s Vandermonde decomposition, letting us avoid frequency gap assumptions and leading to improved sample complexity bounds. In the special case when $T$ is circulant, we theoretically analyze the performance of our method when combined with sparse Fourier transform algorithms based on random hashing. We also show experimentally that our ultra-sparse rulers give significantly more robust and sample efficient estimation then baseline methods. ","authors":[{"name":"Lawrence Hannah"},{"id":"53f46668dabfaeecd6a0ce98","name":"Li Jerry"},{"id":"562c857945cedb3398c4d6e7","name":"Musco Cameron"},{"id":"562d0a7145cedb3398d37c00","name":"Musco Christopher"}],"doi":"10.1109\u002FICASSP40776.2020.9053026","flags":[{"flag":"affirm_author","person_id":"53f46668dabfaeecd6a0ce98"}],"id":"5dd50ed43a55ac5137617820","num_citation":2,"order":1,"pages":{"end":"4800","start":"4796"},"pdf":"https:\u002F\u002Fstatic.aminer.cn\u002Fstorage\u002Fpdf\u002Farxiv\u002F19\u002F1911\u002F1911.08015.pdf","title":"Low-Rank Toeplitz Matrix Estimation via Random Ultra-Sparse Rulers","urls":["https:\u002F\u002Farxiv.org\u002Fabs\u002F1911.08015","http:\u002F\u002Fdblp.uni-trier.de\u002Fdb\u002Fjournals\u002Fcorr\u002Fcorr1911.html#abs-1911-08015","https:\u002F\u002Fdblp.org\u002Frec\u002Fconf\u002Ficassp\u002FLawrence0MM20","https:\u002F\u002Fdoi.org\u002F10.1109\u002FICASSP40776.2020.9053026"],"venue":{"info":{"name":"ICASSP"},"issue":"","volume":""},"versions":[{"id":"5dd50ed43a55ac5137617820","sid":"1911.08015","src":"arxiv","year":2019},{"id":"5ecbc6279fced0a24b4efcaf","sid":"3016036933","src":"mag","vsid":"1121227772","year":2020},{"id":"5f1c035091e011e91412598f","sid":"conf\u002Ficassp\u002FLawrence0MM20","src":"dblp","vsid":"conf\u002Ficassp","year":2020}],"year":2020},{"abstract":" Machine learning (ML) models deployed in many safety- and business-critical systems are vulnerable to exploitation through adversarial examples. A large body of academic research has thoroughly explored the causes of these blind spots, developed sophisticated algorithms for finding them, and proposed a few promising defenses. A vast majority of these works, however, study standalone neural network models. In this work, we build on our experience evaluating the security of a machine learning software product deployed on a large scale to broaden the conversation to include a systems security view of these vulnerabilities. We describe novel challenges to implementing systems security best practices in software with ML components. In addition, we propose a list of short-term mitigation suggestions that practitioners deploying machine learning modules can use to secure their systems. Finally, we outline directions for new research into machine learning attacks and defenses that can serve to advance the state of ML systems security. ","authors":[{"name":"Ivan Evtimov"},{"name":"Weidong Cui"},{"id":"53f4306fdabfaec09f13af74","name":"Ece Kamar"},{"id":"53f58bfddabfaed376f8045b","name":"Emre Kiciman"},{"id":"53f83336dabfae938c7108d3","name":"Tadayoshi Kohno"},{"id":"53f46668dabfaeecd6a0ce98","name":"Jerry Li"}],"flags":[{"flag":"affirm_author","person_id":"53f46668dabfaeecd6a0ce98"}],"id":"5f0ee0ca91e011ead9665485","num_citation":0,"order":5,"pdf":"https:\u002F\u002Fstatic.aminer.cn\u002Fstorage\u002Fpdf\u002Farxiv\u002F20\u002F2007\u002F2007.07205.pdf","title":"Security and Machine Learning in the Real