[Colloquium] Reminder [defense] Yao/Dissertation Defense/Jul 9, 2020
Nita Yack
nitayack at uchicago.edu
Wed Jul 8 08:28:29 CDT 2020
This is an announcement about Kevin Yuanshun Yao's dissertation
defense.
Here is the Zoom link to participate:
https://uchicago.zoom.us/j/96401585280?pwd=cDVHaXJJQ1AvczVnWW4xcUFub3c1UT09
Password: 972002
Department of Computer Science/The University of Chicago
*** Dissertation Defense ***
Candidate: Yuanshun Yao
Date: Thursday, July 9, 2020
Time: 10:00 AM
Place: remotely via Zoom
Title: Backdoor Attacks on Deep Neural Networks
Abstract:
Today deep neural networks (DNNs) are widely deployed in numerous
applications, from image classification, to voice recognition, to
natural language processing. However, DNNs are opaque mathematical
models that don't provide explicit logical understanding that is
available in traditional programming. This lack of transparency and
understanding generates certain leeway in DNNs that might lead to
unexpected and unpredictable behaviors for model trainers.
One attack that exploits this vulnerability in DNNs is backdoor
attack. DNN backdoors are hidden malicious behaviors embedded inside
DNN models. They're only activated when a specific "trigger" is
present in some inputs to the model. Common examples of triggers
include sticky notes that make models recognize any traffic signs as
Speed Limit signs or a pair of sunglasses that makes compromised
facial recognition models recognize any photos with the sunglasses as
Bill Gates. Backdoor attacks are dangerous because a corrupted model
produces consistent and repeated misclassifications on inputs with
trigger, while performing as expected (with high accuracy) on normal
inputs, making it hard to detect. Backdoor attack was firstly studied
in 2017. Since then, concerns about the impact of backkdoor attacks
have led to large funding programs as well as the development of many
variants of attacks and corresponding defenses.
In this dissertation, I seek to contribute to the literature by
improving current understanding of backdoor attacks. My work contains
three projects. First, I design a robust defense against backdoor
attacks. The defense has a full coverage, including detecting and
identifying backdoors, followed by detecting backdoored inputs, and
finally removing backdoors from the model. Second, I identify and
propose a novel variant of backdoor attacks that can survive transfer
learning process, a standard technique to train DNNs today. This new
attack is more powerful, stealthy, and widely applicable. This work
brings attention to the need of better understanding on backdoor
attacks and more careful design on defense. Third, I conduct a
systemic study on feasibility of DNN backdoor attacks in the physical
world. I seek to understand if backdoor attacks can be actualized in
the real world and what limitations attackers have to face in
executing them. Finally, I summarize my work and conclude with my
insights on DNN backdoor attacks.
Yuanshun's advisors are Prof. Ben Zhao and Prof. Heather Zheng
Login to the Computer Science Department website for details,
including a draft copy of the dissertation:
https://newtraell.cs.uchicago.edu/phd/phd_announcements#ysyao
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Margaret P. Jaffey margaret at cs.uchicago.edu
Department of Computer Science
Student Support Rep (JCL 350) (773) 702-6011
The University of Chicago http://www.cs.uchicago.edu
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
_______________________________________________
Colloquium mailing list - Colloquium at mailman.cs.uchicago.edu
https://mailman.cs.uchicago.edu/mailman/listinfo/colloquium
_______________________________________________
faculty mailing list - faculty at mailman.cs.uchicago.edu
https://mailman.cs.uchicago.edu/mailman/listinfo/faculty
_______________________________________________
assistant-professors mailing list
assistant-professors at mailman.cs.uchicago.edu
https://mailman.cs.uchicago.edu/cgi-bin/mailman/listinfo/assistant-professors
More information about the Colloquium
mailing list