This research addresses the challenge of deploying real-time drinking gesture detection in messy, "in-the-wild" environments. We propose and evaluate two computationally inexpensive systems, one using a Random Forest classifier, another using a 1-Dimensional Convolutional Neural Net (1D-CNN) classifier. Both are trained on 2D skeleton data, or features derived from that solely that data. Tested on the Conflab social interaction dataset, our method is designed to handle sparse labels and significant data occlusion. This study reports on the performance of this light-weight, video-based approach, providing a benchmark for applicability in real-world health and human-computer-interaction applications where privacy and computational efficiency are important factors. Although we were unable to create a robust and reliable classifier (f1 of 0.07 and 0.03 respectively), this work shows that there is potential for future work to succeed (roc-auc’s of 0.63 and 0.55 respectively) and provides critical insights into pitfalls to avoid when designing similar systems.

Rankings are simply orderings given to a set of elements; They are a widely used mathematical object in information retrieval. This creates the need for some means of comparing them. Rank Similarity Measures are used exactly for this. They constitute a large research area where many different such measures are defined. A ranking may possibly contain ties. This in turn raises the question of what these ties represent and how to treat them in the calculation of a measure. The treatment of ties in current theory is approached with the a and b variants of the measures. Both a and b stem from a statistical approach to ties; they consider tied elements to represent uncertainty about their real order in the ranking. There is, however, a different interpretation of what ties could represent, namely that the tied elements really occur at the same place in the ranking, that is, there is no intrinsic order in which they should appear. This has been considered in one of the nonconjoint measures and has been coined the w-variant after Weber et al. In this work, we consider the problem of defining this very variant for a family of three commonly used ranking similarity measures, these being τ defined by Kendall, τ_AP defined by Yilmaz et al., and τ_h defined by Vigna. We approach this problem by establishing what the variant should represent and defining a set of axioms that any definition of w has to follow. Thereafter, we show that there is only one definition which can possibly satisfy these, with a small exception. We show that this definition coincides with the distance considered by Kemeny in 1959. We use this to create a definition of the w-variant for all three of the measures. Likewise, we investigate the behaviour of this new variant in relation to the existing a and b variants. Moreover, we identify the shortcomings of our definition and evaluate it on real world data. Finally, we lay the groundwork for rigorously proving parts of our definition and other measures which may consider ties to represent occurrence at the same rank.

Adaptive retrieval is a technique to overcome the recall limitations of two-stage retrieval pipelines. Adaptive retrieval focuses mainly on effectiveness, but shows potential to improve efficiency. This research focuses on the trade-off between effectiveness and efficiency in adaptive retrieval. We explore the behaviour of neighbourhoods formed by the corpus graph, find that the effectiveness of adaptive retrieval varies across queries, and identify the most effective way to leverage the corpus graph. We investigate the impact of two different scoring mechanisms on the efficiency and effectiveness of an adaptive retrieval pipeline. We observe that score interpolation tends to improve adaptive retrieval's effectiveness, and incorporating an additional cross-encoder stage can lead to further gains. We compare our proposed solutions against several baselines to examine the trade-offs between effectiveness and efficiency. In our setting, we find that adaptive retrieval can improve efficiency at the cost of effectiveness. For our experiments, we introduce a visualisation tool for graph exploration and an adaptive retrieval component for efficient retrieval pipelines.

A central problem in information retrieval (IR) is passage ranking, where the task is to retrieve passages from a corpus and order them in decreasing relevance to an arbitrary search query.
Traditional lexical retrieval methods are susceptible to the vocabulary mismatch problem, where relevant passages are overlooked if they do not contain the exact query terms (e.g., synonyms), despite being semantically relevant.
A recent trend in IR is to address this issue by utilizing neural network models (dense rankers) which embed text sequences into dense vector representations that effectively capture their semantics through complex attention mechanisms.
For efficiency, dense rankers are often employed in a retrieve-and-re-rank setting, where a lexical ranker initially retrieves a subset of candidate passages, which are then reordered more accurately by a dense ranker.

In this thesis, we focus on the task of passage re-ranking.
We employ a dual-encoder architecture as re-ranker that employs a two independent query and document encoders, allowing document embeddings to be pre-computed. Dense query-passage similarity is computed as a dot product between their representations.
We then combine scores from both stages using score interpolation.

