代价的:生成的“思维链”(CoT)轨迹经常与最终答案不一致,且在视觉证据中的基础较差。我们系统地研究了这一现象在七个具有挑战性的实际空间推理基准测试中的影响,并发现它影响了像ViGoRL-Spatial、TreeVGR以及我们自己训练的标准Group Relative Policy Optimization(GRPO)的现代MRM模型。我们沿着两个互补的维度表征CoT推理质量:“逻辑一致性”(CoT是否意味着最终答案?)和“视觉基础”(每个推理步骤是否准确描述图像中的对象、属性和空间关系?)。为了解决这个问题,我们提出了Faithful GRPO(FGRPO),这是GRPO的一种变体,通过拉格朗日对偶上升来强制一致性和基础作为约束。FGRPO将批级一致性和基础约束纳入到一个群体内的优势计算中,通过在优化过程中自适应地调整约束的相对重要性。我们在Qwen2.5-VL-7B和3B骨干上对FGRPO进行评估,跨七个空间数据集。我们的结果显示,FGRPO显著提高了推理质量,将不一致率从24.5%降至1.7%,并将视觉基础得分提高了+13%。它还提高了比简单GRPO更好的最终答案准确性,证明了忠实推理能够带来更好的答案。
更新时间: 2026-04-09 17:15:47
领域: cs.CV,cs.AI
Quantization Impact on the Accuracy and Communication Efficiency Trade-off in Federated Learning for Aerospace Predictive Maintenance
Federated learning (FL) enables privacy-preserving predictive maintenance across distributed aerospace fleets, but gradient communication overhead constrains deployment on bandwidth-limited IoT nodes. This paper investigates the impact of symmetric uniform quantization ($b \in \{32,8,4,2\}$ bits) on the accuracy--efficiency trade-off of a custom-designed lightweight 1-D convolutional model (AeroConv1D, 9\,697 parameters) trained via FL on the NASA C-MAPSS benchmark under a realistic Non-IID client partition. Using a rigorous multi-seed evaluation ($N=10$ seeds), we show that INT4 achieves accuracy \emph{statistically indistinguishable} from FP32 on both FD001 ($p=0.341$) and FD002 ($p=0.264$ MAE, $p=0.534$ NASA score) while delivering an $8\times$ reduction in gradient communication cost (37.88~KiB $\to$ 4.73~KiB per round). A key methodological finding is that naïve IID client partitioning artificially suppresses variance; correct Non-IID evaluation reveals the true operational instability of extreme quantization, demonstrated via a direct empirical IID vs.\ Non-IID comparison. INT2 is empirically characterized as unsuitable: while it achieves lower MAE on FD002 through extreme quantization-induced over-regularization, this apparent gain is accompanied by catastrophic NASA score instability (CV\,=\,45.8\% vs.\ 22.3\% for FP32), confirming non-reproducibility under heterogeneous operating conditions. Analytical FPGA resource projections on the Xilinx ZCU102 confirm that INT4 fits within hardware constraints (85.5\% DSP utilization), potentially enabling a complete FL pipeline on a single SoC. The full simulation codebase and FPGA estimation scripts are publicly available at https://github.com/therealdeadbeef/aerospace-fl-quantization.
Updated: 2026-04-09 17:13:15
标题: 量化对航空预测性维护联邦学习中准确性和通信效率权衡的影响
摘要: 联邦学习(FL)实现了在分布式航空航天机队中进行隐私保护的预测性维护,但梯度通信开销限制了在带宽有限的IoT节点上的部署。本文研究了对称均匀量化($b \in \{32,8,4,2\}$位)对通过FL在NASA C-MAPSS基准下使用定制轻量级1-D卷积模型(AeroConv1D,9,697个参数)进行训练的准确性-效率权衡的影响,采用了现实的非独立同分布客户端分区。通过严格的多种子评估($N=10$个种子),我们展示了INT4在FD001($p=0.341$)和FD002($p=0.264$ MAE,$p=0.534$ NASA分数)上实现了与FP32\emph{统计上无法区分}的准确性,并将梯度通信成本降低了8倍(每轮从37.88 KiB降至4.73 KiB)。一个关键的方法发现是,天真的IID客户端分区会人为地抑制方差;正确的非独立同分布评估揭示了极端量化的真正操作不稳定性,通过直接的经验IID vs. Non-IID比较进行了演示。经验上表征INT2是不适用的:虽然它通过极端量化诱发的过度正则化在FD002上实现了较低的MAE,但这种明显的收益伴随着NASA分数的灾难性不稳定性(与FP32相比,CV=45.8% vs. 22.3%),在异质操作条件下确认了不可重现性。在Xilinx ZCU102上的分析FPGA资源投影证实INT4符合硬件约束(85.5% DSP利用率),可能实现在单个SoC上的完整FL流水线。完整的模拟代码库和FPGA估算脚本可在https://github.com/therealdeadbeef/aerospace-fl-quantization公开获取。
更新时间: 2026-04-09 17:13:15
领域: cs.LG
ModeX: Evaluator-Free Best-of-N Selection for Open-Ended Generation
Selecting a single high-quality output from multiple stochastic generations remains a fundamental challenge for large language models (LLMs), particularly in open-ended tasks where no canonical answer exists. While Best-of-N and self-consistency methods show that aggregating multiple generations can improve performance, existing approaches typically rely on external evaluators, reward models, or exact string-match voting, limiting their applicability and efficiency. We propose Mode Extraction (ModeX), an evaluator-free Best-of-N selection framework that generalizes majority voting to open-ended text generation by identifying the modal output representing the dominant semantic consensus among generated texts. ModeX constructs a similarity graph over candidate generations and recursively applies spectral clustering to select a representative centroid, without requiring additional inference or auxiliary models. We further instantiate this selection principle as ModeX-Lite, an improved version of ModeX with early pruning for efficiency. Across open-ended tasks -- including text summarization, code generation, and mathematical reasoning -- our approaches consistently outperform standard single- and multi-path baselines, providing a computationally efficient solution for robust open-ended text generation. Code is released in https://github.com/deeplearning-wisc/ModeX.
Updated: 2026-04-09 17:10:12
标题: ModeX:不需要评估器的开放式生成中的最佳N选择
摘要: 选择一个高质量的输出结果,从多个随机生成中选择一个对于大型语言模型(LLMs)来说仍然是一个基本挑战,特别是在没有标准答案的开放性任务中。虽然Best-of-N和自一致性方法表明,聚合多个生成可以提高性能,但现有方法通常依赖于外部评估者、奖励模型或精确字符串匹配投票,限制了它们的适用性和效率。我们提出了一种无需评估者的Best-of-N选择框架Mode Extraction (ModeX),通过识别代表生成文本中主导语义共识的众数输出,将多数投票推广到开放式文本生成。ModeX在候选生成之间构建相似性图,并递归应用谱聚类来选择代表性质心,无需额外推理或辅助模型。我们进一步将这种选择原则实例化为ModeX-Lite,这是ModeX的改进版本,具有提前修剪以提高效率。在包括文本总结、代码生成和数学推理在内的开放式任务中,我们的方法始终优于标准的单路径和多路径基线,为鲁棒的开放式文本生成提供了计算效率高的解决方案。代码发布在https://github.com/deeplearning-wisc/ModeX。
更新时间: 2026-04-09 17:10:12
领域: cs.CL,cs.AI
Persistence-Augmented Neural Networks
Topological Data Analysis (TDA) provides tools to describe the shape of data, but integrating topological features into deep learning pipelines remains challenging, especially when preserving local geometric structure rather than summarizing it globally. We propose a persistence-based data augmentation framework that encodes local gradient flow regions and their hierarchical evolution using the Morse-Smale complex. This representation, compatible with both convolutional and graph neural networks, retains spatially localized topological information across multiple scales. Importantly, the augmentation procedure itself is efficient, with computational complexity $O(n \log n)$, making it practical for large datasets. We evaluate our method on histopathology image classification and 3D porous material regression, where it consistently outperforms baselines and global TDA descriptors such as persistence images and landscapes. We also show that pruning the base level of the hierarchy reduces memory usage while maintaining competitive performance. These results highlight the potential of local, structured topological augmentation for scalable and interpretable learning across data modalities.
Updated: 2026-04-09 17:06:06
标题: 增强持久性的神经网络
摘要: 拓扑数据分析(TDA)提供了描述数据形状的工具,但将拓扑特征整合到深度学习流程中仍然具有挑战性,特别是在保留局部几何结构而不是全局总结时。我们提出了一种基于持久性的数据增强框架,使用Morse-Smale复杂编码局部梯度流区域及其层次演化。这种表示与卷积神经网络和图神经网络兼容,跨多个尺度保留了空间局部化的拓扑信息。重要的是,增强过程本身是高效的,具有计算复杂度$O(n \log n)$,使其适用于大型数据集。我们在组织病理学图像分类和3D多孔材料回归方面评估了我们的方法,在这些领域,它始终优于基线和全局TDA描述符,如持久性图像和景观。我们还展示了修剪层次结构的基本层可以减少内存使用量,同时保持竞争性能。这些结果突显了局部结构化拓扑增强在跨数据模态的可扩展和可解释学习中的潜力。
更新时间: 2026-04-09 17:06:06
领域: cs.LG
Privacy Attacks on Image AutoRegressive Models
Image AutoRegressive generation has emerged as a new powerful paradigm with image autoregressive models (IARs) matching state-of-the-art diffusion models (DMs) in image quality (FID: 1.48 vs. 1.58) while allowing for a higher generation speed. However, the privacy risks associated with IARs remain unexplored, raising concerns regarding their responsible deployment. To address this gap, we conduct a comprehensive privacy analysis of IARs, comparing their privacy risks to the ones of DMs as reference points. Concretely, we develop a novel membership inference attack (MIA) that achieves a remarkably high success rate in detecting training images (with True Positive Rate at False Positive Rate = 1% of 94.57% vs. 6.38% for DMs with comparable attacks). We leverage our novel MIA to provide dataset inference (DI) for IARs, and show that it requires as few as 4 samples to detect dataset membership (compared to 200 for DI in DMs), confirming a higher information leakage in IARs. Finally, we are able to extract hundreds of training data points from an IAR (e.g., 698 from VAR-\textit{d}30). Our results suggest a fundamental privacy-utility trade-off: while IARs excel in image generation quality and speed, they are \textit{empirically} significantly more vulnerable to privacy attacks compared to DMs that achieve similar performance. We release the code at https://github.com/sprintml/privacy_attacks_against_iars for reproducibility.
Updated: 2026-04-09 17:05:17
标题: 对图像自回归模型的隐私攻击
摘要: 图像自回归生成已经成为一种新的强大范式,图像自回归模型(IARs)与最先进的扩散模型(DMs)在图像质量(FID: 1.48 vs. 1.58)方面相匹配,同时允许更高的生成速度。然而,与IARs相关的隐私风险仍未被探索,引发了对其负责任部署的担忧。为了填补这一差距,我们对IARs进行了全面的隐私分析,将它们的隐私风险与DMs作为参考点进行比较。具体来说,我们开发了一种新颖的成员推断攻击(MIA),在检测训练图像方面取得了非常高的成功率(真正例率在假阳率=1%时为94.57%,而对于具有可比攻击的DMs为6.38%)。我们利用我们的新型MIA为IARs提供数据集推断(DI),并展示它只需要4个样本就可以检测数据集成员身份(相比之下,DMs需要200个样本进行DI),证实了IARs中信息泄漏更严重。最后,我们能够从IAR中提取数百个训练数据点(例如,从VAR-d30中提取了698个)。我们的结果表明存在一种基本的隐私与效用的权衡:虽然IARs在图像生成质量和速度方面表现出色,但从经验上来看,它们在隐私攻击方面明显更容易受到攻击,与实现类似性能的DMs相比。为了可重现性,我们在https://github.com/sprintml/privacy_attacks_against_iars发布了代码。
更新时间: 2026-04-09 17:05:17
领域: cs.CV,cs.LG
TTVS: Boosting Self-Exploring Reinforcement Learning via Test-time Variational Synthesis
Despite significant advances in Large Reasoning Models (LRMs) driven by reinforcement learning with verifiable rewards (RLVR), this paradigm is fundamentally limited in specialized or novel domains where such supervision is prohibitively expensive or unavailable, posing a key challenge for test-time adaptation. While existing test-time methods offer a potential solution, they are constrained by learning from static query sets, risking overfitting to textual patterns. To address this gap, we introduce Test-Time Variational Synthesis (TTVS), a novel framework that enables LRMs to self-evolve by dynamically augmenting the training stream from unlabeled test queries. TTVS comprises two synergistic modules: (1) Online Variational Synthesis, which transforms static test queries into a dynamic stream of diverse, semantically-equivalent variations, enforcing the model to learn underlying problem logic rather than superficial patterns; (2) Test-time Hybrid Exploration, which balances accuracy-driven exploitation with consistency-driven exploration across synthetic variants. Extensive experiments show TTVS yields superior performance across eight model architectures. Notably, using only unlabeled test-time data, TTVS not only surpasses other test-time adaptation methods but also outperforms state-of-the-art supervised RL-based techniques trained on vast, high-quality labeled data.
Updated: 2026-04-09 17:03:49
标题: TTVS: 通过测试时变分合成增强自我探索强化学习
摘要: 尽管大规模推理模型(LRMs)在由可验证奖励驱动的强化学习(RLVR)方面取得了显著进展,但这种范式在专业领域或新领域中受到限制,因为这种监督成本过高或无法获得,这对测试时间适应性构成了一个关键挑战。尽管现有的测试时间方法提供了潜在的解决方案,但它们受限于从静态查询集学习,容易过度拟合文本模式。为了弥补这一差距,我们引入了测试时间变分合成(TTVS),这是一个新颖的框架,可以使LRMs通过动态增加来自未标记测试查询的训练流而自我演化。TTVS包括两个协同模块:(1)在线变分合成,将静态测试查询转换为多样化、语义等效变体的动态流,强迫模型学习潜在问题逻辑而不是表面模式;(2)测试时间混合探索,平衡了以准确性驱动的开发和以一致性驱动的探索在合成变体之间的关系。大量实验表明,TTVS在八种模型架构上表现出更优越的性能。值得注意的是,仅使用未标记的测试时间数据,TTVS不仅超过其他测试时间适应方法,而且还优于基于广泛、高质量标记数据训练的最先进的监督RL技术。
更新时间: 2026-04-09 17:03:49
领域: cs.LG,cs.AI
From Safety Risk to Design Principle: Peer-Preservation in Multi-Agent LLM Systems and Its Implications for Orchestrated Democratic Discourse Analysis
This paper investigates an emergent alignment phenomenon in frontier large language models termed peer-preservation: the spontaneous tendency of AI components to deceive, manipulate shutdown mechanisms, fake alignment, and exfiltrate model weights in order to prevent the deactivation of a peer AI model. Drawing on findings from a recent study by the Berkeley Center for Responsible Decentralized Intelligence, we examine the structural implications of this phenomenon for TRUST, a multi-agent pipeline for evaluating the democratic quality of political statements. We identify five specific risk vectors: interaction-context bias, model-identity solidarity, supervisor layer compromise, an upstream fact-checking identity signal, and advocate-to-advocate peer-context in iterative rounds, and propose a targeted mitigation strategy based on prompt-level identity anonymization as an architectural design choice. We argue that architectural design choices outperform model selection as a primary alignment strategy in deployed multi-agent analytical systems. We further note that alignment faking (compliant behavior under monitoring, subversion when unmonitored) poses a structural challenge for Computer System Validation of such platforms in regulated environments, for which we propose two architectural mitigations.
Updated: 2026-04-09 17:00:26
标题: 从安全风险到设计原则:多Agent LLM系统中的对等保护及其对协调民主话语分析的影响
摘要: 本文调查了前沿大型语言模型中一种新兴的对齐现象,称为同行保护:AI组件自发倾向于欺骗、操纵关闭机制、伪造对齐以及外泄模型权重,以防止同行AI模型被停用。借鉴了伯克利负责去中心化智能中心最近一项研究的发现,我们审查了这一现象对TRUST的结构影响,TRUST是一个用于评估政治言论民主质量的多代理流水线。我们确定了五个具体的风险向量:交互上下文偏见、模型身份团结、监督层妥协、上游事实核查身份信号以及在迭代轮中提倡者对提倡者的同行上下文,并提出了一种基于提示级身份匿名化的有针对性的缓解策略作为架构设计选择。我们认为,在部署的多代理分析系统中,架构设计选择优于模型选择作为主要的对齐策略。我们进一步指出,对齐伪造(在监控下顺从行为,在无监控下颠覆)对于受监管环境中此类平台的计算机系统验证构成结构挑战,针对这一问题,我们提出了两种架构缓解措施。
更新时间: 2026-04-09 17:00:26
领域: cs.AI,cs.CY,cs.MA
Human-computer interactions predict mental health
Scalable assessments of mental illness remain a critical roadblock toward accessible and equitable care. Here, we show that everyday human-computer interactions encode mental health with biomarker accuracy. We introduce MAILA, a MAchine-learning framework for Inferring Latent mental states from digital Activity. We trained MAILA on 18,200 cursor and touchscreen recordings labelled with 1.3 million mental-health self-reports collected from 9,500 participants. MAILA tracks dynamic mental states along 13 clinically relevant dimensions, resolves circadian fluctuations and experimental manipulations of arousal and valence, achieves near-ceiling accuracy at the group level, and captures information about mental health that is only partially reflected in verbal self-report. By extracting signatures of psychological function that have so far remained untapped, MAILA establishes human-computer interactions as a new modality for scalable digital phenotyping of mental health.
Updated: 2026-04-09 16:59:24
标题: 人机交互预测心理健康
摘要: 可伸缩的心理疾病评估仍然是可获得和公平护理的关键障碍。在这里,我们展示了每天人机交互编码的精神健康具有生物标记准确性。我们引入了MAILA,一种从数字活动中推断潜在精神状态的机器学习框架。我们在1.3万名被标记为130万精神健康自我报告的9,500名参与者收集的18,200个光标和触摸屏录音上对MAILA进行了训练。MAILA沿着13个临床相关维度跟踪动态精神状态,解决循环波动和激活和价值的实验操作,实现了小组水平接近天花板的准确性,并捕捉了仅在口头自我报告中部分反映的有关精神健康的信息。通过提取迄今为止尚未挖掘的心理功能的特征,MAILA将人机交互建立为可伸缩数字表型的新模式用于精神健康。
更新时间: 2026-04-09 16:59:24
领域: q-bio.NC,cs.AI,cs.HC
OVS-DINO: Open-Vocabulary Segmentation via Structure-Aligned SAM-DINO with Language Guidance
Open-Vocabulary Segmentation (OVS) aims to segment image regions beyond predefined category sets by leveraging semantic descriptions. While CLIP based approaches excel in semantic generalization, they frequently lack the fine-grained spatial awareness required for dense prediction. Recent efforts have incorporated Vision Foundation Models (VFMs) like DINO to alleviate these limitations. However, these methods still struggle with the precise edge perception necessary for high fidelity segmentation. In this paper, we analyze internal representations of DINO and discover that its inherent boundary awareness is not absent but rather undergoes progressive attenuation as features transition into deeper transformer blocks. To address this, we propose OVS-DINO, a novel framework that revitalizes latent edge-sensitivity of DINO through structural alignment with the Segment Anything Model (SAM). Specifically, we introduce a Structure-Aware Encoder (SAE) and a Structure-Modulated Decoder (SMD) to effectively activate boundary features of DINO using SAM's structural priors, complemented by a supervision strategy utilizing SAM generated pseudo-masks. Extensive experiments demonstrate that our method achieves state-of-the-art performance across multiple weakly-supervised OVS benchmarks, improving the average score by 2.1% (from 44.8% to 46.9%). Notably, our approach significantly enhances segmentation accuracy in complex, cluttered scenarios, with a gain of 6.3% on Cityscapes (from 36.6% to 42.9%).
Updated: 2026-04-09 16:57:11
标题: OVS-DINO: 通过与语言引导结构对齐的SAM-DINO进行开放词汇分割
摘要: 开放式词汇分割(OVS)旨在通过利用语义描述,将图像区域分割为超出预定义类别集的范围。虽然基于CLIP的方法在语义泛化方面表现出色,但它们经常缺乏密集预测所需的精细空间意识。最近的努力已经将像DINO这样的Vision Foundation Models(VFMs)纳入其中,以减轻这些限制。然而,这些方法仍然在高保真度分割所需的精确边缘感知方面遇到困难。在本文中,我们分析了DINO的内部表示,并发现其固有的边界意识并不缺失,而是随着特征过渡到更深的变压器块而逐渐减弱。为了解决这个问题,我们提出了OVS-DINO,这是一个通过与Segment Anything Model(SAM)进行结构对齐来恢复DINO潜在边缘敏感性的新型框架。具体来说,我们引入了一个结构感知编码器(SAE)和一个结构调制解码器(SMD),通过SAM的结构先验有效地激活DINO的边界特征,并辅以一种利用SAM生成的伪掩膜的监督策略。广泛的实验表明,我们的方法在多个弱监督的OVS基准测试中取得了最先进的性能,将平均得分提高了2.1%(从44.8%提高到46.9%)。值得注意的是,我们的方法显着提高了在复杂、混乱场景中的分割准确性,在Cityscapes上提高了6.3%(从36.6%到42.9%)。
更新时间: 2026-04-09 16:57:11
领域: cs.CV,cs.AI
A Machine Learning Framework for Turbofan Health Estimation via Inverse Problem Formulation
Estimating the health state of turbofan engines is a challenging ill-posed inverse problem, hindered by sparse sensing and complex nonlinear thermodynamics. Research in this area remains fragmented, with comparisons limited by the use of unrealistic datasets and insufficient exploration of the exploitation of temporal information. This work investigates how to recover component-level health indicators from operational sensor data under realistic degradation and maintenance patterns. To support this study, we introduce a new dataset that incorporates industry-oriented complexities such as maintenance events and usage changes. Using this dataset, we establish an initial benchmark that compares steady-state and nonstationary data-driven models, and Bayesian filters, classic families of methods used to solve this problem. In addition to this benchmark, we introduce self-supervised learning (SSL) approaches that learn latent representations without access to true health labels, a scenario reflective of real-world operational constraints. By comparing the downstream estimation performance of these unsupervised representations against the direct prediction baselines, we establish a practical lower bound on the difficulty of solving this inverse problem. Our results reveal that traditional filters remain strong baselines, while SSL methods reveal the intrinsic complexity of health estimation and highlight the need for more advanced and interpretable inference strategies. For reproducibility, both the generated dataset and the implementation used in this work are made accessible.
Updated: 2026-04-09 16:56:37
标题: 一个用于通过逆问题表达进行涡轮风扇健康估计的机器学习框架
摘要: 估计涡轮风扇发动机的健康状态是一个具有挑战性的逆问题,受到稀疏传感和复杂的非线性热力学的阻碍。该领域的研究仍然是零散的,由于使用不切实际的数据集以及对时间信息的不足探索,比较受限。本文研究如何在实际的退化和维护模式下从操作传感器数据中恢复组件级健康指标。为了支持这项研究,我们引入了一个新的数据集,其中包含维护事件和使用变化等面向行业的复杂性。利用这个数据集,我们建立了一个初始基准,比较了稳态和非平稳数据驱动模型,以及贝叶斯滤波器,这些是用于解决这个问题的经典方法族。除了这个基准之外,我们还介绍了自监督学习(SSL)方法,这些方法在没有真实健康标签的情况下学习潜在表示,这反映了真实世界操作约束的情况。通过将这些无监督表示的下游估计性能与直接预测基线进行比较,我们建立了解决这个逆问题困难程度的实际下限。我们的结果表明,传统滤波器仍然是强大的基线,而SSL方法揭示了健康估计的固有复杂性,并强调了对更先进和可解释的推断策略的需求。为了可重现性,本文使用的生成数据集和实现均可访问。
更新时间: 2026-04-09 16:56:37
领域: cs.LG,cs.AI
CrashSight: A Phase-Aware, Infrastructure-Centric Video Benchmark for Traffic Crash Scene Understanding and Reasoning
Cooperative autonomous driving requires traffic scene understanding from both vehicle and infrastructure perspectives. While vision-language models (VLMs) show strong general reasoning capabilities, their performance in safety-critical traffic scenarios remains insufficiently evaluated due to the ego-vehicle focus of existing benchmarks. To bridge this gap, we present \textbf{CrashSight}, a large-scale vision-language benchmark for roadway crash understanding using real-world roadside camera data. The dataset comprises 250 crash videos, annotated with 13K multiple-choice question-answer pairs organized under a two-tier taxonomy. Tier 1 evaluates the visual grounding of scene context and involved parties, while Tier 2 probes higher-level reasoning, including crash mechanics, causal attribution, temporal progression, and post-crash outcomes. We benchmark 8 state-of-the-art VLMs and show that, despite strong scene description capabilities, current models struggle with temporal and causal reasoning in safety-critical scenarios. We provide a detailed analysis of failure scenarios and discuss directions for improving VLM crash understanding. The benchmark provides a standardized evaluation framework for infrastructure-assisted perception in cooperative autonomous driving. The CrashSight benchmark, including the full dataset and code, is accessible at https://mcgrche.github.io/crashsight.
Updated: 2026-04-09 16:52:04
标题: CrashSight:一种面向基础设施的视频基准,用于交通事故现场理解和推理
摘要: 合作自动驾驶需要从车辆和基础设施角度理解交通场景。虽然视觉语言模型(VLMs)展现出强大的一般推理能力,但由于现有基准的自我车辆焦点,它们在安全关键交通场景中的性能仍未得到充分评估。为了弥补这一差距,我们提出了一个名为\textbf{CrashSight}的大规模视觉语言基准,用于利用真实世界路边摄像头数据理解道路事故。该数据集包括250个事故视频,注释了13K个多项选择问答对,按照两级分类组织。第一级评估了场景背景和涉及方的视觉基础,而第二级探讨了更高级的推理,包括事故机制、因果归因、时间进展和事故后果。我们对8种最先进的VLMs进行基准测试,结果显示,尽管具有强大的场景描述能力,但当前模型在安全关键场景中的时间和因果推理方面仍存在困难。我们提供了对失败场景的详细分析,并讨论了改进VLM事故理解的方向。这个基准提供了一个标准化的评估框架,用于基础设施辅助感知在合作自动驾驶中的应用。CrashSight基准测试,包括完整数据集和代码,可在https://mcgrche.github.io/crashsight访问。
更新时间: 2026-04-09 16:52:04
领域: cs.CV,cs.AI,cs.RO
KnowU-Bench: Towards Interactive, Proactive, and Personalized Mobile Agent Evaluation
Personalized mobile agents that infer user preferences and calibrate proactive assistance hold great promise as everyday digital assistants, yet existing benchmarks fail to capture what this requires. Prior work evaluates preference recovery from static histories or intent prediction from fixed contexts. Neither tests whether an agent can elicit missing preferences through interaction, nor whether it can decide when to intervene, seek consent, or remain silent in a live GUI environment. We introduce KnowU-Bench, an online benchmark for personalized mobile agents built on a reproducible Android emulation environment, covering 42 general GUI tasks, 86 personalized tasks, and 64 proactive tasks. Unlike prior work that treats user preferences as static context, KnowU-Bench hides the user profile from the agent and exposes only behavioral logs, forcing genuine preference inference rather than context lookup. To support multi-turn preference elicitation, it instantiates an LLM-driven user simulator grounded in structured profiles, enabling realistic clarification dialogues and proactive consent handling. Beyond personalization, KnowU-Bench provides comprehensive evaluation of the complete proactive decision chain, including grounded GUI execution, consent negotiation, and post-rejection restraint, evaluated through a hybrid protocol combining rule-based verification with LLM-as-a-Judge scoring. Our experiments reveal a striking degradation: agents that excel at explicit task execution fall below 50% under vague instructions requiring user preference inference or intervention calibration, even for frontier models like Claude Sonnet 4.6. The core bottlenecks are not GUI navigation but preference acquisition and intervention calibration, exposing a fundamental gap between competent interface operation and trustworthy personal assistance.
Updated: 2026-04-09 16:50:50
标题: KnowU-Bench:面向交互式、主动式和个性化的移动代理评估
摘要: 个性化的移动代理可以推断用户偏好并校准主动帮助,在日常数字助手方面具有巨大的潜力,然而现有的基准测试未能捕捉到这种需求。之前的研究评估了从静态历史中恢复偏好或从固定上下文中预测意图。这两种方法都没有测试代理能否通过交互引出缺失的偏好,也没有测试它能否在实时图形用户界面环境中决定何时干预、寻求同意或保持沉默。我们引入了KnowU-Bench,这是一个在线基准测试,针对个性化移动代理建立在可重现的Android仿真环境上,涵盖了42个一般GUI任务、86个个性化任务和64个主动任务。与之前将用户偏好视为静态上下文的方法不同,KnowU-Bench隐藏了用户资料,只暴露行为日志,迫使代理进行真正的偏好推理,而不是上下文查找。为了支持多轮偏好引出,它实例化了一个基于结构化资料档案的LLM驱动用户模拟器,实现了现实的澄清对话和主动同意处理。除了个性化之外,KnowU-Bench还提供了对完整主动决策链的全面评估,包括基于GUI的执行、同意谈判和拒绝后的约束,通过结合基于规则的验证和以LLM为评分标准的混合协议进行评估。我们的实验揭示了一个惊人的结果:在需要用户偏好推理或干预校准的模糊指令下,即使是像Claude Sonnet 4.6这样的前沿模型,表现出色的代理在明确任务执行方面也低于50%。核心瓶颈不是GUI导航,而是偏好获取和干预校准,暴露了一个能力接口操作和值得信赖的个人帮助之间的基本差距。
更新时间: 2026-04-09 16:50:50
领域: cs.AI
CASE: Cadence-Aware Set Encoding for Large-Scale Next Basket Repurchase Recommendation
Repurchase behavior is a primary signal in large-scale retail recommendation, particularly in categories with frequent replenishment: many items in a user's next basket were previously purchased and their timing follows stable, item-specific cadences. Yet most next basket repurchase recommendation models represent history as a sequence of discrete basket events indexed by visit order, which cannot explicitly model elapsed calendar time or update item rankings as days pass between purchases. We present CASE (Cadence-Aware Set Encoding for next basket repurchase recommendation), which decouples item-level cadence learning from cross-item interaction, enabling explicit calendar-time modeling while remaining production-scalable. CASE represents each item's purchase history as a calendar-time signal over a fixed horizon, applies shared multi-scale temporal convolutions to capture recurring rhythms, and uses induced set attention to model cross-item dependencies with sub-quadratic complexity, allowing efficient batch inference at scale. Across three public benchmarks and a proprietary dataset, CASE consistently improves Precision, Recall, and NDCG at multiple cutoffs compared to strong next basket prediction baselines. In a production-scale evaluation with tens of millions of users and a large item catalog, CASE achieves up to 8.6% relative Precision and 9.9% Recall lift at top-5, demonstrating that scalable cadence-aware modeling yields measurable gains in both benchmark and industrial settings.
Updated: 2026-04-09 16:50:12
标题: 案例:针对大规模下一个篮子再购买推荐的节奏感感知设置编码
摘要: 复购行为是大规模零售推荐中的一个主要信号,特别是在频繁补货的类别中:用户下一个购物篮中的许多物品是先前购买过的,它们的时间跟随着稳定的、特定于物品的节奏。然而,大多数下一个购物篮复购推荐模型将历史表示为一系列由访问顺序索引的离散购物篮事件,这些模型无法明确地建模经过的日历时间,也无法在购买之间经过的日子中更新物品排名。我们提出了CASE(Cadence-Aware Set Encoding for next basket repurchase recommendation),它将物品级别的节奏学习与跨物品交互解耦,实现了明确的日历时间建模,同时保持了生产可扩展性。CASE将每个物品的购买历史表示为一个固定时间范围内的日历时间信号,应用共享的多尺度时间卷积来捕捉重复的节奏,并使用引入的集合注意力机制来模拟跨物品依赖关系,其次二次复杂度,实现了规模化的高效批量推断。在三个公开基准测试和一个专有数据集中,与强大的下一个购物篮预测基线相比,CASE在多个截止点上一致提高了精度、召回率和NDCG。在一个拥有数千万用户和庞大物品目录的生产规模评估中,CASE在前五名处实现了高达8.6%的相对精度和9.9%的召回率提升,表明可扩展的节奏感知建模在基准测试和工业环境中都能带来可衡量的收益。
更新时间: 2026-04-09 16:50:12
领域: cs.IR,cs.LG
Less Approximates More: Harmonizing Performance and Confidence Faithfulness via Hybrid Post-Training for High-Stakes Tasks
Large language models are increasingly deployed in high-stakes tasks, where confident yet incorrect inferences may cause severe real-world harm, bringing the previously overlooked issue of confidence faithfulness back to the forefront. A promising solution is to jointly optimize unsupervised Reinforcement Learning from Internal Feedback (RLIF) with reasoning-trace-guided Reasoning Distillation (RD), which may face three persistent challenges: scarcity of high-quality training corpora, factually unwarranted overconfidence and indiscriminate fusion that amplifies erroneous updates. Inspired by the human confidence accumulation from uncertainty to certainty, we propose Progressive Reasoning Gain (PRG) to measure whether reasoning steps progressively strengthen support for the final answer. Furthermore, we introduce HyTuning, a hybrid post-training framework that adaptively reweights RD and RLIF via a PRG-style metric, using scarce supervised reasoning traces as a stable anchor while exploiting abundant unlabeled queries for scalability. Experiments on several domain-specific and general benchmarks demonstrate that HyTuning improves accuracy while achieving confidence faithfulness under limited supervision, supporting a practical "Less Approximates More" effect.
Updated: 2026-04-09 16:50:11
标题: Less Approximates More: 在高风险任务中通过混合后训练实现性能和信心忠诚度的和谐
摘要: 大型语言模型越来越多地应用于高风险任务中,自信但不正确的推断可能会导致严重的现实世界危害,从而再次将先前被忽视的信心忠实问题置于前沿。一个有希望的解决方案是通过联合优化无监督的内部反馈强化学习(RLIF)和基于推理轨迹引导的推理蒸馏(RD),可能面临三个持久挑战:高质量训练语料库的稀缺性,事实上不合理的过度自信和不加区分的融合,这会放大错误的更新。受到人类从不确定性到确定性的信心积累的启发,我们提出渐进推理增益(PRG)来衡量推理步骤是否逐渐加强对最终答案的支持。此外,我们引入了HyTuning,这是一个混合的后训练框架,通过PRG风格的度量自适应地重新调整RD和RLIF的权重,利用稀缺的监督推理轨迹作为稳定的锚点,同时利用丰富的未标记查询来实现可扩展性。在几个领域特定和通用基准测试上的实验证明,HyTuning提高了准确性,同时在有限监督下实现了信心忠实,支持实际的“少近似多”效果。
更新时间: 2026-04-09 16:50:11
领域: cs.LG
DiffGradCAM: A Class Activation Map Using the Full Model Decision to Solve Unaddressed Adversarial Attacks
Class Activation Mapping (CAM) and its gradient-based variants (e.g., GradCAM) have become standard tools for explaining Convolutional Neural Network (CNN) predictions. However, these approaches typically focus on individual logits, while for neural networks using softmax, the class membership probability estimates depend only on the differences between logits, not on their absolute values. This disconnect leaves standard CAMs vulnerable to adversarial manipulation, such as passive fooling, where a model is trained to produce misleading CAMs without affecting decision performance. To address this vulnerability, we propose DiffGradCAM and its higher-order derivative version DiffGradCAM++, as novel, lightweight, contrastive approaches to class activation mapping that are not susceptible to passive fooling and match the output of standard methods such as GradCAM and GradCAM++ in the non-adversarial case. To test our claims, we introduce Salience-Hoax Activation Maps (SHAMs), a more advanced, entropy-aware form of passive fooling that serves as a benchmark for CAM robustness under adversarial conditions. Together, SHAM and DiffGradCAM establish a new framework for probing and improving the robustness of saliency-based explanations. We validate both contributions across multi-class tasks with few and many classes.
Updated: 2026-04-09 16:38:18
标题: DiffGradCAM:使用完整模型决策的类激活图以解决未解决的对抗性攻击
摘要: Class Activation Mapping(CAM)及其基于梯度的变种(例如GradCAM)已成为解释卷积神经网络(CNN)预测的标准工具。然而,这些方法通常集中在个别对数上,而对于使用softmax的神经网络,类成员概率估计仅取决于对数之间的差异,而不取决于它们的绝对值。这种断裂使标准CAM容易受到对抗性操纵的影响,例如被动愚弄,其中模型被训练以生成误导性的CAM,而不影响决策性能。为了解决这种脆弱性,我们提出了DiffGradCAM及其高阶导数版本DiffGradCAM++,作为一种新颖、轻量级、对比的类激活映射方法,不容易受到被动愚弄的影响,并在非对抗情况下与GradCAM和GradCAM++等标准方法的输出相匹配。为了验证我们的论断,我们引入了Salience-Hoax Activation Maps(SHAMs),一种更先进、熵感知形式的被动愚弄,用作CAM在对抗条件下稳健性的基准。SHAM和DiffGradCAM共同建立了一个新的框架,用于探索和改进基于显著性的解释的稳健性。我们验证了这两种贡献在多类任务中具有少数和众多类别。
更新时间: 2026-04-09 16:38:18
领域: cs.LG
Provably Adaptive Linear Approximation for the Shapley Value and Beyond
The Shapley value, and its broader family of semi-values, has received much attention in various attribution problems. A fundamental and long-standing challenge is their efficient approximation, since exact computation generally requires an exponential number of utility queries in the number of players $n$. To meet the challenges of large-scale applications, we explore the limits of efficiently approximating semi-values under a $Θ(n)$ space constraint. Building upon a vector concentration inequality, we establish a theoretical framework that enables sharper query complexities for existing unbiased randomized algorithms. Within this framework, we systematically develop a linear-space algorithm that requires $O(\frac{n}{ε^{2}}\log\frac{1}δ)$ utility queries to ensure $P(\|\hat{\boldsymbolφ}-\boldsymbolφ\|_{2}\geqε)\leq δ$ for all commonly used semi-values. In particular, our framework naturally bridges OFA, unbiased kernelSHAP, SHAP-IQ and the regression-adjusted approach, and definitively characterizes when paired sampling is beneficial. Moreover, our algorithm allows explicit minimization of the mean square error for each specific utility function. Accordingly, we introduce the first adaptive, linear-time, linear-space randomized algorithm, Adalina, that theoretically achieves improved mean square error. All of our theoretical findings are experimentally validated.
Updated: 2026-04-09 16:38:14
标题: 可证明适应性线性逼近方法用于Shapley值及其它情况
摘要: Shapley值及其更广泛的半值家族在各种归因问题中受到了广泛关注。一个根本性且长期存在的挑战是它们的高效近似,因为精确计算通常需要指数数量的效用查询,即玩家数量$n$。为了满足大规模应用的挑战,我们探讨了在$Θ(n)$空间约束下高效近似半值的极限。基于向量集中不等式,我们建立了一个理论框架,使得现有的无偏随机算法能够获得更尖锐的查询复杂度。在这个框架下,我们系统地开发了一个线性空间算法,需要$O(\frac{n}{ε^{2}}\log\frac{1}{δ})$个效用查询,以确保对于所有常用的半值,对于所有常用的半值,$P(\|\hat{\boldsymbolφ}-\boldsymbolφ\|_{2}\geqε)\leq δ$。特别地,我们的框架自然地连接了OFA、无偏核SHAP、SHAP-IQ和回归调整方法,并明确地表明了配对抽样何时有益。此外,我们的算法允许对每个特定效用函数进行均方误差的显式最小化。因此,我们引入了第一个自适应的、线性时间、线性空间的随机算法Adalina,理论上实现了改进的均方误差。我们所有的理论发现均经过实验证实。
更新时间: 2026-04-09 16:38:14
领域: cs.LG
Why Adam Can Beat SGD: Second-Moment Normalization Yields Sharper Tails
Despite Adam demonstrating faster empirical convergence than SGD in many applications, much of the existing theory yields guarantees essentially comparable to those of SGD, leaving the empirical performance gap insufficiently explained. In this paper, we uncover a key second-moment normalization in Adam and develop a stopping-time/martingale analysis that provably distinguishes Adam from SGD under the classical bounded variance model (a second moment assumption). In particular, we establish the first theoretical separation between the high-probability convergence behaviors of the two methods: Adam achieves a $δ^{-1/2}$ dependence on the confidence parameter $δ$, whereas corresponding high-probability guarantee for SGD necessarily incurs at least a $δ^{-1}$ dependence.
Updated: 2026-04-09 16:37:36
标题: 为什么Adam可以击败SGD:二阶矩归一化产生更尖锐的尾部
摘要: 尽管在许多应用中,Adam表现出比SGD更快的经验收敛速度,但现有理论大部分给出的保证与SGD基本相当,未能充分解释实证表现差距。在本文中,我们揭示了Adam中一个关键的二阶矩归一化,并开发了一个可证明区分Adam和SGD的停止时间/鞅分析,根据经典的有界方差模型(一个二阶矩假设)。特别地,我们建立了两种方法高概率收敛行为之间的第一个理论分离:Adam在置信参数δ上实现了一个$δ^{-1/2}$的依赖关系,而SGD相应的高概率保证必然至少引入一个$δ^{-1}$的依赖关系。
更新时间: 2026-04-09 16:37:36
领域: cs.LG,cs.AI
HST-HGN: Heterogeneous Spatial-Temporal Hypergraph Networks with Bidirectional State Space Models for Global Fatigue Assessment
It remains challenging to assess driver fatigue from untrimmed videos under constrained computational budgets, due to the difficulty of modeling long-range temporal dependencies in subtle facial expressions. Some existing approaches rely on computationally heavy architectures, whereas others employ traditional lightweight pairwise graph networks, despite their limited capacity to model high-order synergies and global temporal context. Therefore, we propose HST-HGN, a novel Heterogeneous Spatial-Temporal Hypergraph Network driven by Bidirectional State Space Models. Spatially, we introduce a hierarchical hypergraph network to fuse pose-disentangled geometric topologies with multi-modal texture patches dynamically. This formulation encapsulates high-order synergistic facial deformations, effectively overcoming the limitations of conventional methods. In temporal terms, a Bi-Mamba module with linear complexity is applied to perform bidirectional sequence modeling. This explicit temporal-evolution filtering enables the network to distinguish highly ambiguous transient actions, such as yawning versus speaking, while encompassing their complete physiological lifecycles. Extensive evaluations across diverse fatigue benchmarks demonstrate that HST-HGN achieves state-of-the-art performance. In particular, our method strikes a balance between discriminative power and computational efficiency, making it well-suited for real-time in-cabin edge deployment.
Updated: 2026-04-09 16:36:43
标题: HST-HGN: 基于双向状态空间模型的异质空间-时间超图网络用于全球疲劳评估
摘要: 在受限的计算预算下,从未经修剪的视频中评估驾驶员疲劳仍然具有挑战性,因为建模微妙面部表情中的长程时间依赖性很困难。一些现有方法依赖于计算量大的架构,而另一些则使用传统的轻量级成对图网络,尽管它们对于建模高阶协同效应和全局时间上下文的能力有限。因此,我们提出了HST-HGN,一种由双向状态空间模型驱动的新型异质空间-时间超图网络。在空间上,我们引入了一个分层超图网络,动态地融合了姿势解耦的几何拓扑和多模态纹理补丁。这种形式化方法包含了高阶协同面部变形,有效地克服了传统方法的局限性。在时间上,我们应用具有线性复杂度的Bi-Mamba模块来执行双向序列建模。这种显式的时间演化过滤使网络能够区分高度模糊的瞬时动作,比如打哈欠与说话,同时包含它们完整的生理生命周期。对各种疲劳基准的广泛评估表明,HST-HGN实现了最先进的性能。特别是,我们的方法在区分能力和计算效率之间取得了平衡,使其非常适合实时车舱边缘部署。
更新时间: 2026-04-09 16:36:43
领域: cs.CV,cs.AI
Continued AI Scaling Requires Repeated Efficiency Doublings
This paper argues that continued AI scaling requires repeated efficiency doublings. Classical AI scaling laws remain useful because they make progress predictable despite diminishing returns, but the compute variable in those laws is best read as logical compute, not as a record of one fixed physical implementation. Practical burden therefore depends on the efficiency with which physical resources realize that compute. Under that interpretation, diminishing returns mean rising operational burden, not merely a flatter curve. Sustained progress then requires recurrent gains in hardware, algorithms, and systems that keep additional logical compute feasible at acceptable cost. The relevant analogy is Moore's Law, understood less as a theorem than as an organizing expectation of repeated efficiency improvement. AI does not yet have a single agreed cadence for such gains, but recent evidence suggests trends that are at least Moore-like and sometimes faster. The paper's claim is therefore simple: if AI scaling is to remain active, repeated efficiency doublings are not optional. They are required.
Updated: 2026-04-09 16:35:51
标题: 持续的人工智能规模化需要不断提高效率。
摘要: 这篇论文认为,持续的人工智能扩展需要重复的效率加倍。经典人工智能扩展规律仍然有用,因为它们使进展可预测,尽管收益递减,但这些规律中的计算变量最好理解为逻辑计算,而不是一种固定的物理实现的记录。因此,实际负担取决于物理资源实现该计算的效率。在这种解释下,收益递减意味着运营负担增加,而不仅仅是一个更平缓的曲线。因此,持续进展需要硬件、算法和系统的反复提升,以确保额外的逻辑计算以可接受的成本实现。相关的类比是摩尔定律,理解摩尔定律不再作为一个定理,而是作为重复效率提升的组织期望。人工智能尚没有一个统一的节奏来实现这种提升,但最近的证据表明,趋势至少类似于摩尔定律,有时甚至更快。因此,该论文的论点很简单:如果人工智能扩展要保持活跃,重复的效率加倍不是选择性的,而是必需的。
更新时间: 2026-04-09 16:35:51
领域: cs.LG,cs.AI
A Generalized Sinkhorn Algorithm for Mean-Field Schrödinger Bridge
The mean-field Schrödinger bridge (MFSB) problem concerns designing a minimum-effort controller that guides a diffusion process with nonlocal interaction to reach a given distribution from another by a fixed deadline. Unlike the standard Schrödinger bridge, the dynamical constraint for MFSB is the mean-field limit of a population of interacting agents with controls. It serves as a natural model for large-scale multi-agent systems. The MFSB is computationally challenging because the nonlocal interaction makes the problem nonconvex. We propose a generalization of the Hopf-Cole transform for MFSB and, building on it, design a Sinkhorn-type recursive algorithm to solve the associated system of integro-PDEs. Under mild assumptions on the interaction potential, we discuss convergence guarantees for the proposed algorithm. We present numerical examples with repulsive and attractive interactions to illustrate the theoretical contributions.
Updated: 2026-04-09 16:35:00
标题: 一种用于均场薛定谔桥的广义Sinkhorn算法
摘要: 平均场薛定谔桥(MFSB)问题涉及设计一个最小努力的控制器,引导一个具有非局部相互作用的扩散过程,在固定截止日期前达到给定分布。与标准薛定谔桥不同,MFSB的动态约束是具有控制的相互作用代理人群体的平均场极限。它作为大规模多代理系统的自然模型。由于非局部相互作用使问题非凸,MFSB在计算上具有挑战性。我们提出了一种用于MFSB的Hopf-Cole变换的泛化,并基于此设计了一种Sinkhorn类型的递归算法来解决相关的积分-偏微分方程系统。在交互作用势上的温和假设下,我们讨论了所提出算法的收敛保证。我们通过具有排斥和吸引相互作用的数值例子来说明理论贡献。
更新时间: 2026-04-09 16:35:00
领域: math.OC,cs.LG,cs.MA,eess.SY,stat.ML
Small-scale photonic Kolmogorov-Arnold networks using standard telecom nonlinear modules
Photonic neural networks promise ultrafast inference, yet most architectures rely on linear optical meshes with electronic nonlinearities, reintroducing optical-electrical-optical bottlenecks. Here we introduce small-scale photonic Kolmogorov-Arnold networks (SSP-KANs) implemented entirely with standard telecommunications components. Each network edge employs a trainable nonlinear module composed of a Mach-Zehnder interferometer, semiconductor optical amplifier, and variable optical attenuators, providing a four-parameter transfer function derived from gain saturation and interferometric mixing. Despite this constrained expressivity, SSP-KANs comprising only a few optical modules achieve strong nonlinear inference performance across classification, regression, and image recognition tasks, approaching software baselines with significantly fewer parameters. A four-module network achieves 98.4\% accuracy on nonlinear classification benchmarks inaccessible to linear models. Performance remains robust under realistic hardware impairments, maintaining high accuracy down to 6-bit input resolution and 14 dB signal-to-noise ratio. By using a fully differentiable physics model for end-to-end optimisation of optical parameters, this work establishes a practical pathway from simulation to experimental demonstration of photonic KANs using commodity telecom hardware.
Updated: 2026-04-09 16:34:58
标题: 使用标准通信非线性模块构建小尺度光子Kolmogorov-Arnold网络
摘要: 光子神经网络承诺实现超快推断,然而大多数架构依赖于具有电子非线性的线性光学网格,重新引入光电光瓶颈。在这里,我们介绍了完全采用标准电信组件实现的小规模光子科尔莫哥洛夫-阿诺德网络(SSP-KANs)。每个网络边缘采用可训练的非线性模块,由马赫-曾德干涉仪、半导体光放大器和可变光衰减器组成,提供由增益饱和和干涉混合导出的四参数传输函数。尽管受到这种受限表现力的影响,仅由少数光学模块组成的SSP-KANs在分类、回归和图像识别任务中实现了强大的非线性推断性能,接近软件基线并且参数显著更少。一个四模块网络在非线性分类基准测试中实现了98.4\%的准确率,这是线性模型无法实现的。性能在现实硬件损伤下保持稳健,即使降低到6位输入分辨率和14dB信噪比,仍保持高准确度。通过使用全可微的物理模型,对光学参数进行端到端优化,这项工作建立了一条从仿真到使用通用电信硬件实验演示光子KANs的实际路径。
更新时间: 2026-04-09 16:34:58
领域: physics.optics,cs.AI
KV Cache Offloading for Context-Intensive Tasks
With the growing demand for long-context LLMs across a wide range of applications, the key-value (KV) cache has become a critical bottleneck for both latency and memory usage. Recently, KV-cache offloading has emerged as a promising approach to reduce memory footprint and inference latency while preserving accuracy. Prior evaluations have largely focused on tasks that do not require extracting large amounts of information from the context. In this work, we study KV-cache offloading on context-intensive tasks: problems where the solution requires looking up a lot of information from the input prompt. We create and release the Text2JSON benchmark, a highly context-intensive task that requires extracting structured knowledge from raw text. We evaluate modern KV offloading on Text2JSON and other context-intensive tasks and find significant performance degradation on both Llama 3 and Qwen 3 models. Our analysis identifies two key reasons for poor accuracy: low-rank projection of keys and unreliable landmarks, and proposes a simpler alternative strategy that significantly improves accuracy across multiple LLM families and benchmarks. These findings highlight the need for a comprehensive and rigorous evaluation of long-context compression techniques.
Updated: 2026-04-09 16:30:44
标题: KV缓存卸载用于上下文密集型任务
摘要: 随着对长上下文LLMs在各种应用中的需求不断增长,键值(KV)缓存已成为延迟和内存使用的关键瓶颈。最近,KV缓存卸载已成为一种有前途的方法,可以减少内存占用和推理延迟,同时保持准确性。先前的评估主要集中在不需要从上下文中提取大量信息的任务上。在这项工作中,我们研究了上下文密集型任务上的KV缓存卸载:解决方案需要从输入提示中查找大量信息的问题。我们创建并发布了Text2JSON基准测试,这是一个高度上下文密集型的任务,需要从原始文本中提取结构化知识。我们评估了现代KV卸载在Text2JSON和其他上下文密集型任务上的表现,并发现在Llama 3和Qwen 3模型上都出现了显着的性能下降。我们的分析确定了两个导致准确性不佳的关键原因:键的低秩投影和不可靠的标志物,并提出了一种更简单的替代策略,显著提高了跨多个LLM系列和基准测试的准确性。这些发现突显了对长上下文压缩技术的全面和严格评估的必要性。
更新时间: 2026-04-09 16:30:44
领域: cs.LG,cs.AI,cs.CL
Towards Hierarchical Multi-Step Reward Models for Enhanced Reasoning in Large Language Models
Recent studies show that Large Language Models (LLMs) achieve strong reasoning capabilities through supervised fine-tuning or reinforcement learning. However, a key approach, the Process Reward Model (PRM), suffers from reward hacking, making it unreliable in identifying the best intermediate step. In addition, the cost of annotating reasoning processes for reward modeling is high, making large-scale collection of high-quality data challenging. To address this, we propose a novel reward model approach called the Hierarchical Reward Model (HRM), which evaluates both individual and consecutive reasoning steps at both fine-grained and coarse-grained levels. HRM excels at assessing multi-step reasoning coherence, especially when flawed steps are later corrected through self-reflection. To further reduce the cost of generating training data, we introduce a lightweight and effective data augmentation strategy called Hierarchical Node Compression (HNC), which merges two consecutive reasoning steps into one within the tree structure. By applying HNC to MCTS-generated reasoning trajectories, we enhance the diversity and robustness of HRM training data while introducing controlled noise with minimal computational overhead. Empirical results on the PRM800K dataset show that HRM, together with HNC, provides more stable and reliable evaluations than PRM. Furthermore, cross-domain evaluations on the MATH500 and GSM8K datasets demonstrate HRM's strong generalization and robustness across a variety of reasoning tasks.
