[AIP AI Security and Privacy team seminar] (Un)Trustworthy Data in Adversarial Machine Learning. Dr. Rui Wen (CISPA)

ルイ・ウェン博士は、機械学習とセキュリティの交差点に焦点を当て、特に敵対的機械学習におけるデータの役割に関する研究をおこなっている。 コンピュータセキュリティおよび機械学習のトップカンファレンスで多数の論文を発表しており、NDSS2025、NeurIPS2024、USENIX Security 24、ACMCCS 2024、ICLR2024などが含まれる。

• Title: (Un)Trustworthy Data in Adversarial Machine Learning
• Abstract: Data plays a pivotal role in machine learning (ML) systems, serving as the foundation for training models that generalize well and remain unbiased. However, this essential role also makes data a significant source of vulnerabilities in ML systems. In this talk, I will examine how data can be exploited maliciously in ML attacks from two perspectives. First, data can become the target, as demonstrated by privacy breaches such as membership inference attacks, which reveal whether specific data points were part of the training set. Our research highlights that this risk persists even in cutting-edge large language models. Second, data can act as a powerful tool for adversaries, particularly in data poisoning attacks, where manipulated data degrades model performance or embeds harmful behaviors. Our findings reveal that current defenses offer inadequate protection, creating a false sense of security. The talk will conclude with a detailed analysis of how data with varying characteristics, such as data importance, influence the effectiveness of ML attacks, providing insights to guide the development of more robust and trustworthy machine learning systems.