TIGP (SNHCC) -- Toward Transferable Targeted Adversarial Attacks and the Countermeasures
- LecturerProf. Shang-Tse Chen (Department of Computer Science and Information Engineering, National Taiwan University)
Host: TIGP (SNHCC) - Time2024-10-14 (Mon.) 14:00 ~ 16:00
- LocationAuditorium 106 at IIS new Building
Abstract
Machine learning models are vulnerable to adversarial attacks that add imperceptible perturbations to the test data. However, in most real-world applications, the attacker only has limited knowledge about the victim model, making such kind of attacks difficult to succeed. The attack is even more challenging for targeted attacks, where the attacker wants to mislead the model into a specific prediction outcome. In this talk, I will introduce several techniques for improving the targeted transfer abilities of adversarial attacks. I will also introduce defenses and countermeasures, including a novel adversarial training method.
BIO
I am an Associate Professor in the Department of Computer Science and Information Engineering and Graduate Institute of Networking and Multimedia at National Taiwan University. I work in the intersection of applied and theoretical machine learning, with a strong application focus on cybersecurity. My recent research interests include adversarial ML and various aspects of security, privacy, and fairness of ML models.