Erwin Quiring
April 19, 2023 at 11:00 AM on Zoom / Soda Hall
Adversarial Preprocessing. An overlooked threat for ML
Abstract:
Machine learning has made remarkable progress in the last years, yet its
success has been overshadowed by different attacks that can thwart its
correct operation. While a large body of research has studied attacks
against learning algorithms, vulnerabilities in the preprocessing for
machine learning have received little attention so far.
In my talk, we will examine the threat of preprocessing attacks. First,
we will take a closer look on image-scaling attacks. The attacks are
analyzed from the perspective of signal processing and their root cause
will be presented. Second, we take a look on the text domain where
preprocessing vulnerabilities simplify the generation of adversarial
examples.
Bio:
Erwin Quiring is a postdoctoral researcher at the International Computer
Science Institute (ICSI) and Ruhr University Bochum in Germany. His work
focuses on adversarial machine learning and the application of ML for
computer security. His work on pitfalls in machine-learning research got
the distinguished paper award at the Usenix Security Symposium 2022. His
dissertation on secure learning-based systems got the AI talent
dissertation award of Lower Saxony in Germany.