On Adversarial Network Attacks, Robustness, and Certification
Overview
Abstract
The outstanding performance of deep neural networks (DNNs), for visual recognition tasks in particular, has been demonstrated on many large-scale benchmarks. This performance has immensely strengthened the line of research that aims to understand and analyze the driving reasons behind the effectiveness of these networks. One important aspect of this analysis has gained much attention, namely the sensitivity of a DNN to perturbations. This has spawned a thrust in the research community, which focuses on developing adversarial attacks that fool a DNN, training strategies that make DNNs more robust against such attacks, as well as methods to certify the behavior of a DNN irrespective of the attack. In this talk, I will introduce this exciting research thrust and span much of its landscape from synthesizing adversarial attacks all the way to randomized smoothing for DNN certification. I will also give an update on the latest research progress in this direction from the Image and Video Understanding Lab (IVUL) at KAUST.
Brief Biography
Bernard Ghanem is currently an Associate Professor in the CEMSE division and a theme leader at the Visual Computing Center (VCC) at KAUST. His research interests lie in computer vision and machine learning with an emphasis on topics in video understanding, 3D recognition, and theoretical foundations of deep learning. He received his Bachelor’s degree from the American University of Beirut (AUB) in 2005 and his MS/PhD from the University of Illinois at Urbana-Champaign (UIUC) in 2010. His work has received several awards and honors, including four Best Paper Awards for workshops in CVPR 2013&2019 and ECCV 2018&2020, a two-year KAUST Seed Fund, a Google Faculty Research Award in 2015 (1st in MENA for Machine Perception), and an Abdul Hameed Shoman Arab Researchers Award for Big Data and Machine Learning in 2020. He has co-authored more than 100 peer-reviewed conference and journal papers in his field as well as three issued patents. He serves as Associate Editor for IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI) and has served as Area Chair (AC) for CVPR 2018/2021, ICCV 2019/2021, ICLR 2021, and AAAI 2021.