transfer learning

view markdown

---

See also notes on causal inference for some close connections.

domain adaptation algorithms

Domain test bed available here, for generalizating to new domains (i.e. performing well on domains that differ from previous seen data)

• Empirical Risk Minimization (ERM, Vapnik, 1998) - standard training
• Invariant Risk Minimization (IRM, Arjovsky et al., 2019) - learns a feature representation such that the optimal linear classifier on top of that representation matches across domains.
• Group Distributionally Robust Optimization (GroupDRO, Sagawa et al., 2020) - ERM + increase importance of domains with larger errors (see also papers from Sugiyama group e.g. 1, 2)
  • Variance Risk Extrapolation (VREx, Krueger et al., 2020) - encourages robustness over affine combinations of training risks, by encouraging strict equality between training risks
• Interdomain Mixup (Mixup, Yan et al., 2020) - ERM on linear interpolations of examples from random pairs of domains + their labels
• Marginal Transfer Learning (MTL, Blanchard et al., 2011-2020) - augment original feature space with feature vector marginal distributions and then treat as a supervised learning problem
• Meta Learning Domain Generalization (MLDG, Li et al., 2017) - use MAML to meta-learn how to generalize across domains
• learning more diverse predictors
  • Representation Self-Challenging (RSC, Huang et al., 2020) - adds dropout-like regularization to important features, forcing model to depend on many features
  • Spectral Decoupling (SD, Pezeshki et al., 2020) - regularization which forces model to learn more predictive features, even when only a few suffice
• embedding prior knowledge
  • Style Agnostic Networks (SagNet, Nam et al., 2020) - penalize style features (assumed to be spurious)
  • Penalizing explanations (Rieger et al. 2020) - penalize spurious features using prior knowledge
• Domain adaptation under structural causal models (chen & buhlmann, 2020)
  • make clearer assumptions for domain adaptation to work
  • introduce CIRM, which works better when both covariates and labels are perturbed in target data
• kernel approach (blanchard, lee & scott, 2011) - find an appropriate RKHS and optimize a regularized empirical risk over the space

domain invariance

key idea: want repr. to be invariant to domain label

• 
• same idea is used to learn fair representations, but domain label is replaced with sensitive attribute
• Domain Adversarial Neural Network (DANN, Ganin et al., 2015)
• Conditional Domain Adversarial Neural Network (CDANN, Li et al., 2018) - variant of DANN matching the conditional distributions across domains, for all labels
• Deep CORAL (CORAL, Sun and Saenko, 2016) - match mean / covariance of feature distrs
• Maximum Mean Discrepancy (MMD, Li et al., 2018)
• adversarial discriminative domain adaptation (ADDA tzeng et al. 2017)
• balancing with importance weighting

test-time adaptation

• test-time adaptation
  • test-time augmentation
  • batch normalization (AdaBN)

  • label shift estimation (BBSE) - $p(y)$ shifts but $P(x

    y)$ does not

  • rotation prediction (sun et al. 2020)
  • entropy minimization (test-time entropy minimization, TENT, wang et al. 2020) - optimize for model confidence (entropy of predictions), using only norm. statistics and channel-wise affine transformations
• combining train-time and test-time adaptation
  • Adaptive Risk Minimization (ARM, Zhang et al., 2020) - combines groups at training time + batches at test-time
    • meta-train the model using simulated distribution shifts, which is enabled by the training groups, such that it exhibits strong post-adaptation performance on each shift

adv attacks

• Adversarial Attacks and Defenses in Images, Graphs and Text: A Review (xu et al. 2019)
• attacks
  • Barrage of Random Transforms for Adversarially Robust Defense (raff et al. 2019)
  • DeepFool: a simple and accurate method to fool deep neural networks (Moosavi-Dezfooli et. al 2016)
• defenses
  • a possible defense against adversarial attacks is to solve the anticausal classification problem by modeling the causal generative direction, a method which in vision is referred to as analysis by synthesis (Schott et al., 2019)
• robustness vs accuracy
  • robustness may be at odds with accuracy (tsipiras…madry, 2019)
  • Theoretically Principled Trade-off between Robustness and Accuracy (Zhang, Jordan, et. al. 2019)
• adversarial examples
  • Decision Boundary Analysis of Adversarial Examples (He, Li, & Song 2019)
  • Natural Adversarial Examples (Hendrycks, Zhao, Basart, Steinhardt, & Song 2020)
  • Image-Net-Trained CNNs Are Biased Towards Texture (Geirhos et al. 2019)
• transferability
  • Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples (papernot, mcdaniel, & goodfellow, 2016)
  • Ensemble Adversarial Training: Attacks and Defenses (tramer et al. 2018)
  • Improving Adversarial Robustness via Promoting Ensemble Diversity (pang et al. 2019)
    • encourage diversity in non-maximal predictions
• ranking
  • Automatically Discovering and Learning New Visual Categories with Ranking Statistics