Machine learning systems generally assume that the training and testing distributions are
the same. To this end, a key requirement is to develop models that can generalize to unseen …

Modern recommender systems learn user representations from historical interactions, which
suffer from the problem of user feature shifts, such as an income increase. Historical …

State-of-the-art AI models largely lack an understanding of the cause-effect relationship that
governs human understanding of the real world. Consequently, these models do not …

Abstract Adversarial Machine Learning (AML) is emerging as a major field aimed at
protecting Machine Learning (ML) systems against security threats: in certain scenarios …

Conventional supervised learning methods, especially deep ones, are found to be sensitive
to out-of-distribution (OOD) examples, largely because the learned representation mixes the …

The adversarial vulnerability of deep neural networks has attracted significant attention in
machine learning. As causal reasoning has an instinct for modelling distribution change, it is …

Deep learning models have achieved great success in many fields, yet they are vulnerable
to adversarial examples. This paper follows a causal perspective to look into the adversarial …

Several existing works study either adversarial or natural distributional robustness of deep
neural networks separately. In practice, however, models need to enjoy both types of …

GraphSAGE is a widely-used graph neural network for classification, which generates node
embeddings in two steps: sampling and aggregation. In this paper, we introduce causal …

Deep neural networks (DNNs) are recently shown to be vulnerable to backdoor attacks,
where attackers embed hidden backdoors in the DNN model by injecting a few poisoned …