adversarial machine learning
play

Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research - PowerPoint PPT Presentation

Jul 22, 2023 •157 likes •562 views

Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN

  1. Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN BPDA South Park Commons FF-GAN MGAN BS-GAN DR-GAN San Francisco, 2018-05-24 C-RNN-GAN C-VAE-GAN DCGAN CCGAN AC-GAN MAGAN 3D-GAN BiGAN Adversarial Training CycleGAN GAWWN Gradient Masking Bayesian GAN AnoGAN SN-GAN EBGAN DTN MAD-GAN Context-RNN-GAN ALI BEGAN AL-CGAN f-GAN ArtGAN PGD MalGAN

  2. Adversarial Machine Learning Traditional ML: Adversarial ML: optimization game theory Equilibrium Minimum One player, More than one player, one cost more than one cost (Goodfellow 2017)

  3. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  4. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  5. Generative Modeling: Sample Generation Training Data Sample Generator (CelebA) (Karras et al, 2017) (Goodfellow 2018)

  6. Adversarial Nets Framework D tries to make D(G(z)) near 0, D (x) tries to be G tries to make near 1 D(G(z)) near 1 Di ff erentiable D function D x sampled from x sampled from data model Di ff erentiable function G Input noise z (Goodfellow et al., 2014) (Goodfellow 2018)

  7. GANs for simulated training data (Shrivastava et al., 2016) (Goodfellow 2018)

  8. Unsupervised Image-to-Image Translation Day to night (Liu et al., 2017) (Goodfellow 2018)

  9. CycleGAN (Zhu et al., 2017) (Goodfellow 2018)

  10. Designing DNA to optimize protein binding (Killoran et al, 2017) (Goodfellow 2018)

  11. Personalized GANufacturing (Hwang et al 2018) (Goodfellow 2018)

  12. Self-Attention GAN State of the art FID on ImageNet: 1000 categories, 128x128 pixels Goldfish Redshank Geyser Tiger Cat Broccoli Stone Wall Indigo Bunting (Zhang et al, 2018) Saint Bernard (Goodfellow 2018)

  13. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  14. Adversarial Examples X θ ˆ y x (Goodfellow 2017)

  15. Adversarial Examples in the Physical World (Kurakin et al, 2016) (Goodfellow 2017)

  16. Training on Adversarial Examples 10 0 Train=Clean, Test=Clean Test misclassification rate Train=Clean, Test=Adv Train=Adv, Test=Clean 10 − 1 Train=Adv, Test=Adv 10 − 2 0 50 100 150 200 250 300 Training time (epochs) (CleverHans tutorial, using method of Goodfellow et al 2014) (Goodfellow 2017)

  17. Adversarial Logit Pairing Logit pairing State of the art defense on ImageNet clean adv logits logits Adversarial perturbation (Kannan et al, 2018) (Goodfellow 2018)

  18. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  19. Adversarial Examples for RL (Huang et al., 2017) (Goodfellow 2017)

  20. Self-Play 1959: Arthur Samuel’s checkers agent (OpenAI, 2017) (Silver et al, 2017) (Bansal et al, 2017) (Goodfellow 2017)

  21. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  22. Extreme Reliability • We want extreme reliability for • Autonomous vehicles • Air tra ffi c control • Surgery robots • Medical diagnosis, etc. • Adversarial machine learning research techniques can help with this • Katz et al 2017: verification system, applied to air tra ffi c control (Goodfellow 2017)

  23. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  24. Supervised Discriminator for Semi-Supervised Learning Real cat Real dog Fake Real Fake Learn to read with Hidden Hidden units units 100 labels rather than 60,000 Input Input (Odena 2016, Salimans et al 2016) (Goodfellow 2018)

  25. Virtual Adversarial Training Miyato et al 2015: regularize for robustness to adversarial perturbations of unlabeled data (Oliver+Odena+Ra ff el et al, 2018) (Goodfellow 2018)

  26. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  27. Privacy of training data ˆ θ X X (Goodfellow 2018)

  28. Defining ( ε , δ )-Di ff erential Privacy (Abadi 2017) (Goodfellow 2018)

  29. Private Aggregation of Teacher Ensembles (Papernot et al 2016) (Goodfellow 2018)

  30. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  31. Domain Adaptation • Domain Adversarial Networks (Ganin et al, 2015) • Professor forcing (Lamb et al, 2016): Domain- Adversarial learning in RNN hidden state (Goodfellow 2017)

