adversarial machine learning
play

Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research - PowerPoint PPT Presentation

Feb 01, 2023 •394 likes •860 views

Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN

  1. Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN BPDA ACM Webinar FF-GAN MGAN BS-GAN DR-GAN 2018-07-24 SAGAN C-RNN-GAN C-VAE-GAN ALP DCGAN CCGAN AC-GAN MAGAN 3D-GAN BiGAN Adversarial Training CycleGAN GAWWN Gradient Masking Bayesian GAN AnoGAN SN-GAN EBGAN DTN MAD-GAN Context-RNN-GAN ALI BEGAN AL-CGAN f-GAN ArtGAN PGD MalGAN

  2. Adversarial Machine Learning Traditional ML: Adversarial ML: optimization game theory Equilibrium Minimum One player, More than one player, one cost more than one cost (Goodfellow 2018)

  3. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  4. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  5. Generative Modeling: Sample Generation Training Data Sample Generator (CelebA) (Karras et al, 2017) (Goodfellow 2018)

  6. Adversarial Nets Framework D tries to make D(G(z)) near 0, D (x) tries to be G tries to make near 1 D(G(z)) near 1 Di ff erentiable D function D x sampled from x sampled from data model Di ff erentiable function G Input noise z (Goodfellow et al., 2014) (Goodfellow 2018)

  7. 3.5 Years of Progress on Faces 2014 2015 2016 2017 (Brundage et al, 2018) (Goodfellow 2018)

  8. <2 Years of Progress on ImageNet Odena et al 2016 Miyato et al 2017 Zhang et al 2018 (Goodfellow 2018)

  9. GANs for simulated training data (Shrivastava et al., 2016) (Goodfellow 2018)

  10. Unsupervised Image-to-Image Translation Day to night (Liu et al., 2017) (Goodfellow 2018)

  11. CycleGAN (Zhu et al., 2017) (Goodfellow 2018)

  12. Designing DNA to optimize protein binding (Killoran et al, 2017) (Goodfellow 2018)

  13. Personalized GANufacturing (Hwang et al 2018) (Goodfellow 2018)

  14. Self-Attention GAN State of the art FID on ImageNet: 1000 categories, 128x128 pixels Goldfish Redshank Geyser Tiger Cat Broccoli Stone Wall Indigo Bunting (Zhang et al., 2018) Saint Bernard (Goodfellow 2018)

  15. Self-Attention Use layers from Wang et al 2018 (Goodfellow 2018)

  16. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  17. Adversarial Examples X θ ˆ y x (Goodfellow 2018)

  18. Also Adversarial Examples (Eykholt et al, 2017) (Goodfellow 2018) (Goodfellow 2018)

  19. Adversarial Examples in the Physical World (Kurakin et al, 2016) (Goodfellow 2018)

  20. Adversarial Training as a Minimax Problem “ ” Original implementation: Goodfellow et al 2014 Explicit use of “minimax”: Farley and Goodfellow, 2016 (Goodfellow 2018)

  21. Training on Adversarial Examples 10 0 Train=Clean, Test=Clean Test misclassification rate Train=Clean, Test=Adv Train=Adv, Test=Clean 10 − 1 Train=Adv, Test=Adv 10 − 2 0 50 100 150 200 250 300 Training time (epochs) (CleverHans tutorial, using method of Goodfellow et al 2014) (Goodfellow 2018)

  22. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  23. Adversarial Examples for RL (Huang et al., 2017) (Goodfellow 2018)

  24. Self-Play 1959: Arthur Samuel’s checkers agent (OpenAI, 2017) (Silver et al, 2017) (Bansal et al, 2017) (Goodfellow 2018)

  25. SPIRAL Synthesizing Programs for Images Using Reinforced Adversarial Learning (Ganin et al, 2018) (Goodfellow 2018)

  26. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  27. Extreme Reliability • We want extreme reliability for • Autonomous vehicles • Air tra ffi c control • Surgery robots • Medical diagnosis, etc. • Adversarial machine learning research techniques can help with this • Katz et al 2017: verification system, applied to air tra ffi c control (Goodfellow 2018)

  28. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  29. Supervised Discriminator for Semi-Supervised Learning Real cat Real dog Fake Real Fake Learn to read with Hidden Hidden units units 100 labels rather than 60,000 Input Input (Odena 2016, Salimans et al 2016) (Goodfellow 2018)

  30. Virtual Adversarial Training Miyato et al 2015: regularize for robustness to adversarial perturbations of unlabeled data (Oliver+Odena+Ra ff el et al, 2018) (Goodfellow 2018)

  31. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  32. Privacy of training data ˆ θ X X (Goodfellow 2018)