We identify query encoding latency as a bottleneck and propose an Average Embedding (AvgEmb) estimator. This novel model can efficiently predict an accurate query representation, without requiring any attention-based encoding.
It operates solely on looking up embeddings and computing their weighted average representation.
Our model is distilled from a TCT-ColBERT and achieves 98.6% of its teacher's accuracy while being 13.4X more efficient in query latency and 1.6X better in the full interpolated passage re-ranking pipeline on CPU.

Our code is publicly available on https://github.com/BovdBerg/fast-forward-indexes.

Recommender systems play a large role on contemporary music platforms, but they tend to work less well for non-mainstream listeners such as children. Additionally, there is no one strategy to perfectly capture a listener's music preference. As children develop understanding of music in different stages, using features they respond to might make recommendations more accurate. Therefore, this study seeks to investigate the effectiveness of a recommender which utilises matrix factorisation augmented with the musical features of tempo, mode, dynamics and time signature in recommending songs a child user would like. We evaluate the quality of this recommender based on the Factorisation Machine algorithm by comparing it to a non-augmented variant of the same algorithm and similar ones using fewer of the same features. Results show that while adding features improves the quality of recommendations, adding too many or the wrong features diminishes said improvement, although more research is needed in this direction.

Recommender systems play a considerable role in the consumption of music, also for children. Children are easily influenced, inappropriate song lyrics can negatively impact children's behaviour and personality, by teaching inappropriate language or harmful biases. We argue for a need for recommenders to protect children from inappropriate content. Recommender systems should consider what content is and is not well-suited for children. To guide future design and development of recommender systems for children, this research probes the music lyrics of Pop, Rock, Country, Rap, and R&B for inappropriate content. We achieve this by an empirical analysis using four existing algorithms to scan different facets of inappropriate content in the lyrics in a dataset of 37,993 songs from the Genius database. The outcome of this empirical exploration reveals that Rap and R&B are the most inappropriate music genres and advises to be cautious when recommending these genres to children. Results also show that inappropriate content is highly prevalent in music. We address the need for a filter for recommender systems, to filter inappropriate songs for children.

Music recommender systems are increasingly present in our lives, and it is important to keep trying to improve recommendations in order to make them match the users preferences as well as possible. To achieve this, a vast amount of song and user data has to be analysed and taken into account. One of the approaches to do this, includes analyzing different audio features in order to find other songs with similar traits. The majority of the research and data in this sector is focused around adults, with little research surrounding children, which can result in worse recommendations for this demographic. In this paper, the focus is shifted towards children with the purpose of filling that gap. This is achieved by examining the prominence of specific song features among children of different age groups, expanding the knowledge on listening habits of a major demographic. More specifically, the research presented in this paper explores the prominence of various song features, aiming to find a connections between these features and the listening habits of children of specific age ranges from 8-18. This paper’s conclusions will offer potential enhancements, which can improve existing recommender systems by considering findings for their design. These findings will therefore allow for a more tailored experience for children of different age ranges, increasing overall user experience.

Music plays a crucial role in children’s development by helping them express their identity, teaching them to belong to a culture, and developing their cognitive well-being and inner self-worth. Most music nowadays is consumed through online streaming websites like Spotify, which make use of recommendation systems to suggest new tracks. These recommendation algorithms internally make use of user and song features that aid in making predictions. However, as most of the research literature focuses on making recommendations for the adult group, few studies explore what makes the recommended songs appealing to children. In this paper, we perform user modelling techniques on the listening history of the children combined with high-level descriptors of the songs in order to capture their music preferences. By constructing user profiles, we aim to identify the characteristics of music that resonate most with the listener. In our research, we focus on children belonging to the age group of 6-17 years. The goal is to aid
in the design of future recommender systems that operate with greater transparency, allowing the impact of the user choices to be clearly observed by the consumer.

Sample selection bias occurs when the selected samples in a subset of the original data set follow a different distribution than the samples from the original data set. This type of bias in the training set could result in a classifier being unable to predict samples from a testing data set optimally. Domain adaptation techniques try to adapt classifiers to a possible bias in the training or testing set. Subspace mapping techniques specifically do this by trying to find common subspaces between the source and target domain, where the source domain is the domain with all samples used for training, and the target domain is the domain with samples that must be predicted. This project aims to evaluate the effectiveness of two subspace mapping techniques in mitigating sample selection bias. This research assumes that no data samples from a target domain are available, but only unlabelled samples coming from an underlying global domain. The two subspace mapping techniques that will be tested in this paper are subspace alignment (SA) and transfer component analysis (TCA). This paper will show that the subspace alignment method is more effective on data sets with fewer features and where the source and target domains are further away from each other. The transfer component analysis method is more effective when more training samples are available on data sets with fewer features and where the distance between the source and target domain is not too big. The effectiveness of both methods also depends on the type and form of the data sets they are used on.

