SaTC: CORE: Medium: Collaborative: Towards Trustworthy Deep Neural Network Based AI: A Systems Approach
SaTC:核心:媒介:协作:迈向基于可信深度神经网络的人工智能:一种系统方法
基本信息
- 批准号:1801495
- 负责人:
- 金额:$ 90万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2018
- 资助国家:美国
- 起止时间:2018-08-01 至 2022-07-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Artificial intelligence (AI) is poised to revolutionize the world in fields ranging from technology to medicine, physics and the social sciences. Yet as AI is deployed in these domains, recent work has shown that systems may be vulnerable to different types of attacks that cause them to misbehave; for instance, attacks that cause an AI system to recognize a stop sign as a speed-limit sign. The project seeks to develop methodologies for testing, verifying and debugging AI systems, with a specific focus on deep neural network (DNN)-based AI systems, to ensure their safety and security. The intellectual merits of the proposed research are encompassed in four new software tools that will be developed: (1) DeepXplore, a tool for automated and systematic testing of DNNs that discovers erroneous behavior that might be either inadvertently or maliciously introduced; (2) BadNets, a framework that automatically generated DNNs with known and stealthy misbehaviours in order to stress-test DeepXplore; (3) SafetyNets; a low-overhead scheme for safe and verifiable execution of DNNs in the cloud; and (4) VisualBackProp; a visual debugging tool for DNNs. The synergistic use of these tools for secure deployment of an AI system for autonomous driving will be demonstrated.The project outcomes will significantly improve the security and safety of AI systems and increase their deployment in safety- and security-critical settings, resulting in broad societal impact. The results of the project will be widely disseminated via publications, talks, open access code, and competitions hosted on sites such as Kaggle and NYU's annual Cyber-Security Awareness Week (CSAW). Furthermore, students from under-represented minority groups in science, technology, engineering and mathematics (STEM) will be actively recruited and mentored to be leaders in this critical area. The code for this project will be made publicly available via github.com. Preliminary code for the tools that will be developed is already hosted on this website, including DeepXplore (https://github.com/peikexin9/deepxplore) and BadNets (https://github.com/Kooscii/BadNets/). These repositories will be linked to from a homepage that describes the entire project. The project homepage will be hosted on wp.nyu.edu/mlsecproject.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
人工智能 (AI) 有望在技术、医学、物理学和社会科学等领域彻底改变世界。然而,随着人工智能在这些领域的部署,最近的研究表明,系统可能容易受到不同类型的攻击,从而导致其行为不当;例如,导致人工智能系统将停车标志识别为限速标志的攻击。该项目旨在开发用于测试、验证和调试人工智能系统的方法,特别关注基于深度神经网络(DNN)的人工智能系统,以确保其安全性。拟议研究的智力优点包含在将开发的四个新软件工具中:(1)DeepXplore,一种用于自动和系统测试 DNN 的工具,可发现可能无意或恶意引入的错误行为; (2) BadNets,一个框架,可以自动生成具有已知和隐秘的不当行为的 DNN,以便对 DeepXplore 进行压力测试; (3) 安全网;用于在云中安全且可验证地执行 DNN 的低开销方案; (4) VisualBackProp; DNN 的可视化调试工具。将展示这些工具的协同使用,以安全部署自动驾驶人工智能系统。该项目成果将显着提高人工智能系统的安全性和安全性,并增加其在安全和安全关键环境中的部署,从而产生广泛的社会影响。该项目的结果将通过出版物、演讲、开放获取代码以及在 Kaggle 和纽约大学年度网络安全意识周 (CSAW) 等网站上举办的竞赛来广泛传播。此外,来自科学、技术、工程和数学(STEM)领域代表性不足的少数群体的学生将被积极招募和指导,成为这一关键领域的领导者。 该项目的代码将通过 github.com 公开发布。将要开发的工具的初步代码已经托管在该网站上,包括 DeepXplore (https://github.com/peikexin9/deepxplore) 和 BadNets (https://github.com/Kooscii/BadNets/)。这些存储库将从描述整个项目的主页链接到。该项目主页将托管在 wp.nyu.edu/mlsecproject 上。该奖项反映了 NSF 的法定使命,并通过使用基金会的智力价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(6)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Bias Busters: Robustifying DL-Based Lithographic Hotspot Detectors Against Backdooring Attacks