  33. Defining ( ε , δ )-Di ff erential Privacy (Abadi 2017) (Goodfellow 2018)

  34. Private Aggregation of Teacher Ensembles (Papernot et al 2016) (Goodfellow 2018)

  35. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  36. Domain Adaptation • Domain Adversarial Networks (Ganin et al, 2015) • Professor forcing (Lamb et al, 2016): Domain- Adversarial learning in RNN hidden state (Goodfellow 2018)

  37. GANs for domain adaptation (Bousmalis et al., 2016) (Ra ff el, 2017)

  38. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  39. Adversarially Learned Fair Representations • Edwards and Storkey 2015 • Learn representations that are useful for classification • An adversary tries to recover a sensitive variable S from the representation. Primary learner tries to make S impossible to recover • Final decision does not depend on S (Goodfellow 2018)

  40. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  41. How do machine learning models work? (Goodfellow et al, 2014) Interpretability literature: our analysis tools show that deep nets work about how you would expect them to. Adversarial ML literature: ML models are very easy to fool and even linear models work in counter-intuitive ways. (Selvaraju et al, 2016) (Goodfellow 2018)

  42. Robust models are more interpretable Relatively vulnerable model Relatively robust model (Goodfellow 2015) (Goodfellow 2018)

  43. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2018)

  44. Adversarial Examples that Fool both Human and Computer Vision Gamaleldin et al 2018 (Goodfellow 2018)

  45. Questions (Goodfellow 2018)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. &quot;Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop

Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop

Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop September 14, 2017 Why Prove Things? Attackers often have more motivation/resources than defenders Heuristic defenses: arms race between attack and

738 views • 52 slides
AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning Florian Tramr November

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning Florian Tramr November

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning Florian Tramr November 14 th 2019 Joint work with Pascal Dupr, Gili Rusak, Giancarlo Pellegrino and Dan Boneh The Future of Ad-Blocking easylist.txt markup

612 views • 23 slides
Adversarial Machine Learning (AML) Somesh Jha University of Wisconsin, Madison Thanks to

Adversarial Machine Learning (AML) Somesh Jha University of Wisconsin, Madison Thanks to

Adversarial Machine Learning (AML) Somesh Jha University of Wisconsin, Madison Thanks to Nicolas Papernot, Ian Goodfellow, and Jerry Zhu for some slides . Machine learning brings social disruption at scale Healthcare Energy Source: Peng and

821 views • 71 slides
Vulnerability of machine learning models to adversarial examples Petra Vidnerov Institute of

Vulnerability of machine learning models to adversarial examples Petra Vidnerov Institute of

Vulnerability of machine learning models to adversarial examples Petra Vidnerov Institute of Computer Science The Czech Academy of Sciences Hora Informaticae 2016 Outline Introduction Works on adversarial examples Our work Genetic

855 views • 46 slides
Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann

Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann

Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann Department of Informatics Technical University of Munich 28.10.2019 Adversarial Robustness of Machine Learning Models for Graphs S. Gnnemann Can you

669 views • 27 slides
Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning

Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning

Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning Training Examples Hidden units / BICYCLE features CAR PEDESTRIA N Parameters Input ImageNet (Russakovsky et al 2015) Adversarial Examples: Images

369 views • 19 slides
When foes are friends adversarial examples as protective technologies Carmela Troncoso

When foes are friends adversarial examples as protective technologies Carmela Troncoso

When foes are friends adversarial examples as protective technologies Carmela Troncoso @carmelatroncoso Security and Privacy Engineering Lab The machine learning revolution 2 Machine Learning ) Definition (Wikipedia) Machine learning [...]

965 views • 58 slides
Recent Trends in Adversarial Machine Learning Thanks to Ian Goodfellow, Somesh Jha, Patrick

Recent Trends in Adversarial Machine Learning Thanks to Ian Goodfellow, Somesh Jha, Patrick

Recent Trends in Adversarial Machine Learning Thanks to Ian Goodfellow, Somesh Jha, Patrick McDaniel, and Nicolas Papernot for some slides December 4, 2018 Berkay Celik How it works training Learning Algorithm Training Data Model

536 views • 35 slides
Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN

797 views • 42 slides
Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN

562 views • 39 slides
Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research

Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research

Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research Act I Background Why should we care about adversarial examples? Make ML Make ML robust better Act II An Apparent Problem Let's go

1.12k views • 79 slides
Generative Adversarial Nets(GANs) Troy Cary and Chenzhi Zhao A generative adversarial net is

Generative Adversarial Nets(GANs) Troy Cary and Chenzhi Zhao A generative adversarial net is

Generative Adversarial Nets(GANs) Troy Cary and Chenzhi Zhao A generative adversarial net is a type of neural net, used in deep learning/machine learning problems The goal of a GAN is to train two simultaneous models: a generative model

