Speaker:Dr. Haibo Hu is a professor in the Department of Electrical and Electronic Engineering, The Hong Kong Polytechnic University and the programme leader of BSc (Hons) in Information Security. His research interests include cybersecurity, data privacy, and adversarial machine learning. He has published over 120 research papers in refereed journals, international conferences, and book chapters. As principal investigator, he has received over 25 million HK dollars of external research grants from Hong Kong and mainland China. He is an associate editor of ACM Transactions on Privacy and Security (TOPS), and has served in the organizing committee of many international conferences, such as ACM GIS 2020, IEEE ICDSC 2020, and IEEE MDM 2019, and in the programme committee of dozens of international conferences, including VLDB, ICDE, CIKM, SDM, and ICDM. He is the recipient of a number of titles and awards, including IEEE MDM 2019 Best Paper Award, WAIM Distinguished Young Lecturer, ICDE 2020 Outstanding Reviewer, VLDB 2018 Distinguished Reviewer, ACM-HK Best PhD Paper, Microsoft Imagine Cup, and GS1 Internet of Things Award. He is a senior member of ACM, IEEE and CCF, and a certified Cisco CCNA Security Trainer.

Date:August 10, 2023

Time:14:00-15:00

Location: Welcome to Tencent meeting, 119-946-136

Abstract:

Machine learning (ML) and cloud computing have collaboratively shifted the paradigm of all walks of life. The core of this new paradigm is the large-scale machine learning models that power Machine Learning as a Service (MLaaS). Obviously, they are valuable assets to the model owners who spend great resources in building them. However, by exploiting the inference results of well orchestrated queries from an ML model, an adversary could learn the internals or even the full extents of it, also known as model extraction (ME) attacks. Alternatively, these models may also leak training data information, known as membership inference or model inversion, or suffer from model poisons. In this talk, I will first give an introduction to these attacks. Then I will present several recent works on enhancing the performance of these attacks and defense schemes. Finally, I will show some open challenges in this field.

Inviter:Prof. Peng Tang