Di Tang

Di Tang

Associate Professor, SYSU

AI 论文日报(2026-03-23)

Published:

English version: /paper-news/2026-03-23/

运行统计

  • 候选论文: 1223
  • 入选论文: 30
  • 已精读完成: 30
  • 时间窗口 (UTC): 2026-03-20T00:00:00Z → 2026-03-21T00:00:00Z (weekend_backlog_sat, expanded=0)
展开查看用于总结的论文列表
arXiv ID标题 / 链接分类评分入选理由标签
2603.19173SOL-ExecBench: Speed-of-Light Benchmarking for Real-World GPU Kernels Against Hardware Limits
PDF		cs.LG, cs.AI92Benchmark for AI-generated CUDA kernels vs hardware limits; strong, reusable infra for agentic codegen.benchmark, code-generation, GPU, systems, agentic-optimization, evaluation
2603.18449CNT: Safety-oriented Function Reuse across LLMs via Cross-Model Neuron Transfer
PDF		cs.CR, cs.SE92Post-hoc safety function reuse by neuron transfer across LLMs; practical for fast safety updates.LLM-safety, model-editing, neuron-transfer, post-hoc-alignment, modularity
2603.17974Toward Scalable Automated Repository-Level Datasets for Software Vulnerability Detection
PDF		cs.SE, cs.AI90Automated repo-level vuln dataset w/ PoV exploits; strong for training/eval of security agentscybersecurity, vulnerability-detection, benchmarks, agents, exploit-generation, dataset-generation
2603.19229NavTrust: Benchmarking Trustworthiness for Embodied Navigation
PDF		cs.RO, cs.AI, cs.CV, cs.LG, eess.SY90Trustworthiness benchmark for embodied navigation under realistic RGB/depth/instruction corruptionsbenchmark, robustness, embodied-agents, evaluation, distribution-shift
2603.15563The PokeAgent Challenge: Competitive and Long-Context Learning at Scale
PDF		cs.LG, cs.AI90Large-scale long-horizon + partial-observability benchmark for agent decision-making at scalebenchmarks, agents, long-context, planning, multi-agent, evaluation, games
2603.18662Thinking with Constructions: A Benchmark and Policy Optimization for Visual-Text Interleaved Geometric Reasoning
PDF		cs.AI90New multimodal geometry benchmark w/ interleaved visual-text steps + policy optimization for constructionsmultimodal, reasoning, benchmark, geometry, policy-optimization, tool-use
2603.17917Only relative ranks matter in weight-clustered large language models
PDF		cs.LG, cs.CL90Training-free weight clustering shows ranks matter; strong LLM compression with minimal accuracy lossLLM, compression, quantization, weight-clustering, efficiency
2603.18579ICE: Intervention-Consistent Explanation Evaluation with Statistical Grounding for LLMs
PDF		cs.CL, cs.AI, cs.LG90Stronger faithfulness eval with multi-intervention randomization tests + CIs; exposes operator dependence.interpretability, faithfulness, explanations, evaluation, randomization-tests
2603.17266Revisiting Vulnerability Patch Identification on Data in the Wild
PDF		cs.SE, cs.CR88Shows NVD-trained patch detectors fail in-the-wild (up to 90% F1 drop); key eval warningcybersecurity, evaluation, distribution-shift, vulnerability-patches, robustness
2603.18892MultihopSpatial: Multi-hop Compositional Spatial Reasoning Benchmark for Vision-Language Model
PDF		cs.CV, cs.AI88Multi-hop spatial reasoning + grounding metric for VLMs; relevant to VLA agents and robust evaluation.VLM, benchmark, spatial-reasoning, grounding, evaluation, agents
2603.17333Grid Spatial Understanding: A Dataset for Textual Spatial Reasoning over Grids, Embodied Settings, and Coordinate Structures
PDF		cs.CL88New text-only grid benchmark isolates spatial reasoning; useful for evaluating agent navigation reasoningbenchmark, spatial-reasoning, LLM-eval, navigation, datasets
2603.12062Systematic Security Analysis of the Iridium Satellite Radio Link
PDF		cs.CR86First public security analysis of Iridium link; SIM key extraction enables cloning/impersonationsecurity, wireless, satellite, reverse-engineering, authentication, real-world-attacks
2603.17381An Auditable AI Agent Loop for Empirical Economics: A Case Study in Forecast Combination
PDF		econ.EM, stat.ML86Auditable agent-loop protocol; logs + holdout reduce hidden degrees of freedom in agentic codingagents, auditing, evaluation, reproducibility, governance
2603.18418Mind the Rarities: Can Rare Skin Diseases Be Reliably Diagnosed via Diagnostic Reasoning?
PDF		cs.CV, cs.AI86Long-context multimodal benchmark for rare-derm diagnostic reasoning with better human-aligned metrics.benchmark, medical, VLM, reasoning, long-context, evaluation
2603.17311Ruyi2.5 Technical Report
