报告题目:深度神经网络后门攻击与防御
报 告 人:刘康 美国纽约大学 博士
报告地点:铁道校区综合实验楼308会议室
报告时间:2021年6月8日(星期二)下午4:00
报告简介:In recent years we have witnessed the wide use of deep learning (DL) techniques and the great success they have achieved in various application domains. State-of-the-art deep neural networks (DNNs) have approached or even surpassed human performance in tasks such as computer vision, natural language processing, and autonomous driving, shedding light on the future of artificial intelligence.
However, the ever-improving performance of DNNs does not come effortlessly; it demands efficient network architectures, large and high-quality datasets, and heavy computation resources. All these requirements could be the potential attack vectors for a would-be attacker. As DNNs become more capable and emerge in various forms, so too do malicious entities. As we deploy DNNs in more application domains, attackers have greater incentives to discover and exploit vulnerabilities for illicit gain.
In this talk, I will address challenges to the security and robustness of DL techniques and especially explore the threat of training-time backdooring attacks on DNNs. I will provide case studies of backdooring attacks on DNNs in various application domains, including general image classification, lithographic hotspot detection, and privacy preservation. I will first discuss backdooring attacks on discriminative DNNs and extend the scope to generative models. I will also introduce mitigation solutions to nullify backdoors for DNNs used in classification tasks.
讲者简介:刘康博士于2021年在美国纽约大学取得电子工程博士学位,2016年在加拿大西安大略大学取得电子与计算机工程硕士学位,以及2013年在3003必赢官网取得电子信息工程学士学位。他曾在加拿大Evertz Microsystems Ltd. 公司担任软件工程师。他的研究方向包括人工智能安全和隐私保护,以及电子设计自动化。
