The CyLab Distinguished Speaker Seminar series brings world-class academics, entrepreneurs, government officials, and technologists across a variety of security and privacy disciplines to engage with the CMU community.
Speaker: Bo Li, Professor at University of Illinois
Topic: "Secure Learning in Adversarial Environments"
Advances in machine learning have led to rapid and widespread deployment of software-based inference and decision making, resulting in various applications such as data analytics, autonomous systems, and security diagnostics. Current machine learning systems, however, assume that training and test data follow the same, or similar, distributions, and do not consider active adversaries manipulating either distribution. Recent work has demonstrated that motivated adversaries can circumvent anomaly detection or other machine learning models at test time through evasion attacks, or can inject well-crafted malicious instances into training data to induce errors in inference time through poisoning attacks. In this talk, I will describe my recent research about evasion attacks, poisoning attacks, and privacy problems in machine learning systems. In particular, I will introduce examples of physical attacks, unrestricted (semantic) attacks, and discuss several potential defensive approaches and principles towards developing real-world robust learning systems.
Bo Li is an assistant professor in the department of Computer Science at University of Illinois at Urbana–Champaign. She is a recipient of the Symantec Research Labs Fellowship. Prior to this she was a postdoctoral researcher in UC Berkeley. Her research focuses on both theoretical and practical aspects of security, machine learning, privacy, game theory. She has designed several robust learning algorithms against adversarial behaviors, a scalable framework for achieving robustness for a range of learning methods, and a privacy preserving data publishing system. Her recent research focuses on adversarial deep learning and generative models, as well as designing scalable robust machine learning models against unrestricted adversarial attacks. Her work has been featured by major publications and media outlets such as Nature, Wired, Fortune, and IEEE Spectrum.