  32. GANs for domain adaptation (Bousmalis et al., 2016) (Ra ff el, 2017)

  33. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  34. Adversarially Learned Fair Representations • Edwards and Storkey 2015 • Learn representations that are useful for classification • An adversary tries to recover a sensitive variable S from the representation. Primary learner tries to make S impossible to recover • Final decision does not depend on S (Goodfellow 2017)

  35. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  36. How do machine learning models work? (Goodfellow et al, 2014) Interpretability literature: our analysis tools show that deep nets work about how you would expect them to. Adversarial ML literature: ML models are very easy to fool and even linear models work in counter-intuitive ways. (Selvaraju et al, 2016) (Goodfellow 2017)

  37. A Cambrian Explosion of Machine Learning Research Topics Make ML work Generative ML+neuroscience Modeling Accountability Security and Transparency RL Fairness Extreme reliability Domain adaptation Label Privacy e ffi ciency (Goodfellow 2017)

  38. Adversarial Examples that Fool both Human and Computer Vision Gamaleldin et al 2018 (Goodfellow 2017)

  39. Questions (Goodfellow 2018)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. "Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop

Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop

Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop September 14, 2017 Why Prove Things? Attackers often have more motivation/resources than defenders Heuristic defenses: arms race between attack and

738 views • 52 slides
AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning Florian Tramr November

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning Florian Tramr November

AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning Florian Tramr November 14 th 2019 Joint work with Pascal Dupr, Gili Rusak, Giancarlo Pellegrino and Dan Boneh The Future of Ad-Blocking easylist.txt markup

612 views • 23 slides
Adversarial Machine Learning (AML) Somesh Jha University of Wisconsin, Madison Thanks to

Adversarial Machine Learning (AML) Somesh Jha University of Wisconsin, Madison Thanks to

Adversarial Machine Learning (AML) Somesh Jha University of Wisconsin, Madison Thanks to Nicolas Papernot, Ian Goodfellow, and Jerry Zhu for some slides . Machine learning brings social disruption at scale Healthcare Energy Source: Peng and

821 views • 71 slides
Vulnerability of machine learning models to adversarial examples Petra Vidnerov Institute of

Vulnerability of machine learning models to adversarial examples Petra Vidnerov Institute of

Vulnerability of machine learning models to adversarial examples Petra Vidnerov Institute of Computer Science The Czech Academy of Sciences Hora Informaticae 2016 Outline Introduction Works on adversarial examples Our work Genetic

855 views • 46 slides
Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann

Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann

Adversarial Robustness of Machine Learning Models for Graphs Prof. Dr. Stephan Gnnemann Department of Informatics Technical University of Munich 28.10.2019 Adversarial Robustness of Machine Learning Models for Graphs S. Gnnemann Can you

669 views • 27 slides
Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning

Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning

Physical Adversarial Examples Alex Kurakin Ian Goodfellow Output STOP Machine Learning Training Examples Hidden units / BICYCLE features CAR PEDESTRIA N Parameters Input ImageNet (Russakovsky et al 2015) Adversarial Examples: Images

369 views • 19 slides
When foes are friends adversarial examples as protective technologies Carmela Troncoso

When foes are friends adversarial examples as protective technologies Carmela Troncoso

When foes are friends adversarial examples as protective technologies Carmela Troncoso @carmelatroncoso Security and Privacy Engineering Lab The machine learning revolution 2 Machine Learning ) Definition (Wikipedia) Machine learning [...]

965 views • 58 slides
Recent Trends in Adversarial Machine Learning Thanks to Ian Goodfellow, Somesh Jha, Patrick

Recent Trends in Adversarial Machine Learning Thanks to Ian Goodfellow, Somesh Jha, Patrick

Recent Trends in Adversarial Machine Learning Thanks to Ian Goodfellow, Somesh Jha, Patrick McDaniel, and Nicolas Papernot for some slides December 4, 2018 Berkay Celik How it works training Learning Algorithm Training Data Model

536 views • 35 slides
Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN

797 views • 42 slides
Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain

Progressive GAN CoGAN LR-GAN MedGAN CGAN IcGAN A ff GAN DiscoGAN LS-GAN BIM LAPGAN MPM-GAN AdaGAN FGSM iGAN LSGAN InfoGAN IAN ATN Adversarial Machine Learning MIX+GAN Ian Goodfellow, Sta ff Research Scientist, Google Brain McGAN

860 views • 45 slides
Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research

Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research

Making and Measuring Progress in Adversarial Machine Learning Nicholas Carlini Google Research Act I Background Why should we care about adversarial examples? Make ML Make ML robust better Act II An Apparent Problem Let's go