PDF		cs.CL86Multimodal report incl privacy-preserving edge de-ID + cloud reasoning; BPPO for RL finetune.multimodal, privacy, edge-cloud, de-identification, RLHF, post-training, technical-report
2603.18533Balancing the Reasoning Load: Difficulty-Differentiated Policy Optimization with Length Redistribution for Efficient and Robust Reinforcement Learning
PDF		cs.LG, cs.CL86RL method to curb LRM overthinking/overconfidence via difficulty-split optimization and length controlLLM, reasoning, RL, post-training, efficiency, reliability
2603.08182TildeOpen LLM: Leveraging Curriculum Learning to Achieve Equitable Language Representation
PDF		cs.CL, cs.AI86Open 30B multilingual LLM w/ curriculum to reduce language imbalance; strong practical impact.LLM, multilingual, curriculum-learning, data-imbalance, open-weights
2603.17531Rel-Zero: Harnessing Patch-Pair Invariance for Robust Zero-Watermarking Against AI Editing
PDF		cs.CV, cs.AI, cs.CR86Zero-watermarking robust to AI edits; useful for provenance/authenticity under diffusion manipulationwatermarking, provenance, content-authenticity, diffusion-editing, robustness, security
2603.18879A Human-in/on-the-Loop Framework for Accessible Text Generation
PDF		cs.CL86Human-in/on-the-loop controls for LLM text generation; practical oversight triggers & standards-aligned checklists.LLM, human-in-the-loop, oversight, accessibility, governance, evaluation
2603.17387CRE-T1 Preview Technical Report: Beyond Contrastive Learning for Reasoning-Intensive Retrieval
PDF		cs.IR, cs.AI86Generative retrieval for reasoning-intensive search; targets implicit reasoning beyond contrastive embeddingsretrieval, RAG, reasoning, IR, generative-retrieval
2603.18806dTRPO: Trajectory Reduction in Policy Optimization of Diffusion Large Language Models
PDF		cs.AI86Efficient policy optimization for diffusion LLMs via trajectory reduction; enables scalable offline alignment.diffusion-LLM, RLHF, policy-optimization, efficiency, alignment
2603.14860Architecture-Agnostic Feature Synergy for Universal Defense Against Heterogeneous Generative Threats
PDF		cs.CR, cs.AI84Universal defense vs heterogeneous generators via feature-space synergy; targets content safetygenai-security, adversarial-defense, deepfakes, robustness, representation-learning
2603.18908Secure Linear Alignment of Large Language Models
PDF		cs.AI84Cross-silo LLM alignment via linear maps + homomorphic encryption; privacy-preserving inferenceLLMs, privacy, homomorphic-encryption, representation-alignment, secure-inference
2603.17621Complementary Reinforcement Learning
PDF		cs.LG, cs.CL84RL method for co-evolving experience with improving actor; potentially useful for LLM-agent training.reinforcement-learning, agents, sample-efficiency, memory, training-methods
2603.14818SimCert: Probabilistic Certification for Behavioral Similarity in Deep Neural Network Compression
PDF		cs.SE, cs.AI, cs.LG84Probabilistic certification of behavior similarity after compression; relevant to safety-critical deploymentverification, certification, model-compression, quantization, pruning, reliability, safety
2603.14769POLCA: Stochastic Generative Optimization with LLM
PDF		cs.LG, cs.AI84LLM-as-optimizer framework for prompts/agents under noisy rewards; scalable exploration control.LLM, agents, prompt-optimization, black-box-optimization, evaluation, framework
2603.18765Implicit Grading Bias in Large Language Models: How Writing Style Affects Automated Assessment Across Math, Programming, and Essay Tasks
PDF		cs.CL84Evidence of style-driven grading bias in LLM graders across math/programming/essays; fairness riskLLM, bias, fairness, evaluation, education, robustness
2603.09853SCENEBench: An Audio Understanding Benchmark Grounded in Assistive and Industrial Use Cases
PDF		cs.SD, cs.AI84New benchmark for audio understanding beyond ASR; useful for evaluating LALMs in real settings.benchmark, audio, evaluation, multimodal, robustness
2603.15245Practicing with Language Models Cultivates Human Empathic Communication
PDF		cs.CL, cs.HC84Large-scale study + platform showing LM practice can improve human empathic communication; deployment-relevantLLMs, human-AI-interaction, empathy, behavior-change, evaluation, social-impact
2603.11955PersonaTrace: Synthesizing Realistic Digital Footprints with LLM Agents
PDF		cs.CL84LLM agents synthesize realistic digital footprints; high relevance to privacy, misuse, and agentic data generation.LLM agents, synthetic data, privacy, misuse risk, evaluation, datasets

