SaTC: CORE: Frontier: Collaborative: End-to-End Trustworthiness of Machine-Learning Systems

SaTC：核心：前沿：协作：机器学习系统的端到端可信度

• 批准号: 1804648
• 负责人: Somesh Jha
• 金额: $ 69.55万
• 依托单位: University of Wisconsin-Madison
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1804648&HistoricalAwards=false
• 关键词: SaTC; CORE; Frontier; Collaborative; End

This frontier project establishes the Center for Trustworthy Machine Learning (CTML), a large-scale, multi-institution, multi-disciplinary effort whose goal is to develop scientific understanding of the risks inherent to machine learning, and to develop the tools, metrics, and methods to manage and mitigate them. The center is led by a cross-disciplinary team developing unified theory, algorithms and empirical methods within complex and ever-evolving ML approaches, application domains, and environments. The science and arsenal of defensive techniques emerging within the center will provide the basis for building future systems in a more trustworthy and secure manner, as well as fostering a long term community of research within this essential domain of technology. The center has a number of outreach efforts, including a massive open online course (MOOC) on this topic, an annual conference, and broad-based educational initiatives. The investigators continue their ongoing efforts at broadening participation in computing via a joint summer school on trustworthy ML aimed at underrepresented groups, and by engaging in activities for high school students across the country via a sequence of webinars advertised through the She++ network and other organizations.The center focuses on three interconnected and parallel investigative directions that represent the different classes of attacks attacking ML systems: inference attacks, training attacks, and abuses of ML. The first direction explores inference time security, namely methods to defend a trained model from adversarial inputs. This effort emphasizes developing formally grounded measurements of robustness against adversarial examples (defenses), as well as understanding the limits and costs of attacks. The second research direction aims to develop rigorously grounded measures of robustness to attacks that corrupt the training data and new training methods that are robust to adversarial manipulation. The final direction tackles the general security implications of sophisticated ML algorithms including the potential abuses of generative ML models, such as models that generate (fake) content, as well as data mechanisms to prevent the theft of a machine learning model by an adversary who interacts with the model.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

项目成果

Towards Understanding Limitations of Pixel Discretization Against Adversarial Attacks

• DOI: 10.1109/eurosp.2019.00042
• 发表时间: 2018-05
• 期刊: 2019 IEEE European Symposium on Security and Privacy (EuroS&P)
• 作者: Jiefeng Chen;Xi Wu;Vaibhav Rastogi;Yingyu Liang;S. Jha

Overfitting, robustness, and malicious algorithms: A study of potential causes of privacy risk in machine learning

• DOI: 10.3233/jcs-191362
• 发表时间: 2020-02
• 期刊: J. Comput. Secur.
• 作者: Samuel Yeom;Irene Giacomelli;Alan Menaged;Matt Fredrikson;S. Jha

Machine learning and logic: a new frontier in artificial intelligence

• DOI: 10.1007/s10703-023-00430-1
• 发表时间: 2023-06-14
• 期刊: FORMAL METHODS IN SYSTEM DESIGN
• 影响因子: 0.8
• 作者: Ganesh，Vijay;Seshia，Sanjit A. A.;Jha，Somesh
• 通讯作者: Jha，Somesh

Semantic Adversarial Deep Learning

• DOI: 10.1109/mdat.2020.2968274
• 发表时间: 2018-04
• 期刊: IEEE Design & Test
• 影响因子: 2
• 作者: S. Seshia;S. Jha;T. Dreossi

Towards Effective Differential Privacy Communication for Users’ Data Sharing Decision and Comprehension

• DOI: 10.1109/sp40000.2020.00088
• 发表时间: 2020-03
• 期刊: 2020 IEEE Symposium on Security and Privacy (SP)
• 作者: Aiping Xiong;Tianhao Wang;Ninghui Li;S. Jha