報告題目:Evasion and Causative Attacks with Adversarial Deep Learning
報告人:石怡 教授
單位:美國智能自動化公司/美國弗吉利亞理工大學(xué)
時間:2018年7月17日(周二)下午3點
地點:翡翠湖校區(qū)科教樓A座第五會議室
摘要:This talk is on a novel approach to launch and defend against the causative and evasion attacks on machine learning classifiers. As the preliminary step, the adversary starts with an exploratory attack based on deep learning (DL) and builds a functionally equivalent classifier by polling the online target classifier with input data and observing the returned labels. Using this inferred classifier, the adversary can select samples according to their DL scores and feed them to the original classifier. In an evasion attack, the adversary feeds the target classifier with test data after selecting samples with DL scores that are close to the decision boundary to increase the chance that these samples are misclassified. In a causative attack, the adversary feeds the target classifier with training data after changing the labels of samples with DL scores that are far away from the decision boundary to reduce the reliability of the training process. Results obtained for text and image classification show that the proposed evasion and causative attacks can significantly increase the error during test and training phases, respectively. A defense strategy is presented to change a small number of labels of the original classifier to prevent its reliable inference by the adversary and its effective use in evasion and causative attacks. These findings identify new vulnerabilities of machine learning and demonstrate that a proactive defense mechanism can reduce the impact of the underlying attacks.
報告人簡介:
石怡�����,1998年畢業(yè)于中國科技大學(xué)零零班獲取學(xué)士學(xué)位�,2001年畢業(yè)于中科院軟件所(現(xiàn)中科院大學(xué))獲取碩士學(xué)位�����,2003年畢業(yè)于美國弗吉利亞理工大學(xué)獲取第二個碩士學(xué)位���,2007年畢業(yè)于美國弗吉利亞理工大學(xué)獲取博士學(xué)位。現(xiàn)為IEEE高級會員���,美國智能自動化公司高級研究員����,美國弗吉利亞理工大學(xué)兼職助理教授�����。石怡博士是國際上知名的無線網(wǎng)絡(luò)優(yōu)化專家����,已經(jīng)在IEEE Transactions on Mobile Computing等著名期刊上和IEEE INFOCOM等著名會議上發(fā)表論文130多篇,并主編出版專著1部�����,參與編寫專著5部。2006年��,石博士以華盛頓區(qū)第一名的身份獲得由中國政府頒發(fā)的“國家優(yōu)秀自費(fèi)留學(xué)生”的獎勵��;2008年和2011年�,石博士的論文先后兩次在IEEE INFOCOM會議中獲得最佳論文獎及最佳論文入圍獎。石博士擔(dān)任IEEE Communications Surveys and Tutorials編輯����,擔(dān)任過3個workshop的技術(shù)委員會主席和近50個國際會議的技術(shù)委員會委員,包括IEEE INFOCOM, ACM MobiHoc, IEEE MILCOM, IEEE ICC, IEEE WCNC, IEEE GLOBECOM等�����。
TOP
