Lecture Series in Intelligent Perception and Computing
题 目 （TITLE）：Recent Advances in Black-box Adversarial Attacks to Deep Learning
讲 座 人 （SPEAKER）: Baoyuan Wu, Associate Professor, The School of Data Science, Chinese University of Hong Kong
主 持 人 (CHAIR)：Dr. Ran He
时 间 (TIME)：10:00 am, September 10 (Thursday), 2020
地 点 (VENUE)： 1610 Meeting Room, 16th Floor, Intelligent Building
In this talk, I will introduce recent advances in black-box adversarial attacks to deep learning models. Since the black-box adversarial attack only requires the model’s output, rather than the model parameter, it could pose a substantial threat to deep learning systems in real-world scenarios. We will firstly give a general review of the literature of black-box adversarial attacks. Then, we will introduce two of our recent works. One is for the decision-based black-box attack, which utilizes the historical queries to accelerate the searching process, and it is the first time in the world to successfully fool the face recognition API in the decision-based setting. The other is for the score-based black-box attack, which proposes to capture the probability distribution of adversarial perturbations by the conditional Glow model, such that it is very efficient to successfully sample adversarial perturbations with a few queries. Finally, I will share some thoughts about the trends of this topic.
Dr. Baoyuan Wu is currently an Associate Professor of School of Data Science, the Chinese University of Hong Kong, Shenzhen (CUHK-Shenzhen). He is also the director of the Secure Computing Lab of Big Data, Shenzhen Research Institute of Big Data (SBRID). Before joining CUHK-SZ, he was Senior/Principal Researcher at Tencent AI Lab, from Nov. 2016 to Aug. 2020. He was a Postdoc in IVUL lab at KAUST, working with Prof. Bernard Ghanem, from August 2014 to November 2016. He received the PhD degree from the National Laboratory of Pattern Recognition, Chinese Academy of Sciences (CASIA) in 2014, supervised by Prof. Baogang Hu. His research interests are machine learning and computer vision, including AI security and privacy, probabilistic graphical models, multi-label learning and integer programming, etc. He has published 30+ top-tier conference and journal papers, including TPAMI, IJCV, CVPR, ICCV, ECCV, AAAI, etc.