The Challenges of Machine Learning in Adversarial Settings by Patrick McDaniel, Pennsylvania State University

Abstract: Advances in AI and machine learning have enabled new applications and services to interpret and process inputs in previously unthinkable complex environments. Autonomous cars, data analytics, adaptive communication and self-aware software systems are now revolutionizing markets by achieving or exceeding human performance. In this talk, I consider the evolving use of machine learning in security-sensitive contexts and explore why many systems are vulnerable to nonobvious and potentially dangerous manipulation. Here, we examine sensitivity in any application whose misuse might lead to harm--for instance, forcing adaptive network in an unstable state, crashing an autonomous vehicle or bypassing an adult content filter. I explore the use of machine learning in this area particularly in light of recent discoveries in the creation of adversarial samples and defenses against them and posit on future attacks on machine learning. The talk is concluded with a discussion of the technological and societal challenges we face as a result of current and future advances in intelligent computing.

Bio: Patrick McDaniel is the William L. Weiss Professor of Information and Communications Technology and Director of the Institute for Networking and Security Research in the School of Electrical Engineering and Computer Science at the Pennsylvania State University. Professor McDaniel is also a Fellow of the IEEE and ACM and the director of the NSF Frontier Center for Trustworthy Machine Learning. He also served as the program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance from 2013 to 2018. Patrick's research centrally focuses on a wide range of topics in computer and network security and technical public policy. Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs-Research.
Abstract:

What is the nature of linguistic knowledge, and how is it acquired from limited data? In recent years, the program of subregular linguistics has identified formal language classes expressive enough to account for most phenomena in natural language but also sufficiently limited to be efficiently learned from positive data. An advantage to these formal learning algorithms is that they come with mathematically proven guarantees about their performance, and it is easy to reason about how and why they behave the way they do.

In this talk, I discuss the Multi Tier-based 2-Strictly Local Inference Algorithm (MT2SLIA), which probably learns the syntactically relevant class of 2-Factor Muti Tier-based Strictly Local (2FMSTL) tree languages. This algorithm efficiently learns from a polynomially-sized sample of positive data by identifying missing substructures and generalizing these as constraints over tiers in a principled manner.

I will introduce a working prototype implementation of this algorithm and demonstrate its behavior on a curated sample of natural language data to show how it can learn relevant syntactic patterns.

Bio:

Logan Swanson is a third year PhD student in the Department of Linguistics at Stony Brook University. He is advised by Dr. Jefferey Heinz and Dr. Thomas Graf. His interests include learning theory, computational syntax, and language change. His current research focuses on understanding the learning-theoretic elements of natural language by designing, implementing, and testing learning algorithms for linguistically relevant formal language classes.

*Please note: this seminar will be held in person (IACS Seminar Room w/ food provided) and online.

Join Zoom Meeting
https://stonybrook.zoom.us/j/95707958315?pwd=6ITUJ0ffCXjRJb4wpt0KMDTApfSLZ0.1

Meeting ID: 957 0795 8315
Passcode: 920473

The Association for Computational Linguistics is the international scientific and professional society for people working on problems involving natural language and computation. Membership includes the ACL quarterly journals, Computational Linguistics and Transactions of the ACL, reduced registration at most ACL-sponsored conferences, discounts on ACL-sponsored publications, and participation in ACL Special Interest Groups.

An annual meeting is held each summer in locations where significant computational linguistics research is carried out.

For more information and registration, visit the official website.

The New York Academy of Sciences Presents AI for Materials: From Discovery to Production - A Virtual Symposium

Event Description: This interdisciplinary symposium covers the application of artificial intelligence (AI) throughout the entire life cycle of new materials -- from materials simulations and synthesis to translating research into high-volume industrial production.

Event Link & Registration: nyas.org/AI4Materials2020
University Libraries Present: Qualitative data can be challenging to analyze and interpret effectively. In this workshop, SBU Libraries' Data Literacies Lead, Ahmad Pratama will show you how to extract meaningful insights from textual data, including understanding sentiment trends. Learn to explore qualitative data with Python using word clouds, basic natural language processing (NLP) techniques, and lexicon-based sentiment analysis with VADER.
https://stonybrook.zoom.us/meeting/register/k0r6mPYCRayk2AOGmyd0qw#/registration
Abstract:

Recent advances in deep learning have significantly enhanced the capabilities of Natural Language Processing (NLP) and Vision-Language Models (VLMs). However, these advancements come with increased vulnerabilities, notably through backdoor attacks that pose severe security threats. This thesis addresses two critical dimensions of Trustworthy AI and Efficient Multimodal Representation Learning: (1) security through analyzing, detecting, and designing backdoor attacks in NLP and VLMs, and (2) efficiency through advanced multimodal representation methods tailored for clinical and medical imaging applications.

In the first dimension, we explore the internal mechanisms exploited by backdoor attacks, identifying the distinctive phenomenon of attention focus drifting in compromised transformer models, where trigger tokens consistently hijack attention. Leveraging these insights, we propose robust detection frameworks, including the attention-based Trojan detector (AttenTD) and a task-agnostic logit-based detection method (TABDet), achieving effective identification of backdoored NLP models across diverse tasks. We further introduce novel backdoor attack methodologies: the Trojan Attention Loss (TAL), enhancing attack efficiency and stealth through direct attention manipulation, and BadCLM, demonstrating critical vulnerabilities in clinical decision-support systems by effectively compromising clinical language models.

Extending our security exploration to multimodal settings, we investigate backdoor attacks on Vision-Language Models (VLMs), particularly in complex image-to-text generation tasks, proposing innovative techniques (TrojVLM, VLOOD) capable of embedding backdoors without direct access to original training data, thus showcasing practical risks in real-world scenarios.

In the second dimension, we address efficiency and interpretability challenges in clinical and pathology applications. We introduce TCP-LLaVA, the first multimodal large language model (MLLM) designed explicitly for Whole Slide Image (WSI) Visual Question Answering (VQA). Utilizing a novel token compression mechanism inspired by transformer-based models, TCP-LLaVA substantially reduces computational resource consumption while maintaining superior VQA performance across multiple tumor subtypes. Additionally, we present a multimodal transformer model integrating structured Electronic Health Records (EHR) with clinical notes, demonstrating enhanced predictive accuracy and interpretability for in-hospital mortality prediction through integrated gradient-based interpretability methods.

Together, these contributions present a comprehensive approach to ensuring AI models are not only secure against malicious manipulation but also efficient and interpretable for critical clinical applications, underscoring the essential need for trustworthy and effective AI systems.

Speaker: Weimin Lyu

Zoom: https://stonybrook.zoom.us/j/2392326575?pwd=SVQ2VkFXTnZZYmJUMXgvTXBuZWM3UT09

Meeting ID: 239 232 6575
Passcode: 436192
The overall purpose of this seminar is to bring together people with interests in Computer Vision theory and techniques and to examine current research issues. This course will be appropriate for people who already took a Computer Vision graduate course or already had research experience in Computer Vision. To enroll in this course, you must either: (1) be in the PhD program or (2) receive permission from the instructors. Each seminar will consist of multiple short talks (around 15 minutes) by multiple students. Students can register for 1 credit for CSE656. Registered students must attend and present a minimum of 2 talks. Everyone else is welcome to attend. Fill in https://forms.gle/q6UG9ygauLp2a8Po8 to subscribe to our mailing list for further announcement.