Beyond Adversarial Learning - Data Scaling Attacks in Deep Learning Applications

Presented at DEF CON China Beta (2018), May 12, 2018, 2 p.m. (60 minutes)

In this presentation the speaker will demonstrate attacks that target the data scaling process in popular deep learning examples. By carefully crafting input data that mismatches with the scales used by deep learning models, the speaker will show how an attacker can successfully evade image classification even when applications use well-trained deep learning models. The speaker will also present a few potential defending strategies to detect or mitigate such data-flow attacks.

Presenters:

• Kang Li - Director, Institute for Cybersecurity and Privacy, University of Georgia
  Kang Li is a professor of computer science and the director of the Institute for Cybersecurity and Privacy at the University of Georgia. His research results have been published at academic venues, such as IEEE S&P, ACM CCS and NDSS, as well as industrial conferences, such as BlackHat, SyScan, and ShmooCon. Dr. Kang Li is the founder and mentor of multiple CTF security teams, including SecDawg and Blue-Lotus. He is also a founder and player of the Team Disekt, a finalist team in the 2016 DARPA Cyber Grand Challenge.

Links:

• https://defcon.org/html/defcon-china/dc-cn-speakers.html#LiKang
• https://infocon.org/cons/DEF CON/DEF CON China beta/DEF CON China beta videos/DEF CON China beta - Kang Li - Beyond Adversarial Learning - Data Scaling Attacks in Deep Learning Applications (cn).mp4

Similar Presentations:

• DEF CON 24 (2016) / Machine Duping 101: Pwning Deep Learning Systems
• Black Hat Asia 2019 / The Cost of Learning from the Best: How Prior Knowledge Weakens the Security of Deep Neural Networks
• DeepSec 2016 „Ten“ / Machine Duping: Pwning Deep Learning Systems