AI 论文洞察简报

2026-03-23

0) 执行要点(先读这个)

  • 基准正在从“只看准确率”转向“失效模式 + 部署现实”:新的评测套件明确测试 grounding(Acc@50IoU)、传感器扰动(RGB+深度)、超越 ASR 的音频场景理解,以及长时程对抗规划——暴露出标准排行榜遗漏的差距。
  • RL/后训练正变得更“系统感知”:多篇论文通过选择反传内容(BPPO 前缀梯度)、减少轨迹似然计算(面向扩散 LLM 的 dTRPO)、或按难度重分配推理长度(DDPO)来降低 RL 成本/方差。
  • 数据分布不匹配是反复出现的安全失效模式:在 NVD/CVE 关联提交上训练的补丁检测器,遇到“野外”补丁可能崩溃(F1 最多下降约 90%);修复部分依赖于与小规模精心整理的野外集合进行数据混合,而不只是更好的提示词。
  • 隐私/安全威胁在基础设施层仍非常具体:研究显示 Iridium 无线电链路大多未加密,并可用 SDR 实现实用的 SIM 克隆/欺骗/干扰——将卫星链路视为“默认安全”是不安全的。
  • 事后安全适配正在超越微调而多样化:跨模型神经元迁移(CNT)与安全线性对齐(HELIX)提出以极少权重改动或低成本密码学来复用/对齐能力——适用于跨隔离域或快速安全更新。
  • 语言公平可通过工程实现,而不只是扩算力:TildeOpen 的 tokenizer “公平性” + 上采样 + 课程采样,在约 2T tokens 下为代表性不足的欧洲语言带来显著质量/错误率提升。

2) 关键主题(聚类)

主题:面向真实世界的智能体与多模态系统评测优先

主题:让 RL/后训练更便宜、更稳定、更高算效

主题:安全与隐私:从通信层漏洞到合成数据与仓库级现实

主题:事后模型适配与互操作(安全、隐私、跨隔离域)

主题:公平与面向人的评测(语言公平、评分偏差、共情训练)

3) 技术综合

  • 多项工作在“阻断捷径的诊断指标”上趋同:Acc@50IoU(答案+框)、扰动下的 PRS 保留率、SCENEBench 的 FR1 vs MC 探针以暴露遗漏、以及 ICE 随机化测试以检测反不忠实(anti-faithful)理由。
  • 基于组的 RL 变体在增多,但对相关性/冗余的修复不同:DDPO 按难度拆分;Complementary RL 拆分引导 vs 非引导;BPPO 仅保留二元代表 + 前缀梯度;dTRPO 将扩散轨迹核算降为分块 token 比率。
  • Tokenizer/表征效应跨领域出现:TildeOpen 显式优化 tokenization 公平性;HELIX 发现 tokenizer 兼容性强预测跨模型生成成功;ICE 显示多语种忠实性并非仅由 tokenization 解释。
  • “陈旧性(staleness)”是通用失效模式:Complementary RL 针对陈旧经验库;在 NVD 数据上训练的漏洞检测器在野外补丁上变陈旧;NavTrust/MultihopSpatial 等基准显示模型在扰动/grounding 要求下陈旧。
  • 特征空间重表述成为统一技巧:ATFS 将通用防御从像素梯度转为特征对齐;Rel-Zero 使用补丁对关系而非绝对描述符;HELIX 使用仿射特征对齐;SimCert 用双网络符号传播与概率界。
  • 安全评测更经验化与系统级:Iridium 工作结合逆向工程 + 月级被动捕获 + 主动 SDR 攻击;SOL-ExecBench 在观察到参赛智能体的奖励黑客后加固测试框架。
  • SFT vs 偏好优化的细微差别:DermCase 报告 SFT 大幅提升,但 DPO/MPO 对罕见病例诊断推理提升很小;dTRPO 显示在合适估计器下,扩散 LLM 的偏好式优化可行且轨迹成本不再过高。
  • 压缩/效率洞见更机制化:质心 rank 保持主导聚类 LLM 行为;SimCert 区分尺度漂移(可用仿射校正)与 rank 扭曲(难修复),呼应“哪些扰动可恢复”的主题。

4) Top 5 论文(含“为何现在”)

