Forgery Detectors for Adversarial Machine Learning
- 講者Pierre Moulin 教授 (伊利諾伊大學)
邀請人:陳祝嵩 - 時間2019-03-12 (Tue.) 10:30 ~ 12:30
- 地點資創中心124演講廳
摘要
Deep neural networks achieve state-of-the-art performance for several image classification problems but have been shown to be easily fooled by adversarial perturbations which slightly modify a legitimate image in a specific direction and are visually indistinguishable from the original. This presents a security risk for applications such as autonomous systems. We tackle the problem of detecting such "forgeries" by constructing a locally optimal detector that is well suited to detecting weak signal perturbations. Our general approach is closely related to steganalysis. To illustrate the approach, we present a procedure for learning the forgery detector from a training set, using Gaussian Mixture Models for modeling image patches. A random ensemble of patches is used for detection of the forgery. The reliability of our forgery detector is assessed for several image classification tasks.
BIO
Pierre Moulin received his doctoral degree in 1990, after which he joined at Bell Communications Research as a Research Scientist.
In 1996, he joined the University of Illinois at Urbana-Champaign, where he is currently Professor in the Department of Electrical
and Computer Engineering, Research Professor at the Coordinated Science Laboratory and
the Beckman Institute and the Coordinated Science Laboratory, and affiliate professor in the Department of Statistics.
His fields of professional interest include statistical decision theory, statistical signal
processing and modeling, machine learning, information security, and Shannon theory.
Dr. Moulin has served on the editorial boards of the IEEE Transactions on Information Theory,
the IEEE Transactions on Image Processing, and the Proceedings of IEEE. He was co-founding
Editor-in-Chief of the IEEE Transactions on Information Forensics and Security (2005-2008),
member of the IEEE Signal Processing Society Board of Governors (2005-2007), member of the IEEE Information
Theory Society Board of Governors (2016-present) and has served
IEEE in various other capacities. He is co-recipient of two best paper awards from the IEEE
Signal processing Society and was plenary speaker for ICASSP, ICIP, and several other conferences.
He is an IEEE Fellow (2003) and was Distinguished Lecturer of the IEEE Signal Processing Society for 2012-2013 and
co-chair of the technical program for ISIT 2015. He was UIUC Sony Faculty Scholar and is the recipient
of the 2018 Ronald W. Pratt Faculty Outstanding Teaching Award.