Model Immunization from a Condition Number Perspective

• URL: http://arxiv.org/abs/2505.23760v1
• Date: Thu, 29 May 2025 17:59:48 GMT
• Title: Model Immunization from a Condition Number Perspective
• Authors: Amber Yijia Zheng, Cedar Site Bai, Brian Bullins, Raymond A. Yeh,
• Abstract summary: We propose a framework, based on the condition number of a Hessian matrix, to analyze model immunization for linear models.<n>We design an algorithm with regularization terms to control the resulting condition numbers after pre-training.<n> Empirical results on linear models and non-linear deep-nets demonstrate the effectiveness of the proposed algorithm.
• Score: 14.84123611635938
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Model immunization aims to pre-train models that are difficult to fine-tune on harmful tasks while retaining their utility on other non-harmful tasks. Though prior work has shown empirical evidence for immunizing text-to-image models, the key understanding of when immunization is possible and a precise definition of an immunized model remain unclear. In this work, we propose a framework, based on the condition number of a Hessian matrix, to analyze model immunization for linear models. Building on this framework, we design an algorithm with regularization terms to control the resulting condition numbers after pre-training. Empirical results on linear models and non-linear deep-nets demonstrate the effectiveness of the proposed algorithm on model immunization. The code is available at https://github.com/amberyzheng/model-immunization-cond-num.

Related papers

• Just as Humans Need Vaccines, So Do Models: Model Immunization to Combat Falsehoods [4.6697477379475005]
  Generative AI models often learn and reproduce false information present in their training corpora.<n>This paper argues that AI models should be fine tuned on small, quarantined sets of explicitly labeled falsehoods as a "vaccine" against misinformation.
  arXiv  Detail & Related papers  (2025-05-23T13:20:23Z)
• One-for-More: Continual Diffusion Model for Anomaly Detection [61.12622458367425]
  Anomaly detection methods utilize diffusion models to generate or reconstruct normal samples when given arbitrary anomaly images.<n>Our study found that the diffusion model suffers from severe faithfulness hallucination'' and catastrophic forgetting''<n>We propose a continual diffusion model that uses gradient projection to achieve stable continual learning.
  arXiv  Detail & Related papers  (2025-02-27T07:47:27Z)
• Mesh2SSM++: A Probabilistic Framework for Unsupervised Learning of Statistical Shape Model of Anatomies from Surface Meshes [0.0]
  Mesh2SSM++ is a novel approach that learns to estimate correspondences from meshes in an unsupervised manner.<n>Its ability to operate directly on meshes, combined with computational efficiency and interpretability, makes it an attractive alternative to traditional and deep learning-based SSM approaches.
  arXiv  Detail & Related papers  (2025-02-11T00:19:23Z)
• Multi-concept Model Immunization through Differentiable Model Merging [11.912092139018885]
  Model immunization aims to mitigate the potential risk of misuse associated with open-sourced models.<n>Recent work on model immunization focuses on the single-concept setting.<n>We propose an immunization algorithm that learns a single difficult initialization'' for adaptation methods over a set of concepts.<n>We achieve this by incorporating a differentiable merging layer that combines a set of model weights adapted over multiple concepts.
  arXiv  Detail & Related papers  (2024-12-19T18:59:05Z)
• Shortcomings of Top-Down Randomization-Based Sanity Checks for Evaluations of Deep Neural Network Explanations [67.40641255908443]
  We identify limitations of model-randomization-based sanity checks for the purpose of evaluating explanations. Top-down model randomization preserves scales of forward pass activations with high probability.
  arXiv  Detail & Related papers  (2022-11-22T18:52:38Z)
• On the Generalization and Adaption Performance of Causal Models [99.64022680811281]
  Differentiable causal discovery has proposed to factorize the data generating process into a set of modules. We study the generalization and adaption performance of such modular neural causal models. Our analysis shows that the modular neural causal models outperform other models on both zero and few-shot adaptation in low data regimes.
  arXiv  Detail & Related papers  (2022-06-09T17:12:32Z)
• Unifying Epidemic Models with Mixtures [28.771032745045428]
  The COVID-19 pandemic has emphasized the need for a robust understanding of epidemic models. Here, we introduce a simple mixture-based model which bridges the two approaches. Although the model is non-mechanistic, we show that it arises as the natural outcome of a process based on a networked SIR framework.
  arXiv  Detail & Related papers  (2022-01-07T19:42:05Z)
• Probabilistic Modeling for Human Mesh Recovery [73.11532990173441]
  This paper focuses on the problem of 3D human reconstruction from 2D evidence. We recast the problem as learning a mapping from the input to a distribution of plausible 3D poses.
  arXiv  Detail & Related papers  (2021-08-26T17:55:11Z)
• Firearm Detection via Convolutional Neural Networks: Comparing a Semantic Segmentation Model Against End-to-End Solutions [68.8204255655161]
  Threat detection of weapons and aggressive behavior from live video can be used for rapid detection and prevention of potentially deadly incidents. One way for achieving this is through the use of artificial intelligence and, in particular, machine learning for image analysis. We compare a traditional monolithic end-to-end deep learning model and a previously proposed model based on an ensemble of simpler neural networks detecting fire-weapons via semantic segmentation.
  arXiv  Detail & Related papers  (2020-12-17T15:19:29Z)
• Robustness of Model Predictions under Extension [3.766702945560518]
  A caveat to using models for analysis is that predicted causal effects and conditional independences may not be robust under model extensions. We show how to use the technique of causal ordering to efficiently assess the robustness of qualitative model predictions. For dynamical systems at equilibrium, we demonstrate how novel insights help to select appropriate model extensions.
  arXiv  Detail & Related papers  (2020-12-08T20:21:03Z)
• Generative Temporal Difference Learning for Infinite-Horizon Prediction [101.59882753763888]
  We introduce the $gamma$-model, a predictive model of environment dynamics with an infinite probabilistic horizon. We discuss how its training reflects an inescapable tradeoff between training-time and testing-time compounding errors.
  arXiv  Detail & Related papers  (2020-10-27T17:54:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.