TIGP (SNHCC) -- Toward Transferable Targeted Adversarial Attacks and the Countermeasures
- 講者陳尚澤 教授 (國立臺灣大學資訊工程學系)
邀請人:TIGP (SNHCC) - 時間2024-10-14 (Mon.) 14:00 ~ 16:00
- 地點資訊所新館106演講廳
摘要
Machine learning models are vulnerable to adversarial attacks that add imperceptible perturbations to the test data. However, in most real-world applications, the attacker only has limited knowledge about the victim model, making such kind of attacks difficult to succeed. The attack is even more challenging for targeted attacks, where the attacker wants to mislead the model into a specific prediction outcome. In this talk, I will introduce several techniques for improving the targeted transfer abilities of adversarial attacks. I will also introduce defenses and countermeasures, including a novel adversarial training method.
BIO
I am an Associate Professor in the Department of Computer Science and Information Engineering and Graduate Institute of Networking and Multimedia at National Taiwan University. I work in the intersection of applied and theoretical machine learning, with a strong application focus on cybersecurity. My recent research interests include adversarial ML and various aspects of security, privacy, and fairness of ML models.