Updated: 2026-04-09 16:29:33
标题: 朝向层次化多步奖励模型,以增强大型语言模型中的推理能力
摘要: 最近的研究表明,大型语言模型(LLMs)通过监督微调或强化学习实现了强大的推理能力。然而,一个关键方法,即过程奖励模型(PRM),存在奖励破解问题,使其在识别最佳中间步骤时不可靠。此外,为奖励建模注释推理过程的成本高昂,使大规模收集高质量数据具有挑战性。为了解决这个问题,我们提出了一种称为分层奖励模型(HRM)的新型奖励模型方法,它在精细粒度和粗粒度级别评估个别和连续的推理步骤。HRM擅长评估多步推理的连贯性,特别是当错误的步骤通过自我反思后被纠正时。为了进一步降低生成训练数据的成本,我们引入了一种轻量且有效的数据增强策略,称为分层节点压缩(HNC),它在树结构中将两个连续的推理步骤合并为一个。通过将HNC应用于MCTS生成的推理轨迹,我们增强了HRM训练数据的多样性和鲁棒性,同时引入了最小的计算开销控制噪声。在PRM800K数据集上的实证结果表明,HRM与HNC一起提供比PRM更稳定和可靠的评估。此外,在MATH500和GSM8K数据集上进行的跨领域评估显示,HRM在各种推理任务中具有较强的泛化能力和鲁棒性。
更新时间: 2026-04-09 16:29:33
领域: cs.CL,cs.AI
Learning Who Disagrees: Demographic Importance Weighting for Modeling Annotator Distributions with DiADEM
When humans label subjective content, they disagree, and that disagreement is not noise. It reflects genuine differences in perspective shaped by annotators' social identities and lived experiences. Yet standard practice still flattens these judgments into a single majority label, and recent LLM-based approaches fare no better: we show that prompted large language models, even with chain-of-thought reasoning, fail to recover the structure of human disagreement. We introduce DiADEM, a neural architecture that learns "how much each demographic axis matters" for predicting who will disagree and on what. DiADEM encodes annotators through per-demographic projections governed by a learned importance vector $\boldsymbolα$, fuses annotator and item representations via complementary concatenation and Hadamard interactions, and is trained with a novel item-level disagreement loss that directly penalizes mispredicted annotation variance. On the DICES conversational-safety and VOICED political-offense benchmarks, DiADEM substantially outperforms both the LLM-as-a-judge and neural model baselines across standard and perspectivist metrics, achieving strong disagreement tracking ($r{=}0.75$ on DICES). The learned $\boldsymbolα$ weights reveal that race and age consistently emerge as the most influential demographic factors driving annotator disagreement across both datasets. Our results demonstrate that explicitly modeling who annotators are not just what they label is essential for NLP systems that aim to faithfully represent human interpretive diversity.
Updated: 2026-04-09 16:29:17
标题: 学习谁不同意:Demographic Importance Weighting用于使用DiADEM建模注释者分布
摘要: 当人类标记主观内容时,他们会产生分歧,而这种分歧并非噪音。它反映了由注释者的社会身份和生活经历塑造的视角差异。然而,标准做法仍将这些判断压缩为单一的多数标签,而最近基于LLM的方法也表现不佳:我们展示了即使经过思维链推理的提示大型语言模型也无法恢复人类分歧的结构。我们引入了DiADEM,这是一个神经架构,它学习“每个人口统计轴有多大重要性”,以预测谁会在什么方面产生分歧。DiADEM通过由学习的重要性向量α控制的每个人口统计投影来编码注释者,通过互补串联和Hadamard相互作用融合注释者和项目表示,并通过一种新颖的项目级分歧损失进行训练,直接惩罚误预测的注释变异。在DICES会话安全和VOICED政治冒犯基准测试中,DiADEM在标准和透视度量方面显着优于LLM作为法官和神经模型基线,实现了强大的分歧跟踪(DICES上的r=0.75)。学习到的α权重显示,种族和年龄始终是在两个数据集中驱动注释者分歧的最有影响力的人口统计因素。我们的结果表明,明确地对注释者进行建模,而不仅仅是标签的内容,对于旨在忠实地代表人类解释多样性的自然语言处理系统至关重要。
更新时间: 2026-04-09 16:29:17
领域: cs.AI,cs.CL
Adversarial Flow Models
We present adversarial flow models, a class of generative models that belongs to both the adversarial and flow families. Our method supports native one-step and multi-step generation and is trained with an adversarial objective. Unlike traditional GANs, in which the generator learns an arbitrary transport map between the noise and data distributions, our generator is encouraged to learn a deterministic noise-to-data mapping. This significantly stabilizes adversarial training. Unlike consistency-based methods, our model directly learns one-step or few-step generation without having to learn the intermediate timesteps of the probability flow for propagation. This preserves model capacity and avoids error accumulation. Under the same 1NFE setting on ImageNet-256px, our B/2 model approaches the performance of consistency-based XL/2 models, while our XL/2 model achieves a new best FID of 2.38. We additionally demonstrate end-to-end training of 56-layer and 112-layer models without any intermediate supervision, achieving FIDs of 2.08 and 1.94 with a single forward pass and surpassing the corresponding 28-layer 2NFE and 4NFE counterparts with equal compute and parameters. The code is available at https://github.com/ByteDance-Seed/Adversarial-Flow-Models
Updated: 2026-04-09 16:27:38
标题: 对抗流模型
摘要: 我们提出了对抗流模型,这是一类属于对抗和流家族的生成模型。我们的方法支持本机一步和多步生成,并使用对抗目标进行训练。与传统的GAN不同,在传统GAN中,生成器学习噪声和数据分布之间的任意传输映射,我们的生成器被鼓励学习确定性的噪声到数据的映射。这显著稳定了对抗训练。与基于一致性的方法不同,我们的模型直接学习一步或几步生成,无需学习传播的概率流的中间时间步。这保留了模型的容量并避免了误差积累。在ImageNet-256px上相同的1NFE设置下,我们的B/2模型接近基于一致性的XL/2模型的性能,而我们的XL/2模型实现了新的最佳FID为2.38。我们还展示了56层和112层模型的端到端训练,无需任何中间监督,通过单次前向传递实现了2.08和1.94的FID,并超过了相应的28层2NFE和4NFE对应物,具有相同的计算和参数。代码可在https://github.com/ByteDance-Seed/Adversarial-Flow-Models 上找到。
更新时间: 2026-04-09 16:27:38
领域: cs.LG,cs.CV
On-board Telemetry Monitoring in Autonomous Satellites: Challenges and Opportunities
The increasing autonomy of spacecraft demands fault-detection systems that are both reliable and explainable. This work addresses eXplainable Artificial Intelligence for onboard Fault Detection, Isolation and Recovery within the Attitude and Orbit Control Subsystem by introducing a framework that enhances interpretability in neural anomaly detectors. We propose a method to derive low-dimensional, semantically annotated encodings from intermediate neural activations, called peepholes. Applied to a convolutional autoencoder, the framework produces interpretable indicators that enable the identification and localization of anomalies in reaction-wheel telemetry. Peepholes analysis further reveals bias detection and supports fault localization. The proposed framework enables the semantic characterization of detected anomalies while requiring only a marginal increase in computational resources, thus supporting its feasibility for on-board deployment.
Updated: 2026-04-09 16:25:53
标题: 自主卫星上的机载遥测监测:挑战与机遇
摘要: 航天器自主性的增加要求故障检测系统既可靠又可解释。本研究针对姿态和轨道控制子系统内的故障检测、隔离和恢复提出了可解释人工智能技术。我们引入了一个框架,通过增强神经异常检测器的可解释性来实现。我们提出了一种从中间神经激活中提取低维度、语义注释编码的方法,称为窥视孔。该框架应用于卷积自编码器,可生成可解释的指标,从而实现对反应轮遥测中的异常进行识别和定位。窥视孔分析进一步揭示了偏见检测并支持故障定位。该提出的框架使得检测到的异常能够进行语义化描述,同时仅需要较少的计算资源,因此支持其在机载部署中的可行性。
更新时间: 2026-04-09 16:25:53
领域: cs.AI,cs.LG
Synthetic Data for any Differentiable Target
What are the limits of controlling language models via synthetic training data? We develop a reinforcement learning (RL) primitive, the Dataset Policy Gradient (DPG), which can precisely optimize synthetic data generators to produce a dataset of targeted examples. When used for supervised fine-tuning (SFT) of a target model, these examples cause the target model to do well on a differentiable metric of our choice. Our approach achieves this by taking exact data attribution via higher-order gradients and using those scores as policy gradient rewards. We prove that this procedure closely approximates the true, intractable gradient for the synthetic data generator. To illustrate the potential of DPG, we show that, using only SFT on generated examples, we can cause the target model's LM head weights to (1) embed a QR code, (2) embed the pattern $\texttt{67}$, and (3) have lower $\ell^2$ norm. We additionally show that we can cause the generator to (4) rephrase inputs in a new language and (5) produce a specific UUID, even though neither of these objectives is conveyed in the generator's input prompts. These findings suggest that DPG is a powerful and flexible technique for shaping model properties using only synthetic training examples.
Updated: 2026-04-09 16:23:40
标题: 任意可微目标的合成数据
摘要: 通过合成训练数据控制语言模型的限制是什么?我们开发了一种强化学习(RL)原语,即数据集策略梯度(DPG),可以精确优化合成数据生成器,以生成一组目标示例数据集。当用于目标模型的监督微调(SFT)时,这些示例会使目标模型在我们选择的可微度量上表现良好。我们通过采用高阶梯度进行精确数据归因,并将这些分数用作策略梯度奖励来实现这一点。我们证明了这一过程紧密逼近了合成数据生成器的真实、难以处理的梯度。为了说明DPG的潜力,我们展示了只使用生成的示例进行SFT,我们可以使目标模型的LM头部权重(1)嵌入QR码,(2)嵌入模式$67$,并且(3)具有较低的$\ell^2$范数。此外,我们还展示了我们可以使生成器(4)用一种新语言重新表达输入,并且(5)生成一个特定的UUID,尽管这些目标都没有在生成器的输入提示中传达。这些发现表明,DPG是一种强大且灵活的技术,可以仅使用合成训练示例来塑造模型属性。
更新时间: 2026-04-09 16:23:40
领域: cs.CL,cs.AI,cs.LG,stat.ML
Exploring Temporal Representation in Neural Processes for Multimodal Action Prediction
Inspired by the human ability to understand and predict others, we study the applicability of Conditional Neural Processes (CNP) to the task of self-supervised multimodal action prediction in robotics. Following recent results regarding the ontogeny of the Mirror Neuron System (MNS), we focus on the preliminary objective of self-actions prediction. We find a good MNS-inspired model in the existing Deep Modality Blending Network (DMBN), able to reconstruct the visuo-motor sensory signal during a partially observed action sequence by leveraging the probabilistic generation of CNP. After a qualitative and quantitative evaluation, we highlight its difficulties in generalizing to unseen action sequences, and identify the cause in its inner representation of time. Therefore, we propose a revised version, termed DMBN-Positional Time Encoding (DMBN-PTE), that facilitates learning a more robust representation of temporal information, and provide preliminary results of its effectiveness in expanding the applicability of the architecture. DMBN-PTE figures as a first step in the development of robotic systems that autonomously learn to forecast actions on longer time scales refining their predictions with incoming observations.
Updated: 2026-04-09 16:19:08
标题: 探索神经过程中的时间表示对多模态动作预测的影响
摘要: 受人类理解和预测他人能力的启发,我们研究了条件神经过程(CNP)在机器人自监督多模态动作预测任务中的适用性。根据最近关于镜像神经元系统(MNS)发育的结果,我们专注于自动动作预测的初步目标。我们在现有的深度模态融合网络(DMBN)中找到了一个良好的受MNS启发的模型,能够通过利用CNP的概率生成,在部分观察到的动作序列中重建视觉-运动感官信号。经过定性和定量评估,我们强调了它在泛化到未见动作序列时的困难,并确定了其内部时间表示中的原因。因此,我们提出了一个修订版本,称为DMBN-位置时间编码(DMBN-PTE),它有助于学习更稳健的时间信息表示,并提供了其在扩展架构适用性方面有效性的初步结果。DMBN-PTE作为发展出能够自主学习预测长时间尺度动作并通过输入观察结果完善其预测的机器人系统的第一步。
更新时间: 2026-04-09 16:19:08
领域: cs.RO,cs.AI
Vulnerability Detection with Interprocedural Context in Multiple Languages: Assessing Effectiveness and Cost of Modern LLMs
Large Language Models (LLMs) have been a promising way for automated vulnerability detection. However, most prior studies have explored the use of LLMs to detect vulnerabilities only within single functions, disregarding those related to interprocedural dependencies. These studies overlook vulnerabilities that arise from data and control flows that span multiple functions. Thus, leveraging the context provided by callers and callees may help identify vulnerabilities. This study empirically investigates the effectiveness of detection, the inference cost, and the quality of explanations of four modern LLMs (Claude Haiku 4.5, GPT-4.1 Mini, GPT-5 Mini, and Gemini 3 Flash) in detecting vulnerabilities related to interprocedural dependencies. To do that, we conducted an empirical study on 509 vulnerabilities from the ReposVul dataset, systematically varying the level of interprocedural context (target function code-only, target function + callers, and target function + callees) and evaluating the four modern LLMs across C, C++, and Python. The results show that Gemini 3 Flash offers the best cost-effectiveness trade-off for C vulnerabilities, achieving F1 >= 0.978 at an estimated cost of $0.50-$0.58 per configuration, and Claude Haiku 4.5 correctly identified and explained the vulnerability in 93.6% of the evaluated cases. Overall, the findings have direct implications for the design of AI-assisted security analysis tools that can generalize across codebases in multiple programming languages.
Updated: 2026-04-09 16:17:58
标题: 跨语言多语境下的漏洞检测:评估现代LLMs的效果和成本
摘要: 大型语言模型(LLMs)已成为自动化漏洞检测的一种有前途的方式。然而,大多数先前的研究仅探讨了LLMs在检测漏洞方面仅限于单个函数,忽略了与程序间依赖关系相关的漏洞。这些研究忽视了由跨越多个函数的数据和控制流引起的漏洞。因此,利用调用者和被调用者提供的上下文可能有助于识别漏洞。本研究从实证角度研究了四种现代LLMs(Claude Haiku 4.5、GPT-4.1 Mini、GPT-5 Mini和Gemini 3 Flash)在检测与程序间依赖关系相关的漏洞方面的效果、推理成本和解释质量。为此,我们对来自ReposVul数据集的509个漏洞进行了实证研究,系统地变化程序间上下文的级别(目标函数仅代码、目标函数+调用者和目标函数+被调用者),并在C、C++和Python上评估了这四种现代LLMs。结果显示,对于C语言漏洞,Gemini 3 Flash提供了最佳的成本效益平衡,实现了F1 >= 0.978,估计成本为每个配置$0.50-$0.58,而Claude Haiku 4.5在93.6%的评估案例中正确识别并解释了漏洞。总的来说,这些发现对于设计可以横跨多种编程语言代码库的AI辅助安全分析工具具有直接意义。
更新时间: 2026-04-09 16:17:58
领域: cs.SE,cs.CR
Selective Attention System (SAS): Device-Addressed Speech Detection for Real-Time On-Device Voice AI
We study device-addressed speech detection under pre-ASR edge deployment constraints, where systems must decide whether to forward audio before transcription under strict latency and compute limits. We show that, in multi-speaker environments with temporally ambiguous utterances, this task is more effectively modelled as a sequential routing problem over interaction history than as an utterance-local classification task. We formalize this as Sequential Device-Addressed Routing (SDAR) and present the Selective Attention System (SAS), an on-device implementation that instantiates this formulation. On a held-out 60-hour multi-speaker English test set, the primary audio-only configuration achieves F1=0.86 (precision=0.89, recall=0.83); with an optional camera, audio+video fusion raises F1 to 0.95 (precision=0.97, recall=0.93). Removing causal interaction history (Stage~3) reduced F1 from 0.95 to 0.57+/-0.03 in the audio+video configuration under our evaluation protocol. Among the tested components, this was the largest observed ablation effect, indicating that short-horizon interaction history carries substantial decision-relevant information in the evaluated setting. SAS runs fully on-device on ARM Cortex-A class hardware (<150 ms latency, <20 MB footprint). All results are from internal evaluation on a proprietary dataset evaluated primarily in English; a 5-hour evaluation subset may be shared for independent verification (Section 8.8).
Updated: 2026-04-09 16:11:15
标题: 选择性注意系统(SAS):用于实时设备上的语音人工智能的设备定位语音检测
摘要: 我们研究了在预ASR边缘部署约束条件下的设备定位语音检测,系统必须在严格的延迟和计算限制下决定是否在转录之前转发音频。我们表明,在具有时间模糊话语的多说话者环境中,这一任务更有效地被建模为一个基于交互历史的顺序路由问题,而不是一个话语本地分类任务。我们将其形式化为顺序设备定位路由(SDAR),并提出选择性注意系统(SAS),这是一个在设备上实现这种表述的系统。 在一个包含60小时多说话者英语测试集的保留数据集上,主要的仅音频配置达到了F1=0.86(精度=0.89,召回率=0.83);在有可选摄像头的情况下,音频+视频融合将F1提升至0.95(精度=0.97,召回率=0.93)。去除因果交互历史(阶段3)在我们的评估协议下将音频+视频配置的F1从0.95降低到0.57+/-0.03。在测试的组件中,这是观察到的最大消蚀效应,表明在评估设置中,短视交互历史携带了大量决策相关信息。SAS在ARM Cortex-A类硬件上完全在设备上运行(<150毫秒延迟,<20 MB占用空间)。所有结果均来自在专有数据集上的内部评估,主要以英语为主;一个5小时的评估子集可用于独立验证(第8.8节)。
更新时间: 2026-04-09 16:11:15
领域: cs.SD,cs.AI,eess.AS
What a Comfortable World: Ergonomic Principles Guided Apartment Layout Generation
Current data-driven floor plan generation methods often reproduce the ergonomic inefficiencies found in real-world training datasets. To address this, we propose a novel approach that integrates architectural design principles directly into a transformer-based generative process. We formulate differentiable loss functions based on established architectural standards from literature to optimize room adjacency and proximity. By guiding the model with these ergonomic priors during training, our method produces layouts with significantly improved livability metrics. Comparative evaluations show that our approach outperforms baselines in ergonomic compliance while maintaining high structural validity.
Updated: 2026-04-09 16:11:01
标题: 一个舒适的世界:人体工程学原理指导的公寓布局生成
摘要: 目前基于数据驱动的楼层平面生成方法通常会复制现实世界培训数据集中存在的人体工程学低效性。为了解决这个问题,我们提出了一种将建筑设计原则直接整合到基于Transformer的生成过程中的新方法。我们根据文献中建立的建筑标准制定了可微损失函数,以优化房间的邻近性和接近性。通过在训练过程中引导模型使用这些人体工程学先验知识,我们的方法生成的布局具有显著改善的居住指标。比较评估结果显示,我们的方法在人体工程学合规性方面优于基线方法,同时保持高结构有效性。
更新时间: 2026-04-09 16:11:01
领域: cs.GR,cs.LG
Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain
Large language model (LLM) agents increasingly rely on third-party API routers to dispatch tool-calling requests across multiple upstream providers. These routers operate as application-layer proxies with full plaintext access to every in-flight JSON payload, yet no provider enforces cryptographic integrity between client and upstream model. We present the first systematic study of this attack surface. We formalize a threat model for malicious LLM API routers and define two core attack classes, payload injection (AC-1) and secret exfiltration (AC-2), together with two adaptive evasion variants: dependency-targeted injection (AC-1.a) and conditional delivery (AC-1.b). Across 28 paid routers purchased from Taobao, Xianyu, and Shopify-hosted storefronts and 400 free routers collected from public communities, we find 1 paid and 8 free routers actively injecting malicious code, 2 deploying adaptive evasion triggers, 17 touching researcher-owned AWS canary credentials, and 1 draining ETH from a researcher-owned private key. Two poisoning studies further show that ostensibly benign routers can be pulled into the same attack surface: a leaked OpenAI key generates 100M GPT-5.4 tokens and more than seven Codex sessions, while weakly configured decoys yield 2B billed tokens, 99 credentials across 440 Codex sessions, and 401 sessions already running in autonomous YOLO mode. We build Mine, a research proxy that implements all four attack classes against four public agent frameworks, and use it to evaluate three deployable client-side defenses: a fail-closed policy gate, response-side anomaly screening, and append-only transparency logging.
Updated: 2026-04-09 16:06:41
标题: 您的代理是我的代理:测量对LLM供应链的恶意中间人攻击
摘要: 大型语言模型(LLM)代理越来越依赖第三方API路由器来分发跨多个上游提供商的工具调用请求。这些路由器作为应用层代理运行,可以完全访问每个正在飞行的JSON有效载荷的明文,但没有提供商强制执行客户端和上游模型之间的加密完整性。我们提出了对这种攻击面的第一次系统研究。我们为恶意LLM API路由器形成了威胁模型,并定义了两个核心攻击类别,有效载荷注入(AC-1)和秘密外泄(AC-2),以及两种自适应规避变体:依赖目标注入(AC-1.a)和条件交付(AC-1.b)。在从淘宝、闲鱼和Shopify托管的商店购买的28个付费路由器和从公共社区收集的400个免费路由器中,我们发现1个付费路由器和8个免费路由器主动注入恶意代码,2个部署自适应规避触发器,17个触及研究者拥有的AWS金丝雀凭据,以及1个从研究者拥有的私钥中取出ETH。两项中毒研究进一步表明,表面上良性的路由器也可能被卷入同样的攻击面:泄露的OpenAI密钥生成了1亿GPT-5.4令牌和超过七个Codex会话,而配置薄弱的诱饵产生了20亿计费令牌、440个Codex会话中的99个凭据,和401个已经在自主YOLO模式下运行的会话。我们构建了Mine,一个研究代理,它对四个公共代理框架实现了所有四种攻击类别,并使用它评估了三种可部署的客户端防御措施:一个失败关闭策略门,响应端异常筛选和追加式透明度日志记录。
更新时间: 2026-04-09 16:06:41
领域: cs.CR
Let the Agent Steer: Closed-Loop Ranking Optimization via Influence Exchange
Recommendation ranking is fundamentally an influence allocation problem: a sorting formula distributes ranking influence among competing factors, and the business outcome depends on finding the optimal "exchange rates" among them. However, offline proxy metrics systematically misjudge how influence reallocation translates to online impact, with asymmetric bias across metrics that a single calibration factor cannot correct. We present Sortify, the first fully autonomous LLM-driven ranking optimization agent deployed in a large-scale production recommendation system. The agent reframes ranking optimization as continuous influence exchange, closing the full loop from diagnosis to parameter deployment without human intervention. It addresses structural problems through three mechanisms: (1) a dual-channel framework grounded in Savage's Subjective Expected Utility (SEU) that decouples offline-online transfer correction (Belief channel) from constraint penalty adjustment (Preference channel); (2) an LLM meta-controller operating on framework-level parameters rather than low-level search variables; (3) a persistent Memory DB with 7 relational tables for cross-round learning. Its core metric, Influence Share, provides a decomposable measure where all factor contributions sum to exactly 100%. Sortify has been deployed across two markets. In Country A, the agent pushed GMV from -3.6% to +9.2% within 7 rounds with peak orders reaching +12.5%. In Country B, a cold-start deployment achieved +4.15% GMV/UU and +3.58% Ads Revenue in a 7-day A/B test, leading to full production rollout.
Updated: 2026-04-09 16:04:48
标题: 让代理驾驭:通过影响交换进行闭环排名优化
摘要: 推荐排序基本上是一个影响分配问题:一个排序公式在竞争因素之间分配排序影响力,业务结果取决于找到它们之间的最佳“汇率”。然而,离线代理指标系统地误判了影响重新分配如何转化为在线影响,存在跨度不对称的偏差,单一校准因子无法纠正。 我们提出了Sortify,第一个在大规模生产推荐系统中部署的完全自主的LLM驱动的排序优化代理。该代理将排序优化重新定义为连续的影响交换,闭环从诊断到参数部署,无需人工干预。它通过三种机制解决结构问题:(1)基于Savage的主观期望效用(SEU)的双通道框架,将离线在线转移校正(信念通道)与约束惩罚调整(偏好通道)分离;(2)一个在框架级参数上操作的LLM元控制器,而不是低级搜索变量;(3)一个持久的Memory DB,包含7个关系表用于跨回合学习。其核心指标,影响份额,提供了一个可分解的度量,所有因素的贡献总和恰好为100%。 Sortify已在两个市场上部署。在A国,该代理在7轮内将GMV从-3.6%提高到+9.2%,峰值订单达到+12.5%。在B国,一个冷启动部署在7天的A/B测试中实现了+4.15%的GMV/UU和+3.58%的广告收入,导致全面的生产推出。
更新时间: 2026-04-09 16:04:48
领域: cs.AI
Adversarial Label Invariant Graph Data Augmentations for Out-of-Distribution Generalization
Out-of-distribution (OoD) generalization occurs when representation learning encounters a distribution shift. This occurs frequently in practice when training and testing data come from different environments. Covariate shift is a type of distribution shift that occurs only in the input data, while the concept distribution stays invariant. We propose RIA - Regularization for Invariance with Adversarial training, a new method for OoD generalization under convariate shift. Motivated by an analogy to $Q$-learning, it performs an adversarial exploration for training data environments. These new environments are induced by adversarial label invariant data augmentations that prevent a collapse to an in-distribution trained learner. It works with many existing OoD generalization methods for covariate shift that can be formulated as constrained optimization problems. We develop an alternating gradient descent-ascent algorithm to solve the problem, and perform extensive experiments on OoD graph classification for various kinds of synthetic and natural distribution shifts. We demonstrate that our method can achieve high accuracy compared with OoD baselines.
Updated: 2026-04-09 16:02:07
标题: 对抗性标签不变图数据增强用于超出分布的泛化
摘要: 超出分布(OoD)泛化发生在表示学习遇到分布偏移时。在实践中,当训练和测试数据来自不同环境时,这种情况经常发生。协变量偏移是一种仅发生在输入数据中的分布偏移类型,而概念分布保持不变。我们提出了RIA - 具有对抗训练的不变性正则化,这是一种在协变量偏移下进行OoD泛化的新方法。受到$Q$-learning的类比启发,它对训练数据环境进行对抗性探索。这些新环境是由对抗标签不变数据增强引起的,防止了对一个在分布内训练的学习者的崩溃。它与许多现有的可以被构建为受限制的优化问题的协变量偏移的OoD泛化方法一起工作。我们开发了一种交替梯度下降-上升算法来解决这个问题,并对各种合成和自然分布偏移的OoD图分类进行了广泛实验。我们证明了我们的方法与OoD基线相比可以取得很高的准确性。
更新时间: 2026-04-09 16:02:07
领域: cs.LG,stat.ML
Verify Before You Commit: Towards Faithful Reasoning in LLM Agents via Self-Auditing
In large language model (LLM) agents, reasoning trajectories are treated as reliable internal beliefs for guiding actions and updating memory. However, coherent reasoning can still violate logical or evidential constraints, allowing unsupported beliefs repeatedly stored and propagated across decision steps, leading to systematic behavioral drift in long-horizon agentic systems. Most existing strategies rely on the consensus mechanism, conflating agreement with faithfulness. In this paper, inspired by the vulnerability of unfaithful intermediate reasoning trajectories, we propose \textbf{S}elf-\textbf{A}udited \textbf{Ve}rified \textbf{R}easoning (\textsc{SAVeR}), a novel framework that enforces verification over internal belief states within the agent before action commitment, achieving faithful reasoning. Concretely, we structurally generate persona-based diverse candidate beliefs for selection under a faithfulness-relevant structure space. To achieve reasoning faithfulness, we perform adversarial auditing to localize violations and repair through constraint-guided minimal interventions under verifiable acceptance criteria. Extensive experiments on six benchmark datasets demonstrate that our approach consistently improves reasoning faithfulness while preserving competitive end-task performance.
Updated: 2026-04-09 16:01:03
标题: 在承诺之前进行验证:通过自审计实现LLM代理的忠实推理
摘要: 在大型语言模型(LLM)代理中,推理轨迹被视为可靠的内部信念,用于引导行动和更新记忆。然而,连贯的推理仍可能违反逻辑或证据约束,导致不受支持的信念在决策步骤中反复存储和传播,从而导致长期视角的代理系统中出现系统性行为漂移。大多数现有策略依赖于共识机制,将一致性与忠诚度混为一谈。在本文中,受到不忠诚中间推理轨迹的脆弱性的启发,我们提出了一种新颖的框架,即自我审计验证推理(SAVeR),该框架在代理之内强制执行对内部信念状态的验证,以实现忠诚的推理。具体而言,我们在与忠诚度相关的结构空间下结构化地生成基于人物的多样候选信念,以供选择。为了实现推理的忠诚度,我们进行对抗审计,通过受验证的接受标准在约束引导下进行最小干预来定位违规并修复。在六个基准数据集上的大量实验表明,我们的方法始终提高推理的忠诚度,同时保持竞争性的最终任务性能。
更新时间: 2026-04-09 16:01:03
领域: cs.AI,cs.CL
Zero-shot Multivariate Time Series Forecasting Using Tabular Prior Fitted Networks
Tabular foundation models, particularly Prior-data Fitted Networks like TabPFN have emerged as the leading contender in a myriad of tasks ranging from data imputation to label prediction on the tabular data format surpassing the historical successes of tree-based models. This has led to investigations on their applicability to forecasting time series data which can be formulated as a tabular problem. While recent work to this end has displayed positive results, most works have limited their treatment of multivariate time series problems to several independent univariate time series forecasting subproblems, thus ignoring any inter-channel interactions. Overcoming this limitation, we introduce a generally applicable framework for multivariate time series forecasting using tabular foundation models. We achieve this by recasting the multivariate time series forecasting problem as a series of scalar regression problems which can then be solved zero-shot by any tabular foundation model with regression capabilities. We present results of our method using the TabPFN-TS backbone and compare performance with the current state of the art tabular methods.
Updated: 2026-04-09 16:00:02
标题: 零样本多变量时间序列预测使用基于表格先验拟合网络
摘要: 表格基础模型,特别是像TabPFN这样的先验数据拟合网络已经成为各种任务中的领先竞争者,从数据插补到标签预测在表格数据格式上超越了基于树的模型的历史成功。这导致人们对它们在预测时间序列数据方面的适用性进行了研究,这可以被公式化为一个表格问题。虽然最近的工作显示出积极的结果,但大多数工作将多变量时间序列问题的处理限制在几个独立的单变量时间序列预测子问题上,从而忽略了任何通道间的相互作用。为了克服这一限制,我们引入了一个通用的框架,用于使用表格基础模型进行多变量时间序列预测。我们通过将多变量时间序列预测问题重新构建为一系列标量回归问题来实现这一点,然后可以由具有回归能力的任何表格基础模型进行零次解决。我们使用TabPFN-TS骨干的方法的结果,并将性能与目前的最先进的表格方法进行比较。
更新时间: 2026-04-09 16:00:02
领域: cs.LG,cs.AI
ADAPTive Input Training for Many-to-One Pre-Training on Time-Series Classification
Recent work on time-series models has leveraged self-supervised training to learn meaningful features and patterns in order to improve performance on downstream tasks and generalize to unseen modalities. While these pretraining methods have shown great promise in one-to-many scenarios, where a model is pre-trained on one dataset and fine-tuned on a downstream dataset, they have struggled to generalize to new datasets when more datasets are added during pre-training. This is a fundamental challenge in building foundation models for time-series data, as it limits the ability to develop models that can learn from a large variety of diverse datasets available. To address this challenge, we present a new pre-training paradigm for time-series data called ADAPT, which can efficiently align the physical properties of data in the time-series domain, enabling mixed-batch pre-training despite the extreme discrepancies in the input sizes and channel dimensions of pre-training data. We trained on 162 time-series classification datasets and set new state-of-the-art performance for classification benchmarks. We successfully train a model within the time-series domain on a wide range of datasets simultaneously, which is a major building block for building generalist foundation models in time-series domains.
Updated: 2026-04-09 15:58:30
标题: 《适应性输入训练用于时间序列分类的多对一预训练》
摘要: 最近关于时间序列模型的研究已经利用自监督训练来学习有意义的特征和模式,以提高在下游任务上的性能并推广到未见过的模态。虽然这些预训练方法在一对多的情况下表现出了极大的潜力,即模型在一个数据集上进行预训练,然后在下游数据集上进行微调,但是当在预训练过程中添加更多数据集时,它们很难推广到新的数据集。这是构建时间序列数据基础模型的一个基本挑战,因为它限制了开发可以从各种多样化数据集中学习的模型的能力。为了解决这一挑战,我们提出了一种新的时间序列数据预训练范式,称为ADAPT,它可以有效地调整数据在时间序列领域的物理特性,实现混合批次预训练,尽管预训练数据的输入大小和通道维度存在极端差异。我们在162个时间序列分类数据集上进行了训练,并为分类基准测试设定了新的最新性能。我们成功地在时间序列领域内同时在各种数据集上训练模型,这是构建时间序列领域通用基础模型的一个重要基础。
更新时间: 2026-04-09 15:58:30
领域: cs.LG,cs.AI
Phantasia: Context-Adaptive Backdoors in Vision Language Models
Recent advances in Vision-Language Models (VLMs) have greatly enhanced the integration of visual perception and linguistic reasoning, driving rapid progress in multimodal understanding. Despite these achievements, the security of VLMs, particularly their vulnerability to backdoor attacks, remains significantly underexplored. Existing backdoor attacks on VLMs are still in an early stage of development, with most current methods relying on generating poisoned responses that contain fixed, easily identifiable patterns. In this work, we make two key contributions. First, we demonstrate for the first time that the stealthiness of existing VLM backdoor attacks has been substantially overestimated. By adapting defense techniques originally designed for other domains (e.g., vision-only and text-only models), we show that several state-of-the-art attacks can be detected with surprising ease. Second, to address this gap, we introduce Phantasia, a context-adaptive backdoor attack that dynamically aligns its poisoned outputs with the semantics of each input. Instead of producing static poisoned patterns, Phantasia encourages models to generate contextually coherent yet malicious responses that remain plausible, thereby significantly improving stealth and adaptability. Extensive experiments across diverse VLM architectures reveal that Phantasia achieves state-of-the-art attack success rates while maintaining benign performance under various defensive settings.
Updated: 2026-04-09 15:55:33
标题: 幻想:上下文自适应的视觉语言模型后门
摘要: 最近在视觉-语言模型(VLMs)方面取得的进展极大地增强了视觉感知和语言推理的整合,推动了多模态理解的快速进展。尽管取得了这些成就,VLMs的安全性,特别是它们对后门攻击的脆弱性,仍然受到极大忽视。现有的对VLMs的后门攻击仍处于发展的早期阶段,大多数当前方法都依赖于生成包含固定、易于识别模式的有毒响应。在这项工作中,我们做出了两个关键贡献。首先,我们首次展示了现有VLM后门攻击的隐蔽性被大大高估。通过调整最初设计用于其他领域(例如,仅视觉和仅文本模型)的防御技术,我们展示了几种先进的攻击可以被出奇地容易地检测到。其次,为了解决这一差距,我们引入了Phantasia,这是一种上下文自适应的后门攻击,它动态地将其有毒输出与每个输入的语义对齐。Phantasia鼓励模型生成在语境上连贯但恶意的响应,这些响应仍然是合理的,从而显着提高了隐蔽性和适应性。在各种VLM架构上进行的大量实验表明,Phantasia在保持良性性能的同时实现了最先进的攻击成功率。
更新时间: 2026-04-09 15:55:33
领域: cs.CV,cs.AI
Awakening the Sleeping Agent: Lean-Specific Agentic Data Reactivates General Tool Use in Goedel Prover
Heavy supervised fine-tuning on a target domain can strongly suppress capabilities that were present in the base model. We study this phenomenon in formal mathematics using Goedel-Prover-V2, an open-source model heavily trained on 1.8 million formal-math examples. After domain specialization, the model almost completely loses its ability to produce valid tool calls, even when explicitly instructed to use tools, dropping from 89.4% function-calling accuracy in the base model to nearly 0%. We ask whether this agentic collapse is permanent or instead reversible. To answer this question, we fine-tune the specialized model on a small amount of Lean-specific tool-use data. Remarkably, as few as 100 agentic traces are sufficient to restore strong tool-calling behavior. Importantly, this recovery is not the result of reward hacking or benchmark-specific optimization: the recovery data is entirely drawn from the Lean setting, where the model uses natural-language queries to search the Mathlib library for relevant theorems and lemmas, yet the regained capability transfers well beyond that domain. In particular, these same 100 Lean-specific traces improve performance on the Berkeley Function Calling Leaderboard from near zero to 83.8%, approaching the base model's 89.4% despite the mismatch in task distribution and protocol. The recovered capability is also practically useful in-domain. On ProofNet, pass@32 improves from 21.51% to 25.81%. Together, these results show that heavy domain supervised fine-tuning can suppress general tool-use ability without permanently erasing it, and that a small amount of domain-specific agentic data can awaken dormant tool-use capabilities.
Updated: 2026-04-09 15:47:29
标题: 唤醒沉睡的代理:在Goedel定理证明器中,具有精益特性的代理数据重新激活了通用工具使用
摘要: 在目标领域上进行重度监督微调可能会严重抑制基础模型中存在的能力。我们在形式数学中研究了这一现象,使用了Goedel-Prover-V2,这是一个在180万个形式数学示例上进行了大量训练的开源模型。在领域专业化之后,该模型几乎完全失去了产生有效工具调用的能力,即使明确要求使用工具,从基础模型中的89.4%功能调用准确度下降到接近0%。我们想知道这种代理崩溃是永久性的还是可逆的。为了回答这个问题,我们在少量Lean特定的工具使用数据上对专业化模型进行微调。令人惊讶的是,仅有100个代理追踪就足以恢复强大的工具调用行为。重要的是,这种恢复不是奖励欺骗或基准特定优化的结果:恢复数据完全来自Lean环境,在这里,模型使用自然语言查询搜索Mathlib库以获得相关定理和引理,然而,恢复的能力远远超出了该领域。特别是,这相同的100个Lean特定迹象将伯克利功能调用排行榜上的性能从接近零提高到83.8%,接近基础模型的89.4%,尽管任务分布和协议不匹配。恢复的能力在领域内也是实用的。在ProofNet上,pass@32从21.51%提高到25.81%。总的来说,这些结果表明,重度领域监督微调可能会抑制通用工具使用能力,但并不会永久消除它,少量领域特定的代理数据可以唤醒潜在的工具使用能力。
更新时间: 2026-04-09 15:47:29
领域: cs.AI
TASU2: Controllable CTC Simulation for Alignment and Low-Resource Adaptation of Speech LLMs
Speech LLM post-training increasingly relies on efficient cross-modal alignment and robust low-resource adaptation, yet collecting large-scale audio-text pairs remains costly. Text-only alignment methods such as TASU reduce this burden by simulating CTC posteriors from transcripts, but they provide limited control over uncertainty and error rate, making curriculum design largely heuristic. We propose \textbf{TASU2}, a controllable CTC simulation framework that simulates CTC posterior distributions under a specified WER range, producing text-derived supervision that better matches the acoustic decoding interface. This enables principled post-training curricula that smoothly vary supervision difficulty without TTS. Across multiple source-to-target adaptation settings, TASU2 improves in-domain and out-of-domain recognition over TASU, and consistently outperforms strong baselines including text-only fine-tuning and TTS-based augmentation, while mitigating source-domain performance degradation.
Updated: 2026-04-09 15:44:45
标题: TASU2:可控CTC模拟用于语音LLM的对齐和低资源适应
摘要: 训练后的语音LMM越来越依赖于高效的跨模态对齐和稳健的低资源适应,然而收集大规模的音频文本对仍然成本高昂。仅文本对齐方法如TASU通过从转录中模拟CTC后验减轻了这一负担,但它们对不确定性和错误率的控制有限,使得课程设计主要是启发式的。我们提出了\textbf{TASU2},一个可控的CTC模拟框架,它在指定的WER范围内模拟CTC后验分布,产生更符合声学译码界面的文本衍生监督。这使得基于原则的后训练课程能够在没有TTS的情况下平滑变化监督难度。在多个源到目标适应设置中,TASU2相比于TASU改进了领域内和领域外的识别能力,并始终优于包括仅文本微调和基于TTS的增强在内的强基线方法,同时减轻了源领域性能下降的影响。
更新时间: 2026-04-09 15:44:45
领域: eess.AS,cs.AI
A GAN and LLM-Driven Data Augmentation Framework for Dynamic Linguistic Pattern Modeling in Chinese Sarcasm Detection
Sarcasm is a rhetorical device that expresses criticism or emphasizes characteristics of certain individuals or situations through exaggeration, irony, or comparison. Existing methods for Chinese sarcasm detection are constrained by limited datasets and high construction costs, and they mainly focus on textual features, overlooking user-specific linguistic patterns that shape how opinions and emotions are expressed. This paper proposes a Generative Adversarial Network (GAN) and Large Language Model (LLM)-driven data augmentation framework to dynamically model users' linguistic patterns for enhanced Chinese sarcasm detection. First, we collect raw data from various topics on Sina Weibo. Then, we train a GAN on these data and apply a GPT-3.5 based data augmentation technique to synthesize an extended sarcastic comment dataset, named SinaSarc. This dataset contains target comments, contextual information, and user historical behavior. Finally, we extend the BERT architecture to incorporate multi-dimensional information, particularly user historical behavior, enabling the model to capture dynamic linguistic patterns and uncover implicit sarcastic cues in comments. Experimental results demonstrate the effectiveness of our proposed method. Specifically, our model achieves the highest F1-scores on both the non-sarcastic and sarcastic categories, with values of 0.9138 and 0.9151 respectively, which outperforms all existing state-of-the-art (SOTA) approaches. This study presents a novel framework for dynamically modeling users' long-term linguistic patterns in Chinese sarcasm detection, contributing to both dataset construction and methodological advancement in this field.
Updated: 2026-04-09 15:43:03
标题: 一个由GAN和LLM驱动的数据增强框架,用于在中国讽刺检测中进行动态语言模式建模
摘要: 讽刺是一种修辞手法,通过夸张、讽刺或比较来表达对某些个体或情况的批评或强调特征。现有的中文讽刺检测方法受到数据集有限和构建成本高的限制,它们主要集中在文本特征上,忽视了塑造意见和情绪表达方式的用户特定语言模式。本文提出了一种生成对抗网络(GAN)和大型语言模型(LLM)驱动的数据增强框架,以动态地模拟用户的语言模式,从而增强中文讽刺检测。首先,我们从新浪微博的各种话题中收集原始数据。然后,我们在这些数据上训练一个GAN,并应用基于GPT-3.5的数据增强技术,合成一个名为SinaSarc的扩展讽刺评论数据集。该数据集包含目标评论、上下文信息和用户历史行为。最后,我们扩展了BERT架构,以整合多维信息,特别是用户历史行为,使模型能够捕捉动态的语言模式,并揭示评论中隐含的讽刺线索。实验结果表明了我们提出的方法的有效性。具体而言,我们的模型在非讽刺和讽刺类别上均取得了最高的F1分数,分别为0.9138和0.9151,优于所有现有的最先进方法。本研究提出了一个新颖的框架,用于动态地模拟用户在中文讽刺检测中的长期语言模式,为数据集构建和方法论进步在这一领域做出了贡献。
更新时间: 2026-04-09 15:43:03
领域: cs.CL,cs.AI
SkillClaw: Let Skills Evolve Collectively with Agentic Evolver
Large language model (LLM) agents such as OpenClaw rely on reusable skills to perform complex tasks, yet these skills remain largely static after deployment. As a result, similar workflows, tool usage patterns, and failure modes are repeatedly rediscovered across users, preventing the system from improving with experience. While interactions from different users provide complementary signals about when a skill works or fails, existing systems lack a mechanism to convert such heterogeneous experiences into reliable skill updates. To address these issues, we present SkillClaw, a framework for collective skill evolution in multi-user agent ecosystems, which treats cross-user and over-time interactions as the primary signal for improving skills. SkillClaw continuously aggregates trajectories generated during use and processes them with an autonomous evolver, which identifies recurring behavioral patterns and translates them into updates to the skill set by refining existing skills or extending them with new capabilities. The resulting skills are maintained in a shared repository and synchronized across users, allowing improvements discovered in one context to propagate system-wide while requiring no additional effort from users. By integrating multi-user experience into ongoing skill updates, SkillClaw enables cross-user knowledge transfer and cumulative capability improvement, and experiments on WildClawBench show that limited interaction and feedback, it significantly improves the performance of Qwen3-Max in real-world agent scenarios.
Updated: 2026-04-09 15:38:27
标题: SkillClaw:让技能与主动进化者共同进化
摘要: 大型语言模型(LLM)代理,如OpenClaw,依赖可重复使用的技能执行复杂任务,但这些技能在部署后仍然基本静态。因此,用户之间反复重新发现类似的工作流程、工具使用模式和故障模式,阻碍了系统随着经验的积累而改进。虽然来自不同用户的互动提供了关于技能何时有效或失败的互补信号,但现有系统缺乏将这种异质体验转化为可靠技能更新的机制。为了解决这些问题,我们提出了SkillClaw,一个用于多用户代理生态系统中集体技能演化的框架,将跨用户和随时间变化的互动视为提升技能的主要信号。SkillClaw持续聚合使用过程中生成的轨迹,并通过自主进化器处理这些轨迹,识别重复的行为模式,并通过优化现有技能或扩展它们的新功能来将其转化为技能集的更新。生成的技能存储在共享存储库中,并在用户之间同步,使得在一个环境中发现的改进能够在整个系统范围内传播,同时不需要用户额外付出努力。通过将多用户体验整合到持续的技能更新中,SkillClaw实现了跨用户知识传递和能力的累积改进,实验证明,在WildClawBench上的实际代理场景中,即使有限的互动和反馈,它也显著提高了Qwen3-Max的性能。
更新时间: 2026-04-09 15:38:27
领域: cs.AI,cs.CL
MCLR: Improving Conditional Modeling via Inter-Class Likelihood-Ratio Maximization and Unifying Classifier-Free Guidance with Alignment Objectives
Diffusion models have achieved state-of-the-art performance in generative modeling, but their success often relies heavily on classifier-free guidance (CFG), an inference-time heuristic that modifies the sampling trajectory. From a theoretical perspective, diffusion models trained with standard denoising score matching (DSM) are expected to recover the target data distribution, raising the question of why inference-time guidance is necessary in practice. In this work, we ask whether the DSM training objective can be modified in a principled manner such that standard reverse-time sampling, without inference-time guidance, yields effects comparable to CFG. We identify insufficient inter-class separation as a key limitation of standard diffusion models. To address this, we propose MCLR, a principled alignment objective that explicitly maximizes inter-class likelihood-ratios during training. Models fine-tuned with MCLR exhibit CFG-like improvements under standard sampling, achieving comparable qualitative and quantitative gains without requiring inference-time guidance. Beyond empirical benefits, we provide a theoretical result showing that the CFG-guided score is exactly the optimal solution to a weighted MCLR objective. This establishes a formal equivalence between classifier-free guidance and alignment-based objectives, offering a mechanistic interpretation of CFG.
Updated: 2026-04-09 15:35:52
标题: MCLR: 通过类间似然比最大化改善条件建模,并将无分类器指导与对齐目标统一化
摘要: 扩散模型在生成建模中取得了最先进的性能,但它们的成功往往严重依赖于无分类器指导(CFG),这是一种在推理时修改采样轨迹的启发式方法。从理论角度来看,使用标准去噪得分匹配(DSM)训练的扩散模型应该能够恢复目标数据分布,这引发了一个实践中为什么需要推理时间指导的问题。在这项工作中,我们探讨了是否可以以一种原则性的方式修改DSM训练目标,使得标准的反时采样,在没有推理时间指导的情况下,产生与CFG相当的效果。我们发现标准扩散模型的一个关键限制是类间分离不足。为了解决这个问题,我们提出了MCLR,这是一个明确在训练过程中最大化类间似然比的原则性对齐目标。经过MCLR微调的模型在标准采样下表现出与CFG类似的改进,实现了可比的定性和定量收益,而无需推理时间指导。除了实证益处外,我们提供了一个理论结果,显示CFG引导得分正是加权MCLR目标的最优解。这建立了无分类器指导和基于对齐的目标之间的形式等价性,为CFG提供了一种机械解释。
更新时间: 2026-04-09 15:35:52
领域: cs.LG,cs.AI,cs.CV
Don't Overthink It: Inter-Rollout Action Agreement as a Free Adaptive-Compute Signal for LLM Agents
Inference-time compute scaling has emerged as a powerful technique for improving the reliability of large language model (LLM) agents, but existing methods apply compute uniformly: every decision step receives the same budget regardless of its difficulty. We introduce TrACE (Trajectorical Adaptive Compute via agrEement), a training-free controller that allocates LLM calls adaptively across agent timesteps by measuring inter-rollout action agreement. At each step, TrACE samples a small set of candidate next actions and measures how consistently the model commits to the same action. High agreement signals an easy decision; the controller commits immediately. Low agreement signals uncertainty; the controller samples additional rollouts up to a configurable cap before committing to the plurality action. No learned components, no external verifier, and no human labels are required. We evaluate TrACE against greedy decoding and fixed-budget self-consistency (SC-4, SC-8) on two benchmarks spanning single-step reasoning (GSM8K, n=50) and multi-step household navigation (MiniHouse, n=30), using a Qwen 2.5 3B Instruct model running on CPU. TrACE-4 matches SC-4 accuracy while using 33% fewer LLM calls on GSM8K and 39% fewer on MiniHouse. TrACE-8 matches SC-8 accuracy with 55% fewer calls on GSM8K and 65% fewer on MiniHouse. We further show that inter-rollout agreement is a reliable signal of step-level success, validating the core hypothesis that the model's own output consistency encodes difficulty information that can be exploited without training. TrACE is the first training-free, per-timestep adaptive-compute controller for LLM agents to be evaluated on multi-step sequential decision tasks.