441 views • 18 slides
Machine Learning Lecture 13: Generative Adversarial Networks (I) Nevin L. Zhang

Machine Learning Lecture 13: Generative Adversarial Networks (I) Nevin L. Zhang

Machine Learning Lecture 13: Generative Adversarial Networks (I) Nevin L. Zhang lzhang@cse.ust.hk Department of Computer Science and Engineering The Hong Kong University of Science and Technology This set of notes is based on internet

826 views • 54 slides
Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent

Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent

Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent Advances in Adversarial (Examples in) Machine Learning Nicholas Carlini Google Research The Year is 2014 Someone tells you they have a new algorithm to

1.52k views • 139 slides
Combating Autism Act Initiative (CAAI) Overview Act Early Summit: Sacramento, CA. June 8-9, 2009

Combating Autism Act Initiative (CAAI) Overview Act Early Summit: Sacramento, CA. June 8-9, 2009

Combating Autism Act Initiative (CAAI) Overview Act Early Summit: Sacramento, CA. June 8-9, 2009 Cassie Lauver, ACSW Bonnie Strickland, PhD Denise Sofka, MPH, RD Maternal and Child Health Bureau, HRSA Combating Autism Act- Enacted December

355 views • 12 slides
INF 111 / CSE 121: Software Tools and Methods Lecture Notes for Fall Quarter, 2007 Michele

INF 111 / CSE 121: Software Tools and Methods Lecture Notes for Fall Quarter, 2007 Michele

INF 111 / CSE 121: Software Tools and Methods Lecture Notes for Fall Quarter, 2007 Michele Rousseau Set 17 (Some notes adapted from Susan E. Sim &amp; UML Distilled) Announcements Homework Due 11/21 @ 3p TA will be available for

211 views • 9 slides
Spectro-Perfectionism in SDSS-III Adam S. Bolton Department of Physics &amp; Astronomy The

Spectro-Perfectionism in SDSS-III Adam S. Bolton Department of Physics &amp; Astronomy The

Spectro-Perfectionism in SDSS-III Adam S. Bolton Department of Physics &amp; Astronomy The University of Utah ADASS XXI - Paris - 2011-11-09 What is SDSS-III? Eisenstein et al. 2011 ADASS XXI 2011-11-09 Adam S. Bolton What is SDSS-III?

581 views • 46 slides
Hardest-to-Round Cases Vincent LEFVRE Arnaire, INRIA Grenoble Rhne-Alpes / LIP,

Hardest-to-Round Cases Vincent LEFVRE Arnaire, INRIA Grenoble Rhne-Alpes / LIP,

Hardest-to-Round Cases Vincent LEFVRE Arnaire, INRIA Grenoble Rhne-Alpes / LIP, ENS-Lyon Journes TaMaDi, Lyon, 2010-10-28 [tamadi2010.tex 40124 2010-10-27 23:50:05Z vinc17/xvii] Outline Hardest-to-round cases in: binary64 (Double

700 views • 34 slides
Frames and operators: Basic properties and open problems Ole Christensen Department of

Frames and operators: Basic properties and open problems Ole Christensen Department of

Frames and operators: Basic properties and open problems Ole Christensen Department of Mathematics Technical University of Denmark Denmark July 16, 2012 (DTU Mathematics) Talk, Concentration Week, Texas A &amp; M July 16, 2012 1 / 85

1.99k views • 126 slides
Topological Ramsey spaces in creature forcing Natasha Dobrinen University of Denver Toposym,

Topological Ramsey spaces in creature forcing Natasha Dobrinen University of Denver Toposym,

Topological Ramsey spaces in creature forcing Natasha Dobrinen University of Denver Toposym, 2016 Dobrinen tRs in Creature Forcing University of Denver 1 / 26 Observation (Todorcevic). There are strong connections between creature forcing

1.09k views • 80 slides
An introduction to the simulation of fluid and structure dynamics with emphasis on sport

An introduction to the simulation of fluid and structure dynamics with emphasis on sport

An introduction to the simulation of fluid and structure dynamics with emphasis on sport applications Luca Formaggia MOX, Dipartimento di Matematica, Politecnico di Milano via Bonardi 9, 20133 Milano, luca.formaggia@polimi.it Computing and

1.21k views • 103 slides
CSE 341 Lecture 19 parsing / Homework 7 slides created by Marty Stepp

CSE 341 Lecture 19 parsing / Homework 7 slides created by Marty Stepp

CSE 341 Lecture 19 parsing / Homework 7 slides created by Marty Stepp http://www.cs.washington.edu/341/ Looking ahead We will complete a 2-part assignment related to analyzing and interpreting BASIC source code. HW7 : BASIC expression

505 views • 16 slides

More recommend