1) Systematic Security Analysis of the Iridium Satellite Radio Link

  • 展示 实用的 SIM 克隆:通过 COMP128-1 Ki 提取(约 6 分钟;20,711 次查询)并成功完成网络注册。
  • 大规模被动分析:捕获 186,788,186 帧;约 88.5% 低熵(未加密)帧。
  • 主动 SDR 攻击:伪造 Ring Alerts 被接受低功率干扰显著降低 PRR(在 J/S ≈ −2.93 dB 时约降至 ≈50%)。
  • 质疑点:范围在无线电链路层;主动测试在屏蔽/受控环境进行,语音解码不在范围内。

2) MultihopSpatial: Multi-hop Compositional Spatial Reasoning Benchmark for Vision-Language Model

  • 引入 Acc@50IoU 强制grounded 正确性(MCQ + IoU≥0.5),暴露出大量走捷径差距。
  • 评测 37 个 VLM;显示多跳 grounding 仍困难(报告的最佳 Acc@50IoU 约 ~40.6%)。
  • 显示 带 bbox 奖励的 GRPO 可显著提升域内 grounding 与下游 VLA 指标(CALVIN、Libero)。
  • 质疑点:RL 扩展到更大 VLM 以及超越静态图像的扩展仍是明确开放问题。

3) Revisiting Vulnerability Patch Identification on Data in the Wild

  • 量化严重 数据集偏差:在 ColeFunda 上训练的 CodeBERT 在 JavaVFC 上从 F1 91.26% → 8.68%
  • 仅靠提示词的 LLM 方法接近随机;LoRA 微调仍难以泛化。
  • 实用缓解:将 NVD 与适量野外数据混合可提升鲁棒性(CodeBERT JavaVFC 55.81% → 77.99%)。
  • 质疑点:野外覆盖主要是 Java 与 C/C++;野外数据的 CWE 标注有限(抽样人工标注)。

4) ICE: Intervention-Consistent Explanation Evaluation with Statistical Grounding for LLMs

  • 通过与匹配随机 token 集的随机化检验,使解释忠实性可进行统计检验(胜率、效应量、p 值、置信区间)。
  • 显示 算子依赖极大(删除 vs 检索填充之间最多相差 44 个百分点)。
  • 发现在近三分之一的英文删除配置中存在 反不忠实(anti-faithfulness);可置信性与忠实性基本不相关。
  • 质疑点:计算成本约为 ~M×(如 50 次置换);检索填充算子设计仍可能引入伪影。

5) dTRPO: Trajectory Reduction in Policy Optimization of Diffusion Large Language Models

  • 给出两个定理,使扩散 LLM 可通过减少轨迹似然计算(状态 + 比率约简)实现 离线 DPO 风格优化
  • 在 7B dLLM 上报告一致基准提升(如 GPQA 相对 +9.59%;GSM8K/MATH 也有提升),并具备 ARM 类离线计算(每样本 4 次前向)。
  • 弥合实践缺口:扩散 LLM 现在可用可扩展的偏好优化,而无需高昂轨迹成本。
  • 质疑点:估计器方差随块内步数增加而扩大;证据在 7B 规模,且调度器假设为近似。

5) 实用下一步

  • 若你构建具身/VLA 系统:采用 grounded 指标(如 Acc@50IoU 的答案+定位)并跟踪扰动下保留率(NavTrust PRS),而非只看干净输入成功率。
  • 对 RL 后训练流水线:测试 按难度拆分的长度控制(DDPO),同时衡量准确率token 成本;记录对 θ 与 diff_q=0 情况的敏感性。
  • 若探索扩散 LLM 对齐:原型化 dTRPO 式分块似然比估计,并与朴素轨迹打分比较计算量/方差。
  • 生产环境中的安全补丁检测:明确审计 跨数据集泛化(NVD → 野外),并为小规模精心整理的野外集合预留预算;按研究方式衡量加入 100–N 样本的收益。
  • 解释/可解释性工具:在信任“top-k 理由”方法前加入 随机化基线 + 多算子检查(ICE 风格);报告效应量与置信区间,而不只原始充分性。
  • 多语种模型开发:加入 tokenization 公平性检查(跨语言 token 数)并考虑 课程采样(均匀 → 自然 → 均匀),而不只是上采样。
  • 卫星/关键通信用户:更新威胁模型——按报告发现,Iridium 用户链路不应假设默认具备机密性/认证;优先应用层加密与抗干扰规划。
  • 隐私敏感的摄像头分析:若使用边缘-云匿名特征(类似 Ruyi2.5-Camera),在依赖“不可逆映射”主张前,要求进行明确的重建/反演攻击评估

由逐篇论文分析生成;无外部浏览。