World","urls":["https:\u002F\u002Farxiv.org\u002Fabs\u002F2007.07205"],"versions":[{"id":"5f0ee0ca91e011ead9665485","sid":"2007.07205","src":"arxiv","year":2020}],"year":2020},{"authors":[{"id":"53f4d474dabfaef346f8064c","name":"Hadi Salman"},{"id":"53f46668dabfaeecd6a0ce98","name":"Jerry Li"},{"name":"Ilya Razenshteyn"},{"id":"5618764e45ce1e596406375e","name":"Pengchuan Zhang"},{"id":"54103de7dabfae92b4267577","name":"Huan Zhang"},{"id":"53f467e4dabfaedf4364c1aa","name":"Sebastien Bubeck"},{"name":"Greg Yang"}],"doi":"","id":"5db92a0747c8f766461fe5e7","num_citation":64,"order":1,"pages":{"end":"11300","start":"11289"},"title":"Provably Robust Deep Learning via Adversarially Trained Smoothed Classifiers","venue":{"info":{"name":"neural information processing systems"},"issue":"","volume":""},"versions":[{"id":"5db92a0747c8f766461fe5e7","sid":"2971109239","src":"mag","vsid":"1127325140","year":2019},{"id":"5e15adcb3a55ac47ab5b0a49","sid":"conf\u002Fnips\u002FSalmanLRZZBY19","src":"dblp","vsid":"conf\u002Fnips","year":2019}],"year":2019},{"abstract":"Recent works have shown the effectiveness of randomized smoothing as a scalable technique for building neural network-based classifiers that are provably robust to l(2)-norm adversarial perturbations. In this paper, we employ adversarial training to improve the performance of randomized smoothing. We design an adapted attack for smoothed classifiers, and we show how this attack can be used in an adversarial training setting to boost the provable robustness of smoothed classifiers. We demonstrate through extensive experimentation that our method consistently outperforms all existing provably l(2)-robust classifiers by a significant margin on ImageNet and CIFAR- 10, establishing the state-of-the-art for provable l(2)-defenses. Moreover, we find that pre-training and semi-supervised learning boost adversarially trained smoothed classifiers even further.","authors":[{"name":"Hadi Salman"},{"id":"562c7df845cedb3398c3b896","name":"Greg Yang"},{"id":"53f46668dabfaeecd6a0ce98","name":"Jerry Li"},{"id":"5618764e45ce1e596406375e","name":"Pengchuan Zhang"},{"id":"54103de7dabfae92b4267577","name":"Huan Zhang"},{"name":"Ilya P. Razenshteyn"},{"name":"Sébastien Bubeck"}],"flags":[{"flag":"affirm_author","person_id":"53f46668dabfaeecd6a0ce98"}],"id":"5d06e482da562926acc4679a","lang":"en","num_citation":91,"order":2,"pdf":"\u002F\u002Fstatic.aminer.cn\u002Fmisc\u002Fpdf\u002FNIPS 2019\u002F9307-provably-robust-deep-learning-via-adversarially-trained-smoothed-classifiers.pdf","title":"Provably Robust Deep Learning via Adversarially Trained Smoothed Classifiers.","urls":["db\u002Fjournals\u002Fcorr\u002Fcorr1906.html#abs-1906-04584","http:\u002F\u002Farxiv.org\u002Fabs\u002F1906.04584","https:\u002F\u002Farxiv.org\u002Fabs\u002F1906.04584","http:\u002F\u002Fwww.webofknowledge.com\u002F"],"venue":{"info":{"name":"ADVANCES IN NEURAL INFORMATION PROCESSING SYSTEMS 32 (NIPS 2019)"},"volume":"32"},"versions":[{"id":"5e8d92909fced0a24b616883","sid":"journals\u002Fcorr\u002Fabs-1906-04584","src":"dblp","vsid":"journals\u002Fcorr","year":2019},{"id":"5d00ceee3a55ac2cf73d2858","sid":"1906.04584","src":"arxiv","year":2019},{"id":"5f817e1ec6c3b86a5061845a","sid":"WOS:000535866902087","src":"wos","vsid":"ADVANCES IN NEURAL INFORMATION PROCESSING SYSTEMS 32 (NIPS 2019)","year":2019}],"year":2019}],"profilePubsTotal":58,"profilePatentsPage":1,"profilePatents":[],"profilePatentsTotal":1,"profilePatentsEnd":true,"profileProjectsPage":0,"profileProjects":null,"profileProjectsTotal":null,"newInfo":null,"checkDelPubs":[]}};