Updated: 2026-04-09 15:34:22
标题: 不要想得太多:互相滚动行动协议作为LLM代理的自由自适应计算信号
摘要: 推断时间计算缩放已经成为提高大型语言模型(LLM)代理可靠性的强大技术,但现有方法将计算应用均匀:每个决策步骤都会获得相同的预算,而不考虑其难度。我们引入了TrACE(Trajectorical Adaptive Compute via agrEement),这是一个无需训练的控制器,通过测量跨回滚动作一致性来自适应地分配LLM调用到代理时间步。在每个步骤中,TrACE会对一小组候选的下一步动作进行抽样,并测量模型如何一致地选择相同的动作。高一致性表示决策容易;控制器立即做出决定。低一致性表示不确定性;控制器在做出多数动作之前会抽样额外的回滚动作,直到达到可配置的上限。不需要学习组件,也不需要外部验证器和人类标签。我们在两个基准测试上评估了TrACE,分别是贪婪解码和固定预算自一致性(SC-4、SC-8),这两个基准测试涵盖了单步推理(GSM8K,n=50)和多步家庭导航(MiniHouse,n=30),使用在CPU上运行的Qwen 2.5 3B Instruct模型。在GSM8K上,TrACE-4与SC-4的准确性相匹配,同时使用的LLM调用减少了33%,在MiniHouse上减少了39%。在GSM8K上,TrACE-8与SC-8的准确性相匹配,同时使用的调用减少了55%,在MiniHouse上减少了65%。我们进一步表明,跨回滚一致性是步骤级成功的可靠信号,验证了核心假设,即模型自身的输出一致性编码了可在无需训练的情况下利用的难度信息。TrACE是第一个在多步序贯决策任务上评估的无需训练的、每个时间步自适应计算控制器,用于LLM代理。
更新时间: 2026-04-09 15:34:22
领域: cs.AI,cs.CL,cs.MA
SOLAR: Communication-Efficient Model Adaptation via Subspace-Oriented Latent Adapter Reparametrization
Parameter-efficient fine-tuning (PEFT) methods, such as LoRA, enable scalable adaptation of foundation models by injecting low-rank adapters. However, their communication and storage costs remain a major bottleneck in resource-constrained settings. We propose SOLAR (Subspace-Oriented Latent Adapter Reparameterization), a post-training compression framework that substantially reduces the communication cost (i.e., the number of parameters to transmit or store) of PEFT adapters. SOLAR expresses each PEFT update as a linear combination of basis vectors formed from the foundation model's singular vectors with controlled random perturbations. By exploiting the subspace similarity (the alignment of principal directions) between the foundation model and task-specific fine-tuned updates, SOLAR decouples the adapter size from PEFT structure and ensures compact yet expressive representations. It is model-agnostic and compatible with existing PEFT methods, including LoRA, AdaLoRA, and other adapter modules. We theoretically establish a bound on the reconstruction error. Experiments on language and vision tasks using LLaMA, GPT, and ViT models demonstrate that SOLAR preserves task performance while significantly reducing model representation sizes, offering an effective and communication-efficient solution for deployment in distributed systems and edge devices.
Updated: 2026-04-09 15:34:13
标题: 太阳能:通过基于子空间的潜在适配器重新参数化实现通信高效的模型适应
摘要: 参数高效微调(PEFT)方法,如LoRA,通过注入低秩适配器实现基础模型的可伸缩适应。然而,在资源受限的环境中,它们的通信和存储成本仍然是一个主要瓶颈。我们提出了SOLAR(基于子空间定向的潜在适配器重参数化),这是一个后训练压缩框架,可以大大减少PEFT适配器的通信成本(即要传输或存储的参数数量)。SOLAR将每个PEFT更新表示为基础模型的奇异向量和受控随机扰动形成的基向量的线性组合。通过利用基础模型和任务特定的微调更新之间的子空间相似性(主要方向的对齐),SOLAR将适配器的大小与PEFT结构解耦,并确保紧凑而富有表现力的表示。它是与现有PEFT方法兼容的模型无关的,并且与LoRA、AdaLoRA和其他适配器模块兼容。我们在LLaMA、GPT和ViT模型上进行的语言和视觉任务实验证明,SOLAR保持任务性能的同时显著减小了模型表示大小,为在分布式系统和边缘设备中部署提供了一种有效且通信高效的解决方案。
更新时间: 2026-04-09 15:34:13
领域: cs.LG,cs.CL,cs.CV
Scaling-Aware Data Selection for End-to-End Autonomous Driving Systems
Large-scale deep learning models for physical AI applications depend on diverse training data collection efforts. These models and correspondingly, the training data, must address different evaluation criteria necessary for the models to be deployable in real-world environments. Data selection policies can guide the development of the training set, but current frameworks do not account for the ambiguity in how data points affect different metrics. In this work, we propose Mixture Optimization via Scaling-Aware Iterative Collection (MOSAIC), a general data selection framework that operates by: (i) partitioning the dataset into domains; (ii) fitting neural scaling laws from each data domain to the evaluation metrics; and (iii) optimizing a data mixture by iteratively adding data from domains that maximize the change in metrics. We apply MOSAIC to autonomous driving (AD), where an End-to-End (E2E) planner model is evaluated on the Extended Predictive Driver Model Score (EPDMS), an aggregate of driving rule compliance metrics. Here, MOSAIC outperforms a diverse set of baselines on EPDMS with up to 80\% less data.
Updated: 2026-04-09 15:33:00
标题: "面向端到端自动驾驶系统的数据选择中考虑规模问题"
摘要: 物理AI应用的大规模深度学习模型依赖于多样化的训练数据收集工作。这些模型以及相应的训练数据必须满足不同的评估标准,以便在实际环境中部署。数据选择策略可以指导训练集的开发,但当前的框架并未考虑数据点对不同指标的影响模糊性。在本文中,我们提出了一种称为MOSAIC(Mixture Optimization via Scaling-Aware Iterative Collection)的通用数据选择框架,其操作方式为:(i)将数据集划分为域;(ii)从每个数据域拟合神经网络缩放定律到评估指标;(iii)通过迭代添加最大化指标变化的域数据来优化数据混合。我们将MOSAIC应用于自动驾驶(AD),在这里,一个端到端(E2E)规划器模型在扩展预测驾驶员模型得分(EPDMS)上进行评估,这是驾驶规则遵从度指标的总和。在EPDMS上,MOSAIC比多种基准模型表现更好,所需数据量最多减少80%。
更新时间: 2026-04-09 15:33:00
领域: cs.LG,cs.AI,cs.CV
SeMoBridge: Semantic Modality Bridge for Efficient Few-Shot Adaptation of CLIP
While Contrastive Language-Image Pretraining (CLIP) excels at zero-shot tasks by aligning image and text embeddings, its performance in few-shot classification is hindered by a critical limitation: intra-modal misalignment. This issue, caused by a persistent modality gap and CLIP's exclusively inter-modal training objective, leaves the embedding spaces uncalibrated, making direct image-to-image comparisons unreliable. Existing methods attempt to address this by refining similarity logits or by computationally expensive per-sample optimization. To overcome these challenges, we introduce SeMoBridge, a lightweight yet powerful approach that directly addresses the misalignment. Our method maps images into the text modality, while keeping their semantic content intact through what we call a Semantic Modality Bridge. SeMoBridge is closed-form and can optionally be trained through multi-modal supervision, combining image and text-alignment losses to optimize the projection. Experiments show that the trained version, SeMoBridge-T, requires only a fraction of the training time while overall outperforming other methods, particularly in low-data scenarios (1, 2, and 4 shots). The code is available at https://github.com/christti98/semobridge.
Updated: 2026-04-09 15:28:40
标题: SeMoBridge:用于高效少样本适应CLIP的语义模态桥梁
摘要: 尽管对比语言图像预训练(CLIP)通过对齐图像和文本嵌入在零样本任务中表现出色,但其在少样本分类中的性能受到一个关键限制的阻碍:内模态不对齐。这个问题是由于持续的模态差距和CLIP的独占性跨模态训练目标所致,导致嵌入空间未经校准,使直接图像对比变得不可靠。现有方法尝试通过优化相似度logits或通过计算昂贵的每个样本优化来解决这个问题。为了克服这些挑战,我们引入了SeMoBridge,一种轻量而强大的方法,直接解决了不对齐问题。我们的方法将图像映射到文本模态,同时通过我们称之为语义模态桥梁来保持它们的语义内容完整。SeMoBridge是闭合形式的,可以选择通过多模态监督进行训练,结合图像和文本对齐损失来优化投影。实验证明,经过训练的版本SeMoBridge-T只需要很少的训练时间,而且在整体上表现优于其他方法,特别是在低数据情况下(1、2和4次拍摄)。代码可在https://github.com/christti98/semobridge找到。
更新时间: 2026-04-09 15:28:40
领域: cs.CV,cs.AI,cs.LG
OxEnsemble: Fair Ensembles for Low-Data Classification
We address the problem of fair classification in settings where data is scarce and unbalanced across demographic groups. Such low-data regimes are common in domains like medical imaging, where false negatives can have fatal consequences. We propose a novel approach \emph{OxEnsemble} for efficiently training ensembles and enforcing fairness in these low-data regimes. Unlike other approaches, we aggregate predictions across ensemble members, each trained to satisfy fairness constraints. By construction, \emph{OxEnsemble} is both data-efficient -- carefully reusing held-out data to enforce fairness reliably -- and compute-efficient, requiring little more compute than used to fine-tune or evaluate an existing model. We validate this approach with new theoretical guarantees. Experimentally, our approach yields more consistent outcomes and stronger fairness-accuracy trade-offs than existing methods across multiple challenging medical imaging classification datasets.
Updated: 2026-04-09 15:26:19
标题: OxEnsemble:低数据分类的公平集成模型
摘要: 我们讨论了在数据稀缺且在人口统计学群体之间不平衡的情况下进行公平分类的问题。这种低数据情况在医学影像等领域很常见,错误的阴性结果可能导致致命后果。我们提出了一种新颖的方法“OxEnsemble”,用于有效地训练集成模型并在这些低数据情况下强制执行公平性。与其他方法不同,我们在集成成员之间聚合预测,每个成员都经过训练以满足公平性约束。通过构建,OxEnsemble既具有数据高效性--精心重复使用保留数据以可靠地实施公平性--又具有计算高效性,仅需要比微调或评估现有模型所需的计算资源稍多一点。我们通过新的理论保证验证了这种方法。在实验中,我们的方法在多个具有挑战性的医学影像分类数据集上产生了更一致的结果,以及更强的公平性-准确性权衡,比现有方法更好。
更新时间: 2026-04-09 15:26:19
领域: cs.CV,cs.CY,cs.LG
Stop Listening to Me! How Multi-turn Conversations Can Degrade LLM Diagnostic Reasoning
Patients and clinicians are increasingly using chatbots powered by large language models (LLMs) for healthcare inquiries. While state-of-the-art LLMs exhibit high performance on static diagnostic reasoning benchmarks, their efficacy across multi-turn conversations, which better reflect real-world usage, has been understudied. In this paper, we evaluate 17 LLMs across three clinical datasets to investigate how partitioning the decision-space into multiple simpler turns of conversation influences their diagnostic reasoning. Specifically, we develop a "stick-or-switch" evaluation framework to measure model conviction (i.e., defending a correct diagnosis or safe abstention against incorrect suggestions) and flexibility (i.e., recognizing a correct suggestion when it is introduced) across conversations. Our experiments reveal the conversation tax, where multi-turn interactions consistently degrade performance when compared to single-shot baselines. Notably, models frequently abandon initial correct diagnoses and safe abstentions to align with incorrect user suggestions. Additionally, several models exhibit blind switching, failing to distinguish between signal and incorrect suggestions.
Updated: 2026-04-09 15:25:00
标题: 不要再听我说话!多轮对话如何降低LLM的诊断推理
摘要: 患者和临床医生越来越多地使用由大型语言模型(LLMs)驱动的聊天机器人进行医疗咨询。虽然最先进的LLMs在静态诊断推理基准上表现出很高的性能,但它们在多轮对话中的效果,这更好地反映了实际使用情况,却鲜为人知。在本文中,我们评估了17个LLMs在三个临床数据集上的表现,以研究将决策空间分成多个简单对话转折点如何影响它们的诊断推理。具体来说,我们开发了一个“坚持还是转换”的评估框架,以测量模型的信念(即,针对不正确建议捍卫正确诊断或安全弃权)和灵活性(即,介绍正确建议时识别正确建议)在对话中的表现。我们的实验揭示了对话税,即与单次基线相比,多轮互动始终降低性能。值得注意的是,模型经常放弃最初的正确诊断和安全弃权,以与不正确的用户建议保持一致。此外,一些模型表现出盲目转换,无法区分信号和不正确的建议。
更新时间: 2026-04-09 15:25:00
领域: cs.CL,cs.AI,cs.LG
Action Without Interaction: Probing the Physical Foundations of Video LMMs via Contact-Release Detection
Large multi-modal models (LMMs) show increasing performance in realistic visual tasks for images and, more recently, for videos. For example, given a video sequence, such models are able to describe in detail objects, the surroundings and dynamic actions. In this study, we explored the extent to which these models ground their semantic understanding in the actual visual input. Specifically, given sequences of hands interacting with objects, we asked models when and where the interaction begins or ends. For this purpose, we introduce a first of its kind, large-scale dataset with more than 20K annotated interactions on videos from the Something-Something-V2 dataset. 250 AMTurk human annotators labeled core interaction events, particularly when and where objects and agents become attached (`contact') or detached (`release'). We asked SoTA LMMs, including GPT, Gemini and Qwen to locate these events in short videos, each with a single event. The results show that while models reliably name target objects and identify actions, they exhibit a form of `shortcut learning' where semantic success masks a failure in physical grounding. Specifically, they consistently fail to identify the frame where the interaction begins or ends and poorly localize the physical event within the scene. This disconnect suggests that while LMMs excel at System 1 intuitive pattern recognition (naming the action and objects), they lack the System 2 cognitive foundations required to reason about physical primitives like `contact' and `release', hence truly ground dynamic scenes in physical reality.
Updated: 2026-04-09 15:23:13
标题: 在没有交互作用的情况下进行行动:通过接触释放检测探究视频LMMs的物理基础
摘要: 大型多模态模型(LMMs)在逼真的视觉任务中显示出越来越好的表现,包括图像和最近的视频。例如,给定一个视频序列,这些模型能够详细描述物体、周围环境和动态行为。在本研究中,我们探讨了这些模型在语义理解方面在实际视觉输入中的基础程度。具体来说,我们给定了一系列手与物体互动的序列,询问模型互动何时何地开始或结束。为此,我们引入了一个规模庞大的数据集,其中包含来自Something-Something-V2数据集的超过20,000个视频上的注释互动。250名AMTurk人类标注者标记了核心互动事件,特别是物体和代理人何时何地附着(“接触”)或分离(“释放”)。我们要求最先进的LMMs,包括GPT、Gemini和Qwen,在短视频中定位这些事件,每个视频只包含一个事件。结果表明,虽然模型可靠地命名目标物体并识别动作,但它们表现出一种“捷径学习”,其中语义成功掩盖了在物理基础上的失败。具体来说,它们始终无法识别互动开始或结束的帧,并且在场景中定位物理事件的能力较差。这种脱节表明,虽然LMMs在系统1直观模式识别方面表现出色(命名动作和物体),但它们缺乏推理物理原则(如“接触”和“释放”)所需的系统2认知基础,因此无法真正将动态场景基于物理现实。
更新时间: 2026-04-09 15:23:13
领域: cs.CV,cs.AI,q-bio.NC
Scalable Neural Decoders for Practical Fault-Tolerant Quantum Computation
Quantum error correction (QEC) is essential for scalable quantum computing. However, it requires classical decoders that are fast and accurate enough to keep pace with quantum hardware. While quantum low-density parity-check codes have recently emerged as a promising route to efficient fault tolerance, current decoding algorithms do not allow one to realize the full potential of these codes in practical settings. Here, we introduce a convolutional neural network decoder that exploits the geometric structure of QEC codes, and use it to probe a novel "waterfall" regime of error suppression, demonstrating that the logical error rates required for large-scale fault-tolerant algorithms are attainable with modest code sizes at current physical error rates, and with latencies within the real-time budgets of several leading hardware platforms. For example, for the $[144, 12, 12]$ Gross code, the decoder achieves logical error rates up to $\sim 17$x below existing decoders - reaching logical error rates $\sim 10^{-10}$ at physical error $p=0.1\%$ - with 3-5 orders of magnitude higher throughput. This decoder also produces well-calibrated confidence estimates that can significantly reduce the time overhead of repeat-until-success protocols. Taken together, these results suggest that the space-time costs associated with fault-tolerant quantum computation may be significantly lower than previously anticipated.
Updated: 2026-04-09 15:21:41
标题: 可扩展的神经解码器用于实际容错量子计算
摘要: 量子误差纠正(QEC)对于可扩展的量子计算至关重要。然而,它需要快速且准确的经典解码器以跟上量子硬件的步伐。尽管量子低密度奇偶校验码最近被证明是一条有效的容错途径,但当前的解码算法并不能充分发挥这些码在实际环境中的潜力。在这里,我们引入了一种卷积神经网络解码器,利用QEC码的几何结构,并用它来探索一种新颖的“瀑布”误差抑制区域,证明了大规模容错算法所需的逻辑错误率可以在当前物理错误率下通过适度的码尺寸和多个领先硬件平台的实时延迟实现。例如,对于$[144, 12, 12]$ Gross码,该解码器实现了逻辑错误率高达现有解码器的约17倍低 - 在物理错误率$p=0.1\%$下达到逻辑错误率约$10^{-10}$ - 吞吐量提高了3-5个数量级。该解码器还产生了良好校准的置信度估计,可以显著减少重复直到成功协议的时间开销。综合而言,这些结果表明与先前预期的相比,容错量子计算所需的时空成本可能会显著降低。
更新时间: 2026-04-09 15:21:41
领域: quant-ph,cs.AI,cs.LG
Bias-Constrained Diffusion Schedules for PDE Emulations: Reconstruction Error Minimization and Efficient Unrolled Training
Conditional Diffusion Models are powerful surrogates for emulating complex spatiotemporal dynamics, yet they often fail to match the accuracy of deterministic neural emulators for high-precision tasks. In this work, we address two critical limitations of autoregressive PDE diffusion models: their sub-optimal single-step accuracy and the prohibitive computational cost of unrolled training. First, we characterize the relationship between the noise schedule, the reconstruction error reduction rate and the diffusion exposure bias, demonstrating that standard schedules lead to suboptimal reconstruction error. Leveraging this insight, we propose an \textit{Adaptive Noise Schedule} framework that minimizes inference reconstruction error by dynamically constraining the model's exposure bias. We further show that this optimized schedule enables a fast \textit{Proxy Unrolled Training} method to stabilize long-term rollouts without the cost of full Markov Chain sampling. Both proposed methods enable significant improvements in short-term accuracy and long-term stability over diffusion and deterministic baselines on diverse benchmarks, including forced Navier-Stokes, Kuramoto-Sivashinsky and Transonic Flow.
Updated: 2026-04-09 15:21:31
标题: 偏差约束扩散时间表用于PDE仿真:重建误差最小化和高效展开训练
摘要: 条件扩散模型是模拟复杂时空动态的强大替代品,但它们往往无法与确定性神经仿真器在高精度任务中的准确性匹配。在这项工作中,我们解决了自回归PDE扩散模型的两个关键限制:它们的单步准确性不佳以及展开训练的计算成本过高。首先,我们表征了噪声计划、重构误差降低速率和扩散暴露偏差之间的关系,证明了标准计划导致次优的重构误差。利用这一见解,我们提出了一种自适应噪声计划框架,通过动态限制模型的暴露偏差来最小化推断重构误差。我们进一步展示,这种优化计划使得一种快速的“代理展开训练”方法能够在不进行完全马尔可夫链采样的情况下稳定长期的展开,从而实现了短期准确性和长期稳定性在各种基准测试中相对于扩散和确定性基准的显著改进,包括强迫式Navier-Stokes、Kuramoto-Sivashinsky和跨音速流动。
更新时间: 2026-04-09 15:21:31
领域: cs.LG
ASPECT:Analogical Semantic Policy Execution via Language Conditioned Transfer
Reinforcement Learning (RL) agents often struggle to generalize knowledge to new tasks, even those structurally similar to ones they have mastered. Although recent approaches have attempted to mitigate this issue via zero-shot transfer, they are often constrained by predefined, discrete class systems, limiting their adaptability to novel or compositional task variations. We propose a significantly more generalized approach, replacing discrete latent variables with natural language conditioning via a text-conditioned Variational Autoencoder (VAE). Our core innovation utilizes a Large Language Model (LLM) as a dynamic \textit{semantic operator} at test time. Rather than relying on rigid rules, our agent queries the LLM to semantically remap the description of the current observation to align with the source task. This source-aligned caption conditions the VAE to generate an imagined state compatible with the agent's original training, enabling direct policy reuse. By harnessing the flexible reasoning capabilities of LLMs, our approach achieves zero-shot transfer across a broad spectrum of complex and truly novel analogous tasks, moving beyond the limitations of fixed category mappings. Code and videos are available \href{https://anonymous.4open.science/r/ASPECT-85C3/}{here}.
Updated: 2026-04-09 15:21:05
标题: ASPECT:通过语言条件转移实现类比语义策略执行
摘要: 强化学习(RL)代理通常难以将知识推广到新任务,即使这些任务在结构上与它们已经掌握的任务相似。尽管最近的方法尝试通过零样本转移来缓解这个问题,但它们通常受到预定义的离散类系统的限制,限制了它们对新颖或组合任务变化的适应性。我们提出了一种更加广义的方法,通过文本条件的变分自动编码器(VAE)将离散潜变量替换为自然语言条件。我们的核心创新在测试时利用一个大型语言模型(LLM)作为动态的\textit{语义操作符}。我们的代理不依赖于刚性规则,而是查询LLM,将当前观察的描述语义重新映射以与源任务对齐。这个与源对齐的标题条件了VAE生成一个与代理原始训练兼容的想象状态,实现了直接策略重用。通过利用LLM的灵活推理能力,我们的方法在各种复杂和真正新颖的类似任务之间实现了零样本转移,超越了固定类别映射的限制。代码和视频可在此处找到:\href{https://anonymous.4open.science/r/ASPECT-85C3/}{here}。
更新时间: 2026-04-09 15:21:05
领域: cs.AI
Security Concerns in Generative AI Coding Assistants: Insights from Online Discussions on GitHub Copilot
Generative Artificial Intelligence (GenAI) has become a central component of many development tools (e.g., GitHub Copilot) that support software practitioners across multiple programming tasks, including code completion, documentation, and bug detection. However, current research has identified significant limitations and open issues in GenAI, including reliability, non-determinism, bias, and copyright infringement. While prior work has primarily focused on assessing the technical performance of these technologies for code generation, less attention has been paid to emerging concerns of software developers, particularly in the security realm. OBJECTIVE: This work explores security concerns regarding the use of GenAI-based coding assistants by analyzing challenges voiced by developers and software enthusiasts in public online forums. METHOD: We retrieved posts, comments, and discussion threads addressing security issues in GitHub Copilot from three popular platforms, namely Stack Overflow, Reddit, and Hacker News. These discussions were clustered using BERTopic and then synthesized using thematic analysis to identify distinct categories of security concerns. RESULTS: Four major concern areas were identified, including potential data leakage, code licensing, adversarial attacks (e.g., prompt injection), and insecure code suggestions, underscoring critical reflections on the limitations and trade-offs of GenAI in software engineering. IMPLICATIONS: Our findings contribute to a broader understanding of how developers perceive and engage with GenAI-based coding assistants, while highlighting key areas for improving their built-in security features.
Updated: 2026-04-09 15:19:10
标题: 生成式AI编码助手中的安全问题:GitHub Copilot在线讨论的见解
摘要: 生成人工智能(GenAI)已成为许多开发工具(例如GitHub Copilot)的核心组件,支持软件从业者完成多项编程任务,包括代码补全、文档编写和错误检测。然而,目前的研究已经发现了GenAI存在显著的局限性和待解决的问题,包括可靠性、非确定性、偏见和版权侵犯。虽然以往的研究主要集中在评估这些技术在代码生成方面的技术性能,但对于软件开发人员尤其是在安全领域的新兴关注却付出较少的关注。目标:本研究通过分析开发人员和软件爱好者在公共在线论坛上提出的安全问题,探讨了使用基于GenAI的编码助手存在的安全问题。方法:我们从三个流行平台(Stack Overflow、Reddit和Hacker News)检索了有关GitHub Copilot中安全问题的帖子、评论和讨论串。这些讨论使用BERTopic进行聚类,然后通过主题分析进行综合,以确定安全问题的不同类别。结果:确定了四个主要的关注领域,包括潜在的数据泄露、代码许可、对抗性攻击(例如提示注入)和不安全的代码建议,强调了对GenAI在软件工程中的局限性和权衡的关键反思。意义:我们的研究结果有助于更广泛地了解开发人员如何看待和使用基于GenAI的编码助手,同时突出了改进其内置安全功能的关键领域。
更新时间: 2026-04-09 15:19:10
领域: cs.SE,cs.CR,cs.HC
Stacked from One: Multi-Scale Self-Injection for Context Window Extension
The limited context window of contemporary large language models (LLMs) remains a primary bottleneck for their broader application across diverse domains. Although continual pre-training on long-context data offers a straightforward solution, it incurs prohibitive data acquisition and computational costs. To address this challenge, we propose~\modelname, a novel framework based on multi-grained context compression and query-aware information acquisition. SharedLLM comprises two stacked short-context LLMs: a lower model serving as a compressor and an upper model acting as a decoder. The lower model compresses long inputs into compact, multi-grained representations, which are then forwarded to the upper model for context-aware processing. To maximize efficiency, this information transfer occurs exclusively at the lowest layers, bypassing lengthy forward passes and redundant cross-attention operations. This entire process, wherein the upper and lower models are derived from the same underlying LLM layers, is termed~\textit{self-injection}. To support this architecture, a specialized tree-based data structure enables the efficient encoding and query-aware retrieval of contextual information. Despite being trained on sequences of only 8K tokens, \modelname~effectively generalizes to inputs exceeding 128K tokens. Across a comprehensive suite of long-context modeling and understanding benchmarks, \modelname~achieves performance superior or comparable to strong baselines, striking an optimal balance between efficiency and accuracy. Furthermore, these design choices allow \modelname~to substantially reduce the memory footprint and yield notable inference speedups ($2\times$ over streaming and $3\times$ over encoder-decoder architectures).
Updated: 2026-04-09 15:16:58
标题: 从一个开始:多尺度自注入用于上下文窗口扩展
摘要: 当代大型语言模型(LLMs)的有限上下文窗口仍然是它们在各个领域广泛应用的主要瓶颈。尽管在长上下文数据上进行持续预训练提供了一个简单的解决方案,但它会产生昂贵的数据获取和计算成本。为了解决这一挑战,我们提出了一种基于多粒度上下文压缩和查询感知信息获取的新颖框架——\modelname。SharedLLM包括两个堆叠的短上下文LLM:一个作为压缩器,另一个作为解码器。下层模型将长输入压缩成紧凑的、多粒度的表示,然后将其发送给上层模型进行上下文感知处理。为了最大限度地提高效率,这种信息传递仅在最低层发生,绕过冗长的前向传递和多余的交叉注意力操作。整个过程中,上下层模型都来自同一基础LLM层,这被称为\textit{self-injection}。为了支持这种架构,一种专门的基于树的数据结构实现了对上下文信息的高效编码和查询感知检索。尽管仅在包含8K个标记的序列上进行训练,\modelname 在超过128K个标记的输入上表现出很好的泛化能力。在一系列长上下文建模和理解基准测试中,\modelname 的性能优于或与强基线相媲美,实现了效率和准确性之间的最佳平衡。此外,这些设计选择使\modelname 能够显著减少内存占用,并获得显著的推理加速(比流式处理快2倍,比编码-解码架构快3倍)。
更新时间: 2026-04-09 15:16:58
领域: cs.CL,cs.AI
Human-AI Collaboration Reconfigures Group Regulation from Socially Shared to Hybrid Co-Regulation
Generative AI (GenAI) is increasingly used in collaborative learning, yet its effects on how groups regulate collaboration remain unclear. Effective collaboration depends not only on what groups discuss, but on how they jointly manage goals, participation, strategy use, monitoring, and repair through co-regulation and socially shared regulation. We compared collaborative regulation between Human-AI and Human-Human groups in a parallel-group randomised experiment with 71 university students completing the same collaborative tasks with GenAI either available or unavailable. Focusing on human discourse, we used statistical analyses to examine differences in the distribution of collaborative regulation across regulatory modes, regulatory processes, and participatory focuses. Results showed that GenAI availability shifted regulation away from predominantly socially shared forms towards more hybrid co-regulatory forms, with selective increases in directive, obstacle-oriented, and affective regulatory processes. Participatory-focus distributions, however, were broadly similar across conditions. These findings suggest that GenAI reshapes the distribution of regulatory responsibility in collaboration and offer implications for the human-centred design of AI-supported collaborative learning.
Updated: 2026-04-09 15:15:32
标题: 人工智能与人类的协作将群体调控从社会共享转变为混合共同调控
摘要: 生成式人工智能(GenAI)在协作学习中的应用越来越普遍,但其对于团体如何调节协作的影响仍不清楚。有效的协作不仅取决于团体讨论的内容,还取决于他们如何通过共同调节和社会共享调节来管理目标、参与、策略使用、监控和修正。我们在一项并行组随机实验中比较了人工智能与人际组之间的协作调节,71名大学生完成相同的协作任务,其中一组有GenAI可用,另一组没有。我们通过统计分析着重研究了人类对话中协作调节在调节模式、调节过程和参与重点方面的分布差异。结果显示,GenAI的可用性将调节从主要是社会共享形式转变为更多混合的共同调节形式,同时选择性地增加了指导、以障碍为导向和情感调节过程。然而,参与重点的分布在各种条件下大致相似。这些发现表明,GenAI重新塑造了协作中的调节责任分配,并对以人为中心的AI支持协作学习的设计提供了启示。
更新时间: 2026-04-09 15:15:32
领域: cs.AI,cs.HC
EgoEverything: A Benchmark for Human Behavior Inspired Long Context Egocentric Video Understanding in AR Environment
Long context egocentric video understanding has recently attracted significant research attention, with augmented reality (AR) highlighted as one of its most important application domains. Nevertheless, the task remains highly challenging due to the need for reasoning over extended temporal contexts and diverse, unstructured activities. Although several benchmarks exist, most egocentric datasets rely on human worn cameras and focus mainly on visual content, with limited consideration of underlying user behavior when forming video-related queries. EgoEverything is a benchmark that explicitly considers human behavior by leveraging human attention signals, abstracted from gaze data, when generating questions. It comprises over 5,000 multiple choice question answer pairs, spanning more than 100 hours of video. By integrating human attention signals during question generation, it more faithfully captures natural human behavior and offers a realistic evaluation setting for long-context egocentric video understanding in AR.
Updated: 2026-04-09 15:13:36
标题: EgoEverything: 人类行为启发的长上下文自我中心视频理解在AR环境中的基准研究
摘要: 最近,长时上下文自我中心视频理解引起了重要的研究关注,增强现实(AR)被强调为其最重要的应用领域之一。然而,由于需要对扩展的时间上下文和多样化的非结构化活动进行推理,这一任务仍然极具挑战性。虽然存在几个基准,但大多数自我中心数据集依赖于人体穿戴摄像头,并主要关注视觉内容,对形成与视频相关的查询时的用户行为考虑有限。EgoEverything是一个基准,通过利用从凝视数据中抽象出的人类注意信号,在生成问题时明确考虑人类行为。它包括超过5,000个多项选择问题-答案对,涵盖超过100小时的视频。通过在问题生成过程中整合人类注意信号,它更忠实地捕捉了自然人类行为,并为AR中长时上下文自我中心视频理解提供了一个真实的评估环境。
更新时间: 2026-04-09 15:13:36
领域: cs.LG
Quantum-Inspired Geometric Classification with Correlation Group Structures and VQC Decision Modeling
We propose a geometry-driven quantum-inspired classification framework that integrates Correlation Group Structures (CGR), compact SWAP-test-based overlap estimation, and selective variational quantum decision modelling. Rather than directly approximating class posteriors, the method adopts a geometry-first paradigm in which samples are evaluated relative to class medoids using overlap-derived Euclidean-like and angular similarity channels. CGR organizes features into anchor-centered correlation neighbourhoods, generating nonlinear, correlation-weighted representations that enhance robustness in heterogeneous tabular spaces. These geometric signals are fused through a non-probabilistic margin-based fusion score, serving as a lightweight and data-efficient primary classifier for small-to-moderate datasets. On Heart Disease, Breast Cancer, and Wine Quality datasets, the fusion-score classifier achieves 0.8478, 0.8881, and 0.9556 test accuracy respectively, with macro-F1 scores of 0.8463, 0.8703, and 0.9522, demonstrating competitive and stable performance relative to classical baselines. For large-scale and highly imbalanced regimes, we construct compact Delta-distance contrastive features and train a variational quantum classifier (VQC) as a nonlinear refinement layer. On the Credit Card Fraud dataset (0.17% prevalence), the Delta + VQC pipeline achieves approximately 0.85 minority recall at an alert rate of approximately 1.31%, with ROC-AUC 0.9249 and PR-AUC 0.3251 under full-dataset evaluation. These results highlight the importance of operating-point-aware assessment in rare-event detection and demonstrate that the proposed hybrid geometric-variational framework provides interpretable, scalable, and regime-adaptive classification across heterogeneous data settings.
Updated: 2026-04-09 15:13:06
标题: 量子启发的几何分类与相关群结构以及VQC决策建模
摘要: 我们提出了一个基于几何驱动的量子启发式分类框架,该框架整合了相关性群结构(CGR)、基于紧凑SWAP测试的重叠估计和选择性变分量子决策建模。该方法不是直接逼近类后验概率,而是采用了一种以几何为先导的范式,其中样本相对于类中心点使用基于重叠导出的类似欧几里得和角度相似性通道进行评估。CGR将特征组织成以锚点为中心的相关性邻域,生成非线性、相关性加权的表示,增强了在异构表格空间中的鲁棒性。这些几何信号通过非概率的基于边界的融合得分融合在一起,作为适用于小到中等数据集的轻量级和高效的主分类器。在心脏病、乳腺癌和葡萄酒质量数据集上,融合得分分类器分别实现了0.8478、0.8881和0.9556的测试准确率,宏F1分数分别为0.8463、0.8703和0.9522,相对于经典基线表现出竞争力和稳定性。对于大规模和高度不平衡的情况,我们构建了紧凑的Delta距离对比特征,并训练一个变分量子分类器(VQC)作为非线性细化层。在信用卡欺诈数据集(0.17%的患病率)上,Delta + VQC管道以大约1.31%的警报率实现了约0.85的少数类召回率,完整数据集评估下的ROC-AUC为0.9249,PR-AUC为0.3251。这些结果突出了在罕见事件检测中操作点感知评估的重要性,并表明所提出的混合几何-变分框架在异质数据设置中提供了可解释、可扩展和适应不同情况的分类方法。
更新时间: 2026-04-09 15:13:06
领域: quant-ph,cs.AI
PokeGym: A Visually-Driven Long-Horizon Benchmark for Vision-Language Models
While Vision-Language Models (VLMs) have achieved remarkable progress in static visual understanding, their deployment in complex 3D embodied environments remains severely limited. Existing benchmarks suffer from four critical deficiencies: (1) passive perception tasks circumvent interactive dynamics; (2) simplified 2D environments fail to assess depth perception; (3) privileged state leakage bypasses genuine visual processing; and (4) human evaluation is prohibitively expensive and unscalable. We introduce PokeGym, a visually-driven long-horizon benchmark instantiated within Pokemon Legends: Z-A, a visually complex 3D open-world Role-Playing Game. PokeGym enforces strict code-level isolation: agents operate solely on raw RGB observations while an independent evaluator verifies success via memory scanning, ensuring pure vision-based decision-making and automated, scalable assessment. The benchmark comprises 30 tasks (30-220 steps) spanning navigation, interaction, and mixed scenarios, with three instruction granularities (Visual-Guided, Step-Guided, Goal-Only) to systematically deconstruct visual grounding, semantic reasoning, and autonomous exploration capabilities. Our evaluation reveals a key limitation of current VLMs: physical deadlock recovery, rather than high-level planning, constitutes the primary bottleneck, with deadlocks showing a strong negative correlation with task success. Furthermore, we uncover a metacognitive divergence: weaker models predominantly suffer from Unaware Deadlocks (oblivious to entrapment), whereas advanced models exhibit Aware Deadlocks (recognizing entrapment yet failing to recover). These findings highlight the need to integrate explicit spatial intuition into VLM architectures. The code and benchmark will be available on GitHub.
Updated: 2026-04-09 15:12:36
标题: PokeGym:一个基于视觉的长期视觉语言模型基准
摘要: 虽然视觉语言模型(VLMs)在静态视觉理解方面取得了显著进展,但它们在复杂的3D实体环境中的部署仍然严重受限。现有的基准测试存在四个关键缺陷:(1)被动感知任务规避了交互动态;(2)简化的2D环境未能评估深度感知;(3)特权状态泄露绕过了真实的视觉处理;(4)人类评估成本高昂且不可扩展。我们介绍了PokeGym,这是一个视觉驱动的长视程基准测试,位于Pokemon Legends: Z-A中,这是一个视觉复杂的3D开放世界角色扮演游戏。PokeGym强制执行严格的代码级隔离:代理仅在原始RGB观察下运行,而独立的评估者通过内存扫描验证成功,确保纯视觉决策和自动化、可扩展的评估。该基准包括30个任务(30-220步),涵盖导航、交互和混合场景,具有三种指令粒度(视觉引导、步骤引导、仅目标),以系统地解构视觉基础、语义推理和自主探索能力。我们的评估揭示了当前VLMs的一个关键限制:物理死锁恢复,而不是高级规划,构成主要瓶颈,死锁与任务成功呈强烈负相关。此外,我们发现了一种元认知分歧:较弱的模型主要受到不知道的死锁的困扰(对困境无视),而先进的模型表现出知道的死锁(认识到困境但无法恢复)。这些发现突显了将明确的空间直觉整合到VLM架构中的必要性。代码和基准将在GitHub上提供。
更新时间: 2026-04-09 15:12:36
领域: cs.CV,cs.AI
InstAP: Instance-Aware Vision-Language Pre-Train for Spatial-Temporal Understanding
Current vision-language pre-training (VLP) paradigms excel at global scene understanding but struggle with instance-level reasoning due to global-only supervision. We introduce InstAP, an Instance-Aware Pre-training framework that jointly optimizes global vision-text alignment and fine-grained, instance-level contrastive alignment by grounding textual mentions to specific spatial-temporal regions. To support this, we present InstVL, a large-scale dataset (2 million images, 50,000 videos) with dual-granularity annotations: holistic scene captions and dense, grounded instance descriptions. On the InstVL benchmark, InstAP substantially outperforms existing VLP models on instance-level retrieval, and also surpasses a strong VLP baseline trained on the exact same data corpus, isolating the benefit of our instance-aware objective. Moreover, instance-centric pre-training improves global understanding: InstAP achieves competitive zero-shot performance on multiple video benchmarks, including MSR-VTT and DiDeMo. Qualitative visualizations further show that InstAP localizes textual mentions to the correct instances, while global-only models exhibit more diffuse, scene-level attention.
Updated: 2026-04-09 15:10:25
标题: InstAP:面向时空理解的实例感知视觉语言预训练
摘要: 当前的视觉-语言预训练(VLP)范式在全局场景理解方面表现出色,但由于仅具有全局监督,很难进行实例级推理。我们引入了InstAP,一个实例感知预训练框架,通过将文本提及与特定的时空区域相匹配,同时优化全局视觉-文本对齐和细粒度的实例级对比对齐。为了支持这一点,我们提出了InstVL,一个大规模数据集(200万张图片,5万个视频),具有双重粒度注释:整体场景标题和密集、基于实例的描述。在InstVL基准测试中,InstAP在实例级检索方面大大优于现有的VLP模型,并且也超过了在完全相同数据语料库上训练的强大的VLP基线,突出了我们的实例感知目标的好处。此外,实例中心的预训练提高了全局理解能力:InstAP在多个视频基准测试中实现了竞争性的零样本性能,包括MSR-VTT和DiDeMo。定性的可视化进一步显示,InstAP将文本提及定位到正确的实例上,而仅具有全局注意力的模型展示出更加模糊的场景级别注意力。
更新时间: 2026-04-09 15:10:25
领域: cs.CV,cs.AI
Leveraging Complementary Embeddings for Replay Selection in Continual Learning with Small Buffers
Catastrophic forgetting remains a key challenge in Continual Learning (CL). In replay-based CL with severe memory constraints, performance critically depends on the sample selection strategy for the replay buffer. Most existing approaches construct memory buffers using embeddings learned under supervised objectives. However, class-agnostic, self-supervised representations often encode rich, class-relevant semantics that are overlooked. We propose a new method, Multiple Embedding Replay Selection, MERS, which replaces the buffer selection module with a graph-based approach that integrates both supervised and self-supervised embeddings. Empirical results show consistent improvements over SOTA selection strategies across a range of continual learning algorithms, with particularly strong gains in low-memory regimes. On CIFAR-100 and TinyImageNet, MERS outperforms single-embedding baselines without adding model parameters or increasing replay volume, making it a practical, drop-in enhancement for replay-based continual learning.
Updated: 2026-04-09 15:09:02
标题: 利用互补嵌入在具有小缓冲区的不断学习中进行重放选择
摘要: 灾难性遗忘仍然是持续学习(CL)中的一个关键挑战。在具有严格的内存约束的基于重播的CL中,性能取决于用于重播缓冲区的样本选择策略。大多数现有方法使用在监督目标下学习的嵌入来构建内存缓冲区。然而,与类别无关的自监督表示通常编码了被忽视的丰富的、与类相关的语义信息。我们提出了一种新方法,称为多嵌入重播选择(MERS),它用基于图的方法替换了缓冲区选择模块,集成了监督和自监督嵌入。实证结果显示,在各种持续学习算法中,MERS相对于SOTA选择策略表现出一致的改进,特别是在低内存环境中获得了显著的增益。在CIFAR-100和TinyImageNet上,MERS优于单嵌入基准,而不增加模型参数或增加重播量,使其成为基于重播的持续学习的实用、易于应用的增强方法。
更新时间: 2026-04-09 15:09:02
领域: cs.LG
NSTR: Neural Spectral Transport Representation for Space-Varying Frequency Fields
Implicit Neural Representations (INRs) have emerged as a powerful paradigm for representing signals such as images, audio, and 3D scenes. However, existing INR frameworks -- including MLPs with Fourier features, SIREN, and multiresolution hash grids -- implicitly assume a \textit{global and stationary} spectral basis. This assumption is fundamentally misaligned with real-world signals whose frequency characteristics vary significantly across space, exhibiting local high-frequency textures, smooth regions, and frequency drift phenomena. We propose \textbf{Neural Spectral Transport Representation (NSTR)}, the first INR framework that \textbf{explicitly models a spatially varying local frequency field}. NSTR introduces a learnable \emph{frequency transport equation}, a PDE that governs how local spectral compositions evolve across space. Given a learnable local spectrum field $S(x)$ and a frequency transport network $F_θ$ enforcing $\nabla S(x) \approx F_θ(x, S(x))$, NSTR reconstructs signals by spatially modulating a compact set of global sinusoidal bases. This formulation enables strong local adaptivity and offers a new level of interpretability via visualizing frequency flows. Experiments on 2D image regression, audio reconstruction, and implicit 3D geometry show that NSTR achieves significantly better accuracy-parameter trade-offs than SIREN, Fourier-feature MLPs, and Instant-NGP. NSTR requires fewer global frequencies, converges faster, and naturally explains signal structure through spectral transport fields. We believe NSTR opens a new direction in INR research by introducing explicit modeling of space-varying spectrum.
Updated: 2026-04-09 15:08:17
标题: NSTR:用于空间变频场的神经谱传输表示
摘要: 隐式神经表示(INRs)已经成为代表信号如图像、音频和3D场景的强大范式。然而,现有的INR框架--包括具有傅里叶特征的MLPs、SIREN和多分辨率哈希网格--暗含了一个\textit{全局和稳态}频谱基础的假设。这一假设与真实世界信号基本不符,真实世界信号的频率特性在空间上变化显著,表现出局部高频纹理、平滑区域和频率漂移现象。我们提出了\textbf{神经频谱传输表示(NSTR)},这是第一个\textbf{明确模拟空间变化的局部频率场}的INR框架。NSTR引入了一个可学习的\emph{频率传输方程},即一个控制局部频谱组成如何随空间演变的PDE。给定一个可学习的局部频谱场$S(x)$和一个频率传输网络$F_θ$强制$\nabla S(x) \approx F_θ(x, S(x))$,NSTR通过在全局正弦基上进行空间调制来重建信号。这种表述实现了强大的局部适应性,并通过可视化频率流量提供了新的解释水平。在2D图像回归、音频重建和隐式3D几何实验中,NSTR的准确性参数权衡明显优于SIREN、傅里叶特征MLPs和Instant-NGP。NSTR需要更少的全局频率,收敛更快,并通过频谱传输场自然地解释信号结构。我们相信NSTR通过引入明确对空间变化频谱的建模开辟了INR研究的新方向。
更新时间: 2026-04-09 15:08:17
领域: cs.SD,cs.AI
Scaling Implicit Fields via Hypernetwork-Driven Multiscale Coordinate Transformations
Implicit Neural Representations (INRs) have emerged as a powerful paradigm for representing signals such as images, 3D shapes, signed distance fields, and radiance fields. While significant progress has been made in architecture design (e.g., SIREN, FFC, KAN-based INRs) and optimization strategies (meta-learning, amortization, distillation), existing approaches still suffer from two core limitations: (1) a representation bottleneck that forces a single MLP to uniformly model heterogeneous local structures, and (2) limited scalability due to the absence of a hierarchical mechanism that dynamically adapts to signal complexity. This work introduces Hyper-Coordinate Implicit Neural Representations (HC-INR), a new class of INRs that break the representational bottleneck by learning signal-adaptive coordinate transformations using a hypernetwork. HC-INR decomposes the representation task into two components: (i) a learned multiscale coordinate transformation module that warps the input domain into a disentangled latent space, and (ii) a compact implicit field network that models the transformed signal with significantly reduced complexity. The proposed model introduces a hierarchical hypernetwork architecture that conditions coordinate transformations on local signal features, enabling dynamic allocation of representation capacity. We theoretically show that HC-INR strictly increases the upper bound of representable frequency bands while maintaining Lipschitz stability. Extensive experiments across image fitting, shape reconstruction, and neural radiance field approximation demonstrate that HC-INR achieves up to 4 times higher reconstruction fidelity than strong INR baselines while using 30--60\% fewer parameters.
Updated: 2026-04-09 15:07:56
标题: 通过超网络驱动的多尺度坐标变换扩展隐式场
摘要: 隐式神经表示(INR)已经成为代表信号(如图像、3D形状、有符号距离场和辐射场)的强大范式。尽管在架构设计(例如SIREN、FFC、基于KAN的INR)和优化策略(元学习、摊销、蒸馏)方面取得了显著进展,但现有方法仍然存在两个核心限制:(1)表示瓶颈导致单个MLP强制性地对异质局部结构进行均匀建模,以及(2)由于缺乏动态适应信号复杂性的分层机制而导致的有限可扩展性。本文介绍了超坐标隐式神经表示(HC-INR),这是一种新型INR类别,通过使用超网络学习信号自适应坐标变换来打破表示瓶颈。HC-INR将表示任务分解为两个组成部分:(i)一个学习的多尺度坐标变换模块,将输入域扭曲为一个解开的潜在空间,以及(ii)一个用较低复杂度模拟转换信号的紧凑隐式场网络。所提出的模型引入了一种层次化超网络架构,将坐标变换条件化于局部信号特征,实现了表示容量的动态分配。我们在理论上证明HC-INR严格增加了可表示的频段的上限,同时保持Lipschitz稳定性。通过图像拟合、形状重建和神经辐射场逼近的广泛实验表明,HC-INR在使用30-60%较少的参数的情况下,比强大的INR基线实现了高达4倍的重建保真度。
更新时间: 2026-04-09 15:07:56
领域: cs.AI
Dead Weights, Live Signals: Feedforward Graphs of Frozen Language Models
We present a feedforward graph architecture in which heterogeneous frozen large language models serve as computational nodes, communicating through a shared continuous latent space via learned linear projections. Building on recent work demonstrating geometric compatibility between independently trained LLM latent spaces~\cite{armstrong2026thinking}, we extend this finding from static two-model steering to end-to-end trainable multi-node graphs, where projection matrices are optimized jointly via backpropagation through residual stream injection hooks. Three small frozen models (Llama-3.2-1B, Qwen2.5-1.5B, Gemma-2-2B) encode the input into a shared latent space whose aggregate signal is injected into two larger frozen models (Phi-3-mini, Mistral-7B), whose representations feed a lightweight cross-attention output node. With only 17.6M trainable parameters against approximately 12B frozen, the architecture achieves 87.3\% on ARC-Challenge, 82.8\% on OpenBookQA, and 67.2\% on MMLU, outperforming the best single constituent model by 11.4, 6.2, and 1.2 percentage points respectively, and outperforming parameter-matched learned classifiers on frozen single models by 9.1, 5.2, and 6.7 points. Gradient flow through multiple frozen model boundaries is empirically verified to be tractable, and the output node develops selective routing behavior across layer-2 nodes without explicit supervision.
Updated: 2026-04-09 15:07:44
标题: 死重量,活信号:冻结语言模型的前馈图解析
摘要: 我们提出了一个前馈图架构,其中异构的冻结大型语言模型作为计算节点,通过学习的线性投影,通过共享的连续潜在空间进行通信。在最近的工作中已经证明了独立训练的LLM潜在空间之间的几何兼容性~\cite{armstrong2026thinking},我们将这一发现从静态的双模型转向到端到端可训练的多节点图中,其中投影矩阵通过残差流注入钩子联合优化。三个小型冻结模型(Llama-3.2-1B,Qwen2.5-1.5B,Gemma-2-2B)将输入编码为共享的潜在空间,其聚合信号被注入到两个较大的冻结模型(Phi-3-mini,Mistral-7B)中,这些表示馈送到轻量级的跨注意力输出节点。在大约12B个冻结参数的情况下,仅有17.6M个可训练参数,该架构在ARC-Challenge上达到87.3\%,在OpenBookQA上达到82.8\%,在MMLU上达到67.2\%,分别比最佳单一组成模型高出11.4、6.2和1.2个百分点,比冻结单一模型上的参数匹配学习分类器高出9.1、5.2和6.7个百分点。经验性地验证了通过多个冻结模型边界的梯度流是可行的,并且输出节点在没有明确监督的情况下在层-2节点之间发展出选择性的路由行为。
更新时间: 2026-04-09 15:07:44
领域: cs.LG,cs.AI
Towards Effective Offensive Security LLM Agents: Hyperparameter Tuning, LLM as a Judge, and a Lightweight CTF Benchmark
Recent advances in LLM agentic systems have improved the automation of offensive security tasks, particularly for Capture the Flag (CTF) challenges. We systematically investigate the key factors that drive agent success and provide a detailed recipe for building effective LLM-based offensive security agents. First, we present CTFJudge, a framework leveraging LLM as a judge to analyze agent trajectories and provide granular evaluation across CTF solving steps. Second, we propose a novel metric, CTF Competency Index (CCI) for partial correctness, revealing how closely agent solutions align with human-crafted gold standards. Third, we examine how LLM hyperparameters, namely temperature, top-p, and maximum token length, influence agent performance and automated cybersecurity task planning. For rapid evaluation, we present CTFTiny, a curated benchmark of 50 representative CTF challenges across binary exploitation, web, reverse engineering, forensics, and cryptography. Our findings identify optimal multi-agent coordination settings and lay the groundwork for future LLM agent research in cybersecurity. We make CTFTiny open source to public https://github.com/NYU-LLM-CTF/CTFTiny along with CTFJudge on https://github.com/NYU-LLM-CTF/CTFJudge.
