Collaborative Research: AF: Small: Exploring the Frontiers of Adversarial Robustness

合作研究：AF：小型：探索对抗鲁棒性的前沿

• 批准号: 2335412
• 负责人: David Woodruff
• 金额: $ 30万
• 依托单位: Carnegie-Mellon University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2024
• 资助国家: 美国
• 起止时间: 2024-01-01 至 2026-12-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2335412&HistoricalAwards=false
• 关键词: Collaborative; Research; AF; Small; Exploring

In an age where artificial intelligence (AI) is deeply integrated into our lives yet both cyber and physical threats are ever-present, robustness to adversarial input is critically important for ensuring the reliability, security, and trustworthiness of algorithmic design in the face of intentional attacks and manipulations. Unfortunately, many standard big data algorithms are susceptible to exploitation by adversarial input, resulting in major roadblocks to the widespread deployment of AI in safety-critical domains like healthcare and finance. The goal of this project is to identify and address new emerging directions in adversarial robustness and to develop the fundamental principles underlying vulnerabilities to adversarial input. The project will not only realize new elements of algorithmic design and mathematical tools, but also have immediate impact on the wide-ranging applications of trustworthy artificial intelligence. The research team will involve graduate students in this project and plans two workshops on new directions in adversarial robustness and adaptive data analysis. In addition, the team will initiate outreach with a local high school to mentor students in grades 5-12.The goal of this project is to develop new big data algorithms that are robust to adversarial input. At a high level, the primary focal points of this project are: 1) adversarial robustness in the black-box streaming setting, where an adversary has access to the previous outputs but not the internal states of the algorithm, 2) adversarial robustness in the white-box streaming setting, where an adversary additionally has access to the internal state and previous random bits used by the algorithm, and 3) adaptive data analysis with bounded space. Additionally, the research team will explore and integrate new attack models as they emerge, allowing for continuous adaptation to evolving challenges.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

在人工智能 (AI) 深入融入我们生活但网络和物理威胁始终存在的时代，对抗性输入的稳健性对于确保算法设计在面对故意攻击时的可靠性、安全性和可信度至关重要。攻击和操纵。不幸的是，许多标准大数据算法很容易受到对抗性输入的利用，从而导致人工智能在医疗保健和金融等安全关键领域广泛部署的主要障碍。该项目的目标是识别和解决对抗稳健性的新方向，并制定对抗输入脆弱性的基本原则。该项目不仅将实现算法设计和数学工具的新元素，还将对可信人工智能的广泛应用产生立竿见影的影响。研究团队将让研究生参与该项目，并计划举办两场关于对抗稳健性和自适应数据分析新方向的研讨会。 此外，该团队还将与当地一所高中展开联系，为 5-12 年级的学生提供指导。该项目的目标是开发对对抗性输入具有鲁棒性的新大数据算法。在较高层面上，该项目的主要焦点是：1）黑盒流设置中的对抗鲁棒性，其中对手可以访问先前的输出，但无法访问算法的内部状态，2）白盒流设置，其中对手还可以访问算法使用的内部状态和先前的随机位，以及 3) 有限空间的自适应数据分析。此外，研究团队将探索和整合出现的新攻击模型，以便不断适应不断变化的挑战。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。