Secure Learning in Adversarial Environments
Bo Li

Citation
Bo Li. "Secure Learning in Adversarial Environments". Talk or presentation, 23, August, 2017.

Abstract
Advances in machine learning have led to rapid and widespread deployment of software-based inference and decision making, resulting in various applications such as data analytics, autonomous systems, and security diagnostics. Current machine learning systems, however, assume that training and test data follow the same, or similar, distributions, and do not consider active adversaries manipulating either distribution. Recent work has demonstrated that motivated adversaries can circumvent anomaly detection or classification models at test time through evasion attacks, or can inject well-crafted malicious instances into training data to induce errors in classification through poisoning attacks. In addition, by undermining the integrity of learning systems, the privacy of users' data can also be compromised. In this talk, I will describe my recent research about physical attacks, especially poisoning attacks, to show the vulnerabilities of current machine learning systems. I’ll also give an example for a general generative adversarial networks (GANs) based malware generation and detection system to illustrate the adversarial learning idea.

Electronic downloads

Internal. This publication has been marked by the author for FORCES-only distribution, so electronic downloads are not available without logging in.

Citation formats

• HTML

  Bo Li. <a
  href="http://www.cps-forces.org/pubs/274.html"
  ><i>Secure Learning in Adversarial
  Environments</i></a>, Talk or presentation,  23,
  August, 2017.

• Plain text

  Bo Li. "Secure Learning in Adversarial
  Environments". Talk or presentation,  23, August, 2017.

• BibTeX

  @presentation{Li17_SecureLearningInAdversarialEnvironments,
      author = {Bo Li},
      title = {Secure Learning in Adversarial Environments},
      day = {23},
      month = {August},
      year = {2017},
      abstract = {Advances in machine learning have led to rapid and
                widespread deployment of software-based inference
                and decision making, resulting in various
                applications such as data analytics, autonomous
                systems, and security diagnostics. Current machine
                learning systems, however, assume that training
                and test data follow the same, or similar,
                distributions, and do not consider active
                adversaries manipulating either distribution.
                Recent work has demonstrated that motivated
                adversaries can circumvent anomaly detection or
                classification models at test time through evasion
                attacks, or can inject well-crafted malicious
                instances into training data to induce errors in
                classification through poisoning attacks. In
                addition, by undermining the integrity of learning
                systems, the privacy of users' data can also be
                compromised. In this talk, I will describe my
                recent research about physical attacks, especially
                poisoning attacks, to show the vulnerabilities of
                current machine learning systems. I’ll also give
                an example for a general generative adversarial
                networks (GANs) based malware generation and
                detection system to illustrate the adversarial
                learning idea. },
      URL = {http://cps-forces.org/pubs/274.html}
  }
  

Posted by Carolyn Winter on 24 Aug 2017.
Groups: forces
For additional information, see the Publications FAQ or contact webmaster at cps-forces org.