Talk 3

Yizheng Chen, Columbia University


Building robust machine learning models has always been a cat-and-mouse game, with new attacks constantly devised to defeat the defenses. Recently, a new paradigm has emerged to train verifiably robust machine learning models for image classification tasks. We can use this technique, verifiably robust training, to build robust classifiers for security-relevant applications, e.g., malware and twitter spam detection. We can train classifiers verified to be robust against building-block attacks, which makes it harder for attackers to come up with more sophisticated attacks.

@conference {238914,
title = {Talk 3},
year = {2019},
address = {Santa Clara, CA},
publisher = {{USENIX} Association},
month = aug,