*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Summary Sentence: Free, open-to-the public discussion about cybersecurity risks, trends, and techniques.
Full Summary: On Friday, March 15th guest speaker, and Ph.D. Student at Georgia Tech College of Computing, Hanjun Dai will discuss the adversarial attacks that fool deep learning models by modifying the combinatorial structure of data.
Hanjun Dai
Cybersecurity Lecture Series by IISPThe Cybersecurity Lecture Series at Georgia Tech is a free, one-hour lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from Fortune 500 companies, federal intelligence agencies, start-ups, and incubators, as well as Georgia Tech faculty and students presenting their research. Lectures are open to all -- students, faculty, industry, government, or simply the curious.
Deep learning on graph structures has shown exciting results in cybersecurity applications, such as risk management, binary code similarity detection, etc. However, few attentions have been paid to the robustness of such models, in contrast to numerous research work for image or text adversarial attack and defense. In this paper, we focus on the adversarial attacks that fool deep learning models by modifying the combinatorial structure of data. We first propose a reinforcement learning based attack method that learns the generalizable attack policy, while only requiring prediction labels from the target classifier. We further propose attack methods based on genetic algorithms and gradient descent in the scenario where additional prediction confidence or gradients are available. We use both synthetic and real-world data to show that, a family of Graph Neural Network models are vulnerable to these attacks, in both graph-level and node-level classification tasks. We also show such attacks can be used to diagnose the learned classifiers.
Hanjun Dai is a fifth-year Ph.D. student at Georgia Institute of Technology, whose advisor is Prof. Le Song. His research mainly focuses on deep learning for structured data, reinforcement learning, and its applications in chemistry, bioinformatics, social network, programming, and natural language. He has also extended his research work through several internships in Amazon AI, OpenAI and DeepMind. His work has won several best paper awards, including AISTATS 2016, and Recsys Workshop on Deep Learning for Recommender Systems 2016 and NIPS 2017 Workshop on Machine Learning for Molecules and Materials.