Importance weighting is a class of domain adaptation techniques for machine learning, which aims to correct the discrepancy in distribution between the train and test datasets, often caused by sample selection bias. In doing so, it frequently uses unlabeled data from the test set. However, this approach has certain drawbacks: it requires retraining for each new test set and fails when the number of test samples is very small. Therefore, we seek to study the performance of importance weighting techniques when the unlabeled data comes from an underlying domain, instead of one specific test set. We propose an evaluation framework inspired from scenarios traditionally known for posing difficulties to importance weighting and apply it to two popular algorithms, KMM and KLIEP. Our results reveal that both algorithms produce statistically significant classification improvements in most experiments. However, their performance is highly dependent on the characteristics of the dataset and the sampling bias. In particular, class overlap seems to influence adaptation ability in the case of unequal conditional probabilities of the source and target domains, while the "intensity" of the sampling bias is an important confounding factor when the train set size is small.

Domain adaptation allows machine learning models to perform well in a domain that is different from the available train data. This non-trivial task is approached in many ways and often relies on assumptions about the source (train) and target (test) domains. Unsupervised domain adaptation uses unlabeled target data to mitigate a shift or bias difference between the domains. Deep domain adaptation (DDA) is a powerful class of these methods, which utilizes deep learning to extract high-level features that are common across the domains and robust against the shift. These algorithms adapt to a specific target domain. This has two possible downsides. Firstly, the model might not generalize and thus require retraining for each new domain. Secondly, obtaining data for the target domain(s) might be difficult. There can be situations where both source and target domains originate from a “global” domain, from which the samples are selected in a biased way. We explore a new application of existing DDA methods and answer the question: How effective is deep domain adaptation when adapting with the global domain, instead of the target domain, in case of sample selection bias?. Results with synthetic data show that where target adaptation works, global adaptation also improves accuracy compared to supervised learning, although to a lesser extent.

The Software Defined Network (SDN) is a relatively new paradigm that aims to tackle the lack of centralization in the existing network by separating the control centre from the programming data plane. The controller keeps an overview of the structure of the whole network, which makes it vulnerable to possible topology poisoning attacks. Topology attacks aim to disrupt the overview of the controller over the structure of the network in order to intercept or disrupt the transfer of the packages over the SDN network. In this paper, a survey on the state-of-the-art on topology attacks is conducted, followed by an analysis of the limitations of the existing solutions, and a comparison between the verification process of each solution and the number of known vulnerabilities are presented. Further, possible future research directions are proposed for improving these solutions and fixing the mentioned limitations and vulnerabilities.

Software-Defined Networks are an exciting network paradigm that brings many advantages to its users. However, its architecture also makes it vulnerable to attacks. Distributed Denial of Service attacks are one of those attacks that can
exploit the weaknesses of an SDN. This paper explains the weaknesses that can be exploited and the consequences of a DDoS attack. State-of-the-art machine learning and statistical solutions to this problem are presented and evaluated. The
limitations of each solution are analysed, and a new system is proposed that eliminates the mentioned flaws.

Software-Defined Networks (SDNs) are a promising new network design paradigm that allows for better control of the network. But as with any new software implementation, there are new security concerns that arise. In the past there have been various papers covering specific side-channel attacks on SDNs; most of them consist of either using time delays in operations to create a covert communication channel between two compromised hosts or using proving packets and their response times to determine the flow rules and configuration of the network.
This paper intents to investigate the impact of different types of side-channel attacks in SDN scenarios. Provide a survey on the state-of-the-art solutions that are proposed to address the side-channel attacks in SDN. Particularly, identifying different ways through which an adversary can launch side-channel attacks, and the different entities and network metrics that are impacted by a specific side-channel attack. Next, identify and survey the solutions available in the state-of-the-art that tackle side-channel attacks. Finally, propose new possible improved solutions to the issue of side-channel attacks in SDNs and future research on the field.
We conclude that current side-channel attacks target the separation control and data planes at the core of the SDN paradigm, by exploiting the response delay created by a centralized logic system in the controller. This as seen can be exploited in two main ways related to the two main attack categories mentioned in this paper: teleportation attacks and recognisance attacks.

