Can Machine Learning be Hacked ?

This is a one-day RISC workshop on the intersection between security and ML co-organized between the Cryptology Group led by Prof. Ronald Cramer and the Machine Learning Group led by Prof. Peter Grunwald.

Description:

Can we trust Machine Learning (ML) to enable robust intelligence with its ability to sense, learn, reason, and act in complex environments with real-time responsiveness and long-term reflection? How can robust intelligence survive in a malicious world? We need to worry about adversarial examples which seem normal for a human but are wrongly classified by ML models; privacy attacks which extract information about the ML model and used training data set; poisoning and Trojan attacks that maliciously modify a ML model’s behavior. AutoML is about automating the process of applying ML to real world problems – will this be hacked?

When and Where:

Friday March 27th in the Euler Room at WCW (next to CWI), Science Park 125, Amsterdam.

10:00-10:45 Registration and Welcome with Coffee

10:45-10:50 Marten van Dijk (U. of Connecticut & CWI)
                    Welcome and Introduction

10:50-11.40 Audra McMillan (Boston University & Northeastern University)
                    Online Learning via the Differential Privacy Framework

11:40-11:55 Short Break

11:55-12.45 Thijs Veugen (TNO & CWI)
                    Privacy-Preserving Coupling of Vertically-Partitioned Databases
                    and Subsequent Training with Gradient Descent

12:45-13:45 Lunch (served outside the Euler Room)

13:45-14:35 Phuong Ha Nguyen (U. of Connecticut) and Marten van Dijk (U. of Connecticut & CWI)
                    Buffer Zones for Defending against Adversarial Examples in Image Classification

14:35-14:50 Coffee/Cookies

14:50-15:40 Joaquin Vanschoren (Technical University Eindhoven)
                    Automated Machine Learning (a Tutorial)

15:40-16:15 Discussion (panel of all speakers and interaction with the public)
                    Can ML be hacked?

16.15-17:15 Cocktail

Titles and abstracts are available here.

Registration is mandatory (deadline March 20) but there is no registration fee. Please register using this form. A list of registered participants can be found here.