报 告 人：刘康 美国纽约大学 博士
报告简介：In recent years we have witnessed the wide use of deep learning (DL) techniques and the great success they have achieved in various application domains. State-of-the-art deep neural networks (DNNs) have approached or even surpassed human performance in tasks such as computer vision, natural language processing, and autonomous driving, shedding light on the future of artificial intelligence.
However, the ever-improving performance of DNNs does not come effortlessly; it demands efficient network architectures, large and high-quality datasets, and heavy computation resources. All these requirements could be the potential attack vectors for a would-be attacker. As DNNs become more capable and emerge in various forms, so too do malicious entities. As we deploy DNNs in more application domains, attackers have greater incentives to discover and exploit vulnerabilities for illicit gain.
In this talk, I will address challenges to the security and robustness of DL techniques and especially explore the threat of training-time backdooring attacks on DNNs. I will provide case studies of backdooring attacks on DNNs in various application domains, including general image classification, lithographic hotspot detection, and privacy preservation. I will first discuss backdooring attacks on discriminative DNNs and extend the scope to generative models. I will also introduce mitigation solutions to nullify backdoors for DNNs used in classification tasks.
讲者简介：刘康博士于2021年在美国纽约大学取得电子工程博士学位，2016年在加拿大西安大略大学取得电子与计算机工程硕士学位，以及2013年在新萄京正规网站取得电子信息工程学士学位。他曾在加拿大Evertz Microsystems Ltd. 公司担任软件工程师。他的研究方向包括人工智能安全和隐私保护，以及电子设计自动化。