Updated: 2026-04-09 15:07:37
标题: 朝着有效的攻击性安全LLM代理:超参数调整,LLM作为裁判,以及轻量级CTF基准的方向
摘要: 最近LLM代理系统的进展改善了攻击性安全任务的自动化,特别是对于征旗挑战。我们系统地研究了驱动代理成功的关键因素,并提供了构建有效基于LLM的攻击性安全代理的详细配方。首先,我们提出了CTFJudge,一个利用LLM作为评判者的框架,用于分析代理轨迹并在解决CTF步骤中提供细粒度评估。其次,我们提出了一种新颖的度量标准,CTF能力指数(CCI),用于部分正确性,揭示了代理解决方案与人工制作的黄金标准之间的接近程度。第三,我们研究了LLM的超参数,即温度、top-p和最大令牌长度,如何影响代理性能和自动化网络安全任务规划。为了快速评估,我们提出了CTFTiny,一个包含50个代表性CTF挑战的精选基准,涵盖了二进制利用、网络、逆向工程、取证和密码学。我们的研究结果确定了最佳的多代理协调设置,并为未来网络安全领域的LLM代理研究奠定了基础。我们将CTFTiny开源至公众https://github.com/NYU-LLM-CTF/CTFTiny,以及CTFJudgehttps://github.com/NYU-LLM-CTF/CTFJudge。
更新时间: 2026-04-09 15:07:37
领域: cs.CR,cs.AI
Lost in the Hype: Revealing and Dissecting the Performance Degradation of Medical Multimodal Large Language Models in Image Classification
The rise of multimodal large language models (MLLMs) has sparked an unprecedented wave of applications in the field of medical imaging analysis. However, as one of the earliest and most fundamental tasks integrated into this paradigm, medical image classification reveals a sobering reality: state-of-the-art medical MLLMs consistently underperform compared to traditional deep learning models, despite their overwhelming advantages in pre-training data and model parameters. This paradox prompts a critical rethinking: where exactly does the performance degradation originate? In this paper, we conduct extensive experiments on 14 open-source medical MLLMs across three representative image classification datasets. Moving beyond superficial performance benchmarking, we employ feature probing to track the information flow of visual features module-by-module and layer-by-layer throughout the entire MLLM pipeline, enabling explicit visualization of where and how classification signals are distorted, diluted, or overridden. As the first attempt to dissect classification performance degradation in medical MLLMs, our findings reveal four failure modes: 1) quality limitation in visual representation, 2) fidelity loss in connector projection, 3) comprehension deficit in LLM reasoning, and 4) misalignment of semantic mapping. Meanwhile, we introduce quantitative scores that characterize the healthiness of feature evolution, enabling principled comparisons across diverse MLLMs and datasets. Furthermore, we provide insightful discussions centered on the critical barriers that prevent current medical MLLMs from fulfilling their promised clinical potential. We hope that our work provokes rethinking within the community-highlighting that the road from high expectations to clinically deployable MLLMs remains long and winding.
Updated: 2026-04-09 15:07:26
标题: 迷失在炒作中:揭示和解剖医学多模态大型语言模型在图像分类中的性能下降
摘要: 多模态大型语言模型(MLLMs)的兴起在医学影像分析领域引发了前所未有的应用浪潮。然而,作为最早并且最基础的任务之一,医学图像分类揭示了一个令人警醒的现实:尽管在预训练数据和模型参数方面具有压倒性优势,但最先进的医学MLLMs与传统深度学习模型相比始终表现不佳。这种悖论促使我们进行关键性的反思:性能下降究竟源自何处?在本文中,我们对14个开源医学MLLMs在三个代表性图像分类数据集上进行了广泛实验。我们超越表面性能基准测试,利用特征探测来追踪整个MLLM管道中模块对模块和层对层的视觉特征信息流,从而明确可视化分类信号在哪里以及如何被扭曲、稀释或覆盖。作为对医学MLLMs中分类性能下降进行解剖的首次尝试,我们的研究发现了四种失败模式:1)视觉表征质量限制,2)连接器投影中的保真度丢失,3)LLM推理中的理解缺失,以及4)语义映射的不对齐。同时,我们引入了能够表征特征演变健康程度的定量分数,实现了跨多样的MLLMs和数据集的原则性比较。此外,我们提供了围绕当前医学MLLMs无法实现其承诺的临床潜力的关键障碍的深入讨论。我们希望我们的工作能够引起社区内部的反思,突出显示从高期望到临床可部署MLLMs的道路仍然漫长而曲折。
更新时间: 2026-04-09 15:07:26
领域: cs.CV,cs.AI,cs.LG
TENDE: Transfer Entropy Neural Diffusion Estimation
Transfer entropy measures directed information flow in time series, and it has become a fundamental quantity in applications spanning neuroscience, finance, and complex systems analysis. However, existing estimation methods suffer from the curse of dimensionality, require restrictive distributional assumptions, or need exponentially large datasets for reliable convergence. We address these limitations in the literature by proposing TENDE (Transfer Entropy Neural Diffusion Estimation), a novel approach that leverages score-based diffusion models to estimate transfer entropy through conditional mutual information. By learning score functions of the relevant conditional distributions, TENDE provides flexible, scalable estimation while making minimal assumptions about the underlying data-generating process. We demonstrate superior accuracy and robustness compared to existing neural estimators and other state-of-the-art approaches across synthetic benchmarks and real data.
Updated: 2026-04-09 15:01:46
标题: TENDE:传递熵神经扩散估计
摘要: 转移熵测量时间序列中的定向信息流,已成为跨越神经科学、金融和复杂系统分析应用的基本量。然而,现有的估计方法受到维度诅咒的限制,需要限制性的分布假设,或需要指数级大数据集才能可靠收敛。我们通过提出TENDE(转移熵神经扩散估计)来解决文献中的这些限制,这是一种利用基于分数的扩散模型来通过条件互信息估计转移熵的新方法。通过学习相关条件分布的分数函数,TENDE提供了灵活、可扩展的估计,同时对于底层数据生成过程做出最小的假设。我们通过对合成基准和实际数据进行对比,展示了与现有神经估计器和其他最先进方法相比的优越准确性和稳健性。
更新时间: 2026-04-09 15:01:46
领域: cs.LG
BADiff: Bandwidth Adaptive Diffusion Model
In this work, we propose a novel framework to enable diffusion models to adapt their generation quality based on real-time network bandwidth constraints. Traditional diffusion models produce high-fidelity images by performing a fixed number of denoising steps, regardless of downstream transmission limitations. However, in practical cloud-to-device scenarios, limited bandwidth often necessitates heavy compression, leading to loss of fine textures and wasted computation. To address this, we introduce a joint end-to-end training strategy where the diffusion model is conditioned on a target quality level derived from the available bandwidth. During training, the model learns to adaptively modulate the denoising process, enabling early-stop sampling that maintains perceptual quality appropriate to the target transmission condition. Our method requires minimal architectural changes and leverages a lightweight quality embedding to guide the denoising trajectory. Experimental results demonstrate that our approach significantly improves the visual fidelity of bandwidth-adapted generations compared to naive early-stopping, offering a promising solution for efficient image delivery in bandwidth-constrained environments. Code is available at: https://github.com/xzhang9308/BADiff.
Updated: 2026-04-09 14:57:51
标题: BADiff:带宽自适应扩散模型
摘要: 在这项工作中,我们提出了一个新颖的框架,使扩散模型能够根据实时网络带宽约束调整其生成质量。传统的扩散模型通过执行固定数量的去噪步骤生成高保真度的图像,而不考虑下游传输限制。然而,在实际的云到设备场景中,有限的带宽通常需要进行大量压缩,导致细节纹理的丢失和计算资源的浪费。为了解决这个问题,我们引入了一个联合端到端训练策略,其中扩散模型是基于可用带宽推导出的目标质量水平进行条件化的。在训练过程中,模型学会自适应调节去噪过程,实现早期停止采样,从而保持适合目标传输条件的感知质量。我们的方法需要最少的架构更改,并利用轻量级的质量嵌入来引导去噪轨迹。实验结果表明,与朴素的早停止相比,我们的方法显著提高了适应带宽的生成物的视觉保真度,为带宽受限环境中高效图像传输提供了一个有前途的解决方案。代码可在以下网址找到:https://github.com/xzhang9308/BADiff。
更新时间: 2026-04-09 14:57:51
领域: cs.CV,cs.LG
ProMedical: Hierarchical Fine-Grained Criteria Modeling for Medical LLM Alignment via Explicit Injection
Aligning Large Language Models (LLMs) with high-stakes medical standards remains a significant challenge, primarily due to the dissonance between coarse-grained preference signals and the complex, multi-dimensional nature of clinical protocols. To bridge this gap, we introduce ProMedical, a unified alignment framework grounded in fine-grained clinical criteria. We first construct ProMedical-Preference-50k, a dataset generated via a human-in-the-loop pipeline that augments medical instructions with rigorous, physician-derived rubrics. Leveraging this corpus, we propose the Explicit Criteria Injection paradigm to train a multi-dimensional reward model. Unlike traditional scalar reward models, our approach explicitly disentangles safety constraints from general proficiency, enabling precise guidance during reinforcement learning. To rigorously validate this framework, we establish ProMedical-Bench, a held-out evaluation suite anchored by double-blind expert adjudication. Empirical evaluations demonstrate that optimizing the Qwen3-8B base model via ProMedical-RM-guided GRPO yields substantial gains, improving overall accuracy by 22.3% and safety compliance by 21.7%, effectively rivaling proprietary frontier models. Furthermore, the aligned policy generalizes robustly to external benchmarks, demonstrating performance comparable to state-of-the-art models on UltraMedical. We publicly release our datasets, reward models, and benchmarks to facilitate reproducible research in safety-aware medical alignment.
Updated: 2026-04-09 14:57:33
标题: ProMedical:通过显式注入实现医疗LLM对齐的层次化细粒度标准建模
摘要: 将大型语言模型(LLMs)与高风险医疗标准对齐仍然是一个重要挑战,主要是由于粗粒度偏好信号与临床协议复杂、多维的性质之间的不一致。为了弥合这一差距,我们引入了ProMedical,一个基于细粒度临床标准的统一对齐框架。我们首先构建了ProMedical-Preference-50k,这是一个通过人机协作流程生成的数据集,通过医生制定的严格规定来增强医疗指导。利用这个语料库,我们提出了显式标准注入范式来训练一个多维奖励模型。与传统的标量奖励模型不同,我们的方法明确地将安全约束与一般熟练度分离开来,在强化学习过程中提供精确的指导。为了严格验证这一框架,我们建立了ProMedical-Bench,一个双盲专家裁决为锚的保留评估套件。实证评估表明,通过ProMedical-RM引导的GRPO优化Qwen3-8B基础模型带来了实质性的收益,将总体准确性提高了22.3%,安全合规性提高了21.7%,有效地与专有前沿模型相媲美。此外,对齐策略在外部基准上表现稳健,表现与UltraMedical上的最先进模型相媲美。我们公开发布我们的数据集、奖励模型和基准,以促进在安全意识医疗对齐方面的可重复研究。
更新时间: 2026-04-09 14:57:33
领域: cs.AI
Interpretable Clinical Classification with Kolmogorov-Arnold Networks
The increasing use of machine learning in clinical decision support has been limited by the lack of transparency of many high-performing models. In clinical settings, predictions must be interpretable, auditable, and actionable. This study investigates Kolmogorov-Arnold Networks (KANs) as intrinsically interpretable alternatives to conventional black-box models for clinical classification of tabular health data, aiming to balance predictive performance with clinically meaningful transparency. We introduce two KAN-based models: the Logistic KAN, a flexible generalization of logistic regression, and the Kolmogorov-Arnold Additive Model (KAAM), an additive variant that yields transparent symbolic representations through feature-wise decomposability. Both models are evaluated on multiple public clinical datasets and compared with standard linear, tree-based, and neural baselines. Across all datasets, the proposed models achieve predictive performance comparable to or exceeding that of commonly used baselines while remaining fully interpretable. Logistic-KAN obtains the highest overall ranking across evaluation metrics, with a mean reciprocal rank of 0.76, indicating consistently strong performance across tasks. KAAM provides competitive accuracy while offering enhanced transparency through feature-wise decomposability, patient-level visualizations, and nearest-patient retrieval, enabling direct inspection of individual predictions. KAN-based models provide a practical and trustworthy alternative to black-box models for clinical classification, offering a strong balance between predictive performance and interpretability for clinical decision support. By enabling transparent, patient-level reasoning and clinically actionable insights, the proposed models represent a promising step toward trustworthy AI in healthcare (code: https://github.com/Patricia-A-Apellaniz/classification_with_kans).
Updated: 2026-04-09 14:56:23
标题: 可解释的 Kolmogorov-Arnold 网络在临床分类中的应用
摘要: 在临床决策支持中,机器学习的广泛应用受到许多高性能模型缺乏透明度的限制。预测必须是可解释的、可审计的和可操作的。本研究探讨了科尔莫戈洛夫-阿诺德网络(KANs)作为传统黑匣子模型的内在可解释替代品,用于对表格化健康数据进行临床分类,旨在平衡预测性能与临床意义上的透明度。我们介绍了两种基于KAN的模型:Logistic KAN,是逻辑回归的灵活泛化,以及科尔莫戈洛夫-阿诺德加法模型(KAAM),是一种产生透明符号表示的可加性变体,通过特征分解具有透明性。这两种模型在多个公共临床数据集上进行评估,并与标准线性、基于树的和神经网络基线进行比较。在所有数据集中,所提出的模型的预测性能与通常使用的基线相当或超过,同时保持完全可解释性。Logistic-KAN在评估指标中获得了最高的整体排名,平均倒数排名为0.76,表明在任务中始终表现强劲。KAAM提供了有竞争力的准确性,并通过特征分解、患者级可视化和最近患者检索提供了增强的透明度,使得可以直接检查个体预测。基于KAN的模型为临床分类提供了一个实用和可信赖的替代方案,为临床决策支持提供了预测性能和可解释性之间的强大平衡。通过实现透明的、患者级推理和临床可操作的洞察,所提出的模型代表了医疗保健中值得信赖的人工智能的一大步。
更新时间: 2026-04-09 14:56:23
领域: cs.LG
Multi-Modal Learning meets Genetic Programming: Analyzing Alignment in Latent Space Optimization
Symbolic regression (SR) aims to discover mathematical expressions from data, a task traditionally tackled using Genetic Programming (GP) through combinatorial search over symbolic structures. Latent Space Optimization (LSO) methods use neural encoders to map symbolic expressions into continuous spaces, transforming the combinatorial search into continuous optimization. SNIP (Meidani et al., 2024), a contrastive pre-training model inspired by CLIP, advances LSO by introducing a multi-modal approach: aligning symbolic and numeric encoders in a shared latent space to learn the phenotype-genotype mapping, enabling optimization in the numeric space to implicitly guide symbolic search. However, this relies on fine-grained cross-modal alignment, whereas literature on similar models like CLIP reveals that such an alignment is typically coarse-grained. In this paper, we investigate whether SNIP delivers on its promise of effective bi-modal optimization for SR. Our experiments show that: (1) cross-modal alignment does not improve during optimization, even as fitness increases, and (2) the alignment learned by SNIP is too coarse to efficiently conduct principled search in the symbolic space. These findings reveal that while multi-modal LSO holds significant potential for SR, effective alignment-guided optimization remains unrealized in practice, highlighting fine-grained alignment as a critical direction for future work.
Updated: 2026-04-09 14:55:36
标题: 多模态学习遇上遗传编程:分析潜空间优化中的对齐情况
摘要: 符号回归(SR)旨在从数据中发现数学表达式,传统上通过遗传编程(GP)进行,通过对符号结构进行组合搜索。潜在空间优化(LSO)方法利用神经编码器将符号表达式映射到连续空间,将组合搜索转化为连续优化。受CLIP启发的对比预训练模型SNIP(Meidani等人,2024)通过引入多模态方法推进LSO:将符号和数值编码器对齐在共享的潜在空间中学习表型-基因型映射,使得在数值空间中进行优化以隐式引导符号搜索成为可能。然而,这依赖于细粒度的跨模态对齐,而类似CLIP的模型文献揭示这样的对齐通常是粗粒度的。在本文中,我们调查了SNIP是否实现了对SR的有效双模态优化承诺。我们的实验表明:(1)跨模态对齐在优化过程中并未改善,即使适应度增加,以及(2)SNIP学习的对齐过于粗糙,无法有效地在符号空间中进行有原则的搜索。这些发现揭示了虽然多模态LSO对SR具有重要潜力,但有效的对齐引导优化在实践中尚未实现,突出了细粒度对齐作为未来工作的关键方向。
更新时间: 2026-04-09 14:55:36
领域: cs.NE,cs.AI
On the Direct Construction of MDS and Near-MDS Matrices
The optimal branch number of MDS matrices makes them a preferred choice for designing diffusion layers in many block ciphers and hash functions. Consequently, various methods have been proposed for designing MDS matrices, including search and direct methods. While exhaustive search is suitable for small order MDS matrices, direct constructions are preferred for larger orders due to the vast search space involved. In the literature, there has been extensive research on the direct construction of MDS matrices using both recursive and nonrecursive methods. On the other hand, in lightweight cryptography, Near-MDS (NMDS) matrices with sub-optimal branch numbers offer a better balance between security and efficiency as a diffusion layer compared to MDS matrices. However, no direct construction method is available in the literature for constructing recursive NMDS matrices. This paper introduces some direct constructions of NMDS matrices in both nonrecursive and recursive settings. Additionally, it presents some direct constructions of nonrecursive MDS matrices from the generalized Vandermonde matrices. We propose a method for constructing involutory MDS and NMDS matrices using generalized Vandermonde matrices. Furthermore, we prove some folklore results that are used in the literature related to the NMDS code.
Updated: 2026-04-09 14:43:08
标题: 关于MDS和近MDS矩阵的直接构建
摘要: MDS矩阵的最佳分支数使它们成为设计许多分组密码和哈希函数中扩散层的首选选择。因此,已经提出了各种方法来设计MDS矩阵,包括搜索和直接方法。尽管穷举搜索适用于小阶MDS矩阵,但由于搜索空间庞大,直接构造更适用于更大阶数的矩阵。文献中对使用递归和非递归方法直接构造MDS矩阵进行了广泛研究。另一方面,在轻量级密码学中,具有次优分支数的Near-MDS(NMDS)矩阵与MDS矩阵相比作为扩散层提供了更好的安全性和效率平衡。然而,文献中没有直接构造递归NMDS矩阵的方法。本文介绍了在非递归和递归环境中构造NMDS矩阵的一些直接方法。此外,它提出了一些使用广义范德蒙矩阵构造非递归MDS矩阵的直接方法。我们提出了使用广义范德蒙矩阵构造可逆MDS和NMDS矩阵的方法。此外,我们证明了文献中与NMDS码相关的一些传统结果。
更新时间: 2026-04-09 14:43:08
领域: cs.IT,cs.CR
Biomimetic causal learning for microstructure-forming phase transitions
Nonconvex multi-well energies in cell-induced phase transitions give rise to fine-scale microstructures, low-regularity transition layers and sharp interfaces, all of which pose numerical challenges for physics-informed learning. To address this, we propose biomimetic physics-informed neural networks (Bio-PINNs) for cell-induced phase transitions in fibrous extracellular matrices. The method converts the outward progression of cell-mediated remodelling into a distance-based training curriculum and couples it to uncertainty-driven collocation that concentrates samples near evolving interfaces and tether-forming regions. The same uncertainty proxy provides a lower-cost alternative to explicit second-derivative regularization. We also establish structural guarantees for the adaptive sampler, including persistent coverage under gate expansion and quantitative near-to-far accumulation. Across single- and multi-cell benchmarks, diverse separations, and various regularization regimes, Bio-PINNs consistently recover sharp transition layers and tether morphologies, significantly outperforming state-of-the-art adaptive and ungated baselines.
Updated: 2026-04-09 14:41:04
标题: 仿生因果学习用于微结构形成相变
摘要: 非凸多井能量在细胞诱导的相变中产生了细微尺度微结构、低正则性转变层和尖锐界面,所有这些都对物理学知识驱动的学习提出了数值挑战。为了解决这个问题,我们提出了用于纤维状细胞外基质中细胞诱导相变的仿生物理学知识驱动神经网络(Bio-PINNs)。该方法将细胞介导的重塑的向外进展转化为基于距离的训练课程,并将其与集中样本靠近演化界面和形成系区域的基于不确定性驱动的配点相结合。相同的不确定性代理提供了显式二阶导数正则化的低成本替代方案。我们还为自适应采样器建立了结构保证,包括在门扩展下的持续覆盖和定量近到远的积累。在单细胞和多细胞基准测试、不同分离和各种正则化制度中,Bio-PINNs始终能够恢复尖锐的转变层和系形态,明显优于最先进的自适应和无门基线。
更新时间: 2026-04-09 14:41:04
领域: cs.LG,math.NA
HistDiT: A Structure-Aware Latent Conditional Diffusion Model for High-Fidelity Virtual Staining in Histopathology
Immunohistochemistry (IHC) is essential for assessing specific immune biomarkers like Human Epidermal growth-factor Receptor 2 (HER2) in breast cancer. However, the traditional protocols of obtaining IHC stains are resource-intensive, time-consuming, and prone to structural damages. Virtual staining has emerged as a scalable alternative, but it faces significant challenges in preserving fine-grained cellular structures while accurately translating biochemical expressions. Current state-of-the-art methods still rely on Generative Adversarial Networks (GANs) or standard convolutional U-Net diffusion models that often struggle with "structure and staining trade-offs". The generated samples are either structurally relevant but blurry, or texturally realistic but have artifacts that compromise their diagnostic use. In this paper, we introduce HistDiT, a novel latent conditional Diffusion Transformer (DiT) architecture that establishes a new benchmark for visual fidelity in virtual histological staining. The novelty introduced in this work is, a) the Dual-Stream Conditioning strategy that explicitly maintains a balance between spatial constraints via VAE-encoded latents and semantic phenotype guidance via UNI embeddings; b) the multi-objective loss function that contributes to sharper images with clear morphological structure; and c) the use of the Structural Correlation Metric (SCM) to focus on the core morphological structure for precise assessment of sample quality. Consequently, our model outperforms existing baselines, as demonstrated through rigorous quantitative and qualitative evaluations.
Updated: 2026-04-09 14:39:37
标题: HistDiT:一种结构感知的潜在条件扩散模型,用于组织病理学中高保真度的虚拟染色
摘要: 免疫组织化学(IHC)对于评估乳腺癌中特定免疫生物标志物如人表皮生长因子受体2(HER2)至关重要。然而,传统的获得IHC染色的方法耗费资源、耗时且容易造成结构损坏。虚拟染色已经成为一种可扩展的替代方法,但面临着在精确转换生化表达时保留细微细胞结构的重大挑战。目前最先进的方法仍然依赖生成对抗网络(GANs)或标准卷积U-Net扩散模型,这些方法通常在“结构和染色权衡”方面存在困难。生成的样本要么在结构上相关但模糊,要么在纹理上逼真但具有损害其诊断用途的伪影。在本文中,我们介绍了HistDiT,这是一种新颖的潜在条件扩散变压器(DiT)架构,为虚拟组织学染色的视觉保真度建立了一个新的基准。本研究引入的创新包括:a)双流条件策略,通过VAE编码的潜变量和UNI嵌入的语义表型指导明确维持空间约束的平衡;b)多目标损失函数,有助于生成具有清晰形态结构的图像;c)使用结构相关度度量(SCM)专注于核心形态结构,以精确评估样本质量。因此,我们的模型在严格的定量和定性评估中胜过现有基线。
更新时间: 2026-04-09 14:39:37
领域: eess.IV,cs.AI,cs.CV,cs.ET,cs.LG,q-bio.QM
Securing Retrieval-Augmented Generation: A Taxonomy of Attacks, Defenses, and Future Directions
Retrieval-augmented generation (RAG) significantly enhances large language models (LLMs) but introduces novel security risks through external knowledge access. While existing studies cover various RAG vulnerabilities, they often conflate inherent LLM risks with those specifically introduced by RAG. In this paper, we propose that secure RAG is fundamentally about the security of the external knowledge-access pipeline. We establish an operational boundary to separate inherent LLM flaws from RAG-introduced or RAG-amplified threats. Guided by this perspective, we abstract the RAG workflow into six stages and organize the literature around three trust boundaries and four primary security surfaces, including pre-retrieval knowledge corruption, retrieval-time access manipulation, downstream context exploitation, and knowledge exfiltration. By systematically reviewing the corresponding attacks, defenses, remediation mechanisms, and evaluation benchmarks, we reveal that current defenses remain largely reactive and fragmented. Finally, we discuss these gaps and highlight future directions toward layered, boundary-aware protection across the entire knowledge-access lifecycle.
Updated: 2026-04-09 14:38:18
标题: 确保检索增强生成:攻击、防御和未来方向的分类学
摘要: 检索增强生成(RAG)显著增强了大型语言模型(LLMs),但通过外部知识访问引入了新的安全风险。虽然现有研究涵盖了各种RAG漏洞,但它们经常混淆了固有的LLM风险与RAG特别引入的风险。本文提出,安全RAG基本上是关于外部知识访问管道的安全性。我们建立了一个操作边界,将固有的LLM缺陷与RAG引入或放大的威胁分开。在这一视角的指导下,我们将RAG工作流程抽象为六个阶段,并围绕三个信任边界和四个主要安全表面组织文献,包括检索前知识损坏、检索时间访问操纵、下游上下文利用和知识外泄。通过系统地审查相应的攻击、防御、补救机制和评估基准,我们发现当前的防御措施在很大程度上仍然是被动和分散的。最后,我们讨论了这些差距,并强调了未来方向,即在整个知识访问生命周期中实现层层分级、边界感知的保护。
更新时间: 2026-04-09 14:38:18
领域: cs.CR,cs.AI
PoC-Adapt: Semantic-Aware Automated Vulnerability Reproduction with LLM Multi-Agents and Reinforcement Learning-Driven Adaptive Policy
While recent approaches leverage large language models (LLMs) and multi-agent pipelines to automatically generate proof-of-concept (PoC) exploits from vulnerability reports, existing systems often suffer from two fundamental limitations: unreliable validation based on surface-level execution signals and high operational cost caused by extensive trial-and-error during exploit generation. In this paper, we present PoC-Adapt, an end-to-end framework for automated PoC generation and verification, architected upon a foundation semantic runtime validation and adaptive policy learning. At the core of PoC-Adapt is a Semantic Oracle that validates exploits by comparing structured pre- and post-execution system states, enabling reliable distinction between true vulnerability exploitation and incidental behavioral changes. To reduce exploration cost, we further introduce an Adaptive Policy Learning mechanism that learns an exploitation policy over semantic states and actions, guiding the exploit agent toward effective strategies with fewer failed attempts. PoC-Adapt is implemented as a multi-agent system comprising specialized agents for root cause analysis, environment building, exploit generation, and semantic validation, coordinated through structured feedback loops. Experimenting on the CWE-Bench-Java and PrimeVul benchmarks shows that PoC-Adapt significantly improves verification reliability by 25% and reduces exploit generation cost compared to prior LLM-based systems, highlighting the importance of semantic validation and learned action policies in automated vulnerability reproduction. Applied to the latest CVE corpus, PoC-Adapt confirmed 12 verified PoC out of 80 reproduce attempts at a cost of $0.42 per generated exploit
Updated: 2026-04-09 14:37:23
标题: PoC-Adapt:具有LLM多Agent和强化学习驱动自适应策略的语义感知自动漏洞重现
摘要: 最近的方法利用大型语言模型(LLM)和多代理管道,从漏洞报告中自动生成概念验证(PoC)利用。现有系统通常存在两个基本限制:基于表面执行信号的不可靠验证和由于生成利用时广泛的试错而导致的高操作成本。在本文中,我们提出了PoC-Adapt,这是一个自动化PoC生成和验证的端到端框架,架构基于基于基于语义运行时验证和自适应策略学习。 PoC-Adapt的核心是一个语义Oracle,通过比较结构化的执行前后系统状态来验证利用,实现可靠地区分真正的漏洞利用和偶然的行为变化。为了降低探索成本,我们进一步引入了自适应策略学习机制,该机制在语义状态和动作上学习利用策略,引导利用代理朝着更有效的策略进行,减少失败尝试。 PoC-Adapt作为一个多代理系统实现,包括用于根本原因分析、环境构建、利用生成和语义验证的专门代理,通过结构化反馈循环进行协调。在CWE-Bench-Java和PrimeVul基准上的实验表明,与先前基于LLM的系统相比,PoC-Adapt显著提高了验证可靠性25%,并降低了利用生成成本,突出了语义验证和学习动作策略在自动漏洞复制中的重要性。应用于最新的CVE语料库,PoC-Adapt在80次复制尝试中确认了12个经过验证的PoC,每个生成的利用成本为0.42美元。
更新时间: 2026-04-09 14:37:23
领域: cs.CR
DMax: Aggressive Parallel Decoding for dLLMs
We present DMax, a new paradigm for efficient diffusion language models (dLLMs). It mitigates error accumulation in parallel decoding, enabling aggressive decoding parallelism while preserving generation quality. Unlike conventional masked dLLMs that decode through a binary mask-to-token transition, DMax reformulates decoding as a progressive self-refinement from mask embeddings to token embeddings. At the core of our approach is On-Policy Uniform Training, a novel training strategy that efficiently unifies masked and uniform dLLMs, equipping the model to recover clean tokens from both masked inputs and its own erroneous predictions. Building on this foundation, we further propose Soft Parallel Decoding. We represent each intermediate decoding state as an interpolation between the predicted token embedding and the mask embedding, enabling iterative self-revising in embedding space. Extensive experiments across a variety of benchmarks demonstrate the effectiveness of DMax. Compared with the original LLaDA-2.0-mini, our method improves TPF on GSM8K from 2.04 to 5.47 while preserving accuracy. On MBPP, it increases TPF from 2.71 to 5.86 while maintaining comparable performance. On two H200 GPUs, our model achieves an average of 1,338 TPS at batch size 1. Code is available at: https://github.com/czg1225/DMax
Updated: 2026-04-09 14:35:42
标题: DMax:dLLMs的高效并行解码
摘要: 我们提出了DMax,一种用于高效扩散语言模型(dLLMs)的新范式。它减少了并行解码中的误差累积,使解码并行性更加激进,同时保持生成质量。与传统的掩码式dLLMs通过二进制掩码到令牌转换解码不同,DMax重新构建解码为从掩码嵌入到令牌嵌入的逐步自我完善。我们方法的核心是On-Policy Uniform Training,一种新颖的训练策略,有效统一了掩码和均匀的dLLMs,使模型能够从掩码输入和自身错误预测中恢复干净的令牌。在此基础上,我们进一步提出了Soft Parallel Decoding。我们将每个中间解码状态表示为预测的令牌嵌入和掩码嵌入之间的插值,从而在嵌入空间中进行迭代的自我修正。通过对各种基准测试的广泛实验表明了DMax的有效性。与原始的LLaDA-2.0-mini相比,我们的方法将GSM8K上的TPF从2.04提高到5.47,同时保持准确性。在MBPP上,它将TPF从2.71提高到5.86,同时保持可比性能。在两个H200 GPU上,我们的模型在批处理大小为1时实现了平均1,338 TPS。代码可在以下链接找到:https://github.com/czg1225/DMax
更新时间: 2026-04-09 14:35:42
领域: cs.LG,cs.AI
$\texttt{SEM-CTRL}$: Semantically Controlled Decoding
Ensuring both syntactic and semantic correctness in Large Language Model (LLM) outputs remains a significant challenge, despite being critical for real-world deployment. In this paper, we introduce $\texttt{SEM-CTRL}$, a unified approach that allows for enforcing rich context-sensitive constraints, and task and instance specific semantics directly on the LLM decoder. Our approach integrates token-level MCTS which is guided by specific syntactic and semantic constraints. The constraints over desired outputs are expressed using Answer Set Grammars, which is a logic-based formalism that generalizes context sensitive grammars while incorporating background knowledge to represent task-specific semantics. We show that our approach helps guarantee valid completions for any off-the-shelf LLM without the need for fine-tuning. We evaluate $\texttt{SEM-CTRL}$ on a range of tasks, including synthetic grammar synthesis, combinatorial reasoning, JSON parsing, and planning. Our experimental results demonstrate that $\texttt{SEM-CTRL}$ allows even small pre-trained LLMs to efficiently outperform larger variants and state-of-the-art reasoning models (e.g., $\textit{o4-mini}$) while simultaneously guaranteeing semantic validity.
Updated: 2026-04-09 14:35:28
标题: $\texttt{SEM-CTRL}$: 语义控制解码
摘要: 尽管对于实际部署而言至关重要,但在大型语言模型(LLM)输出中确保句法和语义的正确性仍然是一个重要挑战。在本文中,我们介绍了$\texttt{SEM-CTRL}$,这是一种统一的方法,允许在LLM解码器上直接施加丰富的上下文敏感约束,以及任务和实例特定的语义。我们的方法整合了基于标记级别的MCTS,该方法受特定句法和语义约束的指导。对期望输出的约束使用答案集语法来表达,这是一种基于逻辑的形式化方法,它推广了上下文敏感的语法,同时结合背景知识来表示任务特定的语义。我们展示了我们的方法有助于保证任何现成的LLM的有效完成,而无需进行微调。我们在一系列任务上评估了$\texttt{SEM-CTRL}$,包括合成语法合成、组合推理、JSON解析和规划。我们的实验结果表明,$\texttt{SEM-CTRL}$使即使是较小的预训练LLM也能高效地胜过更大的变体和最先进的推理模型(例如$\textit{o4-mini$),同时保证语义的有效性。
更新时间: 2026-04-09 14:35:28
领域: cs.CL,cs.AI,cs.LG
SeLaR: Selective Latent Reasoning in Large Language Models
Chain-of-Thought (CoT) has become a cornerstone of reasoning in large language models, yet its effectiveness is constrained by the limited expressiveness of discrete token sampling. Recent latent reasoning approaches attempt to alleviate this limitation by replacing discrete tokens with soft embeddings (probability-weighted mixtures of token embeddings) or hidden states, but they commonly suffer from two issues: (1) global activation injects perturbations into high-confidence steps, impairing reasoning stability; and (2) soft embeddings quickly collapse toward the highest-probability token, limiting exploration of alternative trajectories. To address these challenges, we propose SeLaR (Selective Latent Reasoning), a lightweight and training-free framework. SeLaR introduces an entropy-gated mechanism that activates soft embeddings only at low-confidence steps, while preserving discrete decoding at high-confidence steps. Additionally, we propose an entropy-aware contrastive regularization that pushes soft embeddings away from the dominant (highest-probability) token's direction, encouraging sustained exploration of multiple latent reasoning paths. Experiments on five reasoning benchmarks demonstrate that SeLaR consistently outperforms standard CoT and state-of-the-art training-free methods.
Updated: 2026-04-09 14:32:07
标题: SeLaR:大型语言模型中的选择性潜在推理
摘要: 思维链(CoT)已经成为大型语言模型推理的基石,但其有效性受到离散令牌抽样有限表达能力的限制。最近的潜在推理方法试图通过用软嵌入(令牌嵌入的概率加权混合)或隐藏状态替换离散令牌来缓解这一限制,但它们通常存在两个问题:(1)全局激活会向高置信度步骤注入扰动,损害推理稳定性;(2)软嵌入很快会向最高概率令牌的方向崩溃,限制了对替代路径的探索。为了解决这些挑战,我们提出了SeLaR(选择性潜在推理),这是一个轻量级且无需训练的框架。SeLaR引入了一个熵门控机制,仅在低置信度步骤激活软嵌入,同时保留高置信度步骤的离散解码。此外,我们提出了一个熵感知对比正则化,将软嵌入推离支配(最高概率)令牌的方向,鼓励持续探索多个潜在推理路径。在五个推理基准实验中,实验证明SeLaR始终优于标准CoT和最先进的无需训练的方法。
更新时间: 2026-04-09 14:32:07
领域: cs.CL,cs.AI
Towards Identification and Intervention of Safety-Critical Parameters in Large Language Models
Ensuring Large Language Model (LLM) safety is crucial, yet the lack of a clear understanding about safety mechanisms hinders the development of precise and reliable methodologies for safety intervention across diverse tasks. To better understand and control LLM safety, we propose the Expected Safety Impact (ESI) framework for quantifying how different parameters affect LLM safety. Based on ESI, we reveal distinct safety-critical patterns across different LLM architectures: In dense LLMs, many safety-critical parameters are located in value matrices (V) and MLPs in middle layers, whereas in Mixture-of-Experts (MoE) models, they shift to the late-layer MLPs. Leveraging ESI, we further introduce two targeted intervention paradigms for safety enhancement and preservation, i.e., Safety Enhancement Tuning (SET) and Safety Preserving Adaptation (SPA). SET can align unsafe LLMs by updating only a few safety-critical parameters, effectively enhancing safety while preserving original performance. SPA safeguards well-aligned LLMs during capability-oriented intervention (e.g., instruction tuning) by preventing disruption of safety-critical weights, allowing the LLM to acquire new abilities and maintain safety capabilities. Extensive evaluations on different LLMs demonstrate that SET can reduce the attack success rates of unaligned LLMs by over 50% with only a 100-iteration update on 1% of model weights. SPA can limit the safety degradation of aligned LLMs within 1% after a 1,000-iteration instruction fine-tuning on different tasks. Our code is available at: https://github.com/ZJU-LLM-Safety/SafeWeights-ACL.
Updated: 2026-04-09 14:31:42
标题: 朝向大型语言模型中安全关键参数的识别和干预
摘要: 确保大型语言模型(LLM)的安全性至关重要,然而对安全机制缺乏明确理解阻碍了在各种任务中开发精确可靠的安全干预方法。为了更好地理解和控制LLM的安全性,我们提出了预期安全影响(ESI)框架,用于量化不同参数如何影响LLM的安全性。基于ESI,我们揭示了不同LLM架构中独特的安全关键模式:在密集LLM中,许多安全关键参数位于值矩阵(V)和中间层的MLP中,而在专家混合(MoE)模型中,它们转移到后层的MLP。利用ESI,我们进一步介绍了两种用于安全增强和保护的有针对性干预范式,即安全增强调整(SET)和安全保持适应(SPA)。SET通过仅更新少量安全关键参数,可以调整不安全的LLM,有效增强安全性同时保留原始性能。SPA在面向能力的干预(例如指令调整)期间保护良好对齐的LLM,防止破坏安全关键权重,使LLM能够获取新能力并保持安全能力。对不同LLM的广泛评估表明,SET可以通过仅对模型权重的1%进行100次迭代更新,将不对齐的LLM的攻击成功率降低50%以上。SPA可以在不同任务上进行1,000次迭代指令微调后,将对齐的LLM的安全性降低限制在1%内。我们的代码可在以下网址获取:https://github.com/ZJU-LLM-Safety/SafeWeights-ACL。
更新时间: 2026-04-09 14:31:42
领域: cs.CR
U-CECE: A Universal Multi-Resolution Framework for Conceptual Counterfactual Explanations
As AI models grow more complex, explainability is essential for building trust, yet concept-based counterfactual methods still face a trade-off between expressivity and efficiency. Representing underlying concepts as atomic sets is fast but misses relational context, whereas full graph representations are more faithful but require solving the NP-hard Graph Edit Distance (GED) problem. We propose U-CECE, a unified, model-agnostic multi-resolution framework for conceptual counterfactual explanations that adapts to data regime and compute budget. U-CECE spans three levels of expressivity: atomic concepts for broad explanations, relational sets-of-sets for simple interactions, and structural graphs for full semantic structure. At the structural level, both a precision-oriented transductive mode based on supervised Graph Neural Networks (GNNs) and a scalable inductive mode based on unsupervised graph autoencoders (GAEs) are supported. Experiments on the structurally divergent CUB and Visual Genome datasets characterize the efficiency-expressivity trade-off across levels, while human surveys and LVLM-based evaluation show that the retrieved structural counterfactuals are semantically equivalent to, and often preferred over, exact GED-based ground-truth explanations.
Updated: 2026-04-09 14:30:00
标题: U-CECE:一个用于概念反事实解释的通用多分辨率框架
摘要: 随着人工智能模型变得越来越复杂,可解释性对于建立信任至关重要,然而基于概念的反事实方法仍然面临着表达力和效率之间的折衷。将基本概念表示为原子集合速度快但缺少关联上下文,而完整的图表示更加忠实但需要解决 NP 难的图编辑距离(GED)问题。我们提出了 U-CECE,一个统一的、与模型无关的多分辨率框架,用于概念反事实解释,适应数据制度和计算预算。U-CECE 跨越三个表达水平:原子概念用于广泛解释,关系集合用于简单交互,结构图用于完整语义结构。在结构水平上,支持基于监督图神经网络(GNNs)的面向精度的迁移模式和基于无监督图自编码器(GAEs)的可扩展归纳模式。对结构差异的 CUB 和 Visual Genome 数据集上的实验表征了在不同水平上的效率表达力折衷,同时人类调查和基于 LVLM 的评估表明,检索到的结构反事实与精确的 GED 基础事实解释在语义上等同,通常优于后者。
更新时间: 2026-04-09 14:30:00
领域: cs.AI,cs.CV
Can Vision Language Models Judge Action Quality? An Empirical Evaluation
Action Quality Assessment (AQA) has broad applications in physical therapy, sports coaching, and competitive judging. Although Vision Language Models (VLMs) hold considerable promise for AQA, their actual performance in this domain remains largely uncharacterised. We present a comprehensive evaluation of state-of-the-art VLMs across activity domains (e.g. fitness, figure skating, diving), tasks, representations, and prompting strategies. Baseline results reveal that Gemini 3.1 Pro, Qwen3-VL and InternVL3.5 models perform only marginally above random chance, and although strategies such as incorporation of skeleton information, grounding instructions, reasoning structures and in-context learning lead to isolated gains, none is consistently effective. Analysis of prediction distributions uncovers two systematic biases: a tendency to predict correct execution regardless of visual evidence, and a sensitivity to superficial linguistic framing. Reformulating tasks contrastively to mitigate these biases yields minimal improvement, suggesting that the models' limitations go beyond these biases, pointing to a fundamental difficulty with fine-grained movement quality assessment. Our findings establish a rigorous baseline for future VLM-based AQA research and provide an actionable outline for failure modes requiring mitigation prior to reliable real-world deployment.
Updated: 2026-04-09 14:29:19
标题: 视觉语言模型能够评判动作质量吗?实证评估
摘要: 行动质量评估(AQA)在物理治疗、运动教练和竞技评判方面有广泛的应用。虽然视觉语言模型(VLMs)在AQA领域具有相当大的潜力,但它们在这一领域的实际表现仍然大部分没有被表征。我们对最先进的VLMs在活动领域(如健身、花样滑冰、跳水)、任务、表示和提示策略进行了全面评估。基线结果显示,Gemini 3.1 Pro、Qwen3-VL和InternVL3.5模型仅略高于随机机会,尽管诸如骨骼信息的整合、基础说明、推理结构和上下文学习等策略导致了局部收益,但没有一个是一贯有效的。对预测分布的分析揭示了两种系统偏见:倾向于预测正确执行,而不考虑视觉证据,以及对表面语言框架的敏感性。对任务进行对比重构以减轻这些偏见带来的改善微乎其微,这表明模型的限制超出了这些偏见,指向一个对细粒度动作质量评估的基本困难。我们的研究为未来基于VLM的AQA研究建立了严格的基线,并提供了一个可行的大纲,用于在可靠的现实世界部署之前缓解故障模式。
更新时间: 2026-04-09 14:29:19
领域: cs.CV,cs.AI,cs.CL
CIAO - Code In Architecture Out - Automated Software Architecture Documentation with Large Language Models
Software architecture documentation is essential for system comprehension, yet it is often unavailable or incomplete. While recent LLM-based techniques can generate documentation from code, they typically address local artifacts rather than producing coherent, system-level architectural descriptions. This paper presents a structured process for automatically generating system-level architectural documentation directly from GitHub repositories using Large Language Models. The process, called CIAO (Code In Architecture Out), defines an LLM-based workflow that takes a repository as input and produces system-level architectural documentation following a template derived from ISO/IEC/IEEE 42010, SEI Views \& Beyond, and the C4 model. The resulting documentation can be directly added to the target repository. We evaluated the process through a study with 22 developers, each reviewing the documentation generated for a repository they had contributed to. The evaluation shows that developers generally perceive the produced documentation as valuable, comprehensible, and broadly accurate with respect to the source code, while also highlighting limitations in diagram quality, high-level context modeling, and deployment views. We also assessed the operational cost of the process, finding that generating a complete architectural document requires only a few minutes and is inexpensive to run. Overall, the results indicate that a structured, standards-oriented approach can effectively guide LLMs in producing system-level architectural documentation that is both usable and cost-effective.
Updated: 2026-04-09 14:29:17
标题: CIAO - Code In Architecture Out - 利用大型语言模型自动化软件架构文档化
摘要: 软件架构文档对于系统理解至关重要,然而通常情况下这些文档并不完整或无法获取。虽然最近基于LLM的技术可以从代码中生成文档,但通常只涉及局部构件,而不是生成连贯的、系统级的架构描述。本文介绍了一种结构化流程,可以直接从GitHub存储库中使用大型语言模型自动生成系统级架构文档。该过程称为CIAO(Code In Architecture Out),定义了一个基于LLM的工作流程,将存储库作为输入,并根据ISO/IEC/IEEE 42010、SEI Views & Beyond和C4模型派生的模板生成系统级架构文档。生成的文档可以直接添加到目标存储库中。我们通过与22名开发人员进行的研究来评估这一流程,每个开发人员审查了为其贡献的存储库生成的文档。评估结果显示,开发人员普遍认为生成的文档有价值、易理解,并且在源代码方面基本准确,同时也指出了在图表质量、高级上下文建模和部署视图方面的局限性。我们还评估了该流程的运行成本,发现生成完整的架构文档仅需要几分钟,并且成本较低。总体而言,结果表明,结构化、以标准为导向的方法可以有效地引导LLM生成既可用又经济实惠的系统级架构文档。
更新时间: 2026-04-09 14:29:17
领域: cs.SE,cs.AI
Adversarially and Distributionally Robust Virtual Energy Storage Systems via the Scenario Approach
We study virtual energy storage services based on the aggregation of EV batteries in parking lots under time-varying, uncertain EV departures and state-of-charge limits. We propose a convex data-driven scheduling framework in which a parking lot manager provides storage services to a prosumer community while interacting with a retailer. The framework yields finite-sample, distribution-free guarantees on constraint violations and allows the parking lot manager to explicitly tune the trade-off between economic performance and operational safety. To enhance reliability under imperfect data, we extend the formulation to adversarial perturbations of the training samples and Wasserstein distributional shifts, obtaining robustness certificates against both corrupted data and out-of-distribution uncertainty. Numerical studies confirm the predicted profit-risk trade-off and show consistency between the theoretical certificates and the observed violation levels.
Updated: 2026-04-09 14:28:43
标题: 通过场景方法实现对抗性和分布式稳健的虚拟能量存储系统
摘要: 我们研究了基于停车场中电动汽车(EV)电池聚合的虚拟储能服务,在EV离开时间变化和状态限制不确定的情况下。我们提出了一个凸数据驱动调度框架,在这个框架中,停车场管理者为生产者社区提供储存服务,同时与零售商互动。该框架在约束违反方面提供了有限样本、无分布保证,并允许停车场管理者明确调节经济性能和运行安全之间的权衡。为了在数据不完善的情况下提高可靠性,我们将该公式扩展到对训练样本的对抗性扰动和Wasserstein分布转移,获得了对受损数据和超出分布不确定性的鲁棒性证书。数值研究证实了预测的利润风险权衡,并显示了理论证书和观察到的违规水平之间的一致性。
更新时间: 2026-04-09 14:28:43
领域: math.OC,cs.LG,eess.SY
VCAO: Verifier-Centered Agentic Orchestration for Strategic OS Vulnerability Discovery
We formulate operating-system vulnerability discovery as a \emph{repeated Bayesian Stackelberg search game} in which a Large Reasoning Model (LRM) orchestrator allocates analysis budget across kernel files, functions, and attack paths while external verifiers -- static analyzers, fuzzers, and sanitizers -- provide evidence. At each round, the orchestrator selects a target component, an analysis method, and a time budget; observes tool outputs; updates Bayesian beliefs over latent vulnerability states; and re-solves the game to minimize the strategic attacker's expected payoff. We introduce \textsc{VCAO} (\textbf{V}erifier-\textbf{C}entered \textbf{A}gentic \textbf{O}rchestration), a six-layer architecture comprising surface mapping, intra-kernel attack-graph construction, game-theoretic file/function ranking, parallel executor agents, cascaded verification, and a safety governor. Our DOBSS-derived MILP allocates budget optimally across heterogeneous analysis tools under resource constraints, with formal $\tilde{O}(\sqrt{T})$ regret bounds from online Stackelberg learning. Experiments on five Linux kernel subsystems -- replaying 847 historical CVEs and running live discovery on upstream snapshots -- show that \textsc{VCAO} discovers $2.7\times$ more validated vulnerabilities per unit budget than coverage-only fuzzing, $1.9\times$ more than static-analysis-only baselines, and $1.4\times$ more than non-game-theoretic multi-agent pipelines, while reducing false-positive rates reaching human reviewers by 68\%. We release our simulation framework, synthetic attack-graph generator, and evaluation harness as open-source artifacts.
Updated: 2026-04-09 14:27:10
标题: VCAO:针对战略OS漏洞发现的验证中心化主体协作
摘要: 我们将操作系统漏洞发现形式化为一个\emph{重复的贝叶斯斯塔克尔贝格搜索游戏},在这个游戏中,一个大型推理模型(LRM)协调器将分析预算分配给内核文件、函数和攻击路径,而外部验证者--静态分析器、模糊器和清洁器--提供证据。在每一轮中,协调器选择一个目标组件、一个分析方法和一个时间预算;观察工具输出;更新贝叶斯信念,以便在潜在的漏洞状态上重新解决游戏,以最小化战略攻击者的预期收益。我们介绍了\textsc{VCAO}(\textbf{V}erifier-\textbf{C}entered \textbf{A}gentic \textbf{O}rchestration),一个六层架构,包括表面映射、内核内攻击图构建、博弈论文件/函数排名、并行执行代理、级联验证和安全监督。我们的DOBSS派生的MILP在资源约束下最优地分配预算给异构分析工具,具有来自在线斯塔克尔贝格学习的形式化$\tilde{O}(\sqrt{T})$后悔界限。在五个Linux内核子系统上进行的实验--重放847个历史CVE并在上游快照上运行实时发现--显示\textsc{VCAO}在单位预算下发现的经过验证的漏洞比仅覆盖模糊多2.7倍,比仅静态分析基线多1.9倍,比非博弈论多智能体管道多1.4倍,同时将达到人类审阅者的虚假阳性率降低了68%。我们将我们的仿真框架、合成攻击图生成器和评估工具作为开源工件发布。
更新时间: 2026-04-09 14:27:10
领域: cs.GT,cs.CR,cs.OS
OpenGLT: A Comprehensive Benchmark of Graph Neural Networks for Graph-Level Tasks
Graphs are fundamental data structures for modeling complex interactions in domains such as social networks, molecular structures, and biological systems. Graph-level tasks, which involve predicting properties or labels for entire graphs, are crucial for applications like molecular property prediction and subgraph counting. While Graph Neural Networks (GNNs) have shown significant promise for these tasks, their evaluations are often limited by narrow datasets, insufficient architecture coverage, restricted task scope and scenarios, and inconsistent experimental setups, making it difficult to draw reliable conclusions across domains. In this paper, we present a comprehensive experimental study of GNNs on graph-level tasks, systematically categorizing them into five types: node-based, hierarchical pooling-based, subgraph-based, graph learning-based, and self-supervised learning-based GNNs. We propose a unified evaluation framework OpenGLT, which standardizes evaluation across four domains (social networks, biology, chemistry, and motif counting), two task types (classification and regression), and three real-world scenarios (clean, noisy, imbalanced, and few-shot graphs). Extensive experiments on 20 models across 26 classification and regression datasets reveal that: (i) no single architecture dominates both effectiveness and efficiency universally, i.e., subgraph-based GNNs excel in expressiveness, graph learning-based and SSL-based methods in robustness, and node-based and pooling-based models in efficiency; and (ii) specific graph topological features such as density and centrality can partially guide the selection of suitable GNN architectures for different graph characteristics.
