Xi Wu

While combining transduction and rejection offers theoretical promises, prior methods often fail in practical deep learning settings against strong adversarial attacks. This paper bridges this gap by repurposing a reduction technique—originally used to identify vulnerabilities—to construct an effective transductive defense. We demonstrate improved sample complexity for robust generalization and achieve significantly higher robust accuracy (e.g., 81.6% on CIFAR-10) against state-of-the-art attacks like AutoAttack and GMSA.

Foundation models aim for both universality and label efficiency, but these goals often conflict. This work provides a theoretical analysis showing that while diverse pre-training data improves universality, it can dilute task-specific features and increase sample complexity. We propose a contrastive regularization method to navigate this trade-off, validated across multiple real-world datasets.

Modern explanation engines often operate as standalone tools, limiting their interoperability with SQL-based workflows. We propose DIFF, a relational aggregation operator that unifies data explanation with declarative query processing. Deployed in production at companies like Microsoft and Facebook,

Standard models often yield fragile interpretations that are easily manipulated. This work addresses the problem through axiomatic attribution, proposing Robust Attribution Regularization (RAR). By incorporating an IG-based objective \(\min_{\theta} \mathbb{E} [ \mathcal{L}(f_\theta(x), y) + \lambda \Omega(IG(x)) ]\) into training, we unify robust prediction with robust explanation, ensuring that model interpretations remain stable even under adversarial conditions.

Scaling private SGD often involves a trade-off between model accuracy and system overhead. We remedy this disconnect with a novel bolt-on approach using output perturbation. By providing a new analysis of the \(L_2\)-sensitivity of SGD, our algorithm integrates seamlessly into scalable RDBMS-based systems like Bismarck, incurring virtually no overhead while yielding up to 4X better test accuracy.

Proving polynomial lower bounds for kernelization is a central challenge in parameterized complexity. We introduce the framework of weak compositions to derive tight lower bounds for various natural problems, such as \(d\)-Set Cover and Hitting Set. We also strengthen super-polynomial bounds to super-quasi-polynomial ones, linking the existence of efficient kernels to the stability of the exponential hierarchy.

Analytical data naturally lives at multiple granularities, yet SQL's data model has no container that holds multiple relations at different grains as a single composable result. This forces users to either join into one flat table — causing silent fan-out errors — or manage separate tables that do not compose. Grained Relational Algebra (GRA) is a minimal, fully compatible extension to relational algebra designed for multi-grain data analytics. GRA addresses this structural gap by introducing the Grained Relation Space (GRS): a principled, schema-level container that organizes relations by their dimensional footprint rather than ad-hoc table names. Within a GRS, each relation retains its native grain, operators produce a GRS as output (algebraic closure), and grain-aware analysis models (GAMs) encapsulate multi-grain computation as reusable, composable modules. The result is grain safety by design: if a required grain is absent, the system produces an explicit error rather than a silent wrong answer. GRA has been implemented and deployed at Google as a query service, serving hundreds of internal teams at scale.