As Machine Learning is increasingly integrated in many applications, including safety critical ones such as autonomous cars, robotics, visual authentication and voice control, wrong predictions can have a significant influence on individuals and groups.
Advances in prediction accuracy have been impressive, and while machine learning systems still can make rather unexpected mistakes on relatively easy examples, the robustness of algorithms has also steadily increased.
However, many models, and specifically Deep Learning approaches and image analysis, are rather susceptible to adversarial attacks. One form of these attacks, adversarial examples, overlays images with small perturbations that remain (almost) imperceptible to human vision, but can cause a neural network classifier to completely change its prediction about an image, with the model reporting a very high confidence on the wrong prediction.
This talk will give an overview on various attacks (backdoors, evasion, inference/inversion), and will show they could be mitigated.