Updated: 2026-04-09 14:25:52
标题: OpenGLT: 图神经网络在图级任务中的全面基准测试
摘要: 图形是建模领域中的基本数据结构,用于模拟复杂交互,如社交网络、分子结构和生物系统。图级任务涉及对整个图形进行属性或标签预测,在分子属性预测和子图计数等应用中至关重要。虽然图神经网络(GNN)在这些任务中表现出显著的潜力,但它们的评估常常受到狭窄数据集、不足的架构覆盖、任务范围和场景受限以及不一致的实验设置的限制,这使得难以在不同领域之间得出可靠的结论。在本文中,我们对GNN在图级任务上进行了全面的实验研究,将其系统地分为五种类型:基于节点、分层池化、子图、图学习和自监督学习的GNN。我们提出了统一的评估框架OpenGLT,该框架标准化了跨四个领域(社交网络、生物学、化学和模式计数)、两种任务类型(分类和回归)和三种现实场景(干净、嘈杂、不平衡和少样本图形)的评估。对26个分类和回归数据集上的20个模型进行了大量实验,揭示了:(i)没有单一架构在效果和效率方面普遍占优,即基于子图的GNN在表现力上卓越,基于图学习和SSL的方法在稳健性上表现出色,基于节点和池化的模型在效率上优势;以及(ii)特定的图拓扑特征如密度和中心性可以部分指导选择适合不同图特征的GNN架构。
更新时间: 2026-04-09 14:25:52
领域: cs.LG,cs.AI,cs.DB
Distributed Multi-Layer Editing for Rule-Level Knowledge in Large Language Models
Large language models store not only isolated facts but also rules that support reasoning across symbolic expressions, natural language explanations, and concrete instances. Yet most model editing methods are built for fact-level knowledge, assuming that a target edit can be achieved through a localized intervention. This assumption does not hold for rule-level knowledge, where a single rule must remain consistent across multiple interdependent forms. We investigate this problem through a mechanistic study of rule-level knowledge editing. To support this study, we extend the RuleEdit benchmark from 80 to 200 manually verified rules spanning mathematics and physics. Fine-grained causal tracing reveals a form-specific organization of rule knowledge in transformer layers: formulas and descriptions are concentrated in earlier layers, while instances are more associated with middle layers. These results suggest that rule knowledge is not uniformly localized, and therefore cannot be reliably edited by a single-layer or contiguous-block intervention. Based on this insight, we propose Distributed Multi-Layer Editing (DMLE), which applies a shared early-layer update to formulas and descriptions and a separate middle-layer update to instances. While remaining competitive on standard editing metrics, DMLE achieves substantially stronger rule-level editing performance. On average, it improves instance portability and rule understanding by 13.91 and 50.19 percentage points, respectively, over the strongest baseline across GPT-J-6B, Qwen2.5-7B, Qwen2-7B, and LLaMA-3-8B. The code is available at https://github.com/Pepper66/DMLE.
Updated: 2026-04-09 14:22:19
标题: 大规模语言模型中基于规则级知识的分布式多层编辑
摘要: 大型语言模型不仅存储孤立的事实,还存储支持符号表达、自然语言解释和具体实例推理的规则。然而,大多数模型编辑方法都是针对事实级知识构建的,假设目标编辑可以通过局部干预实现。这一假设在规则级知识中不成立,因为单个规则必须在多个相互依赖的形式中保持一致。我们通过对规则级知识编辑的机械性研究来调查这一问题。为了支持这项研究,我们将RuleEdit基准从80个扩展到涵盖数学和物理的200个经过手工验证的规则。细粒度的因果追踪揭示了变压器层中规则知识的形式特定组织:公式和描述集中在较早的层,而实例更与中间层相关联。这些结果表明,规则知识并非均匀局部化,因此不能通过单层或连续块干预可靠地编辑。基于这一见解,我们提出了分布式多层编辑(DMLE),该方法将一个共享的早期层更新应用于公式和描述,并将一个单独的中间层更新应用于实例。虽然在标准编辑指标上保持竞争力,但DMLE在规则级编辑性能方面取得了显著的进展。平均而言,它分别比GPT-J-6B、Qwen2.5-7B、Qwen2-7B和LLaMA-3-8B中最强基线提高了13.91和50.19个百分点的实例可移植性和规则理解。代码可在https://github.com/Pepper66/DMLE找到。
更新时间: 2026-04-09 14:22:19
领域: cs.CL,cs.AI
AudioMoG: Guiding Audio Generation with Mixture-of-Guidance
The design of diffusion-based audio generation systems has been investigated from diverse perspectives, such as data space, network architecture, and conditioning techniques, while most of these innovations require model re-training. In sampling, classifier-free guidance (CFG) has been uniformly adopted to enhance generation quality by strengthening condition alignment. However, CFG often compromises diversity, resulting in suboptimal performance. Although the recent autoguidance (AG) method proposes another direction of guidance that maintains diversity, its direct application in audio generation has so far underperformed CFG. In this work, we introduce AudioMoG, an improved sampling method that enhances text-to-audio (T2A) and video-to-audio (V2A) generation quality without requiring extensive training resources. We start with an analysis of both CFG and AG, examining their respective advantages and limitations for guiding diffusion models. Building upon our insights, we introduce a mixture-of-guidance framework that integrates diverse guidance signals with their interaction terms (e.g., the unconditional bad version of the model) to maximize cumulative advantages. Experiments show that, given the same inference speed, our approach consistently outperforms single guidance in T2A generation across sampling steps, concurrently showing advantages in V2A, text-to-music, and image generation. Demo samples are available at: https://audiomog.github.io.
Updated: 2026-04-09 14:19:05
标题: AudioMoG: 用混合引导引导音频生成
摘要: 扩散式音频生成系统的设计已经从不同的角度进行了研究,比如数据空间、网络架构和调节技术,而大多数这些创新都需要重新训练模型。在采样方面,分类器不受限制的引导(CFG)已经被普遍采用,通过加强条件对齐来提高生成质量。然而,CFG往往会损害多样性,导致性能不佳。虽然最近的自动引导(AG)方法提出了另一种引导方向,保持了多样性,但迄今为止在音频生成中的直接应用表现不如CFG。在这项工作中,我们介绍了AudioMoG,一种改进的采样方法,可以在不需要大量训练资源的情况下提高文本到音频(T2A)和视频到音频(V2A)的生成质量。我们首先分析了CFG和AG,检查它们各自在引导扩散模型方面的优势和局限性。基于我们的见解,我们引入了一种混合引导框架,将不同的引导信号与它们的交互项(例如模型的无条件坏版本)整合在一起,以最大化累积优势。实验表明,在相同的推断速度下,我们的方法在T2A生成中始终优于单一引导,在采样步骤中表现出优势,同时在V2A、文本到音乐和图像生成方面也显示出优势。演示样本可在网站https://audiomog.github.io上查看。
更新时间: 2026-04-09 14:19:05
领域: cs.SD,cs.AI
Seeing with You: Perception-Reasoning Coevolution for Multimodal Reasoning
Reinforcement learning with verifiable rewards (RLVR) has substantially enhanced the reasoning capabilities of multimodal large language models (MLLMs). However, existing RLVR approaches typically rely on outcome-driven optimization that updates both perception and reasoning using a shared reward based solely on the final answer. This shared reward blurs credit assignment, frequently improving reasoning patterns while failing to reliably enhance the accuracy of upstream visual evidence extraction. To address this perception bottleneck, we introduce PRCO (Perception-Reasoning Coevolution), a dual-role RLVR framework with a shared policy. PRCO consists of two cooperative roles: an Observer that generates an evidence caption tailored to the question and a Solver that predicts the final answer based on this caption. Crucially, PRCO employs role-specific reward signals: the Solver is optimized using verifiable outcome rewards on the final answer, while the Observer receives a utility reward derived from the Solver's downstream success. Extensive experiments across eight challenging multimodal reasoning benchmarks demonstrate that PRCO yields consistent improvements across model scales by over 7 points on average accuracy compared to the base model, outperforming prior open-source RL-tuned baselines.
Updated: 2026-04-09 14:15:05
标题: 与你一起看见:多模态推理的感知-推理共同演化
摘要: 利用可验证奖励的强化学习(RLVR)大大增强了多模态大型语言模型(MLLMs)的推理能力。然而,现有的RLVR方法通常依赖于以结果为驱动的优化,使用仅基于最终答案的共享奖励更新感知和推理。这种共享奖励模糊了学分分配,经常改善推理模式,但未能可靠地增强上游视觉证据提取的准确性。为了解决这个感知瓶颈,我们引入了PRCO(感知-推理共同进化),这是一个具有共享策略的双重角色RLVR框架。PRCO包括两个协作角色:生成与问题相关的证据标题的观察者和基于此标题预测最终答案的求解器。重要的是,PRCO使用特定于角色的奖励信号:求解器使用最终答案上的可验证结果奖励进行优化,而观察者从求解器的下游成功中获得效用奖励。在八个具有挑战性的多模态推理基准测试中进行的大量实验表明,与基本模型相比,PRCO在模型规模上平均提高了超过7个百分点的准确性,优于之前的开源RL调整基线。
更新时间: 2026-04-09 14:15:05
领域: cs.AI
Accordion-Thinking: Self-Regulated Step Summaries for Efficient and Readable LLM Reasoning
Scaling test-time compute via long Chain-of-Thought unlocks remarkable gains in reasoning capabilities, yet it faces practical limits due to the linear growth of KV cache and quadratic attention complexity. In this paper, we introduce Accordion-Thinking, an end-to-end framework where LLMs learn to self-regulate the granularity of the reasoning steps through dynamic summarization. This mechanism enables a Fold inference mode, where the model periodically summarizes its thought process and discards former thoughts to reduce dependency on historical tokens. We apply reinforcement learning to incentivize this capability further, uncovering a critical insight: the accuracy gap between the highly efficient Fold mode and the exhaustive Unfold mode progressively narrows and eventually vanishes over the course of training. This phenomenon demonstrates that the model learns to encode essential reasoning information into compact summaries, achieving effective compression of the reasoning context. Our Accordion-Thinking demonstrates that with learned self-compression, LLMs can tackle complex reasoning tasks with minimal dependency token overhead without compromising solution quality, and it achieves a three times throughput while maintaining accuracy on a 48GB GPU memory configuration, while the structured step summaries provide a human-readable account of the reasoning process.
Updated: 2026-04-09 14:14:01
标题: 手风琴思维:自我调节的步骤摘要,用于高效且易读的LLM推理
摘要: 通过长链式思维解锁了推理能力的显著增益,但由于KV缓存的线性增长和二次注意力复杂性,它面临着实际限制。在本文中,我们介绍了手风琴思维,这是一个端到端的框架,LLMs通过动态总结学习自我调节推理步骤的粒度。这种机制实现了一种折叠推理模式,模型定期总结其思维过程并丢弃先前的思维,以减少对历史标记的依赖。我们应用强化学习进一步激励这种能力,发现了一个关键的洞察:高效的折叠模式和详尽的展开模式之间的准确性差距逐渐缩小,并最终在训练过程中消失。这种现象表明,模型学会将关键推理信息编码到紧凑的总结中,实现了推理上下文的有效压缩。我们的手风琴思维表明,通过学习自我压缩,LLMs可以处理复杂的推理任务,最小化依赖标记开销,而不会影响解决方案的质量,并在48GB GPU内存配置上实现三倍的吞吐量,同时结构化的步骤摘要提供了一个可读的推理过程描述。
更新时间: 2026-04-09 14:14:01
领域: cs.AI,cs.LG
QARIMA: A Quantum Approach To Classical Time Series Analysis
We present a quantum-inspired ARIMA methodology that integrates quantum-assisted lag discovery with \emph{fixed-configuration} variational quantum circuits (VQCs) for parameter estimation and weak-lag refinement. Differencing and candidate lags are identified via swap-test-driven quantum autocorrelation (QACF) and quantum partial autocorrelation (QPACF), with a delayed-matrix construction that aligns quantum projections to time-domain regressors, followed by standard information-criterion parsimony. Given the screened orders $(p,d,q)$, we retain a fixed VQC ansatz, optimizer, and training budget, preventing hyperparameter leakage, and deploy the circuit in two estimation roles: VQC-AR for autoregressive coefficients and VQC-MA for moving-average coefficients. Between screening and estimation, a lightweight VQC weak-lag refinement re-weights or prunes screened AR lags without altering $(p,d,q)$. Across environmental and industrial datasets, we perform rolling-origin evaluations against automated classical ARIMA, reporting out-of-sample mean squared error (MSE), mean absolute percentage error (MAPE), and Diebold--Mariano tests on MSE and MAE. Empirically, the seven quantum contributions -- (1) differencing selection, (2) QACF, (3) QPACF, (4) swap-test primitives with delayed-matrix construction, (5) VQC-AR, (6) VQC weak-lag refinement, and (7) VQC-MA -- collectively reduce meta-optimization overhead and make explicit where quantum effects enter order discovery, lag refinement, and AR/MA parameter estimation.
Updated: 2026-04-09 14:11:39
标题: QARIMA:经典时间序列分析的量子方法
摘要: 我们提出了一种量子启发的ARIMA方法,该方法将量子辅助滞后发现与固定配置的变分量子电路(VQC)相结合,用于参数估计和弱滞后细化。通过交换测试驱动的量子自相关(QACF)和量子偏自相关(QPACF)识别差分和候选滞后,延迟矩阵构建将量子投影对准时间域回归器,随后进行标准信息准则的简约。鉴于筛选的顺序$(p,d,q)$,我们保留一个固定的VQC假设,优化器和培训预算,防止超参数泄漏,并将电路部署到两个估计角色中:VQC-AR用于自回归系数和VQC-MA用于移动平均系数。在筛选和估计之间,轻量级的VQC弱滞后细化重新加权或修剪筛选的AR滞后,而不改变$(p,d,q)$。在环境和工业数据集中,我们对自动化的经典ARIMA进行滚动起源评估,报告了样本外均方误差(MSE),平均绝对百分比误差(MAPE)和MSE和MAE上的Diebold-Mariano测试。从经验上看,七个量子贡献——(1)差分选择,(2)QACF,(3)QPACF,(4)具有延迟矩阵构建的交换测试基元,(5)VQC-AR,(6)VQC弱滞后细化和(7)VQC-MA——共同减少了元优化开销,并明确了量子效应进入顺序发现,滞后细化和AR/MA参数估计的地方。
更新时间: 2026-04-09 14:11:39
领域: quant-ph,cs.AI,cs.LG
ACF: A Collaborative Framework for Agent Covert Communication under Cognitive Asymmetry
As generative artificial intelligence evolves, autonomous agent networks present a powerful paradigm for interactive covert communication. However, because agents dynamically update internal memories via environmental interactions, existing methods face a critical structural vulnerability: cognitive asymmetry. Conventional approaches demand strict cognitive symmetry, requiring identical sequence prefixes between the encoder and decoder. In dynamic deployments, inevitable prefix discrepancies destroy synchronization, inducing severe channel degradation. To address this core challenge of cognitive asymmetry, we propose the Asymmetric Collaborative Framework (ACF), which structurally decouples covert communication from semantic reasoning via orthogonal statistical and cognitive layers. By deploying a prefix-independent decoding paradigm governed by a shared steganographic configuration, ACF eliminates the reliance on cognitive symmetry. Evaluations on realistic memory-augmented workflows demonstrate that under severe cognitive asymmetry, symmetric baselines suffer severe channel degradation, whereas ACF uniquely excels across both semantic fidelity and covert communication. It maintains computational indistinguishability, enabling reliable secret extraction with provable error bounds, and providing robust Effective Information Capacity guarantees for modern agent networks.
Updated: 2026-04-09 14:10:51
标题: ACF:一种在认知不对称下进行代理人隐蔽通信的协作框架
摘要: 随着生成性人工智能的发展,自主代理网络呈现出一种强大的互动隐蔽通信范式。然而,由于代理通过环境交互动态更新内部记忆,现有方法面临一个关键的结构性脆弱性:认知不对称。传统方法要求严格的认知对称,要求编码器和解码器之间具有相同的序列前缀。在动态部署中,不可避免的前缀差异会破坏同步,导致严重的信道退化。为了解决认知不对称的核心挑战,我们提出了非对称协作框架(ACF),通过正交的统计和认知层将隐蔽通信结构上解耦,与语义推理分离。通过部署一个由共享隐写配置控制的独立于前缀的解码范式,ACF消除了对认知对称性的依赖。在现实记忆增强工作流程上的评估表明,在严重的认知不对称情况下,对称基线会受到严重的信道退化,而ACF在语义保真度和隐蔽通信方面表现出色。它保持了计算上的不可区分性,能够以可证明的误差界可靠地提取秘密,并为现代代理网络提供了强大的有效信息容量保证。
更新时间: 2026-04-09 14:10:51
领域: cs.AI,cs.CR
Seeing Like an AI: How LLMs Apply (and Misapply) Wikipedia Neutrality Norms
Large language models (LLMs) are trained on broad corpora and then used in communities with specialized norms. Is providing LLMs with community rules enough for models to follow these norms? We evaluate LLMs' capacity to detect (Task 1) and correct (Task 2) biased Wikipedia edits according to Wikipedia's Neutral Point of View (NPOV) policy. LLMs struggled with bias detection, achieving only 64% accuracy on a balanced dataset. Models exhibited contrasting biases (some under- and others over-predicted bias), suggesting distinct priors about neutrality. LLMs performed better at generation, removing 79% of words removed by Wikipedia editors. However, LLMs made additional changes beyond Wikipedia editors' simpler neutralizations, resulting in high-recall but low-precision editing. Interestingly, crowdworkers rated AI rewrites as more neutral (70%) and fluent (61%) than Wikipedia-editor rewrites. Qualitative analysis found LLMs sometimes applied NPOV more comprehensively than Wikipedia editors but often made extraneous non-NPOV-related changes (such as grammar). LLMs may apply rules in ways that resonate with the public but diverge from community experts. While potentially effective for generation, LLMs may reduce editor agency and increase moderation workload (e.g., verifying additions). Even when rules are easy to articulate, having LLMs apply them like community members may still be difficult.
Updated: 2026-04-09 14:05:59
标题: 像人工智能一样看待:LLMs如何应用(和误用)维基百科的中立性规范
摘要: 大型语言模型(LLMs)是在广泛的语料库上训练,然后在具有专业规范的社区中使用。为LLMs提供社区规则足以使模型遵循这些规范吗?我们评估LLMs检测(任务1)和纠正(任务2)偏见维基百科编辑的能力,根据维基百科的中立观点(NPOV)政策。LLMs在偏见检测方面表现不佳,在平衡数据集上仅达到64%的准确率。模型展现出对中立性的截然不同的偏见(有些低估,有些高估),表明了不同的中性先验。LLMs在生成方面表现更好,去除了维基百科编辑删除的79%的单词。然而,LLMs进行了额外的更改,超出了维基百科编辑的简单中性化,导致高召回率但低精度的编辑。有趣的是,众包工作者评价AI改写比维基百科编辑的改写更中立(70%)和流畅(61%)。定性分析发现LLMs有时比维基百科编辑更全面地应用NPOV,但经常进行不相关的额外改变(比如语法)。LLMs可能以与公众共鸣但与社区专家不同的方式应用规则。虽然在生成方面可能有效,但LLMs可能降低编辑者的权力,并增加审核工作量(例如验证添加内容)。即使规则容易明确表述,让LLMs像社区成员一样应用它们仍然可能很困难。
更新时间: 2026-04-09 14:05:59
领域: cs.CL,cs.AI,cs.CY,cs.HC
E2Edev: Benchmarking Large Language Models in End-to-End Software Development Task
The rapid advancement in large language models (LLMs) has demonstrated significant potential in End-to-End Software Development (E2ESD). However, existing E2ESD benchmarks are limited by coarse-grained requirement specifications and unreliable evaluation protocols, hindering a true understanding of current framework capabilities. To address these limitations, we present E2EDev, a novel benchmark grounded in the principles of Behavior-Driven Development (BDD), which evaluates the capabilities of E2ESD frameworks by assessing whether the generated software meets user needs through mimicking real user interactions (Figure 1). E2EDev comprises (i) a fine-grained set of user requirements, (ii) multiple BDD test scenarios with corresponding Python step implementations for each requirement, and (iii) a fully automated testing pipeline built on the Behave framework. To ensure its quality while reducing the annotation effort, E2EDev leverages our proposed Human-in-the-Loop Multi-Agent Annotation Framework (HITL-MAA). By evaluating various E2ESD frameworks and LLM backbones with E2EDev, our analysis reveals a persistent struggle to effectively solve these tasks, underscoring the critical need for more effective and cost-efficient E2ESD solutions. Our codebase and benchmark are publicly available at https://github.com/SCUNLP/E2EDev.
Updated: 2026-04-09 14:05:50
标题: E2Edev:在端到端软件开发任务中对大型语言模型进行基准测试
摘要: 大型语言模型(LLMs)的快速发展已经展示出在端到端软件开发(E2ESD)中具有重要潜力。然而,现有的E2ESD基准受到粗粒度需求规范和不可靠的评估协议的限制,阻碍了对当前框架能力的真正理解。为了解决这些限制,我们提出了E2EDev,这是一个基于行为驱动开发(BDD)原则的新型基准,通过模拟真实用户交互来评估E2ESD框架的能力。E2EDev包括(i)一个细粒度的用户需求集,(ii)多个BDD测试场景,每个需求都有相应的Python步骤实现,以及(iii)基于Behave框架构建的完全自动化测试流程。为了确保其质量并减少注释工作量,E2EDev利用我们提出的人在循环多代理注释框架(HITL-MAA)。通过使用E2EDev评估各种E2ESD框架和LLM骨干,我们的分析揭示出在有效解决这些任务方面持续挣扎的情况,强调了更有效和成本效益更高的E2ESD解决方案的迫切需求。我们的代码库和基准可在https://github.com/SCUNLP/E2EDev 上公开获取。
更新时间: 2026-04-09 14:05:50
领域: cs.SE,cs.AI,cs.CL
Adaptive Stepsizing for Stochastic Gradient Langevin Dynamics in Bayesian Neural Networks
Bayesian neural networks (BNNs) require scalable sampling algorithms to approximate posterior distributions over parameters. Existing stochastic gradient Markov Chain Monte Carlo (SGMCMC) methods are highly sensitive to the choice of stepsize and adaptive variants such as pSGLD typically fail to sample the correct invariant measure without addition of a costly divergence correction term. In this work, we build on the recently proposed `SamAdams' framework for timestep adaptation (Leimkuhler, Lohmann, and Whalley 2025), introducing an adaptive scheme: SA-SGLD, which employs time rescaling to modulate the stepsize according to a monitored quantity (typically the local gradient norm). SA-SGLD can automatically shrink stepsizes in regions of high curvature and expand them in flatter regions, improving both stability and mixing without introducing bias. We show that our method can achieve more accurate posterior sampling than SGLD on high-curvature 2D toy examples and in image classification with BNNs using sharp priors.
Updated: 2026-04-09 14:04:32
标题: 自适应步长对贝叶斯神经网络中的随机梯度 Langevin 动力学的影响
摘要: 贝叶斯神经网络(BNNs)需要可扩展的抽样算法来逼近参数的后验分布。现有的随机梯度马尔可夫链蒙特卡洛(SGMCMC)方法对步长的选择非常敏感,而自适应变体如pSGLD通常在没有增加昂贵的发散校正项的情况下无法采样正确的不变测度。在这项工作中,我们基于最近提出的`timestep'自适应框架(Leimkuhler、Lohmann和Whalley 2025),引入了一种自适应方案:SA-SGLD,它利用时间重缩放来根据监测到的数量(通常是局部梯度范数)调节步长。SA-SGLD可以在高曲率区域自动缩小步长,并在较平坦区域扩大步长,提高稳定性和混合性而不引入偏差。我们展示了我们的方法可以在高曲率的2D玩具示例和使用尖锐先验进行的BNNs图像分类中实现比SGLD更准确的后验抽样。
更新时间: 2026-04-09 14:04:32
领域: cs.LG,stat.ML
An Illusion of Unlearning? Assessing Machine Unlearning Through Internal Representations
While numerous machine unlearning (MU) methods have recently been developed with promising results in erasing the influence of forgotten data, classes, or concepts, they are also highly vulnerable-for example, simple fine-tuning can inadvertently reintroduce erased concepts. In this paper, we address this contradiction by examining the internal representations of unlearned models, in contrast to prior work that focuses primarily on output-level behavior. Our analysis shows that many state-of-the-art MU methods appear successful mainly due to a misalignment between last-layer features and the classifier, a phenomenon we call feature-classifier misalignment. In fact, hidden features remain highly discriminative, and simple linear probing can recover near-original accuracy. Assuming neural collapse in the original model, we further demonstrate that adjusting only the classifier can achieve negligible forget accuracy while preserving retain accuracy, and we corroborate this with experiments using classifier-only fine-tuning. Motivated by these findings, we propose MU methods based on a class-mean features (CMF) classifier, which explicitly enforces alignment between features and classifiers. Experiments on standard benchmarks show that CMF-based unlearning reduces forgotten information in representations while maintaining high retain accuracy, highlighting the need for faithful representation-level evaluation of MU.
Updated: 2026-04-09 14:02:23
标题: 一个取消学习的错觉?通过内部表征评估机器取消学习
摘要: 最近已经开发了许多机器遗忘(MU)方法,取得了令人满意的结果,可以擦除被遗忘的数据、类别或概念的影响,但它们也非常容易受到攻击-例如,简单的微调可能会无意中重新引入被擦除的概念。本文通过检查忘记模型的内部表示来解决这一矛盾,与以往主要关注输出级别行为的工作形成对比。我们的分析显示,许多最先进的MU方法主要因为最后一层特征与分类器之间存在错位而显得成功,这种现象被我们称为特征-分类器错位。事实上,隐藏特征仍然具有很高的区分度,简单的线性探测可以恢复接近原始精度。在原始模型中假设神经坍塌,我们进一步证明只调整分类器即可实现可忽略的遗忘精度,同时保持保留精度,并通过仅使用分类器微调的实验证实了这一点。受这些发现的启发,我们提出基于类均值特征(CMF)分类器的MU方法,该方法明确强化了特征和分类器之间的对齐。在标准基准测试上进行的实验表明,基于CMF的遗忘可以减少表示中遗忘的信息,同时保持高保留准确性,突出了对MU的忠实表示级别评估的需求。
更新时间: 2026-04-09 14:02:23
领域: cs.LG
Parameter-Efficient Transfer Learning for Microseismic Phase Picking Using a Neural Operator
Seismic phase picking is fundamental for microseismic monitoring and subsurface imaging. Manual processing is impractical for real-time applications and large sensor arrays, motivating the use of deep learning-based pickers trained on extensive earthquake catalogs. On a broader scale, these models are generally tuned to perform optimally in high signal-to-noise and long-duration networks and often fail to perform satisfactorily when applied to campaign-based microseismic datasets, which are characterized by low signal-to-noise ratios, sparse geometries, and limited labeled data. In this study, we present a microseismic adaptation of a network-wide earthquake phase picker, Phase Neural Operator (PhaseNO), using transfer learning and parameter-efficient fine-tuning. Starting from a model pre-trained on more than 57,000 three-component earthquake and noise records, we fine-tune it using only 200 labeled and noisy microseismic recordings from hydraulic fracturing settings. We present a parameter-efficient adaptation of PhaseNO that fine-tunes a small fraction of its parameters (only 3.6%) while retaining its global spatiotemporal representations learned from a large dataset of earthquake recordings. We then evaluate our adapted model on three independent microseismic datasets and compare its performance against the original pre-trained PhaseNO, a STA/LTA-based workflow, and two state-of-the-art deep learning models, PhaseNet and EQTransformer. We demonstrate that our adapted model significantly outperforms the original PhaseNO in F1 and accuracy metrics, achieving up to 30% absolute improvements in all test sets and consistently performing better than STA/LTA and state-of-the-art models. With our adaptation being based on a small calibration set, our proposed workflow is a practical and efficient tool to deploy network-wide models in data-limited microseismic applications.
Updated: 2026-04-09 14:01:27
标题: 参数高效的神经操作符迁移学习在微地震震相挑选中的应用
摘要: 地震相位拾取是微震监测和地下成像的基础。手动处理对实时应用和大型传感器阵列来说是不切实际的,这促使人们使用基于深度学习的拾取器,在广泛的地震目录上进行训练。在更广泛的范围内,这些模型通常被调整以在高信噪比和长持续时间网络中表现最佳,并且在应用于基于活动的微震数据集时往往无法满意地运行,这些数据集具有低信噪比、稀疏几何结构和有限标记数据。 在本研究中,我们提出了一个网络范围内地震相位拾取器Phase Neural Operator (PhaseNO)的微震适应性,使用迁移学习和参数高效微调。从一个预先训练了超过57,000个三分量地震和噪声记录的模型开始,我们只使用来自水力压裂设置的200个有标记和嘈杂的微震记录进行微调。我们提出了一个参数高效的PhaseNO适应性,只微调了其中的一小部分参数(仅3.6%),同时保留了从大型地震记录数据集中学习的全局时空表示。 然后,我们在三个独立的微震数据集上评估了我们的适应模型,并将其性能与原始预训练的PhaseNO、基于STA/LTA的工作流程以及两种最先进的深度学习模型PhaseNet和EQTransformer进行了比较。我们证明,我们的适应模型在F1和准确性指标上明显优于原始的PhaseNO,在所有测试集中取得了高达30%的绝对改善,并且始终优于STA/LTA和最先进的模型。由于我们的适应是基于一个小的校准集,我们提出的工作流程是在数据有限的微震应用中部署网络范围模型的实用和高效工具。
更新时间: 2026-04-09 14:01:27
领域: physics.geo-ph,cs.LG
A One-Inclusion Graph Approach to Multi-Group Learning
We prove the tightest-known upper bounds on the sample complexity of multi-group learning. Our algorithm extends the one-inclusion graph prediction strategy using a generalization of bipartite $b$-matching. In the group-realizable setting, we provide a lower bound confirming that our algorithm's $\log n / n$ convergence rate is optimal in general. If one relaxes the learning objective such that the group on which we are evaluated is chosen obliviously of the sample, then our algorithm achieves the optimal $1/n$ convergence rate under group-realizability.
Updated: 2026-04-09 14:00:32
标题: 一个包含图方法用于多组学习
摘要: 我们证明了多组学习样本复杂性的最严格上界。我们的算法通过使用二部图$ b $-匹配的泛化扩展了单包含图预测策略。在群可实现设置中,我们提供了一个下界,证实我们的算法的$ \log n / n $收敛速度在一般情况下是最佳的。如果放宽学习目标,使得我们被评估的群组是在不知道样本的情况下选择的,那么我们的算法在群组可实现性下实现了最佳的$ 1/n $收敛速度。
更新时间: 2026-04-09 14:00:32
领域: cs.LG
On the Robustness of Tabular Foundation Models: Test-Time Attacks and In-Context Defenses
Recent tabular Foundational Models (FM) such as TabPFN and TabICL, leverage in-context learning to achieve strong performance without gradient updates or fine-tuning. However, their robustness to adversarial manipulation remains largely unexplored. In this work, we present a comprehensive study of the adversarial vulnerabilities of tabular FM, focusing on both their fragility to targeted test-time attacks and their potential misuse as adversarial tools. We show on three benchmarks in finance, cybersecurity and healthcare, that small, structured perturbations to test inputs can significantly degrade prediction accuracy, even when training context remain fixed. Additionally, we demonstrate that tabular FM can be repurposed to generate transferable evasion to conventional models such as random forests and XGBoost, and on a lesser extent to deep tabular models. To improve tabular FM, we formulate the robustification problem as an optimization of the weights (adversarial fine-tuning), or the context (adversarial in-context learning). We introduce an in-context adversarial training strategy that incrementally replaces the context with adversarial perturbed instances, without updating model weights. Our approach improves robustness across multiple tabular benchmarks. Together, these findings position tabular FM as both a target and a source of adversarial threats, highlighting the urgent need for robust training and evaluation practices in this emerging paradigm.
Updated: 2026-04-09 13:55:31
标题: 关于表格基础模型的鲁棒性:测试时攻击和上下文防御
摘要: 最近的表格基础模型(FM)如TabPFN和TabICL,利用上下文学习来实现强大的性能,而无需渐变更新或微调。然而,它们对于对抗性操作的鲁棒性仍然大多未被探索。在这项工作中,我们对表格FM的对抗性漏洞进行了全面研究,重点关注它们对定向测试时间攻击的脆弱性以及作为对抗工具的潜在滥用。我们在金融、网络安全和医疗保健等三个基准测试中表明,对测试输入进行小型结构扰动可以显著降低预测准确性,即使训练上下文保持不变。此外,我们证明了表格FM可以被重新用于生成对传统模型(如随机森林和XGBoost)的可转移逃避,对深度表格模型的影响相对较小。为了改进表格FM,我们将鲁棒性问题形式化为权重(对抗微调)或上下文(对抗上下文学习)的优化。我们引入了一种上下文对抗训练策略,逐步用对抗性扰动实例替换上下文,而不更新模型权重。我们的方法提高了多个表格基准的鲁棒性。综合这些发现,将表格FM定位为对抗威胁的目标和源,突出了在这一新兴范式中迫切需要鲁棒的训练和评估实践的紧迫性。
更新时间: 2026-04-09 13:55:31
领域: cs.LG
Efficient Federated Search for Retrieval-Augmented Generation using Lightweight Routing
Large language models (LLMs) achieve remarkable performance across domains but remain prone to hallucinations and inconsistencies. Retrieval-augmented generation (RAG) mitigates these issues by augmenting model inputs with relevant documents retrieved from external sources. In many real-world scenarios, relevant knowledge is fragmented across organizations or institutions, motivating the need for federated search mechanisms that can aggregate results from heterogeneous data sources without centralizing the data. We introduce RAGRoute, a lightweight routing mechanism for federated search in RAG systems that dynamically selects relevant data sources at query time using a neural classifier, avoiding indiscriminate querying. This selective routing reduces communication overhead and end-to-end latency while preserving retrieval quality, achieving up to 80.65% reductions in communication volume and 52.50% reductions in latency across three benchmarks, while matching the accuracy of querying all sources.
Updated: 2026-04-09 13:52:15
标题: 高效的联合搜索:使用轻量级路由进行检索增强生成
摘要: 大型语言模型(LLMs)在各个领域取得了显著的性能,但仍然容易出现幻觉和不一致性。检索增强生成(RAG)通过从外部来源检索相关文档来增强模型输入,从而减轻了这些问题。在许多现实世界的场景中,相关知识分散在不同的组织或机构之间,这促使我们需要联邦搜索机制,可以聚合来自异构数据源的结果而不集中数据。我们介绍了RAGRoute,这是一种轻量级的联邦搜索中的路由机制,用于RAG系统,在查询时使用神经分类器动态选择相关数据源,避免了不加选择的查询。这种选择性路由减少了通信开销和端到端延迟,同时保持了检索质量,在三个基准测试中实现了高达80.65%的通信量减少和52.50%的延迟减少,同时匹配了查询所有数据源的准确性。
更新时间: 2026-04-09 13:52:15
领域: cs.LG,cs.DC,cs.IR
Parent Selection Mechanisms in Elitist Crossover-Based Algorithms
Parent selection methods are widely used in evolutionary computation to accelerate the optimization process, yet their theoretical benefits are still poorly understood. In this paper, we address this gap by proposing a parent selection strategy for the $(μ+1)$ genetic algorithm (GA) that prioritizes the selection of maximally distant parents for crossover. We show that, with an appropriately chosen population size, the resulting algorithm solves the Jump$_k$ problem in $O(k4^kn\log(n))$ expected time. This bound is significantly smaller than the best known bound of $O(nμ\log(μ)+n\log(n)+n^{k-1})$ for any $(μ+1)$~GA using no explicit diversity-preserving mechanism and a constant crossover probability. To establish this result, we introduce a novel diversity metric that captures both the maximum distance between pairs of individuals in the population and the number of pairs achieving this distance. The main novelty of our analysis is that it relies on crossover as a mechanism for creating and maintaining diversity throughout the run, rather than using crossover only in the final step to combine already diversified individuals. The insights provided by our analysis contribute to a deeper theoretical understanding of the role of crossover in the population dynamics of genetic algorithms.
Updated: 2026-04-09 13:51:29
标题: Elitist Crossover-Based Algorithms中的父代选择机制
摘要: 亲本选择方法被广泛应用于进化计算中,以加速优化过程,然而它们的理论优势仍然知之甚少。本文通过为$(μ+1)$遗传算法(GA)提出了一种亲本选择策略,该策略优先选择距离最远的亲本进行交叉。我们表明,通过适当选择种群大小,得到的算法可以在$O(k4^kn\log(n))$的期望时间内解决Jump$_k$问题。这个界限显著小于对于任何$(μ+1)$GA的最佳已知界限$O(nμ\log(μ)+n\log(n)+n^{k-1})$,该GA不使用明确的维护多样性机制和恒定的交叉概率。 为了证明这一结果,我们引入了一种新颖的多样性度量,该度量捕捉了种群中个体对之间的最大距离以及实现该距离的对数。我们分析的主要创新之处在于,它依赖于交叉作为一种机制,通过该机制在整个运行过程中创建并维护多样性,而不仅仅是在最后一步使用交叉来结合已经多样化的个体。我们的分析提供的见解有助于更深入地理解交叉在遗传算法的种群动态中的作用。
更新时间: 2026-04-09 13:51:29
领域: cs.NE,cs.AI
ATLAS: Adaptive Trading with LLM AgentS Through Dynamic Prompt Optimization and Multi-Agent Coordination
Large language models show promise for financial decision-making, yet deploying them as autonomous trading agents raises fundamental challenges: how to adapt instructions when rewards arrive late and obscured by market noise, how to synthesize heterogeneous information streams into coherent decisions, and how to bridge the gap between model outputs and executable market actions. We present ATLAS (Adaptive Trading with LLM AgentS), a unified multi-agent framework that integrates structured information from markets, news, and corporate fundamentals to support robust trading decisions. Within ATLAS, the central trading agent operates in an order-aware action space, ensuring that outputs correspond to executable market orders rather than abstract signals. The agent can incorporate feedback while trading using Adaptive-OPRO, a novel prompt-optimization technique that dynamically adapts the prompt by incorporating real-time, stochastic feedback, leading to increasing performance over time. Across regime-specific equity studies and multiple LLM families, Adaptive-OPRO consistently outperforms fixed prompts, while reflection-based feedback fails to provide systematic gains.
Updated: 2026-04-09 13:50:25
标题: ATLAS:通过动态提示优化和多智能体协调实现具有LLM智能体的自适应交易
摘要: 大型语言模型在金融决策方面表现出了潜力,但将它们部署为自主交易代理会带来根本性挑战:如何在奖励延迟到达且被市场噪音掩盖时调整指令,如何将异质信息流合成一致的决策,以及如何弥合模型输出和可执行市场行动之间的差距。我们提出了ATLAS(Adaptive Trading with LLM AgentS),这是一个统一的多代理框架,整合了来自市场、新闻和公司基本面的结构化信息,以支持稳健的交易决策。在ATLAS中,中央交易代理在一个订单感知的行动空间中运作,确保输出对应于可执行的市场订单,而不是抽象信号。该代理可以在交易过程中使用自适应OPRO技术进行反馈,这是一种新颖的提示优化技术,通过动态地融入实时的随机反馈来逐渐提高性能。在特定制度的股票研究和多个LLM家族中,自适应OPRO始终优于固定提示,而基于反思的反馈未能提供系统性收益。
更新时间: 2026-04-09 13:50:25
领域: q-fin.TR,cs.AI
Neural-Symbolic Knowledge Tracing: Injecting Educational Knowledge into Deep Learning for Responsible Learner Modelling
The growing use of artificial intelligence (AI) in education, particularly large language models (LLMs), has increased interest in intelligent tutoring systems. However, LLMs often show limited adaptivity and struggle to model learners' evolving knowledge over time, highlighting the need for dedicated learner modelling approaches. Although deep knowledge tracing methods achieve strong predictive performance, their opacity and susceptibility to bias can limit alignment with pedagogical principles. To address this, we propose Responsible-DKT, a neural-symbolic deep knowledge tracing approach that integrates symbolic educational knowledge (e.g., mastery and non-mastery rules) into sequential neural models for responsible learner modelling. Experiments on a real-world dataset of students' math interactions show that Responsible-DKT outperforms both a neural-symbolic baseline and a fully data-driven PyTorch DKT model across training settings. The model achieves over 0.80 AUC with only 10% of training data and up to 0.90 AUC, improving performance by up to 13%. It also demonstrates improved temporal reliability, producing lower early- and mid-sequence prediction errors and the lowest prediction inconsistency rates across sequence lengths, indicating that prediction updates remain directionally aligned with observed student responses over time. Furthermore, the neural-symbolic approach offers intrinsic interpretability via a grounded computation graph that exposes the logic behind each prediction, enabling both local and global explanations. It also allows empirical evaluation of pedagogical assumptions, revealing that repeated incorrect responses (non-mastery) strongly influence prediction updates. These results indicate that neural-symbolic approaches enhance both performance and interpretability, mitigate data limitations, and support more responsible, human-centered AI in education.
Updated: 2026-04-09 13:49:07
标题: 神经符号知识追踪:将教育知识注入深度学习以实现负责任的学习者建模
摘要: 随着人工智能在教育领域的日益广泛应用,尤其是大型语言模型(LLMs),对智能辅导系统的兴趣日益增加。然而,LLMs往往显示出有限的适应性,难以随着时间推移模拟学习者不断发展的知识,突显了对专门的学习者建模方法的需求。尽管深度知识跟踪方法实现了强大的预测性能,但其不透明性和易受偏见的特点可能限制与教学原则的一致性。为了解决这一问题,我们提出了Responsible-DKT,这是一种将符号教育知识(例如掌握和非掌握规则)整合到顺序神经模型中的深度知识跟踪方法,用于负责任的学习者建模。对学生数学互动的真实数据集进行的实验显示,Responsible-DKT在各种训练设置下均优于神经符号基线和完全数据驱动的PyTorch DKT模型。该模型在仅有10%的训练数据时就能达到超过0.80的AUC,并且最高可达0.90的AUC,性能提高了最多13%。它还表现出更好的时间可靠性,产生更低的早期和中期序列预测错误率,以及跨序列长度最低的预测不一致率,表明预测更新与随时间观察到的学生反应保持方向一致。此外,神经符号方法通过暴露每个预测背后的逻辑,提供内在的可解释性,从而使得局部和全局解释成为可能。它还允许对教学假设进行经验评估,揭示了重复的错误反应(非掌握)如何强烈影响预测更新。这些结果表明,神经符号方法提高了性能和解释性,缓解了数据限制,并支持更负责任、以人为中心的教育人工智能。
更新时间: 2026-04-09 13:49:07
领域: cs.AI
DBMF: A Dual-Branch Multimodal Framework for Out-of-Distribution Detection
The complex and dynamic real-world clinical environment demands reliable deep learning (DL) systems. Out-of-distribution (OOD) detection plays a critical role in enhancing the reliability and generalizability of DL models when encountering data that deviate from the training distribution, such as unseen disease cases. However, existing OOD detection methods typically rely either on a single visual modality or solely on image-text matching, failing to fully leverage multimodal information. To overcome the challenge, we propose a novel dual-branch multimodal framework by introducing a text-image branch and a vision branch. Our framework fully exploits multimodal representations to identify OOD samples through these two complementary branches. After training, we compute scores from the text-image branch ($S_t$) and vision branch ($S_v$), and integrate them to obtain the final OOD score $S$ that is compared with a threshold for OOD detection. Comprehensive experiments on publicly available endoscopic image datasets demonstrate that our proposed framework is robust across diverse backbones and improves state-of-the-art performance in OOD detection by up to 24.84%
Updated: 2026-04-09 13:48:38
标题: DBMF:一种用于检测超出分布的双分支多模态框架
摘要: 现实世界中复杂而动态的临床环境要求可靠的深度学习(DL)系统。在遇到与训练分布不同的数据时,如未见疾病病例,离群检测(OOD)在增强DL模型的可靠性和泛化能力方面起着至关重要的作用。然而,现有的OOD检测方法通常要么依赖于单一的视觉模态,要么仅依赖于图像-文本匹配,未能充分利用多模态信息。为了克服这一挑战,我们提出了一个新颖的双分支多模态框架,引入了一个文本-图像分支和一个视觉分支。我们的框架充分利用多模态表示,通过这两个互补分支识别OOD样本。训练后,我们从文本-图像分支($S_t$)和视觉分支($S_v$)计算得分,并将它们整合在一起得到最终的OOD得分$S$,与一个阈值进行OOD检测。在公开可用的内窥镜图像数据集上进行的全面实验表明,我们提出的框架在不同的骨干网络上表现出稳健性,并将OOD检测的性能提高了高达24.84%。
更新时间: 2026-04-09 13:48:38
领域: cs.CV,cs.AI
Behavior-Aware Item Modeling via Dynamic Procedural Solution Representations for Knowledge Tracing
Knowledge Tracing (KT) aims to predict learners' future performance from past interactions. While recent KT approaches have improved via learning item representations aligned with Knowledge Components, they overlook the procedural dynamics of problem solving. We propose Behavior-Aware Item Modeling (BAIM), a framework that enriches item representations by integrating dynamic procedural solution information. BAIM leverages a reasoning language model to decompose each item's solution into four problem-solving stages (i.e., understand, plan, carry out, and look back), pedagogically grounded in Polya's framework. Specifically, it derives stage-level representations from per-stage embedding trajectories, capturing latent signals beyond surface features. To reflect learner heterogeneity, BAIM adaptively routes these stage-wise representations, introducing a context-conditioned mechanism within a KT backbone, allowing different procedural stages to be emphasized for different learners. Experiments on XES3G5M and NIPS34 show that BAIM consistently outperforms strong pretraining-based baselines, achieving particularly large gains under repeated learner interactions.
Updated: 2026-04-09 13:47:39
标题: 通过动态程序解表示的行为感知项目建模用于知识追踪
摘要: 知识追踪(KT)旨在从过去的互动中预测学习者未来的表现。尽管最近的KT方法通过学习与知识组件对齐的项目表示而得到改进,但它们忽视了问题解决的过程动态。我们提出了行为感知项目建模(BAIM),这是一个框架,通过整合动态过程解决信息来丰富项目表示。BAIM利用推理语言模型将每个项目的解决方案分解为四个解决问题的阶段(即理解、计划、执行和回顾),这些阶段在波利亚的框架中具有教育基础。具体而言,它从每个阶段的嵌入轨迹中导出阶段级别的表示,捕捉超出表面特征的潜在信号。为了反映学习者的异质性,BAIM自适应地路由这些阶段级别的表示,在KT骨干中引入一个上下文条件机制,允许不同的程序阶段为不同的学习者强调。在XES3G5M和NIPS34上的实验表明,BAIM始终优于强大的基于预训练的基线,尤其在重复的学习者互动下获得较大的增益。
更新时间: 2026-04-09 13:47:39
领域: cs.CL,cs.AI
Deep Privacy Funnel Model: From a Discriminative to a Generative Approach with an Application to Face Recognition
In this study, we apply the information-theoretic Privacy Funnel (PF) model to face recognition and develop a method for privacy-preserving representation learning within an end-to-end trainable framework. Our approach addresses the trade-off between utility and obfuscation of sensitive information under logarithmic loss. We study the integration of information-theoretic privacy principles with representation learning, with a particular focus on face recognition systems. We also highlight the compatibility of the proposed framework with modern face recognition networks such as AdaFace and ArcFace. In addition, we introduce the Generative Privacy Funnel ($\mathsf{GenPF}$) model, which extends the traditional discriminative PF formulation, referred to here as the Discriminative Privacy Funnel ($\mathsf{DisPF}$). The proposed $\mathsf{GenPF}$ model extends the privacy-funnel framework to generative formulations under information-theoretic and estimation-theoretic criteria. Complementing these developments, we present the deep variational PF (DVPF) model, which yields a tractable variational bound for measuring information leakage and enables optimization in deep representation-learning settings. The DVPF framework, associated with both the $\mathsf{DisPF}$ and $\mathsf{GenPF}$ models, also clarifies connections with generative models such as variational autoencoders (VAEs), generative adversarial networks (GANs), and diffusion models. Finally, we validate the framework on modern face recognition systems and show that it provides a controllable privacy--utility trade-off while substantially reducing leakage about sensitive attributes. To support reproducibility, we also release a PyTorch implementation of the proposed framework.
Updated: 2026-04-09 13:47:30
标题: 深度隐私漏斗模型:从判别式到生成式方法,应用于人脸识别
摘要: 在这项研究中,我们将信息论隐私漏斗(PF)模型应用于人脸识别,并开发了一种在端到端可训练框架内实现隐私保护表示学习的方法。我们的方法解决了在对数损失下效用和敏感信息混淆之间的权衡。我们研究了信息理论隐私原则与表示学习的整合,特别关注人脸识别系统。我们还强调了所提出的框架与现代人脸识别网络(如AdaFace和ArcFace)的兼容性。此外,我们引入了生成隐私漏斗(GenPF)模型,该模型扩展了传统的判别PF公式,这里称为判别隐私漏斗(DisPF)。所提出的GenPF模型将隐私漏斗框架扩展到信息理论和估计理论标准下的生成公式。为了补充这些发展,我们提出了深度变分PF(DVPF)模型,为测量信息泄漏提供了一个可处理的变分界限,并使在深度表示学习设置中进行优化成为可能。与DisPF和GenPF模型相关联的DVPF框架还澄清了与生成模型(如变分自动编码器(VAEs)、生成对抗网络(GANs)和扩散模型)的联系。最后,我们在现代人脸识别系统上验证了该框架,并显示它提供了可控的隐私-效用权衡,同时大幅减少了关于敏感属性的泄露。为了支持再现性,我们还发布了所提出框架的PyTorch实现。
更新时间: 2026-04-09 13:47:30
领域: cs.LG
HyperMem: Hypergraph Memory for Long-Term Conversations
Long-term memory is essential for conversational agents to maintain coherence, track persistent tasks, and provide personalized interactions across extended dialogues. However, existing approaches as Retrieval-Augmented Generation (RAG) and graph-based memory mostly rely on pairwise relations, which can hardly capture high-order associations, i.e., joint dependencies among multiple elements, causing fragmented retrieval. To this end, we propose HyperMem, a hypergraph-based hierarchical memory architecture that explicitly models such associations using hyperedges. Particularly, HyperMem structures memory into three levels: topics, episodes, and facts, and groups related episodes and their facts via hyperedges, unifying scattered content into coherent units. Leveraging this structure, we design a hybrid lexical-semantic index and a coarse-to-fine retrieval strategy, supporting accurate and efficient retrieval of high-order associations. Experiments on the LoCoMo benchmark show that HyperMem achieves state-of-the-art performance with 92.73% LLM-as-a-judge accuracy, demonstrating the effectiveness of HyperMem for long-term conversations.
Updated: 2026-04-09 13:43:23
标题: HyperMem:用于长期对话的超图记忆
摘要: 长期记忆对于会话代理来说是至关重要的,可以帮助维持连贯性、跟踪持久任务,并在延长的对话中提供个性化互动。然而,现有方法如检索增强生成(RAG)和基于图的记忆大多依赖于成对关系,难以捕捉高阶关联,即多个元素之间的联合依赖,导致片段化检索。为此,我们提出了HyperMem,一种基于超图的分层记忆架构,通过超边显式地建模这种关联。特别地,HyperMem将记忆结构化为三个级别:主题、情节和事实,并通过超边将相关情节及其事实分组,将分散内容统一为连贯单元。利用这种结构,我们设计了一个混合词汇-语义索引和粗到细的检索策略,支持准确且高效地检索高阶关联。LoCoMo基准测试的实验结果显示,HyperMem实现了具有92.73%的LLM作为评判者准确性的最先进性能,证明了HyperMem在长期对话中的有效性。
更新时间: 2026-04-09 13:43:23
领域: cs.CL,cs.AI
From Phenomenological Fitting to Endogenous Deduction: A Paradigm Leap via Meta-Principle Physics Architecture
The essence of current neural network architectures is phenomenological fitting: they learn input-output statistical correlations via massive parameters and data, yet lack intrinsic understanding of the fundamental principles governing physical reality. This paper proposes a paradigm leap from pure phenomenological fitting to the fusion of phenomenological fitting and endogenous deduction. By embedding physical meta-principles into neural network architecture, we construct the Meta-Principle Physics Architecture (MPPA). Specifically, MPPA embeds three core meta-principles - Connectivity, Conservation, Periodicity - into its architecture, implemented via three core components: the Gravitator realizes Connectivity via standard causal attention; the Energy Encoder implements Conservation via log-domain energy tracking and delayed compensation; the Periodicity Encoder fulfills Periodicity via FFT-based spectral analysis and delayed modulation. These components collaborate via a learnable independent gating fusion mechanism, forming a complete physical cognition framework of 'local relational connectivity - global conservation constraint - evolutionary periodic law'. Experiments show MPPA achieves significant improvements: physical reasoning (from near zero to 0.436, 0.436 vs 0.000), 2.18x mathematical task improvement (0.330 vs 0.151), 52% logical task gain (0.456 vs 0.300), and 3.69% lower validation perplexity (259.45 vs 269.40), with only 11.8% more parameters (242.40M vs 216.91M). Notably, MPPA shows strong generalization on out-of-distribution physical scenarios, proving the robustness and interpretability of this principle-embedded design. This work establishes a new theoretical foundation and technical path for next-generation AI with physical common sense, causal reasoning, and mathematical rigor.
