You are cordially invited to attend the Talk with Prof. Dr Florian Tramèr with title Wednesday, June 21st, at 14:30, in room E00-D17. It willl take place on CK building in “Poisoning Web-Scale Training Datasets is Practical”(campus Kirchberg).
Abstract:
Deep learning models are often trained on distributed, web-scale datasets crawled from the internet. We introduce two new dataset poisoning attacks that intentionally introduce malicious examples to degrade a model’s performance. Our attacks are immediately practical and could, today, poison 10 popular datasets. We will discuss how the attacks work; why (we think) these haven’t been exploited yet; and why defending against them comes with non-negligible costs.”
Bio:
Florian Tramèr is an assistant professor of Computer Science at ETH Zürich. His research interests lie in computer security, machine learning and cryptography. In his current work, he studies the worst-case behavior of Deep Learning systems from an adversarial perspective, to understand and mitigate long-term threats to the safety and privacy of users. He is an internationally renowned researcher in adversarial machine learning, with numerous distinguished papers in top-tier conferences (ICLR, NeurIPS, ICML, etc.) and an award-wining scientist. His work has been featured in The Economist, Nature, Science, Communications of the ACM, Wired among others. He received his PhD from Stanford University. After graduating, he spent one year at Google Brain.