- DOI:10.1109/tcad.2020.3033749
- 发表时间:2020-04
- 期刊:
- 影响因子:2.9
- 作者:Kang Liu;Benjamin Tan;Gaurav Rajavendra Reddy;S. Garg;Y. Makris;R. Karri
- 通讯作者:Kang Liu;Benjamin Tan;Gaurav Rajavendra Reddy;S. Garg;Y. Makris;R. Karri
Poisoning the (Data) Well in ML-Based CAD: A Case Study of Hiding Lithographic Hotspots
- DOI:10.23919/date48585.2020.9116489
- 发表时间:2020-03
- 期刊:
- 影响因子:0
- 作者:Kang Liu;Benjamin Tan;R. Karri;S. Garg
- 通讯作者:Kang Liu;Benjamin Tan;R. Karri;S. Garg
Training Data Poisoning in ML-CAD: Backdooring DL-Based Lithographic Hotspot Detectors
- DOI:10.1109/tcad.2020.3024780
- 发表时间:2020-09
- 期刊:
- 影响因子:2.9
- 作者:Kang Liu;Benjamin Tan;R. Karri;S. Garg
- 通讯作者:Kang Liu;Benjamin Tan;R. Karri;S. Garg
BadNets: Evaluating Backdooring Attacks on Deep Neural Networks
- DOI:10.1109/access.2019.2909068
- 发表时间:2019-01-01
- 期刊:
- 影响因子:3.9
- 作者:Gu, Tianyu;Liu, Kang;Garg, Siddharth
- 通讯作者:Garg, Siddharth
Adaptive Adversarial Videos on Roadside Billboards: Dynamically Modifying Trajectories of Autonomous Vehicles
- DOI:10.1109/iros40897.2019.8968267
- 发表时间:2019-11
- 期刊:
- 影响因子:0
- 作者:Naman Patel;P. Krishnamurthy;S. Garg;F. Khorrami
- 通讯作者:Naman Patel;P. Krishnamurthy;S. Garg;F. Khorrami
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Siddharth Garg其他文献
Suitable triggering algorithms for detecting strong ground motions using MEMS accelerometers
- DOI:
10.1007/s11803-015-0004-7 - 发表时间:
2015-02-20 - 期刊:
- 影响因子:3.300
- 作者:
Ravi Sankar Jakka;Siddharth Garg - 通讯作者:
Siddharth Garg
Manipulation Attacks on Learned Image Compression
对学习图像压缩的操纵攻击
- DOI:
- 发表时间:
2024 - 期刊:
- 影响因子:0
- 作者:
Kang Liu;Di Wu;Yangyu Wu;Yiru Wang;Dan Feng;Benjamin Tan;Siddharth Garg - 通讯作者:
Siddharth Garg
Feature Compression for Rate Constrained Object Detection on the Edge
用于边缘速率受限对象检测的特征压缩
- DOI:
- 发表时间:
2022 - 期刊:
- 影响因子:0
- 作者:
Yuan, Zhongzheng;Samyak Rawlekar;Siddharth Garg;Elza Erkip;Yao Wang - 通讯作者:
Yao Wang
On the Limitation of Backdoor Detection Methods
论后门检测方法的局限性
- DOI:
- 发表时间:
- 期刊:
- 影响因子:0
- 作者:
Georg Pichler;Marco Romanelli;Divya Prakash Manivannan;P. Krishnamurthy;F. Khorrami;Siddharth Garg;TU Wien - 通讯作者:
TU Wien
Behavioral Synthesis for Hardware Security
硬件安全的行为综合
- DOI:
10.1007/978-3-030-78841-4 - 发表时间:
2022 - 期刊:
- 影响因子:0
- 作者:
Srinivas Katkoori;Omkar Dokur;Rajeev Joshi;Kavya Lakshmi Kalyanam;Md Adnan Zaman;Ariful Islam;Nandeesha Veeranna;Benjamin Carrion Schafer;Rajat Pranesh Santikellur;Subhra Chakraborty;S. Bhunia;Hannah Badier;Jean;Philippe Coussy;Guy Gogniat;C. Pilato;D. Sciuto;Francesco Regazzoni;Siddharth Garg;Ramesh Karri;Anirban Sengupta;Mahendra Rathor;Matthew Lewandowski;Chen Liu;Chengmo Yang;Farhath Zareen;Robert Karam;S. T. C. Konigsmark;Wei Ren;Martin D. F. Wong;Deming Chen;Mike Borowczak;Ranga Vemuri;Steffen Peter;T. Givargis;Wei Hu;Armaiti Ardeshiricham;Lingjuan Wu;Ryan Kastner;Christian Pilato Politecnico;di Milano;Italy Milan;ST Micro;Singapore Singapore;S. Islam - 通讯作者:
S. Islam
Siddharth Garg的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Siddharth Garg', 18)}}的其他基金