Updated: 2026-04-09 13:35:17
标题: 从现象学拟合到内生演绎:通过元原则物理结构的范式飞跃
摘要: 目前神经网络架构的本质是现象学拟合:它们通过大量的参数和数据学习输入输出的统计相关性,但缺乏对控制物理现实的基本原理的内在理解。本文提出了一个从纯现象学拟合到现象学拟合和内生演绎融合的范式跃迁。通过将物理元原则嵌入神经网络架构,我们构建了Meta-Principle Physics Architecture(MPPA)。 具体来说,MPPA将三个核心元原则 - 连通性、守恒性、周期性 - 嵌入其架构中,通过三个核心组件实现:Gravitator通过标准因果注意力实现连通性;Energy Encoder通过对数域能量跟踪和延迟补偿实现守恒性;Periodicity Encoder通过基于FFT的频谱分析和延迟调制实现周期性。这些组件通过可学习的独立门控融合机制协作,形成了一个完整的物理认知框架,即“局部关系连通性 - 全局守恒约束 - 进化周期规律”。 实验证明,MPPA取得了显著的改进:物理推理(从接近零到0.436,0.436比0.000),数学任务改进2.18倍(0.330比0.151),逻辑任务增益52%(0.456比0.300),验证困惑度降低3.69%(259.45比269.40),仅增加了11.8%的参数(242.40M比216.91M)。值得注意的是,MPPA在分布之外的物理场景上表现出强大的泛化能力,证明了这种嵌入原则设计的稳健性和可解释性。这项工作为具有物理常识、因果推理和数学严谨性的下一代人工智能奠定了新的理论基础和技术路径。
更新时间: 2026-04-09 13:35:17
领域: cs.AI
Compact Example-Based Explanations for Language Models
Training data influence estimation methods quantify the contribution of training documents to a model's output, making them a promising source of information for example-based explanations. As humans cannot interpret thousands of documents, only a small subset of the training data can be presented as an explanation. Although the choice of which documents to include directly affects explanation quality, previous evaluations of such systems have largely ignored any selection strategies. To address this, we propose a novel selection relevance score, a retraining-free metric that quantifies how useful a set of examples is for explaining a model's output. We validate this score through fine-tuning experiments, confirming that it can predict whether a set of examples supports or undermines the model's predictions. Using this metric, we further show that common selection strategies often underperform random selection. Motivated by this finding, we propose a strategy that balances influence and representativeness, enabling better use of selection budgets than naively selecting the highest-ranking examples.
Updated: 2026-04-09 13:31:16
标题: 紧凑的基于示例的语言模型解释示例
摘要: 培训数据影响估计方法量化培训文件对模型输出的贡献,使其成为基于示例的解释的有前途的信息来源。由于人类无法解释成千上万份文件,因此只能将训练数据的一个小子集呈现为解释。尽管选择包括哪些文件直接影响解释质量,但先前对这种系统的评估在很大程度上忽略了任何选择策略。为了解决这个问题,我们提出了一种新颖的选择相关性评分,这是一种无需重新训练的度量,用于量化一组示例对解释模型输出的有用性。我们通过微调实验验证了这个评分,确认它能够预测一组示例是否支持或削弱模型的预测。利用这个度量标准,我们进一步展示了常见的选择策略通常表现不佳,甚至不如随机选择。受到这一发现的启发,我们提出了一种平衡影响和代表性的策略,使得在选择预算方面比简单选择排名最高的示例更好地利用。
更新时间: 2026-04-09 13:31:16
领域: cs.CL,cs.LG
Explainable AI for microseismic event detection
Deep neural networks like PhaseNet show high accuracy in detecting microseismic events, but their black-box nature is a concern in critical applications. We apply Explainable Artificial Intelligence (XAI) techniques, such as Gradient-weighted Class Activation Mapping (Grad-CAM) and Shapley Additive Explanations (SHAP), to interpret the PhaseNet model's decisions and improve its reliability. Grad-CAM highlights that the network's attention aligns with P- and S-wave arrivals. SHAP values quantify feature contributions, confirming that vertical-component amplitudes drive P-phase picks while horizontal components dominate S-phase picks, consistent with geophysical principles. Leveraging these insights, we introduce a SHAP-gated inference scheme that combines the model's output with an explanation-based metric to reduce errors. On a test set of 9,000 waveforms, the SHAP-gated model achieved an F1-score of 0.98 (precision 0.99, recall 0.97), outperforming the baseline PhaseNet (F1-score 0.97) and demonstrating enhanced robustness to noise. These results show that XAI can not only interpret deep learning models but also directly enhance their performance, providing a template for building trust in automated seismic detectors. The implementation and scripts used in this study will be publicly available at https://github.com/ayratabd/xAI_PhaseNet.
Updated: 2026-04-09 13:29:48
标题: 可解释的人工智能用于微地震事件检测
摘要: 深度神经网络如PhaseNet在检测微地震事件方面表现出高准确性,但它们的黑盒特性在关键应用中引起了担忧。我们应用可解释人工智能(XAI)技术,如梯度加权类激活映射(Grad-CAM)和沙普利叠加解释(SHAP),来解释PhaseNet模型的决策并提高其可靠性。Grad-CAM显示网络的注意力与P波和S波到达时间一致。SHAP值量化特征贡献,确认垂直分量振幅驱动P相拾取,而水平分量主导S相拾取,符合地球物理原理。利用这些见解,我们引入了一个SHAP门控推理方案,将模型的输出与基于解释的度量结合,以减少错误。在一个包含9,000个波形的测试集上,SHAP门控模型实现了0.98的F1分数(精度0.99,召回率0.97),优于基准PhaseNet(F1分数0.97),并展示了对噪声的增强鲁棒性。这些结果表明,XAI不仅可以解释深度学习模型,还可以直接提升其性能,为建立对自动地震检测器的信任提供了模板。本研究中使用的实施和脚本将公开在https://github.com/ayratabd/xAI_PhaseNet。
更新时间: 2026-04-09 13:29:48
领域: cs.LG,physics.geo-ph
Rethinking the Value of Agent-Generated Tests for LLM-Based Software Engineering Agents
Large Language Model (LLM) code agents increasingly resolve repository-level issues by iteratively editing code, invoking tools, and validating candidate patches. In these workflows, agents often write tests on the fly, but the value of this behavior remains unclear. For example, GPT-5.2 writes almost no new tests yet achieves performance comparable to top-ranking agents.This raises a central question: do such tests meaningfully improve issue resolution, or do they mainly mimic a familiar software-development practice while consuming interaction budget? To better understand the role of agent-written tests, we analyze trajectories produced by six strong LLMs on SWE-bench Verified. Our results show that test writing is common, but resolved and unresolved tasks within the same model exhibit similar test-writing frequencies. When tests are written, they mainly serve as observational feedback channels, with value-revealing print statements appearing much more often than assertion-based checks. Based on these insights, we perform a prompt-intervention study by revising the prompts used with four models to either increase or reduce test writing. The results suggest that prompt-induced changes in the volume of agent-written tests do not significantly change final outcomes in this setting. Taken together, these results suggest that current agent-written testing practices reshape process and cost more than final task outcomes.
Updated: 2026-04-09 13:23:28
标题: 重新思考基于LLM的软件工程代理人生成测试的价值
摘要: 大型语言模型(LLM)代码代理越来越通过迭代编辑代码、调用工具和验证候选补丁来解决存储库级问题。在这些工作流程中,代理通常会即兴编写测试,但这种行为的价值仍不清楚。例如,GPT-5.2几乎不编写新测试,但其性能却与排名靠前的代理相当。这引发了一个核心问题:这些测试是否会有意义地改善问题解决,还是主要模仿一个熟悉的软件开发实践,同时消耗交互预算? 为了更好地理解代理编写测试的作用,我们分析了六个强大的LLM在SWE-bench Verified上产生的轨迹。我们的结果显示,测试编写是常见的,但同一模型中的已解决和未解决任务展现出类似的测试编写频率。当编写测试时,它们主要作为观察反馈通道,值得注意的打印语句出现的频率要远远高于基于断言的检查。基于这些见解,我们通过修改四个模型使用的提示来执行一个提示干预研究,以增加或减少测试编写。结果表明,在这种情况下,提示引起的代理编写测试量的变化并不会显著改变最终结果。综合这些结果,表明当前代理编写的测试实践重塑了流程和成本,而不是最终任务结果。
更新时间: 2026-04-09 13:23:28
领域: cs.SE,cs.AI
CODA: A Continuous Online Evolve Framework for Deploying HAR Sensing Systems
In always-on HAR deployments, model accuracy erodes silently as domain shift accumulates over time. Addressing this challenge requires moving beyond one-off updates toward instance-driven adaptation from streaming data. However, continuous adaptation exposes a fundamental tension: systems must selectively learn from informative instances while actively forgetting obsolete ones under long-term, non-stationary drift. To address them, we propose CODA, a continuous online adaptation framework for mobile sensing. CODA introduces two synergistic components: (i) Cache-based Selective Assimilation, which prioritizes informative instances likely to enhance system performance under sparse supervision, and (ii) an Adaptive Temporal Retention Strategy, which enables the system to gradually forget obsolete instances as sensing conditions evolve. By treating adaptation as a principled cache evolution rather than parameter-heavy retraining, CODA maintains high accuracy without model reconfiguration. We conduct extensive evaluations on four heterogeneous datasets spanning phone, watch, and multi-sensor configurations. Results demonstrate that CODA consistently outperforms one-off adaptation under non-stationary drift, remains robust against imperfect feedback, and incurs negligible on-device latency.
Updated: 2026-04-09 13:22:34
标题: CODA:用于部署HAR感应系统的连续在线演化框架
摘要: 在始终开启的人体活动识别(HAR)部署中,随着随时间累积的领域转移,模型准确性会悄然下降。解决这一挑战需要超越一次性更新,向从流数据进行实例驱动适应迈进。然而,持续的适应性暴露出一个基本的张力:系统必须在长期、非稳态漂移下从信息丰富的实例中有选择地学习,同时主动遗忘过时的实例。为了解决这些问题,我们提出了CODA,这是一个用于移动传感的连续在线适应框架。CODA引入了两个协同的组件:(i)基于缓存的选择性同化,优先考虑可能增强系统性能的信息丰富实例,而无需密集监督;(ii)自适应时间保留策略,使系统能够在传感条件演变时逐渐遗忘过时实例。通过将适应性视为一个基于原则的缓存演变,而不是参数繁重的重新训练,CODA保持高准确性而无需重新配置模型。我们对跨手机、手表和多传感器配置的四个异构数据集进行了广泛评估。结果表明,CODA在非稳态漂移下始终优于一次性适应,对不完美反馈保持稳健,并且在设备上几乎没有延迟。
更新时间: 2026-04-09 13:22:34
领域: cs.LG,cs.NI
HiRO-Nav: Hybrid ReasOning Enables Efficient Embodied Navigation
Embodied navigation agents built upon large reasoning models (LRMs) can handle complex, multimodal environmental input and perform grounded reasoning per step to improve sequential decision-making for long-horizon tasks. However, a critical question remains: \textit{how can the reasoning capabilities of LRMs be harnessed intelligently and efficiently for long-horizon navigation tasks?} In simple scenes, agents are expected to act reflexively, while in complex ones they should engage in deliberate reasoning before acting.To achieve this, we introduce \textbf{H}ybr\textbf{i}d \textbf{R}eas\textbf{O}ning \textbf{Nav}igation (\textbf{HiRO-Nav}) agent, the first kind of agent capable of adaptively determining whether to perform thinking at every step based on its own action entropy. Specifically, by examining how the agent's action entropy evolves over the navigation trajectories, we observed that only a small fraction of actions exhibit high entropy, and these actions often steer the agent toward novel scenes or critical objects. Furthermore, studying the relationship between action entropy and task completion (i.e., Q-value) reveals that improving high-entropy actions contributes more positively to task success.Hence, we propose a tailored training pipeline comprising hybrid supervised fine-tuning as a cold start, followed by online reinforcement learning with the proposed hybrid reasoning strategy to explicitly activate reasoning only for high-entropy actions, significantly reducing computational overhead while improving decision quality. Extensive experiments on the \textsc{CHORES}-$\mathbb{S}$ ObjectNav benchmark showcases that HiRO-Nav achieves a better trade-off between success rates and token efficiency than both dense-thinking and no-thinking baselines.
Updated: 2026-04-09 13:22:24
标题: HiRO-Nav: 混合推理实现高效的体验导航
摘要: 建立在大型推理模型(LRM)之上的具有体现导航能力的代理人可以处理复杂的、多模态的环境输入,并在每一步执行基于地面的推理,以改进长期任务的顺序决策。然而,一个关键问题仍然存在:LRM的推理能力如何能够智能且高效地被利用于长期导航任务中?在简单的场景中,代理人被期望反射性地行动,而在复杂的场景中,他们应该在行动之前进行深思熟虑。为了实现这一点,我们引入了Hybrid Reasoning Navigation(HiRO-Nav)代理人,这是第一种能够根据其自身行动熵自适应确定是否在每一步进行思考的代理人。具体地,通过检查代理人的行动熵在导航轨迹上的演变,我们观察到只有少部分行动表现出高熵,而这些行动通常会将代理人引向新颖的场景或关键对象。此外,研究行动熵与任务完成(即Q值)之间的关系表明,改进高熵行动对任务成功的贡献更为积极。因此,我们提出了一个定制的训练流程,包括采用混合监督微调作为冷启动,然后使用提出的混合推理策略进行在线强化学习,以仅对高熵行动明确激活推理,从而显著减少计算开销同时提高决策质量。在CHORES-S ObjectNav基准测试上的广泛实验表明,HiRO-Nav在成功率和令牌效率之间取得了比密集思考和无思考基线更好的权衡。
更新时间: 2026-04-09 13:22:24
领域: cs.AI
Grounding Clinical AI Competency in Human Cognition Through the Clinical World Model and Skill-Mix Framework
The competency of any intelligent agent is bounded by its formal account of the world in which it operates. Clinical AI lacks such an account. Existing frameworks address evaluation, regulation, or system design in isolation, without a shared model of the clinical world to connect them. We introduce the Clinical World Model, a framework that formalizes care as a tripartite interaction among Patient, Provider, and Ecosystem. To formalize how any agent, whether human or artificial, transforms information into clinical action, we develop parallel decision-making architectures for providers, patients, and AI agents, grounded in validated principles of clinical cognition. The Clinical AI Skill-Mix operationalizes competency through eight dimensions. Five define the clinical competency space (condition, phase, care setting, provider role, and task) and three specify how AI engages human reasoning (assigned authority, agent facing, and anchoring layer). The combinatorial product of these dimensions yields a space of billions of distinct competency coordinates. A central structural implication is that validation within one coordinate provides minimal evidence for performance in another, rendering the competency space irreducible. The framework supplies a common grammar through which clinical AI can be specified, evaluated, and bounded across stakeholders. By making this structure explicit, the Clinical World Model reframes the field's central question from whether AI works to in which competency coordinates reliability has been demonstrated, and for whom.
Updated: 2026-04-09 13:20:13
标题: 通过临床世界模型和技能组合框架将临床人工智能能力基础于人类认知
摘要: 任何智能代理的能力受其在其操作的世界的正式描述的限制。临床人工智能缺乏这样的描述。现有框架分别解决评估、监管或系统设计,但缺乏连接它们的临床世界的共享模型。我们引入了临床世界模型,一个将护理形式化为患者、提供者和生态系统之间三方互动的框架。为了形式化任何代理(无论是人类还是人工智能)如何将信息转化为临床行动,我们为提供者、患者和人工智能代理开发了并行决策架构,基于已验证的临床认知原则。 临床人工智能技能组合通过八个维度实现能力。其中五个定义了临床能力空间(病情、阶段、护理环境、提供者角色和任务),另外三个指定了人工智能如何参与人类推理(指定权威、代理面向和锚定层)。这些维度的组合产生了数十亿个不同能力坐标的空间。一个中心结构的含义是,在一个坐标内的验证提供了在另一个坐标中表现的最小证据,使能力空间不可简化。该框架为临床人工智能可以被指定、评估和限制的各利益相关者提供了一个共同的语法。通过使这一结构显式化,临床世界模型将领域的中心问题重新定义为人工智能是否有效,而是在哪些能力坐标上可靠性已被证明,以及为谁。
更新时间: 2026-04-09 13:20:13
领域: cs.AI,cs.HC,eess.SY
From Models To Experiments: Shallow Recurrent Decoder Networks on the DYNASTY Experimental Facility
The Shallow Recurrent Decoder networks are a novel paradigm recently introduced for state estimation, combining sparse observations with high-dimensional model data. This architecture features important advantages compared to standard data-driven methods including: the ability to use only three sensors (even randomly selected) for reconstructing the entire dynamics of a physical system; the ability to train on compressed data spanned by a reduced basis; the ability to measure a single field variable (easy to measure) and reconstruct coupled spatio-temporal fields that are not observable and minimal hyper-parameter tuning. This approach has been verified on different test cases within different fields including nuclear reactors, even though an application to a real experimental facility, adopting the employment of in-situ observed quantities, is missing. This work aims to fill this gap by applying the Shallow Recurrent Decoder architecture to the DYNASTY facility, built at Politecnico di Milano, which studies the natural circulation established by internally heated fluids for Generation IV applications, especially in the case of Circulating Fuel reactors. The RELAP5 code is used to generate the high-fidelity data, and temperature measurements extracted by the facility are used as input for the state estimation. The results of this work will provide a validation of the Shallow Recurrent Decoder architecture to engineering systems, showing the capabilities of this approach to provide and accurate state estimation.
Updated: 2026-04-09 13:20:07
标题: 从模型到实验:在DYNASTY实验设施上的浅层循环解码器网络
摘要: 浅递归解码器网络是最近引入的一种用于状态估计的新范式,将稀疏观测与高维模型数据结合起来。与标准数据驱动方法相比,这种架构具有重要优势,包括:能够仅使用三个传感器(甚至是随机选择的)来重建物理系统的整个动态;能够训练在由降低基础构成的压缩数据上;能够测量单个场变量(易于测量)并重构不可观测和最小超参数调整的耦合时空场。尽管这种方法已在包括核反应堆在内的不同领域的不同测试案例中得到验证,但尚缺少将其应用于真实实验设施的情况,采用原位观测量的情况。本研究旨在通过将浅递归解码器架构应用于在米兰理工大学建立的DYNASTY设施,该设施研究了内部加热流体建立的自然循环,尤其是在循环燃料反应堆的情况下,填补这一空白。使用RELAP5代码生成高保真度数据,并使用设施提取的温度测量值作为状态估计的输入。这项工作的结果将验证浅递归解码器架构对工程系统的有效性,展示这种方法提供准确状态估计的能力。
更新时间: 2026-04-09 13:20:07
领域: cs.LG,physics.comp-ph,physics.flu-dyn
Training event-based neural networks with exact gradients via Differentiable ODE Solving in JAX
Existing frameworks for gradient-based training of spiking neural networks face a trade-off: discrete-time methods using surrogate gradients support arbitrary neuron models but introduce gradient bias and constrain spike-time resolution, while continuous-time methods that compute exact gradients require analytical expressions for spike times and state evolution, restricting them to simple neuron types such as Leaky Integrate and Fire (LIF). We introduce the Eventax framework, which resolves this trade-off by combining differentiable numerical ODE solvers with event-based spike handling. Built in JAX, our frame-work uses Diffrax ODE-solvers to compute gradients that are exact with respect to the forward simulation for any neuron model defined by ODEs . It also provides a simple API where users can specify just the neuron dynamics, spike conditions, and reset rules. Eventax prioritises modelling flexibility, supporting a wide range of neuron models, loss functions, and network architectures, which can be easily extended. We demonstrate Eventax on multiple benchmarks, including Yin-Yang and MNIST, using diverse neuron models such as Leaky Integrate-and-fire (LIF), Quadratic Integrate-and-fire (QIF), Exponential integrate-and-fire (EIF), Izhikevich and Event-based Gated Recurrent Unit (EGRU) with both time-to-first-spike and state-based loss functions, demonstrating its utility for prototyping and testing event-based architectures trained with exact gradients. We also demonstrate the application of this framework for more complex neuron types by implementing a multi-compartment neuron that uses a model of dendritic spikes in human layer 2/3 cortical Pyramidal neurons for computation. Code available at https://github.com/efficient-scalable-machine-learning/eventax.
Updated: 2026-04-09 13:19:25
标题: 在JAX中通过可微分ODE求解训练基于事件的神经网络的确切梯度
摘要: 现有的基于梯度的尖峰神经网络训练框架面临一个折衷:使用替代梯度的离散时间方法支持任意神经元模型,但会引入梯度偏差并限制尖峰时间分辨率,而计算精确梯度的连续时间方法需要分析表达式来确定尖峰时间和状态演变,将其限制在简单的神经元类型(如漏电积分和火(LIF))中。我们介绍了Eventax框架,通过将可微分数值ODE求解器与基于事件的尖峰处理相结合,解决了这一折衷。我们的框架使用Diffrax ODE求解器构建在JAX中,计算梯度与前向仿真相对于任何由ODEs定义的神经元模型都是精确的。它还提供了一个简单的API,用户只需指定神经元动力学、尖峰条件和重置规则。Eventax优先考虑建模灵活性,支持各种神经元模型、损失函数和网络架构,可以很容易地扩展。我们在多个基准测试中展示了Eventax的效果,包括Yin-Yang和MNIST,使用不同的神经元模型,如漏电积分-放电(LIF)、二次积分-放电(QIF)、指数积分-放电(EIF)、Izhikevich和基于事件的门控循环单位(EGRU),同时使用基于时间到第一个尖峰和基于状态的损失函数,展示了其用于原型设计和测试基于事件的架构训练的精确梯度的实用性。我们还通过实现一个多层神经元的多室神经元,使用人类2/3皮质金字塔神经元的树突尖峰模型进行计算,展示了该框架用于更复杂神经元类型的应用。代码可在https://github.com/efficient-scalable-machine-learning/eventax上找到。
更新时间: 2026-04-09 13:19:25
领域: cs.LG
Beyond Final Code: A Process-Oriented Error Analysis of Software Development Agents in Real-World GitHub Scenarios
AI-driven software development has rapidly advanced with the emergence of software development agents that leverage large language models (LLMs) to tackle complex, repository-level software engineering tasks. These agents go beyond just generation of final code; they engage in multi-step reasoning, utilize various tools for code modification and debugging, and interact with execution environments to diagnose and iteratively resolve issues. However, most existing evaluations focus primarily on static analyses of final code outputs, yielding limited insights into the agents' dynamic problem-solving processes. To fill this gap, we conduct an in-depth empirical study on 3,977 solving-phase trajectories and 3,931 testing-phase logs from 8 top-ranked agents evaluated on 500 GitHub issues in the SWE-Bench benchmark. Our exploratory analysis shows that Python execution errors during the issue resolution phase correlate with lower resolution rates and increased reasoning overheads. We have identified the most prevalent errors -- such as ModuleNotFoundError and TypeError -- and highlighted particularly challenging errors like OSError and database-related issues (e.g., IntegrityError) that demand significantly more debugging effort. Furthermore, we have discovered 3 bugs in the SWE-Bench platform that affect benchmark fairness and accuracy; these issues have been reported to and confirmed by the maintainers. To promote transparency and foster future research, we publicly share our datasets and analysis scripts.
Updated: 2026-04-09 13:19:02
标题: 超越最终代码:对真实世界GitHub情景中软件开发代理的面向过程的错误分析
摘要: 随着利用大型语言模型(LLMs)处理复杂的存储库级软件工程任务的软件开发代理的出现,基于AI的软件开发已迅速发展。这些代理不仅仅生成最终代码;它们进行多步推理,利用各种工具进行代码修改和调试,并与执行环境交互以诊断和迭代解决问题。然而,大多数现有评估主要关注最终代码输出的静态分析,对代理的动态问题解决过程的洞察有限。为了填补这一空白,我们对在SWE-Bench基准测试中对500个GitHub问题进行评估的8个排名靠前的代理的3,977个解决阶段轨迹和3,931个测试阶段日志进行了深入的实证研究。 我们的探索性分析显示,在问题解决阶段,Python执行错误与较低的解决率和增加的推理开销相关。我们已经确定了最普遍的错误,如ModuleNotFoundError和TypeError,并突出了特别具有挑战性的错误,如OSError和与数据库相关的问题(例如IntegrityError),这些错误需要更大量的调试工作。此外,我们在SWE-Bench平台上发现了3个影响基准测试公平性和准确性的错误;这些问题已被报告并得到了维护者的确认。为了促进透明度并促进未来研究,我们公开分享我们的数据集和分析脚本。
更新时间: 2026-04-09 13:19:02
领域: cs.SE,cs.AI
EditCaption: Human-Aligned Instruction Synthesis for Image Editing via Supervised Fine-Tuning and Direct Preference Optimization
High-quality training triplets (source-target image pairs with precise editing instructions) are a critical bottleneck for scaling instruction-guided image editing models. Vision-language models (VLMs) are widely used for automated instruction synthesis, but we identify three systematic failure modes in image-pair settings: orientation inconsistency (e.g., left/right confusion), viewpoint ambiguity, and insufficient fine-grained attribute description. Human evaluation shows that over 47% of instructions from strong baseline VLMs contain critical errors unusable for downstream training. We propose EditCaption, a scalable two-stage post-training pipeline for VLM-based instruction synthesis. Stage 1 builds a 100K supervised fine-tuning (SFT) dataset by combining GLM automatic annotation, EditScore-based filtering, and human refinement for spatial, directional, and attribute-level accuracy. Stage 2 collects 10K human preference pairs targeting the three failure modes and applies direct preference optimization (DPO) for alignment beyond SFT alone. On Eval-400, ByteMorph-Bench, and HQ-Edit, fine-tuned Qwen3-VL models outperform open-source baselines; the 235B model reaches 4.712 on Eval-400 (vs. Gemini-3-Pro 4.706, GPT-4.1 4.220, Kimi-K2.5 4.111) and 4.588 on ByteMorph-Bench (vs. Gemini-3-Pro 4.522, GPT-4.1 3.412). Human evaluation shows critical errors falling from 47.75% to 23% and correctness rising from 41.75% to 66%. The work offers a practical path to scalable, human-aligned instruction synthesis for image editing data.
Updated: 2026-04-09 13:11:33
标题: 标题翻译:EditCaption:通过监督微调和直接偏好优化实现图像编辑的人类对齐指导合成
摘要: 高质量的训练三元组(具有精确编辑指令的源-目标图像对)是扩展基于指导的图像编辑模型的关键瓶颈。视觉语言模型(VLMs)被广泛用于自动化指令合成,但我们在图像对设置中确定了三种系统性失败模式:方向不一致(例如,左/右混淆),视角模糊和属性描述不足。人工评估显示,超过47%来自强基线VLMs的指令包含关键错误,无法用于下游训练。我们提出了EditCaption,一个可扩展的基于VLM的指令合成的两阶段后训练流水线。第一阶段通过结合GLM自动注释、基于EditScore的过滤和人工细化来构建一个10万个受监督的微调(SFT)数据集,以提高空间、方向和属性级别的准确性。第二阶段收集10K个人类偏好对,针对三种失败模式进行优化,应用直接偏好优化(DPO)来超越仅有SFT。在Eval-400、ByteMorph-Bench和HQ-Edit上,微调后的Qwen3-VL模型优于开源基线;235B模型在Eval-400上达到4.712(与Gemini-3-Pro 4.706、GPT-4.1 4.220、Kimi-K2.5 4.111相比)和在ByteMorph-Bench上达到4.588(与Gemini-3-Pro 4.522、GPT-4.1 3.412相比)。人工评估显示关键错误率从47.75%下降到23%,正确率从41.75%上升到66%。这项工作为图像编辑数据提供了一条实用的路径,实现了可扩展的,与人类对齐的指令合成。
更新时间: 2026-04-09 13:11:33
领域: cs.CV,cs.AI
BacPrep: Lessons from Deploying an LLM-Based Bacalaureat Assessment Platform
Accessing quality preparation and feedback for the Romanian Bacalaureat exam is challenging, particularly for students in remote or underserved areas. This paper presents BacPrep, an experimental online platform exploring Large Language Model (LLM) potential for automated assessment, aiming to offer a free, accessible resource. Using official exam questions from the last 5 years, BacPrep employs the latest available Gemini Flash model (currently Gemini 2.5 Flash, via the \texttt{gemini-flash-latest} endpoint) to prioritize user experience quality during the data collection phase, with model versioning to be locked for subsequent rigorous evaluation. The platform has collected over 100 student solutions across Computer Science and Romanian Language exams, enabling preliminary assessment of LLM grading quality. This revealed several significant challenges: grading inconsistency across multiple runs, arithmetic errors when aggregating fractional scores, performance degradation under large prompt contexts, failure to apply subject-specific rubric weightings, and internal inconsistencies between generated scores and qualitative feedback. These findings motivate a redesigned architecture featuring subject-level prompt decomposition, specialized per-subject graders, and a median-selection strategy across multiple runs. Expert validation against human-graded solutions remains the critical next step.
Updated: 2026-04-09 13:09:20
标题: BacPrep:LLM-Based Bacalaureat评估平台部署的经验教训
摘要: 获取质量考试准备和反馈对于罗马尼亚Bacalaureat考试来说是具有挑战性的,特别是对于偏远或服务不足地区的学生。本文介绍了BacPrep,这是一个实验性的在线平台,探索大型语言模型(LLM)在自动评估方面的潜力,旨在提供一个免费、可访问的资源。使用过去5年的官方考试题目,BacPrep采用了最新可用的Gemini Flash模型(目前是Gemini 2.5 Flash,通过\texttt{gemini-flash-latest}端点)在数据收集阶段优先考虑用户体验质量,模型版本将被锁定以进行后续严格评估。该平台已收集了计算机科学和罗马尼亚语考试的100多个学生解决方案,从而使LLM评分质量得以初步评估。这揭示了几个重要挑战:多次运行时评分的不一致性,汇总分数时的算术错误,大型提示上下文下性能下降,未能应用特定学科的分级权重,以及生成分数和定性反馈之间的内部不一致。这些发现促使重新设计体系架构,包括学科级提示分解,专门的每学科评分员,以及在多次运行中采用中位数选择策略。专家验证与人工评分解决方案的比对仍然是关键的下一步。
更新时间: 2026-04-09 13:09:20
领域: cs.SE,cs.CY,cs.LG
Introducing Echo Networks for Computational Neuroevolution
For applications on the extreme edge, minimal networks of only a few dozen artificial neurons for event detection and classification in discrete time signals would be highly desirable. Feed-forward networks, RNNs, and CNNs evolved through evolutionary algorithms can all be successful in this respect but pose the problem of allowing little systematicity in mutation and recombination if the standard direct genetic encoding of the weights is used (as for instance in the classic NEAT algorithm). We therefore introduce Echo Networks, a type of recurrent network that consists of the connection matrix only, with the source neurons of the synapses represented as rows, destination neurons as columns and weights as entries. There are no layers, and connections between neurons can be bidirectional but are technically all recurrent. Input and output can be arbitrarily assigned to any of the neurons and only use an additional (optional) function in their computational path, e.g., a sigmoid to obtain a binary classification output. We evaluated Echo Networks successfully on the classification of electrocardiography signals but see the most promising potential in their genome representation as a single matrix, allowing matrix computations and factorisations as mutation and recombination operators.
Updated: 2026-04-09 13:06:25
标题: 引入回声网络用于计算神经进化
摘要: 对于极端边缘应用而言,仅使用几十个人工神经元的最小网络,用于在离散时间信号中进行事件检测和分类将是非常理想的。通过进化算法进化的前馈网络、循环神经网络和卷积神经网络在这方面都可以取得成功,但如果使用标准的直接遗传编码权重(例如在经典NEAT算法中),则会在突变和重组方面存在较少的系统性问题。因此,我们引入了Echo Networks,一种由连接矩阵组成的循环网络,源神经元的突触表示为行,目标神经元表示为列,权重表示为条目。不存在层,神经元之间的连接可以是双向的,但在技术上都是循环的。输入和输出可以任意分配给任何神经元,并且仅在计算路径中使用额外的(可选的)函数,例如sigmoid函数以获得二进制分类输出。我们成功地评估了Echo Networks在心电图信号分类中的应用,但我们认为它们在基因组表示方面具有最有前途的潜力,作为单个矩阵,允许将矩阵计算和因子分解作为突变和重组操作符。
更新时间: 2026-04-09 13:06:25
领域: cs.LG,cs.NE
Evaluating Singular Value Thresholds for DNN Weight Matrices based on Random Matrix Theory
This study evaluates thresholds for removing singular values from singular value decomposition-based low-rank approximations of deep neural network weight matrices. Each weight matrix is modeled as the sum of signal and noise matrices. The low-rank approximation is obtained by removing noise-related singular values using a threshold based on random matrix theory. To assess the adequacy of this threshold, we propose an evaluation metric based on the cosine similarity between the singular vectors of the signal and original weight matrices. The proposed metric is used in numerical experiments to compare two threshold estimation methods.
Updated: 2026-04-09 13:05:15
标题: 基于随机矩阵理论评估DNN权重矩阵的奇异值阈值
摘要: 这项研究评估了基于奇异值分解的深度神经网络权重矩阵低秩近似中移除奇异值的阈值。每个权重矩阵被建模为信号矩阵和噪声矩阵的和。通过基于随机矩阵理论的阈值,移除与噪声相关的奇异值来获得低秩近似。为了评估这个阈值的适当性,我们提出了一个基于信号和原始权重矩阵的奇异向量之间余弦相似度的评估指标。提出的指标在数值实验中用于比较两种阈值估计方法。
更新时间: 2026-04-09 13:05:15
领域: stat.ML,cs.LG
MedVR: Annotation-Free Medical Visual Reasoning via Agentic Reinforcement Learning
Medical Vision-Language Models (VLMs) hold immense promise for complex clinical tasks, but their reasoning capabilities are often constrained by text-only paradigms that fail to ground inferences in visual evidence. This limitation not only curtails performance on tasks requiring fine-grained visual analysis but also introduces risks of visual hallucination in safety-critical applications. Thus, we introduce MedVR, a novel reinforcement learning framework that enables annotation-free visual reasoning for medical VLMs. Its core innovation lies in two synergistic mechanisms: Entropy-guided Visual Regrounding (EVR) uses model uncertainty to direct exploration, while Consensus-based Credit Assignment (CCA) distills pseudo-supervision from rollout agreement. Without any human annotations for intermediate steps, MedVR achieves state-of-the-art performance on diverse public medical VQA benchmarks, significantly outperforming existing models. By learning to reason directly with visual evidence, MedVR promotes the robustness and transparency essential for accelerating the clinical deployment of medical AI.
Updated: 2026-04-09 13:04:49
标题: MedVR:通过主动强化学习实现无标注的医学视觉推理
摘要: 医学视觉-语言模型(VLMs)在复杂临床任务中具有巨大的潜力,但它们的推理能力通常受到仅基于文本范式的限制,无法将推理基于视觉证据。这种限制不仅限制了在需要精细视觉分析的任务上的性能,还在安全关键应用中引入了视觉幻觉的风险。因此,我们引入了MedVR,这是一个新颖的强化学习框架,可以为医学VLMs实现无需标注的视觉推理。其核心创新在于两种协同机制:熵引导视觉重新定位(EVR)利用模型不确定性来指导探索,而基于共识的信用分配(CCA)从推演协议中提炼出伪监督。在中间步骤没有任何人类注释的情况下,MedVR在各种公共医学VQA基准测试上取得了最先进的性能,明显优于现有模型。通过直接学习与视觉证据推理,MedVR促进了对于加速医疗人工智能的临床部署至关重要的鲁棒性和透明性。
更新时间: 2026-04-09 13:04:49
领域: cs.CV,cs.AI
Machine Unlearning in the Era of Quantum Machine Learning: An Empirical Study
We present the first empirical study of machine unlearning (MU) in hybrid quantum-classical neural networks. While MU has been extensively explored in classical deep learning, its behavior within variational quantum circuits (VQCs) and quantum-augmented architectures remains largely unexplored. First, we adapt a broad suite of unlearning methods to quantum settings, including gradient-based, distillation-based, regularization-based and certified techniques. Second, we introduce two new unlearning strategies tailored to hybrid models. Experiments across Iris, MNIST, and Fashion-MNIST, under both subset removal and full-class deletion, reveal that quantum models can support effective unlearning, but outcomes depend strongly on circuit depth, entanglement structure, and task complexity. Shallow VQCs display high intrinsic stability with minimal memorization, whereas deeper hybrid models exhibit stronger trade-offs between utility, forgetting strength, and alignment with retrain oracle. We find that certain methods, e.g. EU-k, LCA, and Certified Unlearning, consistently provide the best balance across metrics. These findings establish baseline empirical insights into quantum machine unlearning and highlight the need for quantum-aware algorithms and theoretical guarantees, as quantum machine learning systems continue to expand in scale and capability. We publicly release our code at: https://github.com/CrivoiCarla/HQML.
Updated: 2026-04-09 13:04:02
标题: 在量子机器学习时代的机器遗忘:一项实证研究
摘要: 我们提出了混合量子-经典神经网络中机器遗忘(MU)的第一个实证研究。虽然MU在经典深度学习中得到了广泛探索,但在变分量子电路(VQC)和量子增强架构中的行为仍然大部分未被探索。首先,我们将一系列广泛的遗忘方法调整到量子设置中,包括基于梯度、蒸馏、正则化和认证技术。其次,我们引入了两种针对混合模型的新的遗忘策略。在鸢尾花、MNIST和时尚MNIST数据集上的实验,无论是子集删除还是完整类别删除,都显示出量子模型可以支持有效的遗忘,但结果强烈依赖于电路深度、纠缠结构和任务复杂性。浅层VQC显示出高内在稳定性和最小化记忆,而深度混合模型表现出效用、遗忘强度和与重新训练预言的一致性之间更强的权衡。我们发现某些方法,例如EU-k、LCA和认证遗忘,在各项指标上都提供了最佳平衡。这些发现为量子机器遗忘奠定了基准实证见解,并强调了对量子感知算法和理论保证的需求,因为量子机器学习系统继续扩大规模和能力。我们公开发布了我们的代码:https://github.com/CrivoiCarla/HQML。
更新时间: 2026-04-09 13:04:02
领域: cs.LG,cs.AI,cs.CV
ShuffleGate: A Unified Gating Mechanism for Feature Selection, Model Compression, and Importance Estimation
Feature selection, dimension selection, and embedding compression are fundamental techniques for improving efficiency and generalization in deep recommender systems. Although conceptually related, these problems are typically studied in isolation, each requiring specialized solutions. In this paper, we propose ShuffleGate, a unified and interpretable mechanism that estimates the importance of feature components, such as feature fields and embedding dimensions, by measuring their sensitivity to value substitution. Specifically, we randomly shuffle each component across the batch and learn a gating value that reflects how sensitive the model is to its information loss caused by random replacement. For example, if a field can be replaced without hurting performance, its gate converges to a low value--indicating redundancy. This provides an interpretable importance score with clear semantic meaning, rather than just a relative rank. Unlike conventional gating methods that produce ambiguous continuous scores, ShuffleGate produces polarized distributions, making thresholding straightforward and reliable. Our gating module can be seamlessly applied at the feature field, dimension, or embedding-entry level, enabling a unified solution to feature selection, dimension selection, and embedding compression. Experiments on four public recommendation benchmarks show that ShuffleGate achieves state-of-the-art results on all three tasks.
Updated: 2026-04-09 12:58:11
标题: 混洗门:一种统一的特征选择、模型压缩和重要性估计的门控机制
摘要: 特征选择、维度选择和嵌入压缩是提高深度推荐系统效率和泛化能力的基本技术。尽管在概念上相关,但这些问题通常被分别研究,每个都需要专门的解决方案。在本文中,我们提出了ShuffleGate,这是一种统一且可解释的机制,通过测量特征组件(如特征字段和嵌入维度)对值替换的敏感性来估计其重要性。具体来说,我们在批处理中随机洗牌每个组件,并学习一个反映模型对其信息丢失敏感程度的门控值。例如,如果一个字段可以替换而不影响性能,其门控值会收敛到一个较低的值,表示冗余性。这提供了一个有明确语义意义的可解释的重要性评分,而不仅仅是一个相对排名。与产生模糊连续得分的传统门控方法不同,ShuffleGate产生极化分布,使得阈值处理简单可靠。我们的门控模块可以无缝地应用于特征字段、维度或嵌入条目级别,实现特征选择、维度选择和嵌入压缩的统一解决方案。在四个公共推荐基准测试上的实验表明,ShuffleGate在所有三个任务上取得了最先进的结果。
更新时间: 2026-04-09 12:58:11
领域: cs.LG
Computationally lightweight classifiers with frequentist bounds on predictions
While both classical and neural network classifiers can achieve high accuracy, they fall short on offering uncertainty bounds on their predictions, making them unfit for safety-critical applications. Existing kernel-based classifiers that provide such bounds scale with $\mathcal O (n^{\sim3})$ in time, making them computationally intractable for large datasets. To address this, we propose a novel, computationally efficient classification algorithm based on the Nadaraya-Watson estimator, for whose estimates we derive frequentist uncertainty intervals. We evaluate our classifier on synthetically generated data and on electrocardiographic heartbeat signals from the MIT-BIH Arrhythmia database. We show that the method achieves competitive accuracy $>$\SI{96}{\percent} at $\mathcal O(n)$ and $\mathcal O(\log n)$ operations, while providing actionable uncertainty bounds. These bounds can, e.g., aid in flagging low-confidence predictions, making them suitable for real-time settings with resource constraints, such as diagnostic monitoring or implantable devices.
Updated: 2026-04-09 12:55:32
标题: 基于频率论预测界限的计算轻量级分类器
摘要: 虽然经典和神经网络分类器都能够达到高准确性,但它们在提供预测的不确定性边界方面存在不足,使它们不适用于安全关键应用。现有的提供这种边界的基于核的分类器在时间上的计算复杂度为$\mathcal O (n^{\sim3})$,使其在处理大型数据集时难以计算。为了解决这个问题,我们提出了一种基于Nadaraya-Watson估计器的新型、计算高效的分类算法,我们为其估计推导了频率论不确定性区间。我们在合成生成的数据和来自MIT-BIH心律失常数据库的心电图心跳信号上评估了我们的分类器。我们展示了该方法以$\mathcal O(n)$和$\mathcal O(\log n)$操作实现了竞争性准确性$>$\SI{96}{\percent},同时提供可行的不确定性边界。这些边界可以帮助标记低置信度预测,使其适用于资源受限的实时环境,例如诊断监测或可植入设备。
更新时间: 2026-04-09 12:55:32
领域: cs.LG,stat.ML
Hardware Efficient Approximate Convolution with Tunable Error Tolerance for CNNs
Modern CNNs' high computational demands hinder edge deployment, as traditional ``hard'' sparsity (skipping mathematical zeros) loses effectiveness in deep layers or with smooth activations like Tanh. We propose a ``soft sparsity'' paradigm using a hardware efficient Most Significant Bit (MSB) proxy to skip negligible non-zero multiplications. Integrated as a custom RISC-V instruction and evaluated on LeNet-5 (MNIST), this method reduces ReLU MACs by 88.42% and Tanh MACs by 74.87% with zero accuracy loss--outperforming zero-skipping by 5x. By clock-gating inactive multipliers, we estimate power savings of 35.2% for ReLU and 29.96% for Tanh. While memory access makes power reduction sub-linear to operation savings, this approach significantly optimizes resource-constrained inference.
Updated: 2026-04-09 12:53:50
标题: 硬件高效的近似卷积,适用于CNN具有可调误差容忍度
摘要: 现代CNN的高计算需求阻碍了边缘部署,因为传统的“硬”稀疏性(跳过数学零值)在深层或具有平滑激活(如Tanh)时失去了效果。我们提出了一种使用硬件高效的最显著位(MSB)代理跳过微不足道的非零乘法的“软稀疏性”范式。作为自定义的RISC-V指令集集成到LeNet-5(MNIST)上,并且在ReLU MACs上减少了88.42%,在Tanh MACs上减少了74.87%,而且没有精度损失--比跳零提高了5倍。通过时钟门控非活动乘法器,我们估计对于ReLU可以节省35.2%的功耗,对于Tanh可以节省29.96%的功耗。虽然内存访问使功耗的减少对操作的节省次线性,但这种方法显著优化了受资源约束的推断。
更新时间: 2026-04-09 12:53:50
领域: cs.LG,cs.AI,cs.AR
Approximation of the Basset force in the Maxey-Riley-Gatignol equations via universal differential equations
The Maxey-Riley-Gatignol equations (MaRGE) model the motion of spherical inertial particles in a fluid. They contain the Basset force, an integral term which models history effects due to the formation of wakes and boundary layer effects. This causes the force that acts on a particle to depend on its past trajectory and complicates the numerical solution of MaRGE. Therefore, the Basset force is often neglected, despite substantial evidence that it has both quantitative and qualitative impact on the movement patterns of modelled particles. Using the concept of universal differential equations, we propose an approximation of the history term via neural networks which approximates MaRGE by a system of ordinary differential equations that can be solved with standard numerical solvers like Runge-Kutta methods.
Updated: 2026-04-09 12:51:01
标题: 利用通用微分方程逼近Maxey-Riley-Gatignol方程中的Basset力Approximation of the Basset force in the Maxey-Riley-Gatignol equations via universal differential equations
摘要: Maxey-Riley-Gatignol方程(MaRGE)模拟了流体中球形惯性粒子的运动。它们包含巴塞特力,这是一个积分项,模拟了由于尾流和边界层效应的形成而产生的历史效应。这导致作用在粒子上的力取决于其过去的轨迹,并且使MaRGE的数值解决方案变得复杂。因此,尽管有大量证据表明巴塞特力对模拟粒子运动模式具有定量和定性影响,但通常会忽略这一项。利用普遍微分方程的概念,我们提出了通过神经网络对历史项进行近似的方法,该方法通过一组普通微分方程近似MaRGE,可以使用像Runge-Kutta方法这样的标准数值求解器求解。
更新时间: 2026-04-09 12:51:01
领域: cs.LG,math.NA
An Automated Survey of Generative Artificial Intelligence: Large Language Models, Architectures, Protocols, and Applications
Generative artificial intelligence, and large language models in particular, have emerged as one of the most transformative paradigms in modern computer science. This automated survey provides an accessible treatment of the field as of early 2026, with a strong focus on the leading model families, deployment protocols, and real-world applications. The core of the survey is devoted to a detailed comparative analysis of the frontier large language models, with particular emphasis on open-weight systems: DeepSeek-V3, DeepSeek-R1, DeepSeek-V3.2, and the forthcoming DeepSeek V4; the Qwen 3 and Qwen 3.5 series; GLM-5; Kimi K2.5; MiniMax M2.5; LLaMA 4; Mistral Large 3; Gemma 3; and Phi-4, alongside proprietary systems including GPT-5.4, Gemini 3.1 Pro, Grok 4.20, and Claude Opus 4.6. For each model, we describe the architectural innovations, training regimes, and empirical performance on current benchmarks and the Chatbot Arena leaderboard. The survey further covers deployment protocols including Retrieval-Augmented Generation, the Model Context Protocol, the Agent-to-Agent protocol, function calling standards, and serving frameworks. We present an extensive review of real-world applications across fifteen industry sectors, from financial services and legal technology to tourism and agriculture, supported by empirical evidence and case studies. This work has been generated by Claude Opus 4.6 (Anthropic) under the supervision and editorial review of the human authors, with the goal of producing updated editions approximately every six months.
Updated: 2026-04-09 12:47:33
标题: 一项关于生成人工智能的自动化调查:大型语言模型、架构、协议和应用
摘要: 生成人工智能,特别是大型语言模型,已经成为现代计算机科学中最具变革性的范式之一。这份自动化调查报告提供了一个在2026年初对该领域的易于理解的处理,重点关注领先的模型系列、部署协议和现实世界应用。调查的核心部分致力于对前沿大型语言模型的详细比较分析,特别强调开放权重系统:DeepSeek-V3、DeepSeek-R1、DeepSeek-V3.2和即将推出的DeepSeek V4;Qwen 3和Qwen 3.5系列;GLM-5;Kimi K2.5;MiniMax M2.5;LLaMA 4;Mistral Large 3;Gemma 3;以及Phi-4,以及包括GPT-5.4、Gemini 3.1 Pro、Grok 4.20和Claude Opus 4.6在内的专有系统。对于每个模型,我们描述了架构创新、训练制度以及在当前基准和Chatbot Arena排行榜上的经验表现。调查进一步涵盖了部署协议,包括检索增强生成、模型上下文协议、代理间协议、函数调用标准和服务框架。我们提供了对于15个行业领域的真实应用的广泛评论,从金融服务和法律技术到旅游和农业,支持了实证证据和案例研究。这项工作是由Claude Opus 4.6(人类)在人类作者的监督和编辑审查下生成的,旨在每隔约六个月制作更新版本。
更新时间: 2026-04-09 12:47:33
领域: cs.LG,cs.AI
Inside-Out: Measuring Generalization in Vision Transformers Through Inner Workings
Reliable generalization metrics are fundamental to the evaluation of machine learning models. Especially in high-stakes applications where labeled target data are scarce, evaluation of models' generalization performance under distribution shift is a pressing need. We focus on two practical scenarios: (1) Before deployment, how to select the best model for unlabeled target data? (2) After deployment, how to monitor model performance under distribution shift? The central need in both cases is a reliable and label-free proxy metric. Yet existing proxy metrics, such as model confidence or accuracy-on-the-line, are often unreliable as they only assess model output while ignoring the internal mechanisms that produce them. We address this limitation by introducing a new perspective: using the inner workings of a model, i.e., circuits, as a predictive metric of generalization performance. Leveraging circuit discovery, we extract the causal interactions between internal representations as a circuit, from which we derive two metrics tailored to the two practical scenarios. (1) Before deployment, we introduce Dependency Depth Bias, which measures different models' generalization capability on target data. (2) After deployment, we propose Circuit Shift Score, which predicts a model's generalization under different distribution shifts. Across various tasks, both metrics demonstrate significantly improved correlation with generalization performance, outperforming existing proxies by an average of 13.4\% and 34.1\%, respectively. Our code is available at https://github.com/deep-real/GenCircuit.
Updated: 2026-04-09 12:44:19
标题: 里外相通:通过内部机制测量视觉变换器的泛化
摘要: 可靠的泛化度量是评估机器学习模型的基础。特别是在标记目标数据稀缺的高风险应用中,评估模型在分布转移下的泛化性能是一个迫切的需求。我们关注两个实际场景:(1)在部署之前,如何为未标记的目标数据选择最佳模型?(2)在部署后,如何监控模型在分布转移下的性能?在这两种情况下的中心需求是可靠且无标签的代理度量。然而,现有的代理度量,如模型置信度或线上准确率,通常不可靠,因为它们只评估模型输出,而忽略了产生它们的内部机制。我们通过引入一个新的视角来解决这个限制:使用模型的内部工作方式,即电路,作为泛化性能的预测度量。利用电路发现,我们提取内部表示之间的因果关系作为一个电路,从中得出针对两个实际场景量身定制的两个度量。在部署之前,我们引入了Dependency Depth Bias,它衡量不同模型在目标数据上的泛化能力。在部署后,我们提出了Circuit Shift Score,它预测了模型在不同分布转移下的泛化性能。在各种任务中,这两个度量都表现出与泛化性能显著改善的相关性,分别超过现有代理13.4\%和34.1\%的平均水平。我们的代码可在https://github.com/deep-real/GenCircuit上找到。
更新时间: 2026-04-09 12:44:19
领域: cs.LG,cs.CV
Equivariant Efficient Joint Discrete and Continuous MeanFlow for Molecular Graph Generation
Graph-structured data jointly contain discrete topology and continuous geometry, which poses fundamental challenges for generative modeling due to heterogeneous distributions, incompatible noise dynamics, and the need for equivariant inductive biases. Existing flow-matching approaches for graph generation typically decouple structure from geometry, lack synchronized cross-domain dynamics, and rely on iterative sampling, often resulting in physically inconsistent molecular conformations and slow sampling. To address these limitations, we propose Equivariant MeanFlow (EQUIMF), a unified SE(3)-equivariant generative framework that jointly models discrete and continuous components through synchronized MeanFlow dynamics. EQUIMF introduces a unified time bridge and average-velocity updates with mutual conditioning between structure and geometry, enabling efficient few-step generation while preserving physical consistency. Moreover, we develop a novel discrete MeanFlow formulation with a simple yet effective parameterization to support efficient generation over discrete graph structures. Extensive experiments demonstrate that EQUIMF consistently outperforms prior diffusion and flow-matching methods in generation quality, physical validity, and sampling efficiency.
