Security and Privacy of Machine Learning: A Meta Neural Analysis Approach
Speaker: Professor Carl A. Gunter, University of Illinois at Urbana-Champaign
Chaired by: Professor Reza Shokri, N-CRiPT Principal Investigator
Date and Time: Wednesday 15 January, 11.00am – 12.00pm
Venue: Meeting Room 1, COM1-03-19
Abstract
Meta neural analysis refers to the development of classifiers that predict properties of neural networks. Such “meta” classifiers have proven useful in analyzing privacy risks in important areas such as membership inference, where a meta classifier can predict which individuals were used to train a target classifier. In this talk we explore extensions of this technique to two related areas. The first of these is property inference in which meta classifiers are used to predict general global properties of the training set that produced a target classifier. We demonstrate a technique for normalizing white box target neural networks that enables strong predictions about private features of training sets. The second area of our study focuses on detecting AI Trojans. These are features of classifiers that have been manipulated to have rigged predictions on specific types of data. We demonstrate techniques for both unsupervised and supervised learning on black box target networks. These enable training meta classifiers to detect whether a Trojan has infected a target. We demonstrate that these techniques out-perform all existing detection techniques and show that they are applicable to Trojans in new domains such as natural language data and tabular data.
Biodata
Carl A. Gunter is a professor at the University of Illinois at Urbana-Champaign. He has made research contributions to the semantics of programming languages, formal methods, security and privacy. His recent work has concerned security and privacy issues for power grids and healthcare systems. At the University of Illinois he serves as the director of Illinois Security Lab, director of the Health Information Technology Center (HITC), founding head of the security and privacy area in the Computer Science Department, and lead for the Genomic Security and Privacy Theme at the Institute for Genomic Biology at Illinois.