David Evans
Keynote talk
at 1st Deep
Learning and Security Workshop
(Co-located with the 39th IEEE Symposium on Security and Privacy)
San Francisco, California
24 May 2018
Over the past few years, there has been an explosion of research in security of machine learning and on adversarial examples in particular. Although this is in many ways a new and immature research area, the general problem of adversarial examples has been a core problem in information security for thousands of years. In this talk, I'll look at some of the long-forgotten lessons from that quest and attempt to understand what, if anything, has changed now we are in the era of deep learning classifiers. I will survey the prevailing definitions for "adversarial examples", argue that those definitions are unlikely to be the right ones, and raise questions about whether those definitions are leading us astray.
Project site: evadeML.org
David Evans - Talks University of Virginia Department of Computer Science |
David Evans evans@virginia.edu |