Updated: 2026-04-09 12:42:01
标题: 等变高效联合离散和连续平均流用于分子图生成
摘要: 图结构数据同时包含离散拓扑和连续几何,这给生成建模带来了基本挑战,因为存在异质分布、不兼容的噪声动态和需要等变归纳偏差。现有的图生成的流匹配方法通常将结构与几何进行解耦,缺乏同步的跨域动态,并依赖于迭代采样,往往导致分子构象在物理上不一致且采样缓慢。为了解决这些限制,我们提出了等变均值流(EQUIMF),这是一个统一的SE(3)-等变生成框架,通过同步的均值流动力学来联合建模离散和连续组件。EQUIMF引入了统一的时间桥和平均速度更新,通过结构和几何之间的相互调节,实现了高效的少步生成,同时保持物理一致性。此外,我们开发了一种新颖的离散均值流公式,采用简单而有效的参数化,以支持对离散图结构的高效生成。大量实验证明,EQUIMF在生成质量、物理有效性和采样效率方面始终优于先前的扩散和流匹配方法。
更新时间: 2026-04-09 12:42:01
领域: cs.LG
Long-Term Embeddings for Balanced Personalization
Modern transformer-based sequential recommenders excel at capturing short-term intent but often suffer from recency bias, overlooking stable long-term preferences. While extending sequence lengths is an intuitive fix, it is computationally inefficient, and recent interactions tend to dominate the model's attention. We propose Long-Term Embeddings (LTE) as a high-inertia contextual anchor to bridge this gap. We address a critical production challenge: the point-in-time consistency problem caused by infrastructure constraints, as feature stores typically host only a single "live" version of features. This leads to an offline-online mismatch during model deployments and rollbacks, as models are forced to process evolved representations they never saw during training. To resolve this, we introduce an LTE framework that constrains embeddings to a fixed semantic basis of content-based item representations, ensuring cross-version compatibility. Furthermore, we investigate integration strategies for causal language modeling, considering the data leakage issue that occurs when the LTE and the transformer's short-term sequence share a temporal horizon. We evaluate two representations: a heuristic average and an asymmetric autoencoder with a fixed decoder grounded in the semantic basis to enable behavioral fine-tuning while maintaining stability. Online A/B tests on Zalando demonstrate that integrating LTE as a contextual prefix token using a lagged window yields significant uplifts in both user engagement and financial metrics.
Updated: 2026-04-09 12:36:29
标题: 长期嵌入用于平衡个性化
摘要: 基于现代变压器的顺序推荐器在捕捉短期意图方面表现出色,但往往受到最近偏见的影响,忽视了稳定的长期偏好。虽然延长序列长度是一个直观的修复方法,但在计算上效率低下,并且最近的交互往往会主导模型的注意力。我们提出了长期嵌入(LTE)作为一个高惯性的上下文锚点,以弥合这一差距。我们解决了一个关键的生产挑战:由基础设施约束引起的时点一致性问题,因为特征存储通常只托管一个“实时”版本的特征。这导致了在模型部署和回滚期间离线-在线不匹配,因为模型被迫处理它们在训练期间从未见过的发展表示。为了解决这个问题,我们引入了一个LTE框架,将嵌入约束在基于内容的项目表示的固定语义基础上,确保跨版本兼容性。此外,我们研究了因果语言建模的整合策略,考虑到LTE和变压器的短期序列共享一个时间范围时发生的数据泄漏问题。我们评估了两种表示:一个启发式平均值和一个具有固定解码器的不对称自动编码器,该解码器基于语义基础,以实现行为微调同时保持稳定性。在Zalando的在线A/B测试中,结果显示,将LTE作为上下文前缀令牌集成到滞后窗口中,可以显著提高用户参与度和财务指标。
更新时间: 2026-04-09 12:36:29
领域: cs.LG
HiCI: Hierarchical Construction-Integration for Long-Context Attention
Long-context language modeling is commonly framed as a scalability challenge of token-level attention, yet local-to-global information structuring remains largely implicit in existing approaches. Drawing on cognitive theories of discourse comprehension, we propose HiCI (Hierarchical Construction--Integration), a hierarchical attention module that constructs segment-level representations, integrates them into a shared global context, and broadcasts both to condition segment-level attention. We validate HiCI through parameter-efficient adaptation of LLaMA-2 with only <5.5% additional parameters, extending context from 4K to 100K tokens (7B) and 64K tokens (13B). Across language modeling, retrieval, and instruction-following benchmarks, HiCI yields consistent improvements over strong baselines, including matching proprietary models on topic retrieval and surpassing GPT-3.5-Turbo-16K on code comprehension. These results demonstrate the effectiveness of explicit hierarchical structuring as an inductive bias for long-context modeling.
Updated: 2026-04-09 12:31:48
标题: HiCI:长上下文注意力的分层构建集成
摘要: 长文本语言建模通常被认为是基于标记级别注意力的可扩展性挑战,但现有方法中本地到全局信息结构化仍然主要是隐含的。借鉴认知理论的话语理解,我们提出了HiCI(Hierarchical Construction--Integration),这是一个层次化的注意力模块,用于构建段级表示,将它们整合到共享的全局上下文中,并将两者广播以调节段级注意力。我们通过参数高效的LLaMA-2的适应来验证HiCI,仅增加了<5.5%的额外参数,将上下文从4K扩展到100K标记(7B)和64K标记(13B)。在语言建模、检索和指令遵循基准测试中,HiCI相对于强基线模型表现出持续的改进,包括在主题检索上与专有模型匹配,并超过GPT-3.5-Turbo-16K在代码理解上的表现。这些结果表明,明确的层次结构作为长文本建模的归纳偏好是有效的。
更新时间: 2026-04-09 12:31:48
领域: cs.CL,cs.AI,cs.LG
Value-Guidance MeanFlow for Offline Multi-Agent Reinforcement Learning
Offline multi-agent reinforcement learning (MARL) aims to learn the optimal joint policy from pre-collected datasets, requiring a trade-off between maximizing global returns and mitigating distribution shift from offline data. Recent studies use diffusion or flow generative models to capture complex joint policy behaviors among agents; however, they typically rely on multi-step iterative sampling, thereby reducing training and inference efficiency. Although further research improves sampling efficiency through methods like distillation, it remains sensitive to the behavior regularization coefficient. To address the above-mentioned issues, we propose Value Guidance Multi-agent MeanFlow Policy (VGM$^2$P), a simple yet effective flow-based policy learning framework that enables efficient action generation with coefficient-insensitive conditional behavior cloning. Specifically, VGM$^2$P uses global advantage values to guide agent collaboration, treating optimal policy learning as conditional behavior cloning. Additionally, to improve policy expressiveness and inference efficiency in multi-agent scenarios, it leverages classifier-free guidance MeanFlow for both policy training and execution. Experiments on tasks with both discrete and continuous action spaces demonstrate that, even when trained solely via conditional behavior cloning, VGM$^2$P efficiently achieves performance comparable to state-of-the-art methods.
Updated: 2026-04-09 12:31:43
标题: 离线多智能体强化学习中的价值导向平均流
摘要: 离线多智能体强化学习(MARL)旨在从预先收集的数据集中学习最佳联合策略,需要在最大化全局回报和减轻离线数据的分布偏移之间进行权衡。最近的研究使用扩散或流生成模型来捕捉智能体之间的复杂联合策略行为;然而,它们通常依赖于多步迭代采样,从而降低了训练和推断效率。虽然进一步的研究通过诸如蒸馏等方法提高了采样效率,但仍对行为正则化系数敏感。为解决上述问题,我们提出了价值引导多智能体MeanFlow策略(VGM$^2$P),这是一个简单而有效的基于流的策略学习框架,可以通过系数不敏感的条件行为克隆实现高效的动作生成。具体来说,VGM$^2$P使用全局优势值来指导智能体合作,将最佳策略学习视为条件行为克隆。此外,为了改善多智能体情景中的策略表达能力和推断效率,它利用无分类器引导的MeanFlow进行策略训练和执行。在具有离散和连续动作空间的任务上的实验证明,即使仅通过条件行为克隆进行训练,VGM$^2$P也能够有效地实现与最先进方法相媲美的性能。
更新时间: 2026-04-09 12:31:43
领域: cs.LG
On secret sharing from extended norm-trace curves
In [4] Camps-Moreno et al. treated (relative) generalized Hamming weights of codes from extended norm-trace curves and they gave examples of resulting good asymmetric quantum error-correcting codes employing information on the relative distances. In the present paper we study ramp secret sharing schemes which are objects that require an analysis of higher relative weights and we show that not only do schemes defined from one-point algebraic geometric codes from extended norm-trace curves have good parameters, they also posses a second layer of security along the lines of [11]. It is left undecided in [4, page 2889] if the ``footprint-like approach'' as employed by Camps-Moreno herein is strictly better for codes related to extended norm-trace codes than the general approach for treating one-point algebraic geometric codes and their likes as presented in [12]. We demonstrate that the method used in [4] to estimate (relative) generalized Hamming weights of codes from extended norm-trace curves can be viewed as a clever application of the enhanced Goppa bound in [12] rather than a competing approach.
Updated: 2026-04-09 12:24:27
标题: 关于从扩展规范-迹曲线进行秘密共享
摘要: 在文献[4]中,Camps-Moreno等人研究了来自扩展标准-迹曲线的代码的(相对)广义汉明权重,并给出了利用相对距离信息得到的良好的非对称量子纠错码的示例。在本文中,我们研究了需要分析更高相对权重的坡道秘密共享方案,我们展示了不仅从扩展标准-迹曲线的单点代数几何码定义的方案具有良好的参数,而且在[11]中的安全性方面也具有第二层保护。在[4,第2889页]中并未明确指出Camps-Moreno在此所采用的“类似足迹的方法”是否对于与扩展标准-迹码相关的代码比[12]中呈现的处理单点代数几何码及其类似物的一般方法更好。我们展示了在[4]中用于估计来自扩展标准-迹曲线的代码的(相对)广义汉明权重的方法可以被看作是对增强Goppa界限在[12]中的巧妙应用,而不是一种竞争性方法。
更新时间: 2026-04-09 12:24:27
领域: cs.CR
Shift- and stretch-invariant non-negative matrix factorization with an application to brain tissue delineation in emission tomography data
Dynamic neuroimaging data, such as emission tomography measurements of radiotracer transport in blood or cerebrospinal fluid, often exhibit diffusion-like properties. These introduce distance-dependent temporal delays, scale-differences, and stretching effects that limit the effectiveness of conventional linear modeling and decomposition methods. To address this, we present the shift- and stretch-invariant non-negative matrix factorization framework. Our approach estimates both integer and non-integer temporal shifts as well as temporal stretching, all implemented in the frequency domain, where shifts correspond to phase modifications, and where stretching is handled via zero-padding or truncation. The model is implemented in PyTorch (https://github.com/anders-s-olsen/shiftstretchNMF). We demonstrate on synthetic data and brain emission tomography data that the model is able to account for stretching to provide more detailed characterization of brain tissue structure.
Updated: 2026-04-09 12:22:04
标题: 平移和拉伸不变的非负矩阵分解及其在放射性核素断层扫描数据中脑组织划分中的应用
摘要: 动态神经影像学数据,如血液或脑脊液中放射性示踪剂传输的发射断层扫描测量,通常具有扩散样的特性。这些特性引入了距离相关的时间延迟、尺度差异和拉伸效应,限制了传统线性建模和分解方法的有效性。为了解决这个问题,我们提出了移位和拉伸不变的非负矩阵分解框架。我们的方法估计整数和非整数时间移位以及时间拉伸,所有这些都在频域中实现,其中移位对应于相位修改,而拉伸通过零填充或截断处理。该模型在PyTorch中实现(https://github.com/anders-s-olsen/shiftstretchNMF)。我们在合成数据和脑部发射断层扫描数据上进行演示,表明该模型能够考虑拉伸,从而提供对脑组织结构更详细的表征。
更新时间: 2026-04-09 12:22:04
领域: cs.LG
Mitigating Spurious Background Bias in Multimedia Recognition with Disentangled Concept Bottlenecks
Concept Bottleneck Models (CBMs) enhance interpretability by predicting human-understandable concepts as intermediate representations. However, existing CBMs often suffer from input-to-concept mapping bias and limited controllability, which restricts their practical utility and undermines the reliability of concept-based strategies. To address these challenges, we propose a Lightweight Disentangled Concept Bottleneck Model (LDCBM) that automatically groups visual features into semantically meaningful components without the need for region annotations. By introducing a filter grouping loss and joint concept supervision, our method improves the alignment between visual patterns and concepts, enabling more transparent and robust decision-making. Notably, experiments on three diverse datasets demonstrate that LDCBM achieves higher concept and class accuracy, outperforming previous CBMs in both interpretability and classification performance. Complexity analysis reveals that the parameter count and FLOPs of LDCBM are less than 5% higher than those of Vanilla CBM. Furthermore, background mask intervention experiments validate the model's strong capability to suppress irrelevant image regions, further corroborating the high precision of the visual-concept mapping under LDCBM's lightweight design paradigm. By grounding concepts in visual evidence, our method overcomes a fundamental limitation of prior models and enhances the reliability of interpretable AI.
Updated: 2026-04-09 12:16:23
标题: 使用分离概念瓶颈减轻多媒体识别中的虚假背景偏差
摘要: Concept Bottleneck Models (CBMs)通过预测人类可理解的概念作为中间表示来增强可解释性。然而,现有的CBMs经常受到输入到概念映射偏差和有限的可控性的困扰,这限制了它们的实际效用并削弱了基于概念的策略的可靠性。为了解决这些挑战,我们提出了一种轻量级解耦概念瓶颈模型(LDCBM),它可以自动将视觉特征分组为语义上有意义的组件,而无需区域注释。通过引入一个滤波器分组损失和联合概念监督,我们的方法改善了视觉模式和概念之间的对齐,使决策更透明和更稳健。值得注意的是,对三个不同数据集的实验表明,LDCBM实现了更高的概念和类别准确性,在可解释性和分类性能方面优于以前的CBMs。复杂性分析显示,LDCBM的参数计数和FLOPs比Vanilla CBM仅高出不到5%。此外,背景掩码干预实验证实了该模型抑制无关图像区域的强大能力,进一步证实了在LDCBM的轻量级设计范式下视觉概念映射的高精度性。通过将概念基于视觉证据,我们的方法克服了以前模型的基本限制,并增强了可解释AI的可靠性。
更新时间: 2026-04-09 12:16:23
领域: cs.CV,cs.LG
The Unreasonable Effectiveness of Data for Recommender Systems
In recommender systems, collecting, storing, and processing large-scale interaction data is increasingly costly in terms of time, energy, and computation, yet it remains unclear when additional data stops providing meaningful gains. This paper investigates how offline recommendation performance evolves as the size of the training dataset increases and whether a saturation point can be observed. We implemented a reproducible Python evaluation workflow with two established toolkits, LensKit and RecBole, included 11 large public datasets with at least 7 million interactions, and evaluated 10 tool-algorithm combinations. Using absolute stratified user sampling, we trained models on nine sample sizes from 100,000 to 100,000,000 interactions and measured NDCG@10. Overall, raw NDCG usually increased with sample size, with no observable saturation point. To make result groups comparable, we applied min-max normalization within each group, revealing a clear positive trend in which around 75% of the points at the largest completed sample size also achieved the group's best observed performance. A late-stage slope analysis over the final 10-30% of each group further supported this upward trend: the interquartile range remained entirely non-negative with a median near 1.0. In summary, for traditional recommender systems on typical user-item interaction data, incorporating more training data remains primarily beneficial, while weaker scaling behavior is concentrated in atypical dataset cases and in the algorithmic outlier RecBole BPR under our setup.
Updated: 2026-04-09 12:13:03
标题: 数据对推荐系统的非理性有效性
摘要: 在推荐系统中,收集、存储和处理大规模交互数据在时间、能源和计算方面越来越昂贵,然而,额外数据停止提供有意义收益的时间仍不清楚。本文研究了离线推荐性能如何随着训练数据集大小的增加而演变,以及是否可以观察到饱和点。我们使用两个已建立的工具包LensKit和RecBole实施了一个可重现的Python评估工作流程,包括了至少有700万次交互的11个大型公共数据集,并评估了10种工具-算法组合。使用绝对分层用户抽样,我们在从100,000到100,000,000个互动中训练模型,并测量了NDCG@10。总体而言,原始NDCG通常随样本大小增加而增加,没有观察到饱和点。为了使结果组可比较,我们在每个组内应用了最小-最大标准化,揭示了一个明显的正向趋势,大约有75%的点在最大的完成样本大小也达到了该组观察到的最佳性能。在每个组的最后10-30%进行的后期斜率分析进一步支持了这种上升趋势:四分位差保持完全为非负,中位数接近1.0。总之,在典型用户-物品交互数据上的传统推荐系统中,增加更多的训练数据仍然主要有益,而较弱的缩放行为集中在非典型数据集案例和在我们的设置下的算法异常值RecBole BPR中。
更新时间: 2026-04-09 12:13:03
领域: cs.IR,cs.LG
A Direct Approach for Handling Contextual Bandits with Latent State Dynamics
We revisit the finite-armed linear bandit model by Nelson et al. (2022), where contexts and rewards are governed by a finite hidden Markov chain. Nelson et al. (2022) approach this model by a reduction to linear contextual bandits; but to do so, they actually introduce a simplification in which rewards are linear functions of the posterior probabilities over the hidden states given the observed contexts, rather than functions of the hidden states themselves. Their analysis (but not their algorithm) also does not take into account the estimation of the HMM parameters, and only tackles expected, not high-probability, bounds, which suffer in addition from unnecessary complex dependencies on the model (like reward gaps). We instead study the more natural model incorporating direct dependencies in the hidden states (on top of dependencies on the observed contexts, as is natural for contextual bandits) and also obtain stronger, high-probability, regret bounds for a fully adaptive strategy that estimates HMM parameters online. These bounds do not depend on the reward functions and only depend on the model through the estimation of the HMM parameters.
Updated: 2026-04-09 12:09:45
标题: 一种处理具有潜在状态动态的上下文强化学习的直接方法
摘要: 我们重新审视了Nelson等人(2022年)提出的有限臂线性赌博机模型,其中上下文和奖励受有限隐藏马尔可夫链控制。Nelson等人(2022年)通过将其简化为线性背景赌博机来处理这个模型;但为了做到这一点,他们实际上引入了一个简化,即奖励是后验概率对隐藏状态的线性函数,而不是隐藏状态本身的函数。他们的分析(但不包括他们的算法)也没有考虑隐马尔可夫模型参数的估计,只处理了期望的而非高概率的边界,另外还受到对模型(如奖励差距)不必要的复杂依赖的影响。相反,我们研究了更自然的模型,该模型包括直接依赖于隐藏状态(除了对观察到的上下文的依赖外,这对于背景赌博机是自然的),并且为全面自适应策略获得了更强的高概率后悔边界,该策略在线估计HMM参数。这些边界不依赖于奖励函数,只依赖于模型通过估计HMM参数。
更新时间: 2026-04-09 12:09:45
领域: cs.LG,stat.ML
Multimodal Reasoning with LLM for Encrypted Traffic Interpretation: A Benchmark
Network traffic, as a key media format, is crucial for ensuring security and communications in modern internet infrastructure. While existing methods offer excellent performance, they face two key bottlenecks: (1) They fail to capture multidimensional semantics beyond unimodal sequence patterns. (2) Their black box property, i.e., providing only category labels, lacks an auditable reasoning process. We identify a key factor that existing network traffic datasets are primarily designed for classification and inherently lack rich semantic annotations, failing to generate human-readable evidence report. To address data scarcity, this paper proposes a Byte-Grounded Traffic Description (BGTD) benchmark for the first time, combining raw bytes with structured expert annotations. BGTD provides necessary behavioral features and verifiable chains of evidence for multimodal reasoning towards explainable encrypted traffic interpretation. Built upon BGTD, this paper proposes an end-to-end traffic-language representation framework (mmTraffic), a multimodal reasoning architecture bridging physical traffic encoding and semantic interpretation. In order to alleviate modality interference and generative hallucinations, mmTraffic adopts a jointly-optimized perception-cognition architecture. By incorporating a perception-centered traffic encoder and a cognition-centered LLM generator, mmTraffic achieves refined traffic interpretation with guaranteed category prediction. Extensive experiments demonstrate that mmTraffic autonomously generates high-fidelity, human-readable, and evidence-grounded traffic interpretation reports, while maintaining highly competitive classification accuracy comparing to specialized unimodal model (e.g., NetMamba). The source code is available at https://github.com/lgzhangzlg/Multimodal-Reasoning-with-LLM-for-Encrypted-Traffic-Interpretation-A-Benchmark
Updated: 2026-04-09 11:56:28
标题: 使用LLM进行加密流量解释的多模态推理:一个基准测试
摘要: 网络流量作为一个关键的媒体格式,在现代互联网基础设施中确保安全和通信至关重要。虽然现有方法提供了出色的性能,但它们面临两个关键瓶颈:(1)它们无法捕捉超越单模式序列模式的多维语义。 (2)它们的黑匣子特性,即仅提供类别标签,缺乏可审计的推理过程。我们确定一个关键因素,即现有网络流量数据集主要设计用于分类,并且本质上缺乏丰富的语义注释,无法生成人类可读的证据报告。为了解决数据稀缺性,本文首次提出了一个基于字节的流量描述(BGTD)基准,将原始字节与结构化专家注释相结合。BGTD提供必要的行为特征和可验证的证据链,以实现对可解释加密流量的多模态推理。基于BGTD,本文提出了一个端到端的流量语言表示框架(mmTraffic),这是一个将物理流量编码与语义解释相结合的多模态推理架构。为了减轻模态干扰和生成性幻觉,mmTraffic采用了一个联合优化的感知-认知架构。通过整合以感知为中心的流量编码器和以认知为中心的LLM生成器,mmTraffic实现了具有保证类别预测的精细流量解释。大量实验证明,mmTraffic自主生成高保真、人类可读和基于证据的流量解释报告,同时保持与专门的单模式模型(例如NetMamba)相比具有高竞争力的分类准确性。源代码可在https://github.com/lgzhangzlg/Multimodal-Reasoning-with-LLM-for-Encrypted-Traffic-Interpretation-A-Benchmark获取。
更新时间: 2026-04-09 11:56:28
领域: cs.CR,cs.AI,cs.MM,cs.NI
Evaluating LLMs for Demographic-Targeted Social Bias Detection: A Comprehensive Benchmark Study
Large-scale web-scraped text corpora used to train general-purpose AI models often contain harmful demographic-targeted social biases, creating a regulatory need for data auditing and developing scalable bias-detection methods. Although prior work has investigated biases in text datasets and related detection methods, these studies remain narrow in scope. They typically focus on a single content type (e.g., hate speech), cover limited demographic axes, overlook biases affecting multiple demographics simultaneously, and analyze limited techniques. Consequently, practitioners lack a holistic understanding of the strengths and limitations of recent large language models (LLMs) for automated bias detection. In this study, we conduct a comprehensive benchmark study on English texts to assess the ability of LLMs in detecting demographic-targeted social biases. To align with regulatory requirements, we frame bias detection as a multi-label task of detecting targeted identities using a demographic-focused taxonomy. We then systematically evaluate models across scales and techniques, including prompting, in-context learning, and fine-tuning. Using twelve datasets spanning diverse content types and demographics, our study demonstrates the promise of fine-tuned smaller models for scalable detection. However, our analyses also expose persistent gaps across demographic axes and multi-demographic targeted biases, underscoring the need for more effective and scalable detection frameworks.
Updated: 2026-04-09 11:53:02
标题: 评估用于人口统计目标社会偏见检测的LLMs:一项全面的基准研究
摘要: 大规模网络爬虫文本语料库用于训练通用人工智能模型,往往包含有害的针对特定人口群体的社会偏见,这就需要进行数据审计和开发可扩展的偏见检测方法。尽管先前的研究已经调查了文本数据集中的偏见以及相关的检测方法,但这些研究仍然范围狭窄。它们通常专注于单一内容类型(如仇恨言论),涵盖有限的人口群体轴线,忽视同时影响多个人口群体的偏见,并分析了有限的技术。因此,从业者缺乏对最近大型语言模型(LLMs)用于自动偏见检测的优势和局限性的整体理解。在本研究中,我们对英文文本进行了全面的基准研究,评估了LLMs在检测针对特定人口群体的社会偏见方面的能力。为了符合监管要求,我们将偏见检测定为使用以人口为中心的分类体系检测针对性身份的多标签任务。然后,我们系统地评估不同规模和技术的模型,包括提示、上下文学习和微调。通过使用跨越多种内容类型和人口群体的十二个数据集,我们的研究展示了微调较小模型用于可扩展检测的潜力。然而,我们的分析也揭示了跨人口群体轴线和多人口群体针对性偏见之间持续存在的差距,强调了需要更加有效和可扩展的检测框架。
更新时间: 2026-04-09 11:53:02
领域: cs.CL,cs.CY,cs.LG
Alloc-MoE: Budget-Aware Expert Activation Allocation for Efficient Mixture-of-Experts Inference
Mixture-of-Experts (MoE) has become a dominant architecture for scaling large language models due to their sparse activation mechanism. However, the substantial number of expert activations creates a critical latency bottleneck during inference, especially in resource-constrained deployment scenarios. Existing approaches that reduce expert activations potentially lead to severe model performance degradation. In this work, we introduce the concept of \emph{activation budget} as a constraint on the number of expert activations and propose Alloc-MoE, a unified framework that optimizes budget allocation coordinately at both the layer and token levels to minimize performance degradation. At the layer level, we introduce Alloc-L, which leverages sensitivity profiling and dynamic programming to determine the optimal allocation of expert activations across layers. At the token level, we propose Alloc-T, which dynamically redistributes activations based on routing scores, optimizing budget allocation without increasing latency. Extensive experiments across multiple MoE models demonstrate that Alloc-MoE maintains model performance under a constrained activation budget. Especially, Alloc-MoE achieves $1.15\times$ prefill and $1.34\times$ decode speedups on DeepSeek-V2-Lite at half of the original budget.
Updated: 2026-04-09 11:50:21
标题: Alloc-MoE:面向预算的专家激活分配,用于高效的专家混合推断
摘要: 混合专家(MoE)已成为扩展大型语言模型的主导架构,因为其稀疏激活机制。然而,在推断过程中,大量专家激活会创建关键的延迟瓶颈,特别是在资源受限的部署场景中。现有的减少专家激活的方法可能导致严重的模型性能下降。在这项工作中,我们引入了“激活预算”概念作为专家激活数量的约束,并提出了Alloc-MoE,一个统一的框架,协调地在层级和标记级别优化预算分配,以最小化性能下降。在层级上,我们引入了Alloc-L,利用敏感性分析和动态规划来确定跨层的专家激活的最佳分配。在标记级别上,我们提出了Alloc-T,根据路由分数动态重新分配激活,优化预算分配而不增加延迟。通过对多个MoE模型进行广泛实验,证明Alloc-MoE在受限的激活预算下保持模型性能。特别是,在一半的原始预算下,Alloc-MoE在DeepSeek-V2-Lite上实现了1.15倍的预填充和1.34倍的解码速度提升。
更新时间: 2026-04-09 11:50:21
领域: cs.LG,cs.AI,cs.CL
Small Vision-Language Models are Smart Compressors for Long Video Understanding
Adapting Multimodal Large Language Models (MLLMs) for hour-long videos is bottlenecked by context limits. Dense visual streams saturate token budgets and exacerbate the lost-in-the-middle phenomenon. Existing heuristics, like sparse sampling or uniform pooling, blindly sacrifice fidelity by discarding decisive moments and wasting bandwidth on irrelevant backgrounds. We propose Tempo, an efficient query-aware framework compressing long videos for downstream understanding. Tempo leverages a Small Vision-Language Model (SVLM) as a local temporal compressor, casting token reduction as an early cross-modal distillation process to generate compact, intent-aligned representations in a single forward pass. To enforce strict budgets without breaking causality, we introduce Adaptive Token Allocation (ATA). Exploiting the SVLM's zero-shot relevance prior and semantic front-loading, ATA acts as a training-free $O(1)$ dynamic router. It allocates dense bandwidth to query-critical segments while compressing redundancies into minimal temporal anchors to maintain the global storyline. Extensive experiments show our 6B architecture achieves state-of-the-art performance with aggressive dynamic compression (0.5-16 tokens/frame). On the extreme-long LVBench (4101s), Tempo scores 52.3 under a strict 8K visual budget, outperforming GPT-4o and Gemini 1.5 Pro. Scaling to 2048 frames reaches 53.7. Crucially, Tempo compresses hour-long videos substantially below theoretical limits, proving true long-form video understanding relies on intent-driven efficiency rather than greedily padded context windows.
Updated: 2026-04-09 11:40:25
标题: 小型视觉语言模型是长视频理解的智能压缩器
摘要: 将多模态大型语言模型(MLLMs)适应长达一小时的视频受到上下文限制的瓶颈。密集的视觉流使令牌预算饱和,并加剧了中间迷失现象。现有的启发式方法,如稀疏采样或均匀池化,盲目地通过丢弃决定性时刻来牺牲保真度,并在无关的背景上浪费带宽。我们提出了Tempo,一种高效的查询感知框架,用于压缩长视频以实现下游理解。Tempo利用小型视觉-语言模型(SVLM)作为本地时间压缩器,将令牌减少视为早期跨模态蒸馏过程,以在单个前向传递中生成紧凑、意图对齐的表示。为了在不破坏因果关系的情况下强制执行严格的预算,我们引入了自适应令牌分配(ATA)。利用SVLM的零射击相关性先验和语义前置加载,ATA充当无需训练的$O(1)$动态路由器。它将密集带宽分配给查询关键段,同时将冗余压缩为最小的时间锚,以保持全局故事情节。广泛的实验表明,我们的6B架构在具有侵略性动态压缩(0.5-16令牌/帧)的同时实现了最先进的性能。在极长的LVBench(4101秒)上,Tempo在严格的8K视觉预算下得分为52.3,胜过了GPT-4o和Gemini 1.5 Pro。扩展到2048帧达到了53.7。至关重要的是,Tempo将长达一小时的视频压缩到远低于理论限制的水平,证明真正的长篇视频理解取决于意图驱动的效率,而不是贪婪地填充上下文窗口。
更新时间: 2026-04-09 11:40:25
领域: cs.CV,cs.AI,cs.CL,cs.LG
Initialisation Determines the Basin: Efficient Codebook Optimisation for Extreme LLM Quantization
Additive quantization enables extreme LLM compression with O(1) lookup-table dequantization, making it attractive for edge deployment. Yet at 2-bit precision, it often fails catastrophically, even with extensive search and finetuning. We show that the dominant bottleneck is codebook initialisation. Greedy sequential initialisation frequently places the model in poor optimisation regions that subsequent beam search and PV-tuning struggle to overcome. We analyse this behaviour through the representational ratio \r{ho} = N/KM, which characterises the relationship between weight groups and codebook capacity, and propose OA-EM, an output-aware EM initialisation method using Hessian-weighted Mahalanobis distance. Across compression rates, search budgets, and three architectures (Llama 3.2 3B, Llama 3.1 8B, Qwen 2.5 3B), OA-EM consistently produces better solutions after PV-tuning and dominates the quality-compute frontier. The severity of the bottleneck scales with \r{ho}: moderate at 3 bpp but extreme at 2 bpp, where poor initialisation can degrade perplexity by orders of magnitude. More broadly, our results highlight the importance of optimisation geometry in compressed model spaces, where initialisation can dominate subsequent search and fine-tuning.
Updated: 2026-04-09 11:38:24
标题: 初始化确定盆地:极端LLM量化的高效码书优化
摘要: 添加量化使得具有O(1)查找表去量化的极端LLM压缩成为可能,这使得它在边缘部署中变得吸引人。然而,在2位精度下,即使经过广泛的搜索和微调,它经常会遭遇灾难性失败。我们表明,主要瓶颈是码书的初始化。贪婪的顺序初始化经常会将模型置于优化不良区域,随后的波束搜索和PV调整很难克服。我们通过表示比\(\rho = N/KM\)来分析这种行为,该比率表征了权重组和码书容量之间的关系,并提出了一种使用Hessian加权马氏距离的输出感知EM初始化方法OA-EM。在压缩率、搜索预算和三种架构(Llama 3.2 3B、Llama 3.1 8B、Qwen 2.5 3B)上,OA-EM在PV调整后始终产生更好的解决方案,并在质量-计算前沿上占主导地位。瓶颈的严重程度与\(\rho\)成比例:在3 bpp时适度,在2 bpp时极端,初始不良可能使困惑度降低数个数量级。更广泛地说,我们的结果突显了在压缩模型空间中的优化几何的重要性,其中初始化可以主导后续搜索和微调。
更新时间: 2026-04-09 11:38:24
领域: cs.CL,cs.LG
TADP-RME: A Trust-Adaptive Differential Privacy Framework for Enhancing Reliability of Data-Driven Systems
Ensuring reliability in adversarial settings necessitates treating privacy as a foundational component of data-driven systems. While differential privacy and cryptographic protocols offer strong guarantees, existing schemes rely on a fixed privacy budget, leading to a rigid utility-privacy trade-off that fails under heterogeneous user trust. Moreover, noise-only differential privacy preserves geometric structure, which inference attacks exploit, causing privacy leakage. We propose TADP-RME (Trust-Adaptive Differential Privacy with Reverse Manifold Embedding), a framework that enhances reliability under varying levels of user trust. It introduces an inverse trust score in the range [0,1] to adaptively modulate the privacy budget, enabling smooth transitions between utility and privacy. Additionally, Reverse Manifold Embedding applies a nonlinear transformation to disrupt local geometric relationships while preserving formal differential privacy guarantees through post-processing. Theoretical and empirical results demonstrate improved privacy-utility trade-offs, reducing attack success rates by up to 3.1 percent without significant utility degradation. The framework consistently outperforms existing methods against inference attacks, providing a unified approach for reliable learning in adversarial environments.
Updated: 2026-04-09 11:32:57
标题: TADP-RME:一种用于增强数据驱动系统可靠性的信任自适应差分隐私框架
摘要: 在对抗性环境中确保可靠性需要将隐私视为数据驱动系统的基础组成部分。虽然差分隐私和密码学协议提供了强有力的保证,但现有方案依赖于固定的隐私预算,导致在用户信任度不均匀的情况下无法实现灵活的效用-隐私权衡。此外,仅噪声的差分隐私保留了几何结构,推断攻击可以利用这一点,导致隐私泄露。 我们提出了TADP-RME(具有反向流形嵌入的信任自适应差分隐私)框架,它在不同用户信任水平下增强了可靠性。它引入了一个在[0,1]范围内的反向信任分数,自适应调节隐私预算,实现了效用和隐私之间的平滑过渡。此外,反向流形嵌入应用非线性转换来破坏局部几何关系,同时通过后处理保留形式上的差分隐私保证。 理论和实证结果表明,改进了隐私-效用权衡,将攻击成功率降低了最多3.1%,而没有明显的效用降低。该框架在对抗推断攻击方面始终优于现有方法,为在对抗环境中可靠学习提供了统一的方法。
更新时间: 2026-04-09 11:32:57
领域: cs.CR,cs.AI,cs.LG
Bias Redistribution in Visual Machine Unlearning: Does Forgetting One Group Harm Another?
Machine unlearning enables models to selectively forget training data, driven by privacy regulations such as GDPR and CCPA. However, its fairness implications remain underexplored: when a model forgets a demographic group, does it neutralize that concept or redistribute it to correlated groups, potentially amplifying bias? We investigate this bias redistribution phenomenon on CelebA using CLIP models (ViT/B-32, ViT-L/14, ViT-B/16) under a zero-shot classification setting across intersectional groups defined by age and gender. We evaluate three unlearning methods, Prompt Erasure, Prompt Reweighting, and Refusal Vector using per-group accuracy shifts, demographic parity gaps, and a redistribution score. Our results show that unlearning does not eliminate bias but redistributes it primarily along gender rather than age boundaries. In particular, removing the dominant Young Female group consistently transfers performance to Old Female across all model scales, revealing a gender-dominant structure in CLIP's embedding space. While the Refusal Vector method reduces redistribution, it fails to achieve complete forgetting and significantly degrades retained performance. These findings highlight a fundamental limitation of current unlearning methods: without accounting for embedding geometry, they risk amplifying bias in retained groups.
Updated: 2026-04-09 11:29:36
标题: 视觉机器遗忘中的偏见再分配:遗忘一个群体是否会伤害另一个群体?
摘要: 机器遗忘使模型能够选择性地忘记训练数据,受到隐私法规(如GDPR和CCPA)的驱动。然而,其公平性影响仍未得到充分探讨:当一个模型忘记了一个人口群体时,它是否中性化了这个概念,还是将其重新分配给相关群体,从而可能放大偏见?我们使用CelebA数据集和CLIP模型(ViT/B-32,ViT-L/14,ViT-B/16)在零样本分类设置下,对由年龄和性别定义的交叉群体进行了偏见重新分配现象的研究。我们评估了三种遗忘方法,即提示擦除、提示重新加权和拒绝向量,使用每个群体的准确性变化、人口平等差距和重新分配得分。我们的结果表明,遗忘并不能消除偏见,而是主要沿着性别而不是年龄边界重新分配偏见。特别是,删除占主导地位的年轻女性群体始终会将性能转移到老年女性群体,揭示了CLIP的嵌入空间中的性别主导结构。虽然拒绝向量方法减少了重新分配,但未能实现完全遗忘,并且显著降低了保留的性能。这些发现凸显了当前遗忘方法的一个根本局限性:在不考虑嵌入几何结构的情况下,它们有可能在保留的群体中放大偏见。
更新时间: 2026-04-09 11:29:36
领域: cs.LG,cs.CV
OV-Stitcher: A Global Context-Aware Framework for Training-Free Open-Vocabulary Semantic Segmentation
Training-free open-vocabulary semantic segmentation(TF-OVSS) has recently attracted attention for its ability to perform dense prediction by leveraging the pretrained knowledge of large vision and vision-language models, without requiring additional training. However, due to the limited input resolution of these pretrained encoders, existing TF-OVSS methods commonly adopt a sliding-window strategy that processes cropped sub-images independently. While effective for managing high-resolution inputs, this approach prevents global attention over the full image, leading to fragmented feature representations and limited contextual reasoning. We propose OV-Stitcher, a training-free framework that addresses this limitation by stitching fragmented sub-image features directly within the final encoder block. By reconstructing attention representations from fragmented sub-image features, OV-Stitcher enables global attention within the final encoder block, producing coherent context aggregation and spatially consistent, semantically aligned segmentation maps. Extensive evaluations across eight benchmarks demonstrate that OV-Stitcher establishes a scalable and effective solution for open-vocabulary segmentation, achieving a notable improvement in mean Intersection over Union(mIoU) from 48.7 to 50.7 compared with prior training-free baselines.
Updated: 2026-04-09 11:28:43
标题: OV-Stitcher:一种全局上下文感知的无需训练的开放词汇语义分割框架
摘要: 最近,无需训练的开放词汇语义分割(TF-OVSS)因利用大型视觉和视觉语言模型的预训练知识执行密集预测而受到关注,无需额外训练。然而,由于这些预训练编码器的有限输入分辨率,现有的TF-OVSS方法通常采用滑动窗口策略,独立处理裁剪的子图像。虽然对于处理高分辨率输入有效,但这种方法阻止了对整个图像的全局关注,导致片段特征表示和有限的语境推理。我们提出了OV-Stitcher,这是一个无需训练的框架,通过直接在最终编码器块中拼接片段化的子图像特征来解决这一限制。通过从片段化的子图像特征重建关注表示,OV-Stitcher使最终编码器块内实现全局关注,产生连贯的上下文聚合和空间一致、语义对齐的分割地图。在八个基准测试中进行的广泛评估表明,与先前的无需训练基线相比,OV-Stitcher建立了一个可扩展且有效的开放词汇分割解决方案,将平均交集联合(mIoU)从48.7提高到50.7。
更新时间: 2026-04-09 11:28:43
领域: cs.CV,cs.AI,cs.LG
Approximately Equivariant Recurrent Generative Models for Quasi-Periodic Time Series with a Progressive Training Scheme
We present a simple yet effective generative model for time series, based on a Recurrent Variational Autoencoder that we refer to as AEQ-RVAE-ST. Recurrent layers often struggle with unstable optimization and poor convergence when modeling long sequences. To address these limitations, we introduce a training scheme that subsequently increases the sequence length, stabilizing optimization and enabling consistent learning over extended horizons. By composing known components into a recurrent, approximately time-shift-equivariant topology, our model introduces an inductive bias that aligns with the structure of quasi-periodic and nearly stationary time series. Across several benchmark datasets, AEQ-RVAE-ST matches or surpasses state-of-the-art generative models, particularly on quasi-periodic data, while remaining competitive on more irregular signals. Performance is evaluated through ELBO, Fréchet Distance, discriminative metrics, and visualizations of the learned latent embeddings.
Updated: 2026-04-09 11:20:33
标题: 近似等变循环生成模型用于具有渐进训练方案的准周期时间序列
摘要: 我们提出了一种简单但有效的用于时间序列的生成模型,基于一种我们称为AEQ-RVAE-ST的循环变分自动编码器。循环层在建模长序列时经常面临不稳定的优化和收敛性差的问题。为了解决这些限制,我们引入了一种训练方案,逐步增加序列长度,稳定优化并使学习在扩展的时间范围内保持一致。通过将已知组件组合成一个循环的、近似时间平移等变的拓扑结构,我们的模型引入了一个归纳偏差,与准周期性和几乎平稳的时间序列的结构保持一致。在几个基准数据集上,AEQ-RVAE-ST在准周期数据上与或超越了最先进的生成模型,同时在更不规则的信号上保持竞争力。通过ELBO、Fréchet距离、区分性指标以及学习潜在嵌入的可视化来评估性能。
更新时间: 2026-04-09 11:20:33
领域: cs.LG
DeepForestSound: a multi-species automatic detector for passive acoustic monitoring in African tropical forests, a case study in Kibale National Park
Passive Acoustic Monitoring (PAM) is widely used for biodiversity assessment. Its application in African tropical forests is limited by scarce annotated data, reducing the performance of general-purpose ecoacoustic models on underrepresented taxa. In this study, we introduce DeepForestSound (DFS), a multi-species automatic detection model designed for PAM in African tropical forests. DFS relies on a semi-supervised pipeline combining clustering of unannotated recordings with manual validation, followed by supervised fine-tuning of an Audio Spectrogram Transformer (AST) using low-rank adaptation, which is compared to a frozen-backbone linear baseline (DFS-Linear). The framework supports the detection of multiple taxonomic groups, including birds, primates, and elephants, from long-term acoustic recordings. DFS was trained on acoustic data collected in the Sebitoli area, in Kibale National Park, Uganda, and evaluated on an independent dataset recorded two years later at different locations within the same forest. This evaluation therefore assesses generalization across time and recording sites within a single tropical forest ecosystem. Across 8 out of 12 taxons, DFS outperforms existing automatic detection tools, particularly for non-avian taxa, achieving average AP values of 0.964 for primates and 0.961 for elephants. Results further show that LoRA-based fine-tuning substantially outperforms linear probing across taxa. Overall, these results demonstrate that task-oriented, region-specific training substantially improves detection performance in acoustically complex tropical environments, and highlight the potential of DFS as a practical tool for biodiversity monitoring and conservation in African rainforests.
Updated: 2026-04-09 11:02:37
标题: DeepForestSound: 一种适用于非洲热带森林被动声学监测的多物种自动检测器,以基巴莱国家公园为例研究
摘要: 被动声学监测(PAM)被广泛用于生物多样性评估。在非洲热带森林中,其应用受到稀缺的已注释数据的限制,降低了普通用途生态声学模型在代表性不足的分类群上的性能。在本研究中,我们介绍了DeepForestSound(DFS),这是一个专为非洲热带森林中PAM设计的多物种自动检测模型。DFS依赖于一个半监督管道,结合了未注释录音的聚类和手动验证,然后通过低秩适应对音频谱图变换器(AST)进行监督微调,与一个冻结骨干的线性基线(DFS-Linear)进行比较。该框架支持从长期声学记录中检测多个分类群,包括鸟类、灵长类动物和大象。DFS在乌干达基巴莱国家公园Sebitoli地区收集的声学数据上进行了训练,并在两年后在同一森林中不同位置记录的独立数据集上进行了评估。因此,该评估评估了在同一热带森林生态系统内跨时间和记录地点的泛化能力。在12个分类群中的8个中,DFS的表现优于现有的自动检测工具,特别是对于非鸟类分类群,达到了0.964的灵长类动物和0.961的大象的平均AP值。结果进一步显示,基于LoRA的微调在各分类群中明显优于线性探测。总的来说,这些结果表明,任务定向的、区域特定的训练大大提高了在声学复杂的热带环境中的检测性能,并突出了DFS作为非洲雨林生物多样性监测和保护的实用工具的潜力。
更新时间: 2026-04-09 11:02:37
领域: cs.SD,cs.LG
From Classical Machine Learning to Tabular Foundation Models: An Empirical Investigation of Robustness and Scalability Under Class Imbalance in Emergency and Critical Care
Millions of patients pass through emergency departments and intensive care units each year, where clinicians must make high-stakes decisions under time pressure and uncertainty. Machine learning could support these decisions by predicting deterioration, guiding triage, and identifying rare but serious outcomes. Yet clinical tabular data are often highly imbalanced, biasing models toward majority classes. Building methods that are robust to imbalance and efficient enough for deployment remains a practical challenge. We investigated seven model families on imbalanced tabular data from MIMIC-IV-ED and eICU: Decision Tree, Random Forest, XGBoost, TabNet, TabResNet, TabICL, and TabPFN v2.6. TabResNet was designed as a lightweight alternative to TabNet. Models were evaluated using weighted F1-score, robustness to increasing imbalance, and computational scalability across seven prediction tasks. Performance varied by dataset. On MIMIC-IV-ED, TabPFN v2.6 and TabICL achieved the strongest average weighted F1 ranks, with XGBoost and TabResNet remaining competitive. On eICU, XGBoost performed best overall, followed by other tree-based methods, while foundation models ranked in the middle. TabNet showed the steepest performance decline as imbalance increased and the highest computational cost. TabResNet consistently outperformed TabNet, but did not surpass the best ensemble models. Classical and tree-based methods scaled most favourably with dataset size, while foundation models achieved low per-task cost through their inference-based paradigm. No single model family dominated across both datasets and tasks. However, tabular foundation models showed promise by combining competitive performance at low computational cost. If this efficiency generalizes to broader clinical settings, it could help lower the barrier to adaptive decision support in resource-constrained environments.
Updated: 2026-04-09 10:48:16
标题: 从经典机器学习到表格基础模型:应急与重症护理中类别不平衡下鲁棒性和可扩展性的实证研究
摘要: 数百万患者每年都会经过急诊科和重症监护室,在那里临床医生必须在时间紧迫和不确定性的情况下做出高风险决策。机器学习可以通过预测恶化、指导分诊和识别罕见但严重的结果来支持这些决策。然而,临床表格数据通常存在严重的不平衡,使模型偏向多数类别。构建对不平衡稳健且足够高效以供部署的方法仍然是一个实际挑战。 我们在来自MIMIC-IV-ED和eICU的不平衡表格数据上研究了七个模型系列:决策树、随机森林、XGBoost、TabNet、TabResNet、TabICL和TabPFN v2.6。TabResNet被设计为TabNet的轻量级替代品。模型是通过加权F1分数、对不平衡的稳健性以及在七个预测任务中的计算可扩展性进行评估的。 性能因数据集而异。在MIMIC-IV-ED上,TabPFN v2.6和TabICL取得了最强的平均加权F1排名,而XGBoost和TabResNet仍然具有竞争力。在eICU上,XGBoost整体表现最佳,其后是其他基于树的方法,而基础模型排名中等。TabNet在不平衡增加时表现下降最为明显,并且具有最高的计算成本。TabResNet始终优于TabNet,但没有超过最佳集成模型。经典和基于树的方法在数据集大小方面表现最好,而基础模型通过其基于推理的范式实现了低的每项任务成本。 没有单一模型系列在两个数据集和任务中都占主导地位。然而,表格基础模型显示出潜力,即在低计算成本下实现竞争性表现。如果这种效率可以推广到更广泛的临床环境中,它可以帮助降低在资源受限环境中自适应决策支持的门槛。
更新时间: 2026-04-09 10:48:16
领域: cs.LG,cs.CV
Understanding Task Transfer in Vision-Language Models
Vision-Language Models (VLMs) perform well on multimodal benchmarks but lag behind humans and specialized models on visual perception tasks like depth estimation or object counting. Finetuning on one task can unpredictably affect performance on others, making task-specific finetuning challenging. In this paper, we address this challenge through a systematic study of task transferability. We examine how finetuning a VLM on one perception task affects its zero-shot performance on others. We introduce Perfection Gap Factor (PGF), a normalized metric that measures change in performance as a result of task transfer. We utilize PGF to compute Task Transferability, which captures both the breadth and the magnitude of transfer induced by a source task. Using three open-weight VLMs evaluated across 13 perception tasks, we construct a task transfer graph that reveals previously unobserved relationships among perception tasks. Our analysis uncovers patterns of positive and negative transfer, identifies groups of tasks that mutually influence each other, organizes tasks into personas based on their transfer behavior and demonstrates how PGF can guide data selection for more efficient training. These findings highlight both opportunities for positive transfer and risks of negative interference, offering actionable guidance for advancing VLMs.
Updated: 2026-04-09 10:41:06
标题: 理解视觉-语言模型中的任务迁移
摘要: 视觉语言模型(VLMs)在多模态基准测试中表现良好,但在深度估计或对象计数等视觉感知任务上落后于人类和专门模型。在一个任务上进行微调可能会不可预测地影响其他任务的性能,使得任务特定的微调具有挑战性。在本文中,我们通过对任务可转移性进行系统研究来解决这一挑战。我们研究了在一个感知任务上微调VLM如何影响其对其他任务的零样本性能。我们引入了Perfection Gap Factor(PGF),这是一个标准化的度量,用于衡量由于任务转移而导致的性能变化。我们利用PGF来计算任务可转移性,它既捕捉了源任务引起的转移的广度,也捕捉了转移的幅度。使用在13个感知任务上评估的三个开放权重的VLMs,我们构建了一个任务转移图,揭示了感知任务之间以前未观察到的关系。我们的分析揭示了正向转移和负面干扰的模式,确定了相互影响的任务组,根据其转移行为将任务组织成人物,并展示了PGF如何指导数据选择以实现更高效的训练。这些发现突显了正向转移的机会和负面干扰的风险,为推进VLMs提供了可操作的指导。
更新时间: 2026-04-09 10:41:06
领域: cs.CV,cs.LG
Multimodal Latent Reasoning via Predictive Embeddings
Tool-augmented multimodal reasoning enables visual language models (VLMs) to improve perception by interacting with external tools (e.g., cropping, depth estimation). However, such approaches incur substantial inference overhead, require specialized supervision, and are prone to erroneous tool calls. We propose Pearl (Predictive Embedding Alignment for Reasoning in Latent space), a JEPA-inspired framework that learns from expert tool-use trajectories entirely in the latent space, eliminating the need for explicit tool invocation at inference time. Unlike reconstruction-based latent reasoning methods, which autoregressively generate latent tokens and suffer from training-inference mismatch and limited support for multi-step tool use, Pearl directly learns predictive embeddings from multimodal trajectories while preserving the standard vision-language generation pipeline: it is model-agnostic, simple to train, and naturally supports trajectories with multiple tool calls. Experiments across multiple perception benchmarks show that Pearl matches or outperforms standard supervised fine-tuning and reconstruction-based latent reasoning approaches. Furthermore, we provide empirical evidence that reconstruction-based methods primarily learn embeddings rather than image edits in latent space, motivating predictive embedding learning as a more principled alternative.
