Adversarially (non-)robust machine learning
* Register (or log in) to the AI4G Neural Network to add this session to your agenda or watch the replay
One of the key limitations of deep-learning is its inability to generalize to new domains. The focus of this talk will be on adversarial examples; inputs constructed by an adversary to mislead a machine-learning model. These adversarial examples can, for example, cause self-driving cars to misrecognize street signs or misidentify pedestrians.
This talk introduces how adversarial examples are generated and why they are so easy to find. Then, we consider recent attempts at increasing the robustness of neural networks. Across recent papers, we have studied several dozen defences proposed at top machine-learning and security conferences and found that almost all can be evaded and offer nearly no improvement on top of the undefended baselines. Worryingly, our most recent breaks require no new attack ideas and merely re-use earlier attack approaches.
General robustness is still a challenge for deep-learning and one that will require extensive work to solve.
WHAT IS TRUSTWORTHY AI SERIES?
Artificial Intelligence (AI) systems have steadily grown in complexity, gaining predictivity often at the expense of interpretability, robustness and trustworthiness. Deep neural networks are a prime example of this development. While reaching “superhuman” performances in various complex tasks, these models are susceptible to errors when confronted with tiny (adversarial) variations of the input – variations which are either not noticeable or can be handled reliably by humans. This expert talk series will discuss these challenges of current AI technology and will present new research aiming at overcoming these limitations and developing AI systems which can be certified to be trustworthy and robust.
The expert talk series will cover the following topics:
- Measuring Neural Network Robustness
- Auditing AI Systems
- Adversarial Attacks and Defences
- Explainability & Trustworthiness
- Poisoning Attacks on AI
- Certified Robustness
- Model and Data Uncertainty
- AI Safety and Fairness
The Trustworthy AI series is moderated by Wojciech Samek, Head of AI Department at Fraunhofer HHI, one of the top 20 AI labs in the world.