When
Where
Towards Data Poisoning in Machine Learning Models
Abstract: Data poisoning refers to the scenario where a party deliberately manipulates the training dataset of a machine learning model, such that the trained model either performs poorly or exhibits specific behaviors as desired. While such “attacks” raise serious concerns about the safety and reliability of AI systems, data poisoning can also be used as a form of data protection—by inserting small modifications, one can prevent unauthorized users from training effective models on the data. A major challenge in both offensive and defensive settings is the lack of knowledge about how the target model will be trained in practice. In this talk, we will discuss several practical strategies to overcome real-world limitations, as well as the broader social impact of such techniques.
Bio: Han Xu joined the department of Electrical and Computer Engineering as an assistant professor in 2024. Prior to joining the University of Arizona, he obtained his PhD in computer science and engineering at Michigan State University. Xu's research interests are in machine learning and artificial intelligence, including robustness, fairness and privacy issues. His research is published in top ML/AI conferences, including International Conference on Machine Learning (ICML), International Conference on Learning Representations (ICLR), Conference on Neural Information Processing Systems (NeurIPS), Association for Computational Linguistics (ACL), Association for the Advancement of Artificial Intelligence (AAAI) and Conference on Knowledge Discovery and Data Mining (KDD).