MLWiNS: Resource Constrained Mobile Data Analytics Assisted by the Wireless Edge
MLWiNS:无线边缘协助的资源受限移动数据分析
- 批准号:
2003182 - 财政年份:2020
- 资助金额:
$ 90万 - 项目类别:
Standard Grant
FOundations of Secure and TrustEd HardwaRe (FOSTER) Workshop
安全和可信硬件基础 (FOSTER) 研讨会
- 批准号:
1749175 - 财政年份:2017
- 资助金额:
$ 90万 - 项目类别:
Standard Grant
TWC: Large: Collaborative: Verifiable Hardware: Chips that Prove their Own Correctness
TWC:大型:协作:可验证的硬件:证明自身正确性的芯片
- 批准号:
1565396 - 财政年份:2016
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
CAREER: Re-thinking Electronic Design Automation Algorithms for Secure Outsourced Integrated Circuit Fabrication
职业:重新思考安全外包集成电路制造的电子设计自动化算法
- 批准号:
1553419 - 财政年份:2016
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
STARSS: Small: New Attack Vectors and Formal Security Analysis for Integrated Circuit Logic Obfuscation
STARSS:小型:集成电路逻辑混淆的新攻击向量和形式安全分析
- 批准号:
1527072 - 财政年份:2015
- 资助金额:
$ 90万 - 项目类别:
Standard Grant
相似国自然基金
胆固醇羟化酶CH25H非酶活依赖性促进乙型肝炎病毒蛋白Core及Pre-core降解的分子机制研究
- 批准号:82371765
- 批准年份:2023
- 资助金额:50 万元
- 项目类别:面上项目
锕系元素5f-in-core的GTH赝势和基组的开发
- 批准号:22303037
- 批准年份:2023
- 资助金额:30 万元
- 项目类别:青年科学基金项目
基于合成致死策略搭建Core-matched前药共组装体克服肿瘤耐药的机制研究
- 批准号:
- 批准年份:2022
- 资助金额:52 万元
- 项目类别:
鼠伤寒沙门氏菌LPS core经由CD209/SphK1促进树突状细胞迁移加重炎症性肠病的机制研究
- 批准号:
- 批准年份:2022
- 资助金额:30 万元
- 项目类别:青年科学基金项目
基于外泌体精准调控的“核-壳”(core-shell)同步血管化骨组织工程策略的应用与机制探讨
- 批准号:
- 批准年份:2020
- 资助金额:55 万元
- 项目类别:
肌营养不良蛋白聚糖Core M3型甘露糖肽的精确制备及功能探索
- 批准号:92053110
- 批准年份:2020
- 资助金额:70.0 万元
- 项目类别:重大研究计划
Core-1-O型聚糖黏蛋白缺陷诱导胃炎发生并介导慢性胃炎向胃癌转化的分子机制研究
- 批准号:81902805
- 批准年份:2019
- 资助金额:20.5 万元
- 项目类别:青年科学基金项目
原始地球增生晚期的Core-merging大碰撞事件:地核增生、核幔平衡与核幔边界结构的新认识
- 批准号:41973063
- 批准年份:2019
- 资助金额:65.0 万元
- 项目类别:面上项目
CORDEX-CORE区域气候模拟与预估研讨会
- 批准号:41981240365
- 批准年份:2019
- 资助金额:1.5 万元
- 项目类别:国际(地区)合作与交流项目
RBM38通过协助Pol-ε结合、招募core调控HBV复制
- 批准号:31900138
- 批准年份:2019
- 资助金额:24.0 万元
- 项目类别:青年科学基金项目
相似海外基金
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330940 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317232 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317233 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
SaTC: CORE: Medium: Increasing user autonomy and advertiser and platform responsibility in online advertising
SaTC:核心:中:增加在线广告中的用户自主权以及广告商和平台责任
- 批准号:
2318290 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
SaTC: CORE: Medium: Testing the causal influence of social media on well-being and animosity
SaTC:核心:中:测试社交媒体对幸福感和敌意的因果影响
- 批准号:
2334148 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330941 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
SaTC: CORE: Medium: Collaborative: Hardening Off-the-Shelf Software Against Side Channel Attacks
SaTC:核心:媒介:协作:强化现成软件以抵御侧通道攻击
- 批准号:
2425665 - 财政年份:2024
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Understanding the Impact of Privacy Interventions on the Online Publishing Ecosystem
协作研究:SaTC:核心:媒介:了解隐私干预对在线出版生态系统的影响
- 批准号:
2237329 - 财政年份:2023
- 资助金额:
$ 90万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Medium: Securing Interactions between Driver and Vehicle Using Batteries
合作研究:SaTC:核心:中:使用电池确保驾驶员和车辆之间的交互安全
- 批准号:
2245224 - 财政年份:2023
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Understanding and Combatting Impersonation Attacks and Data Leakage in Online Advertising
协作研究:SaTC:核心:媒介:理解和打击在线广告中的冒充攻击和数据泄露
- 批准号:
2247516 - 财政年份:2023
- 资助金额:
$ 90万 - 项目类别:
Continuing Grant