Adversarial Machine Learning in Big Data Era

NTU Adversarial machine learning 1Objective: Improve the security of existing machine learning algorithms against real-world attackers

PIs: Bo An (NTU), Chew Lock Yue (NTU), Christos Dimitrakakis (Chalmers), Devdatt Dubhashi (Chalmers)

Targeted problem: Data poisoning attacks on optimization-based supervised learning algorithms and their defense


  • Understand vulnerabilities of supervised learning algorithms. We will find blind spots of a broad family of supervised learning algorithms.
  • Design optimal defense strategies against data poisoning attacks. We will develop two defense frameworks: The detection framework aims to accurately and timely detect the occurrence of poisoning attacks and the mitigation framework aims to effectively reduce the influence of attacks on victim learning models.
  • Improve solution robustness and evaluate proposed methods. We will refine the detection and mitigation frameworks and propose new algorithms to compute optimal defense. We will design evaluation frameworks and validate solutions on real-world data sets

NTU Adversarial machine learning 2


NTU Adversarial machine learning 3