A Generative Adversarial Network (GAN) is a deep-learning generative model in the field of Ma- chine Learning (ML) that involves training two Neural Networks (NN) using a sizable data set. In certain fields, such as medicine, the data involved in training may be hospital patient records that are stored across different hospitals. The classic cen- tralized implementation would involve sending the data to a centralized server where the model would be trained. However, that would involve breach- ing the privacy and confidentiality of the patients and their data, and would be unacceptable. There- fore, Federated Learning (FL), a ML technique that trains ML models in a distributed setting without data every leaving the host device, would be a bet- ter alternative to the centralized option. In this ML technique, only parameters and certain meta- data would be communicated. In spite of that, there still exist attacks that can infer user data using the parameters and metadata. A fully privacy preserv- ing solution involves homomorphically encrypting (HE) the data communicated. This paper will focus on the performance loss of training a FL-GAN with three different types of homomorphic encryption: Partial Homomorphic Encryption (PHE), Some- what Homomorphic Encryption (SHE), and Fully Homomorphic Encryption (FHE). We will also test the performance loss of Multi Party Computations (MPC), as it has homomorphic properties. The per- formance will be compared to the performance of training an FL-GAN without encryption. Our ex- periments show that the more complex the encryp- tion method is, the longer it takes, with the extra time taken for HE being quite significant in com- parison to the base case of FL.

Federated learning is an emerging concept in the domain of distributed machine learning. This concept has enabled GANs to benefit from the rich distributed training data while preserving privacy However,in a non-iid setting, current federated GAN architectures are unstable, struggling to learn the distinct features and vulnerable to mode collapse. In this paper, we propose a novel architecture MULTIFLGAN to solve the problem of low-quality images, mode collapse and instability for non-iid datasets. Our results show that MULTI-FLGAN is four times as stable and performant (i.e. high inception score) on average over 20 clients compared to baseline FLGAN.

Federated learning (FL), although a major privacy improvement over centralized learning, is still vulnerable to privacy leaks. The research presented in this paper provides an analysis of the threats to FL Generative Adversarial Networks. Furthermore, an implementation is provided to better protect the data of the participants with Trusted Execution Environments (TEEs), using Intel Software Guard Extensions. Lastly, the viability of it’s use in practice is evaluated and discussed. The results indicate that this approach protects the data, while not affecting the predicting capabilities of the model, with a noticeable but manageable impact on the training duration.

Machine learning has been applied to almost all fields of computer science over the past decades. The introduction of GANs allowed for new possibilities in fields of medical research and text prediction. However, these new fields work with ever more privacy-sensitive data. In order to maintain user privacy, a combination of federated learning, differential privacy and GANs can be used to work with private data without giving away a users' privacy. Recently, two implementations of such combinations have been published: DP-Fed-Avg GAN and GS-WGAN. This paper compares their performance and introduces an alternative version of DP-Fed-Avg GAN that makes use of denoising techniques to combat the loss in accuracy that generally occurs when applying differential privacy and federated learning to GANs. We also compare the novel adaptation of denoised DP-Fed-Avg GAN to the state-of-the-art implementations in this field.

Software Defined Networking (SDN) is a new paradigm that allows for greater reliability and more efficient management compared to traditional networks. However, SDN security is a developing field, and research towards fixing significant security vulnerabilities is still ongoing. One major threat to SDN security are attacks that seek to exploit policy and flow rule enforcement. This paper aims to summarise how these attacks are conducted and the weaknesses they target. Then, state-of-the-art solutions to these weaknesses will be presented, along with their use cases, advantages and disadvantages. Finally, an improvement on the state-of-the-art solutions will be proposed, as well as a potential direction for future research.

Recommender systems usually base their predictions on user-item interaction, a technique known as collaborative filtering. Vendors that utilize collaborative filtering generally exclusively use their own user-item interactions, but the accuracy of the recommendations may improve if several vendors share their data. Since user-item interaction data is typically privacy sensitive, sharing this data poses a privacy challenge for the collaborating vendors. In this work, we study the use of matrix factorization with multiple vendors under a differential privacy guarantee. Since differential privacy incurs a trade-off between privacy and utility, one obstacle is that the utility loss of the privacy-preserving measure may be greater than the utility gain of collaboration. We show that the empirical evaluation of this property in existing work is questionable, and that these works do not solve the problem. We also demonstrate that in a common experiment setup, the upper bound on the utility gain that can be achieved by collaboration is limited, which places a hard limit on the acceptable utility loss due to privacy preservation. This limit is small enough that even the utility loss in the current state of the art in differentially private matrix factorization in general exceeds it. We conclude with a number of open challenges for future work.