Machine Learning Security Seminar Series - Sven Gowal

Описание: Description: Invited talk by Sven Gowal (DeepMind)

Title of the talk: Specification-driven Machine Learning for Robustness

Abstract

Enabling models to generalize robustly to adversarial and natural distribution shifts is a fundamental problem in machine learning. In this talk, I introduce the concept of specification-driven machine learning as a solution to this problem. I explain how specifications can be embedded into neural networks and how they can be learned from data.

The talk consists of three parts. First, we focus on robustness against lp-norm bounded adversarial perturbations. We introduce the concept of adversarial training, enumerate its key challenges, and demonstrate how we can leverage generative models to bypass these challenges. We then discuss approaches that go beyond adversarial examples. Using disentangled representations, we show how we can leverage classical notions of adversarial or certified training to produce models that are robust to natural, semantically-meaningful perturbations. Finally, we demonstrate how to exploit large-scale generative models trained on large amount of data in this context.

Bio

Sven Gowal is a Staff Research Engineer at DeepMind, UK. He led numerous initiatives on "robust and certifiable machine learning" at DeepMind and has co-authored over 30 papers in the domain of Robust ML receiving 2 best paper awards. Prior to DeepMind, he worked for Google Research, where he focused on video content analysis and real-time object detection. He completed his PhD at the Swiss Federal Institute of Technology (EPFL), Switzerland, in 2013, on the topic of decentralized multi-robot control. He received his MSc in 2007 from EPFL after working on the DARPA Urban Challenge with Caltech and having spent part of his undergrad at Carnegie Mellon University.