1.12k views • 79 slides
Generative Adversarial Nets(GANs) Troy Cary and Chenzhi Zhao A generative adversarial net is

Generative Adversarial Nets(GANs) Troy Cary and Chenzhi Zhao A generative adversarial net is

Generative Adversarial Nets(GANs) Troy Cary and Chenzhi Zhao A generative adversarial net is a type of neural net, used in deep learning/machine learning problems The goal of a GAN is to train two simultaneous models: a generative model

441 views • 18 slides
Machine Learning Lecture 13: Generative Adversarial Networks (I) Nevin L. Zhang

Machine Learning Lecture 13: Generative Adversarial Networks (I) Nevin L. Zhang

Machine Learning Lecture 13: Generative Adversarial Networks (I) Nevin L. Zhang lzhang@cse.ust.hk Department of Computer Science and Engineering The Hong Kong University of Science and Technology This set of notes is based on internet

826 views • 54 slides
Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent

Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent

Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent Advances in Adversarial (Examples in) Machine Learning Nicholas Carlini Google Research The Year is 2014 Someone tells you they have a new algorithm to

1.52k views • 139 slides
Continuous Action Spaces Previously, we only allowed the players to choose from a finite set

Continuous Action Spaces Previously, we only allowed the players to choose from a finite set

Continuous Action Spaces Previously, we only allowed the players to choose from a finite set of actions CS 331: Artificial Intelligence Today, well see how to calculate Nash Game Theory III Equilibria when we have a continuous

323 views • 3 slides
Institute for People, Place and Possibility (IP3) Community Commons To spur actions and

Institute for People, Place and Possibility (IP3) Community Commons To spur actions and

Community Commons Institute for People, Place and Possibility (IP3) Community Commons To spur actions and investments that lead to healthier, more equitable, and more sustainable communities Providing change makers with public access to

536 views • 17 slides
L ECTURE 10 Monetary Policy at the Zero Lower Bound: Expectations Effects October 26, 2016 I. O

L ECTURE 10 Monetary Policy at the Zero Lower Bound: Expectations Effects October 26, 2016 I. O

Economics 210c/236a Christina Romer Fall 2016 David

1.31k views • 59 slides
A Two-Stage Method for Commodity Price Trend Forecasting SIGIR Workshop: FinIR 30 #$ July 2020

A Two-Stage Method for Commodity Price Trend Forecasting SIGIR Workshop: FinIR 30 #$ July 2020

A Two-Stage Method for Commodity Price Trend Forecasting SIGIR Workshop: FinIR 30 #$ July 2020 ustc_youdu: Bingjie Liang, Huixin Liu and Chujing He University of Science and Technology of China Problem Description The main task is to build

502 views • 11 slides
Updates and New Federal Stimulus Funds for Child Care Impacted by COVID-19 Participating in

Updates and New Federal Stimulus Funds for Child Care Impacted by COVID-19 Participating in

Updates and New Federal Stimulus Funds for Child Care Impacted by COVID-19 Participating in todays call Attendee Control Panel Listen in through computer audio.Headset recommended. or Select Phone Call to see the number to call, Access

340 views • 16 slides
Commonwealth Corps December Training & Reflection Session Thank you for. Overview

Commonwealth Corps December Training & Reflection Session Thank you for. Overview

Commonwealth Corps December Training & Reflection Session Thank you for. Overview Reminders & Announcements Training Stress Management & Burnout Making & Continuing Powerful Connections in our Communities

330 views • 15 slides
Strengthening the Commonwealth Performance Framework Stein Helgeby Deputy Secretary Governance

Strengthening the Commonwealth Performance Framework Stein Helgeby Deputy Secretary Governance

Strengthening the Commonwealth Performance Framework Stein Helgeby Deputy Secretary Governance and Resource Management Department of Finance 1 Enhanced Performance Framework Overview 1) Public Governance, Performance and Accountability Act

543 views • 28 slides
Our Common Wealth : INTRODUCING THE COMMONWEALTH HISTORICAL COLLABORATIVE New England Archivists

Our Common Wealth : INTRODUCING THE COMMONWEALTH HISTORICAL COLLABORATIVE New England Archivists

Our Common Wealth : INTRODUCING THE COMMONWEALTH HISTORICAL COLLABORATIVE New England Archivists Veronica Martzahl Fall Conference Digital Records Archivist October 14, 2016 Massachusetts Archives Background Initiative of the

352 views • 9 slides

More recommend