Adversarial

Description

Machine Learning (ML) models are nowadays more accessible than ever [2] in today’s technological landscape, bringing a new era of possibilities, opportunities, and difficulties. Nevertheless, these models are susceptible to cyber-attacks. Machine Learning models are vulnerable to Adversarial attacks, in which the algorithm of a model can be affected by an attacker with the desire to cause the model to behave contrary to expected, i.e. causing the model to misclassify a certain image when it correctly classified it previously. The goal of Pandahat Adversarial is to teach and empower students in the complexities of Machine Learning, as a response to the dynamically changing technological landscape. Additionally, our objective is for these students to use that empowerment and knowledge in ML to actively participate in the construction and understanding of adversarial attacks within complicated models and data, in addition to enabling them to fight against adversarial attacks by developing, or improving existing defenses.

Problem Statement

  • The increasing integration of Machine Learning (ML) methods across diverse sectors has accentuated concerns over their susceptibility to Adversarial Attacks (when maliciously crafted input data leads to misclassification).

 

  • For instance, in autonomous vehicle systems, adversaries can fabricate deceptive road signs that appear normal to humans but mislead ML algorithms, potentially leading to accidents.

 

  • This vulnerability jeopardizes the reliability and safety of ML models, impacting businesses, consumers, and the research community.

Objectives

  • Explore and replicate vulnerabilities within Machine-Learning Systems. 

 

  • Analyze the following adversarial attacks: One Pixel, Fast Gradient Sign Method, Projected Gradient Descent and Carlini & Wagner.

 

  • Develop the corresponding deep learning skills related to the attacks.

Members

Presentation Video

Research Poster