MONDAY, 2 OCTOBER 2023
Time: 9:00 am - 10:00 am
Talk title: Strengthening Machine Learning-based Intrusion Detection Systems in Adversarial Environments
Speaker: Wenjing Lou
Machine learning (ML) has witnessed remarkable advancements in recent years, demonstrating its effectiveness in a wide array of applications, including intrusion detection systems (IDS). However, when operating in adversarial environments, ML-based systems are susceptible to a range of attacks. In this talk, we will discuss techniques aimed at strengthening ML-based IDS. On one hand, we explore methods for enhancing the performance and robustness of IDS. We present a contrastive learning-based approach that builds highly discriminative IDS, capable of distinguishing between normal and malicious activities more effectively. On the other hand, we develop efficient security mechanisms to counter common attacks. This includes an adversarial example (AE) detector designed to identify suspicious inputs at the model testing time, filtering out potential AEs, and a robust model evaluation method that leverages latent space representations to build resiliency in model aggregation against model poisoning attacks in federated learning. Through this presentation, we will share the outcomes of our research in fortifying ML-based IDS, shedding light on the advancements and techniques that can enhance the security and robustness of these systems.
Wenjing Lou is the W. C. English Endowed Professor of Computer Science at Virginia Tech and a Fellow of the IEEE. She holds a Ph.D. in Electrical and Computer Engineering from the University of Florida. Her research interests cover many topics in the cybersecurity field, with her current research interest focusing on wireless networks, blockchain systems, trustworthy machine learning systems, and security and privacy problems in the Internet of Things (IoT) systems. Prof. Lou is a highly cited researcher by the Web of Science Group. She received the Virginia Tech Alumni Award for Research Excellence in 2018, the highest university-level faculty research award. She received the INFOCOM Test-of-Time paper award in 2020. She is the TPC chair for IEEE INFOCOM 2019 and ACM WiSec 2020. She was the Steering Committee Chair for IEEE CNS conference from 2013 to 2020. She is currently a steering committee member of IEEE INFOCOM and IEEE CNS. She served as a program director at US National Science Foundation (NSF) from 2014 to 2017.
WEDNESDAY, 4 OCTOBER 2023
Time: 9:00 am - 10:00 am
Talk title: Membership Inference Attacks against Classifiers
Speaker: Ninghui Li
In membership inference (MI) attacks, the adversary is given access to a target classifier and a number of data instances and aims to determine whether these data instances have been used when training the classifier. Given the close relationship between membership inference and differential privacy, the degree of vulnerability to MI attacks is an excellent empirical measure of a classifier's level of privacy.
MI attacks can be studied in different settings depending on how the adversary is allowed to access a model, e.g., blacbox access to the target classifier, access to model parameters in the classifier, access to gradients during the training in the classifier such as in a federated learning setting, and the ability to actively manipulate the training process to conduct membership inference.
In this talk, we will discuss existing results on MI attacks and defense mechanisms in these settings, and discuss open problems.
Ninghui Li is Samuel D. Conte Professor of Computer Science at Purdue University. He received a Bachelor’s degree from the University of Science and Technology of China (USTC)’s Special Class of Gift Young in 1993, and a Ph.D. in Computer Science from New York University in 2000. His research interests are in security and privacy, on which he has published over 200 referred papers. He has received multiple best paper awards and test of time paper awards in security and database conferences. He is serving as Editor-in-Chief for ACM Transactions on Privacy and Security since 2020 and has served in many leadership roles in the research community, including Chair of ACM Special Interest Group on Security, Audit and Control (SIGSAC) from 2017 to 2021. He is a fellow of ACM and of IEEE.