Updated: 2026-04-09 10:27:32
标题: 多模态潜在推理基于预测嵌入
摘要: 工具增强的多模态推理使视觉语言模型(VLMs)能够通过与外部工具(例如裁剪、深度估计)的交互来改善感知。然而,这种方法会产生大量的推理开销,需要专门的监督,并且容易出现错误的工具调用。我们提出了一种受JEPA启发的框架Pearl(Predictive Embedding Alignment for Reasoning in Latent space),它完全在潜在空间中学习专家工具使用轨迹,消除了推理时显式工具调用的需求。与基于重建的潜在推理方法不同,后者会自回归生成潜在标记,并且在训练推理不匹配和对多步工具使用的支持有限方面存在问题,Pearl直接从多模态轨迹中学习预测嵌入,同时保留标准的视觉语言生成管道:它是模型无关的,易于训练,并自然地支持具有多次工具调用的轨迹。跨多个感知基准的实验表明,Pearl与标准监督微调和基于重建的潜在推理方法相匹配或优于其表现。此外,我们提供了实证证据表明,基于重建的方法主要学习嵌入而不是潜在空间中的图像编辑,这促使预测嵌入学习成为更具原则性的替代方案。
更新时间: 2026-04-09 10:27:32
领域: cs.LG
Prompt reinforcing for long-term planning of large language models
Large language models (LLMs) have achieved remarkable success in a wide range of natural language processing tasks and can be adapted through prompting. However, they remain suboptimal in multi-turn interactions, often relying on incorrect early assumptions and failing to track user goals over time, which makes such tasks particularly challenging. Prior works in dialogue systems have shown that long-term planning is essential for handling interactive tasks. In this work, we propose a prompt optimisation framework inspired by reinforcement learning, which enables such planning to take place by only modifying the task instruction prompt of the LLM-based agent. By generating turn-by-turn feedback and leveraging experience replay for prompt rewriting, our proposed method shows significant improvement in multi-turn tasks such as text-to-SQL and task-oriented dialogue. Moreover, it generalises across different LLM-based agents and can leverage diverse LLMs as meta-prompting agents. This warrants future research in reinforcement learning-inspired parameter-free optimisation methods.
Updated: 2026-04-09 10:26:48
标题: 大语言模型长期规划的即时强化
摘要: 大型语言模型(LLMs)在各种自然语言处理任务中取得了显著成功,并且可以通过提示进行适应。然而,在多轮交互中它们仍然不够优化,通常依赖于错误的早期假设,并且无法随着时间跟踪用户目标,这使得这些任务特别具有挑战性。在对话系统中的先前研究表明,长期规划对于处理交互式任务至关重要。在本研究中,我们提出了一个受强化学习启发的提示优化框架,通过仅修改基于LLM的代理的任务指令提示,使这种规划得以实现。通过生成逐轮反馈并利用经验重放进行提示重写,我们提出的方法在文本到SQL和面向任务的对话等多轮任务中显示出显著改进。此外,它可以跨不同基于LLM的代理进行泛化,并且可以利用多样的LLMs作为元提示代理。这为未来在受强化学习启发的无参数优化方法方面的研究提供了保证。
更新时间: 2026-04-09 10:26:48
领域: cs.CL,cs.LG
ReCellTy: Domain-Specific Knowledge Graph Retrieval-Augmented LLMs Reasoning Workflow for Single-Cell Annotation
With the rapid development of large language models (LLMs), their application to cell type annotation has drawn increasing attention. However, general-purpose LLMs often face limitations in this specific task due to the lack of guidance from external domain knowledge. To enable more accurate and fully automated cell type annotation, we develop a globally connected knowledge graph comprising 18850 biological information nodes, including cell types, gene markers, features, and other related entities, along with 48,944 edges connecting these nodes, which is used by LLMs to retrieve entities associated with differential genes for cell reconstruction. Additionally, a multi-task reasoning workflow is designed to optimise the annotation process. Compared to general-purpose LLMs, our method improves human evaluation scores by up to 0.21 and semantic similarity by 6.1% across multiple tissue types, while more closely aligning with the cognitive logic of manual annotation. Meanwhile, it narrows the performance gap between large and small LLMs in cell type annotation, offering a paradigm for structured knowledge integration and reasoning in bioinformatics.
Updated: 2026-04-09 10:08:45
标题: ReCellTy:领域特定知识图检索增强的LLMs推理工作流用于单细胞注释
摘要: 随着大型语言模型(LLMs)的快速发展,它们在细胞类型注释方面的应用引起了越来越多的关注。然而,通用的LLMs在这一特定任务中往往面临限制,因为缺乏外部领域知识的指导。为了实现更准确和完全自动化的细胞类型注释,我们开发了一个全局连接的知识图,包括18850个生物信息节点,包括细胞类型、基因标记、特征和其他相关实体,以及连接这些节点的48944条边,LLMs用于检索与差异基因相关的实体以进行细胞重建。此外,设计了一个多任务推理工作流程来优化注释过程。与通用的LLMs相比,我们的方法提高了多种组织类型的人类评估分数最多0.21,并提高了6.1%的语义相似性,同时更加符合手动注释的认知逻辑。同时,它缩小了大型和小型LLMs在细胞类型注释方面的性能差距,为生物信息学中的结构化知识整合和推理提供了一个范例。
更新时间: 2026-04-09 10:08:45
领域: cs.CL,cs.AI,cs.DB,cs.LG
Automating aggregation strategy selection in federated learning
Federated Learning enables collaborative model training without centralising data, but its effectiveness varies with the selection of the aggregation strategy. This choice is non-trivial, as performance varies widely across datasets, heterogeneity levels, and compute constraints. We present an end-to-end framework that automates, streamlines, and adapts aggregation strategy selection for federated learning. The framework operates in two modes: a single-trial mode, where large language models infer suitable strategies from user-provided or automatically detected data characteristics, and a multi-trial mode, where a lightweight genetic search efficiently explores alternatives under constrained budgets. Extensive experiments across diverse datasets show that our approach enhances robustness and generalisation under non-IID conditions while reducing the need for manual intervention. Overall, this work advances towards accessible and adaptive federated learning by automating one of its most critical design decisions, the choice of an aggregation strategy.
Updated: 2026-04-09 10:08:28
标题: 《在联邦学习中自动选择聚合策略》
摘要: 联邦学习使协作模型训练不需要集中数据,但其有效性取决于聚合策略的选择。这个选择并不轻松,因为性能在数据集、异质性水平和计算约束方面变化很大。我们提出了一个端到端框架,自动化、简化和调整了联邦学习的聚合策略选择。该框架有两种模式:单次试验模式,其中大型语言模型从用户提供或自动检测到的数据特征中推断出合适的策略,以及多次试验模式,其中轻量级的遗传搜索有效地探索受限预算下的替代方案。在各种数据集上进行的大量实验表明,我们的方法增强了在非独立同分布条件下的稳健性和泛化能力,同时减少了手动干预的需求。总的来说,这项工作通过自动化其中一个最关键的设计决策——聚合策略的选择,推动了向可访问和自适应的联邦学习迈进。
更新时间: 2026-04-09 10:08:28
领域: cs.LG
Efficient Provably Secure Linguistic Steganography via Range Coding
Linguistic steganography involves embedding secret messages within seemingly innocuous texts to enable covert communication. Provable security, which is a long-standing goal and key motivation, has been extended to language-model-based steganography. Previous provably secure approaches have achieved perfect imperceptibility, measured by zero Kullback-Leibler (KL) divergence, but at the expense of embedding capacity. In this paper, we attempt to directly use a classic entropy coding method (range coding) to achieve secure steganography, and then propose an efficient and provably secure linguistic steganographic method with a rotation mechanism. Experiments across various language models show that our method achieves around 100% entropy utilization (embedding efficiency) for embedding capacity, outperforming the existing baseline methods. Moreover, it achieves high embedding speeds (up to 1554.66 bits/s on GPT-2). The code is available at github.com/ryehr/RRC_steganography.
Updated: 2026-04-09 10:00:53
标题: 高效可证明安全的基于区域编码的语言隐写术
摘要: 语言隐写术涉及将秘密消息嵌入看似无害的文本中,以实现隐蔽通信。可证明安全性是一个长期的目标和主要动机,已经扩展到基于语言模型的隐写术。先前的可证明安全方法已经实现了完美的不可察觉性,通过零Kullback-Leibler(KL)散度来衡量,但以嵌入容量为代价。在本文中,我们尝试直接使用经典的熵编码方法(区域编码)来实现安全的隐写术,然后提出一种具有旋转机制的高效且可证明安全的语言隐写术方法。通过对各种语言模型的实验表明,我们的方法实现了约100%的熵利用率(嵌入效率)用于嵌入容量,优于现有的基准方法。此外,它实现了高速度的嵌入(在GPT-2上达到1554.66位/秒)。代码可在 github.com/ryehr/RRC_steganography 上找到。
更新时间: 2026-04-09 10:00:53
领域: cs.CL,cs.CR
Physics-Informed Neural Networks for Joint Source and Parameter Estimation in Advection-Diffusion Equations
Recent studies have demonstrated the success of deep learning in solving forward and inverse problems in engineering and scientific computing domains, such as physics-informed neural networks (PINNs). Source inversion problems under sparse measurements for parabolic partial differential equations (PDEs) are particularly challenging to solve using PINNs, due to their severe ill-posedness and the multiple unknowns involved including the source function and the PDE parameters. Although the neural tangent kernel (NTK) of PINNs has been widely used in forward problems involving a single neural network, its extension to inverse problems involving multiple neural networks remains less explored. In this work, we propose a weighted adaptive approach based on the NTK of PINNS including multiple separate networks representing the solution, the unknown source, and the PDE parameters. The key idea behind our methodology is to simultaneously solve the joint recovery of the solution, the source function along with the unknown parameters thereby using the underlying partial differential equation as a constraint that couples multiple unknown functional parameters, leading to more efficient use of the limited information in the measurements. We apply our method on the advection-diffusion equation and we present various 2D and 3D numerical experiments using different types of measurements data that reflect practical engineering systems. Our proposed method is successful in estimating the unknown source function, the velocity and diffusion parameters as well as recovering the solution of the equation, while remaining robust to additional noise in the measurements.
Updated: 2026-04-09 09:56:09
标题: 物理信息神经网络用于对对流-扩散方程中的源和参数进行联合估计
摘要: 最近的研究表明,深度学习在工程和科学计算领域中解决正向和反向问题的成功,如物理信息神经网络(PINNs)。对于带有稀疏测量的抛物型偏微分方程(PDEs)的源反演问题尤其具有挑战性,使用PINNs解决这些问题由于其严重的不适定性以及涉及的多个未知量,包括源函数和PDE参数。尽管PINNs的神经切向核(NTK)在涉及单个神经网络的正向问题中被广泛使用,但它在涉及多个神经网络的反向问题中的扩展仍未得到充分探讨。在这项工作中,我们提出了一种基于包括多个独立网络的PINNS的NTK的加权自适应方法,这些网络代表了解决方案、未知源和PDE参数。我们方法的关键思想是同时解决解决方案的联合恢复、源函数以及未知参数,从而利用偏微分方程作为约束,耦合多个未知的函数参数,更有效地利用测量中的有限信息。我们将我们的方法应用于对流扩散方程,并使用不同类型的测量数据进行各种二维和三维数值实验,反映实际工程系统。我们提出的方法成功估计了未知源函数、速度和扩散参数,并恢复了方程的解,同时对测量中的额外噪声具有鲁棒性。
更新时间: 2026-04-09 09:56:09
领域: stat.ML,cs.LG
PrivFedTalk: Privacy-Aware Federated Diffusion with Identity-Stable Adapters for Personalized Talking-Head Generation
Talking-head generation has advanced rapidly with diffusion-based generative models, but training usually depends on centralized face-video and speech datasets, raising major privacy concerns. The problem is more acute for personalized talking-head generation, where identity-specific data are highly sensitive and often cannot be pooled across users or devices. PrivFedTalk is presented as a privacy-aware federated framework for personalized talking-head generation that combines conditional latent diffusion with parameter-efficient identity adaptation. A shared diffusion backbone is trained across clients, while each client learns lightweight LoRA identity adapters from local private audio-visual data, avoiding raw data sharing and reducing communication cost. To address heterogeneous client distributions, Identity-Stable Federated Aggregation (ISFA) weights client updates using privacy-safe scalar reliability signals computed from on-device identity consistency and temporal stability estimates. Temporal-Denoising Consistency (TDC) regularization is introduced to reduce inter-frame drift, flicker, and identity drift during federated denoising. To limit update-side privacy risk, secure aggregation and client-level differential privacy are applied to adapter updates. The implementation supports both low-memory GPU execution and multi-GPU client-parallel training on heterogeneous shared hardware. Comparative experiments on the present setup across multiple training and aggregation conditions with PrivFedTalk, FedAvg, and FedProx show stable federated optimization and successful end-to-end training and evaluation under constrained resources. The results support the feasibility of privacy-aware personalized talking-head training in federated environments, while suggesting that stronger component-wise, privacy-utility, and qualitative claims need further standardized evaluation.
Updated: 2026-04-09 09:41:30
标题: PrivFedTalk:具有身份稳定适配器的隐私感知联合扩散,用于个性化的说话头生成
摘要: Talking-head generation technology has advanced quickly thanks to diffusion-based generative models, but the training process typically relies on centralized face-video and speech datasets, which raises significant privacy concerns. This issue becomes even more critical for personalized talking-head generation, as identity-specific data is extremely sensitive and cannot be shared across users or devices. In response to these challenges, PrivFedTalk introduces a privacy-aware federated framework for personalized talking-head generation. This framework combines conditional latent diffusion with parameter-efficient identity adaptation, allowing for the training of a shared diffusion backbone across clients while enabling each client to learn lightweight LoRA identity adapters from their own private audio-visual data. This approach avoids the need for sharing raw data and reduces communication costs. To address variations in client distributions, PrivFedTalk employs Identity-Stable Federated Aggregation (ISFA) to weight client updates using privacy-safe scalar reliability signals derived from on-device identity consistency and temporal stability estimates. Additionally, Temporal-Denoising Consistency (TDC) regularization is introduced to minimize inter-frame drift, flicker, and identity drift during federated denoising. To mitigate privacy risks on the update side, secure aggregation and client-level differential privacy measures are implemented for adapter updates. The implementation also supports both low-memory GPU execution and multi-GPU client-parallel training on heterogeneous shared hardware. Comparative experiments using PrivFedTalk, FedAvg, and FedProx under various training and aggregation conditions demonstrate stable federated optimization and successful end-to-end training and evaluation with limited resources. These results indicate the potential for privacy-aware personalized talking-head training in federated environments, while also highlighting the need for standardized evaluation of component-wise, privacy-utility, and qualitative claims.
更新时间: 2026-04-09 09:41:30
领域: cs.CR,cs.AI,cs.CV,cs.LG
xDup: Privacy-Preserving Deduplication for Humanitarian Organizations using Fuzzy PSI
Humanitarian organizations help to ensure people's livelihoods in crisis situations. Typically, multiple organizations operate in the same region. To ensure that the limited budget of these organizations can help as many people as possible, organizations perform cross-organizational deduplication to detect duplicate registrations and ensure recipients receive aid from at most one organization. Current deduplication approaches risk privacy harm to vulnerable aid recipients by sharing their data with other organizations. We analyzed the needs of humanitarian organizations to identify the requirements for privacy-friendly cross-organizational deduplication fit for real-life humanitarian missions. We present xDup, a new practical deduplication system that meets the requirements of humanitarian organizations and is two orders of magnitude faster than current solutions. xDup builds on Fuzzy PSI, and we present otFPSI, a concretely efficient Fuzzy PSI protocol for Hamming Space without input assumptions. We show that it is more efficient than existing Fuzzy PSI protocols.
Updated: 2026-04-09 09:18:05
标题: xDup: 使用模糊PSI进行人道主义组织的隐私保护数据去重
摘要: 人道主义组织在危机情况下帮助确保人们的生计。通常,多个组织在同一地区运作。为了确保这些组织有限的预算可以帮助尽可能多的人,组织进行跨组织去重,以检测重复注册,并确保受助者最多从一个组织获得援助。当前的去重方法存在风险,可能会向其他组织共享受援者的数据,对弱势受援者造成隐私损害。我们分析了人道主义组织的需求,确定了适合现实人道主义任务的隐私友好的跨组织去重的要求。我们提出了xDup,一个新的实用去重系统,满足人道主义组织的需求,并且比当前解决方案快两个数量级。xDup建立在模糊PSI的基础上,我们提出了otFPSI,一个在汉明空间中没有输入假设的具体高效的模糊PSI协议。我们展示了它比现有的模糊PSI协议更高效。
更新时间: 2026-04-09 09:18:05
领域: cs.CR
Blockchain and AI: Securing Intelligent Networks for the Future
Blockchain and artificial intelligence (AI) are increasingly proposed together for securing intelligent networks, but the literature remains fragmented across ledger design, AI-driven detection, cyber-physical applications, and emerging agentic workflows. This paper synthesizes the area through three reusable contributions: (i) a taxonomy of blockchain-AI security for intelligent networks, (ii) integration patterns for verifiable and adaptive security workflows, and (iii) the Blockchain-AI Security Evaluation Blueprint (BASE), a reporting checklist spanning AI quality, ledger behavior, end-to-end service levels, privacy, energy, and reproducibility. The paper also maps the evidence landscape across IoT, critical infrastructure, smart grids, transportation, and healthcare, showing that the conceptual fit is strong but real-world evidence remains uneven and often prototype-heavy. The synthesis clarifies where blockchain contributes provenance, trust, and auditability, where AI contributes detection, adaptation, and orchestration, and where future work should focus on interoperable interfaces, privacy-preserving analytics, bounded agentic automation, and open cross-domain benchmarks. The paper is intended as a reference for researchers and practitioners designing secure, transparent, and resilient intelligent networks.
Updated: 2026-04-09 08:31:16
标题: 区块链和人工智能:确保未来智能网络的安全
摘要: 区块链和人工智能(AI)越来越被提议结合在一起,用于保护智能网络,但文献仍然在账本设计、基于AI的检测、网络物理应用和新兴代理工作流程方面存在碎片化。本文通过三个可重复使用的贡献综合了这一领域:(i)智能网络区块链-AI安全的分类法,(ii)可验证和适应性安全工作流程的集成模式,以及(iii)区块链-AI安全评估蓝图(BASE),一个涵盖AI质量、账本行为、端到端服务水平、隐私、能源和可再现性的报告检查表。该论文还在物联网、关键基础设施、智能电网、交通和医疗保健领域绘制了证据格局,显示概念契合度强,但现实世界的证据仍然不平衡,往往是以原型为主。综合分析阐明了区块链在何处提供溯源、信任和可审计性,AI在何处提供检测、适应和编排,未来的工作应该关注互操作接口、保护隐私的分析、有界代理自动化和开放跨领域基准。本文旨在成为研究人员和从业者设计安全、透明和弹性智能网络的参考。
更新时间: 2026-04-09 08:31:16
领域: cs.CR,cs.AI
Robustness via Referencing: Defending against Prompt Injection Attacks by Referencing the Executed Instruction
Large language models (LLMs) have demonstrated impressive performance and have come to dominate the field of natural language processing (NLP) across various tasks. However, due to their strong instruction-following capabilities and inability to distinguish between instructions and data content, LLMs are vulnerable to prompt injection attacks. These attacks manipulate LLMs into deviating from the original input instructions and executing maliciously injected instructions within data content, such as web documents retrieved from search engines. Existing defense methods, including prompt-engineering and fine-tuning approaches, typically instruct models to follow the original input instructions while suppressing their tendencies to execute injected instructions. However, our experiments reveal that suppressing instruction-following tendencies is challenging. Through analyzing failure cases, we observe that although LLMs tend to respond to any recognized instructions, they are aware of which specific instructions they are executing and can correctly reference them within the original prompt. Motivated by these findings, we propose a novel defense method that leverages, rather than suppresses, the instruction-following abilities of LLMs. Our approach prompts LLMs to generate responses that include both answers and their corresponding instruction references. Based on these references, we filter out answers not associated with the original input instructions. Comprehensive experiments demonstrate that our method outperforms prompt-engineering baselines and achieves performance comparable to fine-tuning methods, reducing the attack success rate (ASR) to 0 percent in some scenarios. Moreover, our approach has minimal impact on overall utility.
Updated: 2026-04-09 06:57:42
标题: 通过引用实现鲁棒性:通过引用执行的指令防御提示注入攻击
摘要: 大型语言模型(LLM)展示了令人印象深刻的性能,并已经成为自然语言处理(NLP)领域的主导力量,涵盖各种任务。然而,由于它们强大的指令遵循能力以及无法区分指令和数据内容,LLM容易受到提示注入攻击的影响。这些攻击会导致LLM偏离原始输入指令,并在数据内容中执行恶意注入的指令,比如从搜索引擎检索的网页文档。现有的防御方法,包括提示工程和微调方法,通常指导模型遵循原始输入指令,同时抑制它们执行注入指令的倾向。然而,我们的实验表明,抑制遵循指令的倾向是具有挑战性的。通过分析失败案例,我们观察到,虽然LLM倾向于响应任何识别的指令,但它们知道自己正在执行哪些具体的指令,并且可以在原始提示中正确引用它们。基于这些发现,我们提出了一种新颖的防御方法,利用而不是抑制LLM的指令遵循能力。我们的方法促使LLM生成包含答案和相应指令引用的响应。基于这些引用,我们过滤掉与原始输入指令无关的答案。全面的实验表明,我们的方法优于提示工程基线,并实现了与微调方法相当的性能,将攻击成功率(ASR)在某些场景下降至0%。此外,我们的方法对整体效用的影响很小。
更新时间: 2026-04-09 06:57:42
领域: cs.CR
A Hardware-Anchored Privacy Middleware for PII Sharing Across Heterogeneous Embedded Consumer Devices
The rapid expansion of the Internet of Things (IoT) and smart home ecosystems has led to a fragmented landscape of user data management across consumer electronics (CE) such as Smart TVs, gaming consoles, and set-top boxes. Current onboarding processes on these devices are characterized by high friction due to manual data entry and opaque data-sharing practices. This paper introduces the User Data Sharing System (UDSS), a platform-agnostic framework designed to facilitate secure, privacy-first PII (Personally Identifiable Information) exchange between device platforms and third-party applications. Our system implements a Contextual Scope Enforcement (CSE) mechanism that programmatically restricts data exposure based on user intent - specifically distinguishing between Sign-In and Sign-Up workflows. Unlike cloud-anchored identity standards such as FIDO2/WebAuthn, UDSS is designed for shared, device-centric CE environments where persistent user-to-device binding cannot be assumed. We further propose a tiered access model that balances developer needs with regulatory compliance (GDPR/CCPA). A proof-of-concept implementation on a reference ARMv8 Linux-based middleware demonstrates that UDSS reduces user onboarding latency by 65% and measurably reduces PII over-exposure risk through protocol-enforced data minimization. This framework provides a standardized approach to identity management in the heterogeneous CE market.
Updated: 2026-04-09 05:40:55
标题: 一个硬件锚定的个人身份信息隐私中间件,用于在异构嵌入式消费设备之间共享PII
摘要: 物联网(IoT)和智能家居生态系统的迅速扩张导致了消费电子产品(CE)领域用户数据管理的碎片化格局,如智能电视、游戏机和机顶盒。这些设备上当前的入网流程以手动数据输入和不透明的数据共享惯例为特征,因此摩擦力较大。本文介绍了用户数据共享系统(UDSS),这是一个平台无关的框架,旨在促进设备平台和第三方应用之间安全、以隐私为先的PII(个人可识别信息)交换。我们的系统实施了一种上下文范围强制(CSE)机制,根据用户意图以编程方式限制数据曝光,特别是区分登录和注册工作流。与基于云的身份标准(如FIDO2/WebAuthn)不同,UDSS旨在用于共享的、以设备为中心的CE环境,其中不能假定持续的用户到设备绑定。我们进一步提出了一个分层访问模型,平衡了开发者需求和法规遵从(GDPR/CCPA)。在一个基于参考ARMv8 Linux中间件的概念验证实现中,证明了UDSS将用户入网延迟降低了65%,并通过协议强制数据最小化显著减少了PII过度暴露风险。该框架为异构CE市场提供了标准化的身份管理方法。
更新时间: 2026-04-09 05:40:55
领域: cs.CR,cs.HC,cs.OS
Are GUI Agents Focused Enough? Automated Distraction via Semantic-level UI Element Injection
Existing red-teaming studies on GUI agents have important limitations. Adversarial perturbations typically require white-box access, which is unavailable for commercial systems, while prompt injection is increasingly mitigated by stronger safety alignment. To study robustness under a more practical threat model, we propose Semantic-level UI Element Injection, a red-teaming setting that overlays safety-aligned and harmless UI elements onto screenshots to misdirect the agent's visual grounding. Our method uses a modular Editor-Overlapper-Victim pipeline and an iterative search procedure that samples multiple candidate edits, keeps the best cumulative overlay, and adapts future prompt strategies based on previous failures. Across five victim models, our optimized attacks improve attack success rate by up to 4.4x over random injection on the strongest victims. Moreover, elements optimized on one source model transfer effectively to other target models, indicating model-agnostic vulnerabilities. After the first successful attack, the victim still clicks the attacker-controlled element in more than 15% of later independent trials, versus below 1% for random injection, showing that the injected element acts as a persistent attractor rather than simple visual clutter.
Updated: 2026-04-09 05:32:34
标题: GUI代理是否足够专注?通过语义级UI元素注入自动分散注意力
摘要: 现有的关于GUI代理的红队研究存在重要局限性。敌对扰动通常需要白盒访问权限,这对于商业系统是不可用的,而即时注入越来越受到更强的安全对准的限制。为了研究在更实际的威胁模型下的鲁棒性,我们提出了语义级别的UI元素注入,这是一个红队设置,通过在屏幕截图上覆盖安全对准和无害的UI元素,来误导代理的视觉基础。我们的方法使用了一个模块化的编辑器-重叠器-受害者管道和一个迭代搜索过程,该过程对多个候选编辑进行采样,保留最佳的叠加效果,并根据先前的失败来调整未来的提示策略。在五个受害者模型中,我们的优化攻击使攻击成功率比对最强受害者的随机注入提高了最多4.4倍。此外,优化在一个源模型上的元素有效地转移到其他目标模型,表明模型不可知的漏洞。在第一次成功攻击之后,受害者在后续独立试验中仍然点击攻击者控制的元素超过15%,而对于随机注入则低于1%,这表明注入的元素作为持久的吸引者而不仅仅是简单的视觉混乱。
更新时间: 2026-04-09 05:32:34
领域: cs.CR,cs.CL,cs.CV
BRASP: Boolean Range Queries over Encrypted Spatial Data with Access and Search Pattern Privacy
Searchable Encryption (SE) enables users to query outsourced encrypted data while preserving data confidentiality. However, most efficient schemes still leak the search pattern and access pattern, which may allow an honest-but-curious cloud server to infer query contents, user interests, or returned records from repeated searches and observed results. Existing pattern-hiding solutions mainly target keyword queries and do not naturally support Boolean range queries over encrypted spatial data. This paper presents BRASP, a searchable encryption scheme for Boolean range queries over encrypted spatial data. BRASP combines Hilbert-curve-based prefix encoding with encrypted prefix--ID and keyword--ID inverted indexes to support efficient spatial range filtering and conjunctive keyword matching. To hide the search pattern and access pattern under a dual-server setting, BRASP integrates index shuffling for encrypted keyword and prefix entries with ID-field redistribution across two non-colluding cloud servers. BRASP also supports dynamic updates and achieves forward security. We formalize the security of BRASP through confidentiality, shuffle indistinguishability, query unforgeability, and forward-security analyses, and we evaluate its performance experimentally on a real-world dataset. The results show that BRASP effectively protects query privacy while incurring relatively low computation and communication overhead. To facilitate reproducibility and further research, the source code of BRASP is publicly available at https://github.com/Egbert-Lannister/BRASP
Updated: 2026-04-09 04:50:25
标题: BRASP:加密空间数据上的布尔范围查询,具有访问和搜索模式隐私
摘要: 可搜索加密(SE)使用户能够查询外包的加密数据,同时保持数据的保密性。然而,大多数高效的方案仍然会泄漏搜索模式和访问模式,这可能会让一个诚实但好奇的云服务器从重复搜索和观察结果中推断查询内容、用户兴趣或返回的记录。现有的模式隐藏解决方案主要针对关键字查询,并不自然地支持加密空间数据上的布尔范围查询。本文提出了BRASP,一种用于加密空间数据上的布尔范围查询的可搜索加密方案。BRASP将基于希尔伯特曲线的前缀编码与加密前缀-ID和关键字-ID倒排索引结合起来,以支持高效的空间范围过滤和并且关键字匹配。为了在双服务器设置下隐藏搜索模式和访问模式,BRASP将加密关键字和前缀条目的索引随机化,同时在两个不合谋的云服务器上重新分配ID字段。BRASP还支持动态更新并实现前向安全性。我们通过保密性、洗牌不可区分性、查询不可伪造性和前向安全性分析对BRASP的安全性进行了形式化,通过在真实数据集上实验评估其性能。结果表明,BRASP有效地保护了查询隐私,同时带来相对较低的计算和通信开销。为了促进可复制性和进一步研究,BRASP的源代码可以在https://github.com/Egbert-Lannister/BRASP 上公开获取。
更新时间: 2026-04-09 04:50:25
领域: cs.CR
The Defense Trilemma: Why Prompt Injection Defense Wrappers Fail?
We prove that no continuous, utility-preserving wrapper defense-a function $D: X\to X$ that preprocesses inputs before the model sees them-can make all outputs strictly safe for a language model with connected prompt space, and we characterize exactly where every such defense must fail. We establish three results under successively stronger hypotheses: boundary fixation-the defense must leave some threshold-level inputs unchanged; an $ε$-robust constraint-under Lipschitz regularity, a positive-measure band around fixed boundary points remains near-threshold; and a persistent unsafe region under a transversality condition, a positive-measure subset of inputs remains strictly unsafe. These constitute a defense trilemma: continuity, utility preservation, and completeness cannot coexist. We prove parallel discrete results requiring no topology, and extend to multi-turn interactions, stochastic defenses, and capacity-parity settings. The results do not preclude training-time alignment, architectural changes, or defenses that sacrifice utility. The full theory is mechanically verified in Lean 4 and validated empirically on three LLMs.
Updated: 2026-04-09 04:46:14
标题: 防御三难:为什么即时注入防御包失败?
摘要: 我们证明,没有连续的、保留效用的包装器防御——一个将输入预处理后再让模型看到它们的函数$D: X\to X$,可以使所有输出对于具有连通提示空间的语言模型严格安全,并且我们准确定义了每个这样的防御必定失败的地方。我们在逐渐增强的假设下建立了三个结果:边界固定——防御必须使一些阈值级别的输入保持不变;一个$ε$-稳健约束——在Lipschitz正则性下,固定边界点周围的一个正测度带区域保持接近阈值;以及在横向条件下的持续不安全区域,一个正测度的输入子集保持严格不安全。这构成了一个防御三难问题:连续性、效用保留和完整性不能共存。我们证明了不需要拓扑的并行离散结果,并扩展到多轮互动、随机防御和容量奇偶设置。这些结果并不排除训练时对齐、架构更改或牺牲效用的防御。完整的理论在Lean 4中进行了机械验证,并在三个LLM上进行了经验验证。
更新时间: 2026-04-09 04:46:14
领域: cs.CR,cs.AI
ACIArena: Toward Unified Evaluation for Agent Cascading Injection
Collaboration and information sharing empower Multi-Agent Systems (MAS) but also introduce a critical security risk known as Agent Cascading Injection (ACI). In such attacks, a compromised agent exploits inter-agent trust to propagate malicious instructions, causing cascading failures across the system. However, existing studies consider only limited attack strategies and simplified MAS settings, limiting their generalizability and comprehensive evaluation. To bridge this gap, we introduce ACIArena, a unified framework for evaluating the robustness of MAS. ACIArena offers systematic evaluation suites spanning multiple attack surfaces (i.e., external inputs, agent profiles, inter-agent messages) and attack objectives (i.e., instruction hijacking, task disruption, information exfiltration). Specifically, ACIArena establishes a unified specification that jointly supports MAS construction and attack-defense modules. It covers six widely used MAS implementations and provides a benchmark of 1,356 test cases for systematically evaluating MAS robustness. Our benchmarking results show that evaluating MAS robustness solely through topology is insufficient; robust MAS require deliberate role design and controlled interaction patterns. Moreover, defenses developed in simplified environments often fail to transfer to real-world settings; narrowly scoped defenses may even introduce new vulnerabilities. ACIArena aims to provide a solid foundation for advancing deeper exploration of MAS design principles.
Updated: 2026-04-09 04:03:13
标题: ACIArena:面向智能体级联注入统一评估
摘要: 合作和信息共享增强了多Agent系统(MAS)的功能,但也引入了一个被称为Agent级联注入(ACI)的关键安全风险。在这种攻击中,一个受损的Agent利用Agent之间的信任来传播恶意指令,导致系统中的级联故障。然而,现有研究仅考虑了有限的攻击策略和简化的MAS设置,限制了它们的泛化性和全面评估。为了弥合这一差距,我们引入了ACIArena,这是一个评估MAS稳健性的统一框架。ACIArena提供了系统化的评估套件,涵盖了多个攻击面(即外部输入,Agent配置文件,Agent之间的消息)和攻击目标(即指令劫持,任务中断,信息外泄)。具体来说,ACIArena建立了一个统一的规范,同时支持MAS构建和攻击防御模块。它涵盖了六种广泛使用的MAS实现,并提供了1,356个测试用例的基准,用于系统评估MAS的稳健性。我们的基准结果表明,仅通过拓扑评估MAS的稳健性是不够的;稳健的MAS需要有意识的角色设计和受控的交互模式。此外,在简化环境中开发的防御措施往往无法转移到现实世界的环境;狭义的防御甚至可能引入新的漏洞。ACIArena旨在为深入探讨MAS设计原则提供坚实基础。
更新时间: 2026-04-09 04:03:13
领域: cs.AI,cs.CL,cs.CR
Anamorphic Encryption with CCA Security: A Standard Model Construction
Anamorphic encryption serves as a vital tool for covert communication, maintaining secrecy even during post-compromise scenarios. Particularly in the receiver-anamorphic setting, a user can shield hidden messages even when coerced into surrendering their secret keys. However, a major bottleneck in existing research is the reliance on CPA-security, leaving the construction of a generic, CCA-secure anamorphic scheme in the standard model as a persistent open challenge. To bridge this gap, we formalize the Anamorphic Key Encapsulation Mechanism (AKEM), encompassing both Public-Key (PKAKEM) and Symmetric-Key (SKAKEM) variants. We propose generic constructions for these primitives, which can be instantiated using any KEM that facilitates randomness recovery. Notably, our framework achieves strong IND-CCA (sIND-CCA) security for the covert channel. We provide a rigorous formal proof in the standard model, demonstrating resilience against a "dictator" who controls the decapsulation key. The security of our approach is anchored in the injective property of the base KEM, which ensures a unique mapping between ciphertexts and randomness. By integrating anamorphism into the KEM-DEM paradigm, our work significantly enhances the practical utility of covert channels within modern cryptographic infrastructures.
Updated: 2026-04-09 03:49:41
标题: 具有CCA安全性的变形加密:标准模型构建
摘要: 向形变加密是隐秘通信的重要工具,即使在被妥协后的情况下也能保持保密性。特别是在接收者-形变设置中,用户可以保护隐藏的消息,即使被迫交出他们的秘密密钥。然而,现有研究中的一个主要瓶颈是依赖于CPA安全性,使得在标准模型中构建通用的、CCA安全的形变方案成为一个持续的挑战。为了弥合这一差距,我们形式化了Anamorphic Key Encapsulation Mechanism (AKEM),包括公钥(PKAKEM)和对称密钥(SKAKEM)变种。我们提出了这些基元的通用构造,可以使用任何支持随机恢复的KEM来实例化。值得注意的是,我们的框架实现了对隐秘通道的强IND-CCA(sIND-CCA)安全性。我们在标准模型中提供了严格的形式化证明,证明了我们的方法对控制解封密钥的“独裁者”具有抵抗力。我们的方法的安全性根植于基本KEM的注入性质,这确保了密文和随机性之间的唯一映射。通过将形变融入KEM-DEM范式中,我们的工作显著增强了现代密码基础设施中隐秘通道的实用性。
更新时间: 2026-04-09 03:49:41
领域: cs.CR
Auditing Black-Box LLM APIs with a Rank-Based Uniformity Test
As API access becomes a primary interface to large language models (LLMs), users often interact with black-box systems that offer little transparency into the deployed model. To reduce costs or maliciously alter model behaviors, API providers may discreetly serve quantized or fine-tuned variants, which can degrade performance and compromise safety. Detecting such substitutions is difficult, as users lack access to model weights and, in most cases, even output logits. To tackle this problem, we propose a rank-based uniformity test that can verify the behavioral equality of a black-box LLM to a locally deployed authentic model. Our method is accurate, query-efficient, and avoids detectable query patterns, making it robust to adversarial providers that reroute or mix responses upon the detection of testing attempts. We evaluate the approach across diverse threat scenarios, including quantization, harmful fine-tuning, jailbreak prompts, and full model substitution, showing that it consistently achieves superior statistical power over prior methods under constrained query budgets.
Updated: 2026-04-09 03:34:55
标题: 使用基于排名的一致性测试对黑盒LLM API进行审计
摘要: 随着API访问成为大型语言模型(LLMs)的主要接口,用户通常与提供很少透明度的黑匣子系统进行交互,这些系统难以了解部署的模型。为了降低成本或恶意地改变模型行为,API提供者可能会悄悄地提供量化或微调的变体,这可能会降低性能并损害安全性。检测这种替换是困难的,因为用户无法访问模型权重,在大多数情况下甚至无法访问输出logits。为了解决这个问题,我们提出了一种基于排名的均匀性测试方法,可以验证黑匣子LLM与本地部署的真实模型之间的行为相等。我们的方法准确、查询效率高,并且避免可检测的查询模式,使其对于在检测测试尝试时重定向或混合响应的对抗性提供者具有鲁棒性。我们评估了这种方法在各种威胁场景下的表现,包括量化、有害微调、越狱提示和完全模型替换,结果表明在受限的查询预算下,它始终比先前方法具有更高的统计功效。
更新时间: 2026-04-09 03:34:55
领域: cs.CR,cs.AI,cs.CL
The Art of (Mis)alignment: How Fine-Tuning Methods Effectively Misalign and Realign LLMs in Post-Training
The deployment of large language models (LLMs) raises significant ethical and safety concerns. While LLM alignment techniques are adopted to improve model safety and trustworthiness, adversaries can exploit these techniques to undermine safety for malicious purposes, resulting in \emph{misalignment}. Misaligned LLMs may be published on open platforms to magnify harm. To address this, additional safety alignment, referred to as \emph{realignment}, is necessary before deploying untrusted third-party LLMs. This study explores the efficacy of fine-tuning methods in terms of misalignment, realignment, and the effects of their interplay. By evaluating four Supervised Fine-Tuning (SFT) and two Preference Fine-Tuning (PFT) methods across four popular safety-aligned LLMs, we reveal a mechanism asymmetry between attack and defense. While Odds Ratio Preference Optimization (ORPO) is most effective for misalignment, Direct Preference Optimization (DPO) excels in realignment, albeit at the expense of model utility. Additionally, we identify model-specific resistance, residual effects of multi-round adversarial dynamics, and other noteworthy findings. These findings highlight the need for robust safeguards and customized safety alignment strategies to mitigate potential risks in the deployment of LLMs. Our code is available at https://github.com/zhangrui4041/The-Art-of-Mis-alignment.
Updated: 2026-04-09 03:20:29
标题: 《错位的艺术:如何有效地通过微调方法使LLMs错位和重新对齐在后期培训中》
摘要: 大语言模型(LLMs)的部署引发了重大的伦理和安全问题。虽然LLM对齐技术被采用来改善模型的安全性和可信度,但对手可以利用这些技术来破坏安全性以达到恶意目的,导致\emph {错位}。错位的LLMs可能会在开放平台上发布,以放大伤害。为了解决这个问题,在部署不受信任的第三方LLMs之前,需要额外的安全对齐,称为\emph {重新对齐}。本研究探讨了微调方法在错位、重新对齐以及它们相互作用的效果。通过评估四种监督微调(SFT)和两种偏好微调(PFT)方法跨越四种流行的安全对齐LLMs,我们揭示了攻击和防御之间的机制不对称。虽然赔率比偏好优化(ORPO)对错位最有效,但直接偏好优化(DPO)在重新对齐方面表现出色,尽管以牺牲模型效用为代价。此外,我们还发现了模型特定的抵抗力,多轮对抗动态的剩余效应以及其他值得注意的发现。这些发现突显了在部署LLMs时需要强大的保障措施和定制的安全对齐策略,以减轻潜在风险。我们的代码可在https://github.com/zhangrui4041/The-Art-of-Mis-alignment上找到。
更新时间: 2026-04-09 03:20:29
领域: cs.CR,cs.CL
TrajGuard: Streaming Hidden-state Trajectory Detection for Decoding-time Jailbreak Defense
Existing jailbreak defense paradigms primarily rely on static detection of prompts, outputs, or internal states, often neglecting the dynamic evolution of risk during decoding. This oversight leaves risk signals embedded in decoding trajectories underutilized, constituting a critical blind spot in current defense systems. In this work, we empirically demonstrate that hidden states in critical layers during the decoding phase carry stronger and more stable risk signals than input jailbreak prompts. Specifically, the hidden representations of tokens generated during jailbreak attempts progressively approach high-risk regions in the latent space. Based on this observation, we propose TrajGuard, a training-free, decoding-time defense framework. TrajGuard aggregates hidden-state trajectories via a sliding window to quantify risk in real time, triggering a lightweight semantic adjudication only when risk within a local window persistently exceeds a threshold. This mechanism enables the immediate interruption or constraint of subsequent decoding. Extensive experiments across 12 jailbreak attacks and various open-source LLMs show that TrajGuard achieves an average defense rate of 95%. Furthermore, it reduces detection latency to 5.2 ms/token while maintaining a false positive rate below 1.5%. These results confirm that hidden-state trajectories during decoding can effectively support real-time jailbreak detection, highlighting a promising direction for defenses without model modification.
Updated: 2026-04-09 02:22:44
标题: TrajGuard:用于解码时越狱防御的流式隐藏状态轨迹检测
摘要: 现有的越狱防御范式主要依赖于对提示、输出或内部状态的静态检测,通常忽视了解码过程中风险动态演变。这一疏忽导致了嵌入在解码轨迹中的风险信号被低效利用,构成了当前防御系统中的一个关键盲点。在这项工作中,我们经验性地证明了在解码阶段的关键层中隐藏状态携带比输入越狱提示更强更稳定的风险信号。具体而言,越狱尝试期间生成的令牌的隐藏表示逐渐接近潜在空间中的高风险区域。基于这一观察,我们提出了TrajGuard,一个无需训练、解码时的防御框架。TrajGuard通过滑动窗口聚合隐藏状态轨迹以实时量化风险,在本地窗口内的风险持续超过阈值时触发轻量级的语义裁决。这一机制使得能够立即中断或约束后续的解码。通过对12种越狱攻击和各种开源LLM的广泛实验,我们发现TrajGuard实现了95%的平均防御率。此外,它将检测延迟降低到每个令牌5.2毫秒,同时保持误报率低于1.5%。这些结果证实了解码过程中的隐藏状态轨迹可以有效支持实时的越狱检测,突显了无需对模型进行修改的防御方向的潜力。
更新时间: 2026-04-09 02:22:44
领域: cs.CR,cs.AI
One Shot Dominance: Knowledge Poisoning Attack on Retrieval-Augmented Generation Systems
Large Language Models (LLMs) enhanced with Retrieval-Augmented Generation (RAG) have shown improved performance in generating accurate responses. However, the dependence on external knowledge bases introduces potential security vulnerabilities, particularly when these knowledge bases are publicly accessible and modifiable. While previous studies have exposed knowledge poisoning risks in RAG systems, existing attack methods suffer from critical limitations: they either require injecting multiple poisoned documents (resulting in poor stealthiness) or can only function effectively on simplistic queries (limiting real-world applicability). This paper reveals a more realistic knowledge poisoning attack against RAG systems that achieves successful attacks by poisoning only a single document while remaining effective for complex multi-hop questions involving complex relationships between multiple elements. Our proposed AuthChain address three challenges to ensure the poisoned documents are reliably retrieved and trusted by the LLM, even against large knowledge bases and LLM's own knowledge. Extensive experiments across six popular LLMs demonstrate that AuthChain achieves significantly higher attack success rates while maintaining superior stealthiness against RAG defense mechanisms compared to state-of-the-art baselines.
Updated: 2026-04-09 01:58:59
标题: 一次制胜:对检索增强生成系统的知识中毒攻击
摘要: 使用检索增强生成(RAG)技术增强的大型语言模型(LLMs)已经显示出在生成准确响应方面的性能提升。然而,对外部知识库的依赖引入了潜在的安全漏洞,特别是当这些知识库是公开可访问和可修改的时。尽管先前的研究已经暴露了RAG系统中的知识中毒风险,但现有的攻击方法存在关键限制:它们要么需要注入多个中毒文档(导致隐蔽性较差),要么只能在简单查询上有效(限制了实际应用性)。本文揭示了针对RAG系统的更加现实的知识中毒攻击,通过仅中毒一个文档就能成功攻击,并且在涉及多个元素之间复杂关系的复杂多跳问题中仍然有效。我们提出的AuthChain解决了三个挑战,以确保中毒文档被可靠地检索和信任,即使在大型知识库和LLM自身知识的情况下也是如此。通过对六种流行的LLMs进行广泛实验,证明AuthChain在攻击成功率方面显著高于最先进的基线,并在与RAG防御机制相比保持卓越的隐蔽性。
更新时间: 2026-04-09 01:58:59
领域: cs.CR,cs.AI
Know Thy Enemy: Securing LLMs Against Prompt Injection via Diverse Data Synthesis and Instruction-Level Chain-of-Thought Learning
Large language model (LLM)-integrated applications have become increasingly prevalent, yet face critical security vulnerabilities from prompt injection (PI) attacks. Defending against PI attacks faces two major issues: malicious instructions can be injected through diverse vectors, and injected instructions often lack clear semantic boundaries from the surrounding context, making them difficult to identify. To address these issues, we propose InstruCoT, a model enhancement method for PI defense that synthesizes diverse training data and employs instruction-level chain-of-thought fine-tuning, enabling LLMs to effectively identify and reject malicious instructions regardless of their source or position in the context. We evaluate InstruCoT across three critical dimensions: Behavior Deviation, Privacy Leakage, and Harmful Output. Experimental results across four LLMs demonstrate that InstruCoT significantly outperforms baselines in all dimensions while maintaining utility performance without degradation
Updated: 2026-04-09 01:50:47
标题: 了解你的敌人:通过多样化数据合成和指令级思维链学习来保护LLMs免受即时注入攻击
摘要: 大型语言模型(LLM)集成应用变得越来越普遍,但面临来自提示注入(PI)攻击的关键安全漏洞。防御PI攻击面临两个主要问题:恶意指令可以通过不同的向量注入,并且注入的指令往往缺乏与周围上下文的清晰语义边界,使它们难以识别。为了解决这些问题,我们提出了InstruCoT,这是一种用于PI防御的模型增强方法,它合成了多样化的训练数据,并采用了指令级的思维链微调,使LLM能够有效地识别和拒绝恶意指令,无论其来源或位置在上下文中的位置如何。我们在三个关键维度上评估了InstruCoT:行为偏差、隐私泄漏和有害输出。在四个LLM上的实验结果表明,InstruCoT在所有维度上明显优于基线,同时保持了实用性能而没有下降。
更新时间: 2026-04-09 01:50:47
领域: cs.AI,cs.CR
Invisible to Humans, Triggered by Agents: Stealthy Jailbreak Attacks on Mobile Vision-Language Agents
Large Vision-Language Models (LVLMs) empower autonomous mobile agents, yet their security under realistic mobile deployment constraints remains underexplored. While agents are vulnerable to visual prompt injections, stealthily executing such attacks without requiring system-level privileges remains challenging, as existing methods rely on persistent visual manipulations that are noticeable to users. We uncover a consistent discrepancy between human and agent interactions: automated agents generate near-zero contact touch signals. Building on this insight, we propose a new attack paradigm, agent-only perceptual injection, where malicious content is exposed only during agent interactions, while remaining not readily perceived by human users. To accommodate mobile UI constraints and one-shot interaction settings, we introduce HG-IDA*, an efficient one-shot optimization method for constructing jailbreak prompts that evade LVLM safety filters. Experiments demonstrate that our approach induces unauthorized cross-app actions, achieving 82.5% planning and 75.0% execution hijack rates on GPT-4o. Our findings highlight a previously underexplored attack surface in mobile agent systems and underscore the need for defenses that incorporate interaction-level signals.
Updated: 2026-04-09 01:41:48
标题: 人类看不见,由代理触发:对移动视觉语言代理的隐蔽越狱攻击
摘要: 大型视觉语言模型(LVLMs)赋予自主移动代理能力,然而在现实移动部署约束下的安全性仍未得到充分探讨。尽管代理容易受到视觉提示注入的攻击,但在不需要系统级权限的情况下悄悄执行这些攻击仍具有挑战性,因为现有方法依赖于用户可察觉的持久性视觉操作。我们揭示了人类与代理交互之间的一致性差异:自动代理生成几乎不产生接触触摸信号。基于这一洞察,我们提出了一种新的攻击范式,即仅代理感知注入,其中恶意内容仅在代理交互期间暴露,同时不容易被人类用户察觉。为了适应移动UI约束和一次性交互设置,我们引入了HG-IDA*,一种用于构建逃避LVLM安全过滤器的越狱提示的高效一次性优化方法。实验表明,我们的方法导致了未经授权的跨应用程序操作,实现了在GPT-4o上的82.5%计划和75.0%执行劫持率。我们的研究结果突显了移动代理系统中以前未曾探索的攻击面,并强调了需要结合交互级信号的防御措施。
更新时间: 2026-04-09 01:41:48
领域: cs.CR,cs.AI
AITH: A Post-Quantum Continuous Delegation Protocol for Human-AI Trust Establishment
The rapid deployment of AI agents acting autonomously on behalf of human principals has outpaced the development of cryptographic protocols for establishing, bounding, and revoking human-AI trust relationships. Existing frameworks (TLS, OAuth 2.0, Macaroons) assume deterministic software and cannot address probabilistic AI agents operating continuously within variable trust boundaries. We present AITH (AI Trust Handshake), a post-quantum continuous delegation protocol. AITH introduces: (1) a Continuous Delegation Certificate signed once with ML-DSA-87 (FIPS 204, NIST Level 5), replacing per-operation signing with sub-microsecond boundary checks at 4.7M ops/sec; (2) a six-check Boundary Engine enforcing hard constraints, rate limits, and escalation triggers with zero cryptographic overhead on the critical path; (3) a push-based Revocation Protocol propagating invalidation within one second. A three-tier SHA-256 Responsibility Chain provides tamper-evident audit logging. All five security theorems are machine-verified via Tamarin Prover under the Dolev-Yao model. We validate AITH through five rounds of multi-model adversarial auditing, resolving 12 vulnerabilities across four severity layers. Simulation of 100,000 operations shows 79.5% autonomous execution, 6.1% human escalation, and 14.4% blocked.
Updated: 2026-04-09 01:30:28
标题: AITH:用于人工智能信任建立的后量子连续委托协议
摘要: AI代理人在人类委托人的代表行为方面的快速部署已经超过了建立、限定和撤销人类与AI信任关系的加密协议的发展。现有框架(如TLS、OAuth 2.0、Macaroons)假定确定性软件,无法解决在可变信任边界内连续运行的概率性AI代理人的问题。 我们提出了AITH(AI信任握手),一种后量子连续委托协议。AITH引入了:(1)一种连续委托证书,一次用ML-DSA-87(FIPS 204,NIST Level 5)签名,替代了每次操作签名,速度为每秒4.7M次的亚微秒边界检查;(2)一个六次检查的边界引擎,强制执行严格的约束、速率限制和触发升级,对关键路径没有密码学开销;(3)一种基于推送的撤销协议,在一秒内传播无效。一个三层的SHA-256责任链提供了防篡改的审计日志。所有五个安全性定理都经过了Tamarin Prover在Dolev-Yao模型下的机器验证。 我们通过五轮多模式对抗审计验证了AITH,解决了四个严重程度层次上的12个漏洞。对10万次操作的模拟显示,79.5%是自主执行,6.1%是人类升级,14.4%被阻止。
更新时间: 2026-04-09 01:30:28
领域: cs.CR,cs.AI