权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

SaTC: CORE: Frontier: Collaborative: End-to-End Trustworthiness of Machine-Learning Systems

SaTC：核心：前沿：协作：机器学习系统的端到端可信度

基本信息

批准号：
1804603
负责人：
David Evans
金额：
$ 92.61万
依托单位：
University of Virginia Main Campus
依托单位国家：
美国
项目类别：
Continuing Grant
财政年份：
2018
资助国家：
美国
起止时间：
2018-10-01 至 2024-09-30
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1804603&HistoricalAwards=false
关键词：
SaTC CORE Frontier Collaborative End

项目摘要

This frontier project establishes the Center for Trustworthy Machine Learning (CTML), a large-scale, multi-institution, multi-disciplinary effort whose goal is to develop scientific understanding of the risks inherent to machine learning, and to develop the tools, metrics, and methods to manage and mitigate them. The center is led by a cross-disciplinary team developing unified theory, algorithms and empirical methods within complex and ever-evolving ML approaches, application domains, and environments. The science and arsenal of defensive techniques emerging within the center will provide the basis for building future systems in a more trustworthy and secure manner, as well as fostering a long term community of research within this essential domain of technology. The center has a number of outreach efforts, including a massive open online course (MOOC) on this topic, an annual conference, and broad-based educational initiatives. The investigators continue their ongoing efforts at broadening participation in computing via a joint summer school on trustworthy ML aimed at underrepresented groups, and by engaging in activities for high school students across the country via a sequence of webinars advertised through the She++ network and other organizations.The center focuses on three interconnected and parallel investigative directions that represent the different classes of attacks attacking ML systems: inference attacks, training attacks, and abuses of ML. The first direction explores inference time security, namely methods to defend a trained model from adversarial inputs. This effort emphasizes developing formally grounded measurements of robustness against adversarial examples (defenses), as well as understanding the limits and costs of attacks. The second research direction aims to develop rigorously grounded measures of robustness to attacks that corrupt the training data and new training methods that are robust to adversarial manipulation. The final direction tackles the general security implications of sophisticated ML algorithms including the potential abuses of generative ML models, such as models that generate (fake) content, as well as data mechanisms to prevent the theft of a machine learning model by an adversary who interacts with the model.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

这个前沿项目建立了值得信赖的机器学习中心(CTML)，这是一个大规模、多机构、多学科的努力，其目标是对机器学习固有的风险进行科学理解，并开发管理和缓解这些风险的工具、指标和方法。该中心由一个跨学科团队领导，在复杂和不断发展的ML方法、应用领域和环境中开发统一的理论、算法和经验方法。该中心出现的科学和防御技术武器库将为以更可信和安全的方式构建未来系统提供基础，并在这一关键技术领域培养长期的研究社区。该中心开展了一系列外展工作，包括关于这一主题的大规模在线公开课(MOOC)、年度会议和基础广泛的教育倡议。调查人员继续努力扩大对计算的参与，通过针对代表不足的群体的值得信赖的ML的联合暑期学校，并通过通过SHE++网络和其他组织宣传的一系列网络研讨会，参与全国各地的高中生活动。该中心专注于三个相互关联且平行的调查方向，代表了攻击ML系统的不同类别：推理攻击、训练攻击和滥用ML。第一个方向探索推理时间安全性，即保护训练模型免受对手输入的方法。这项工作强调发展针对对手例子(防御)的健壮性的正式接地测量，以及了解攻击的限度和成本。第二个研究方向旨在开发针对破坏训练数据的攻击的严格接地的稳健性度量，以及对对手操纵具有健壮性的新的训练方法。最后一个方向是解决复杂ML算法的一般安全影响，包括生成性ML模型的潜在滥用，例如生成(虚假)内容的模型，以及防止与模型交互的对手窃取机器学习模型的数据机制。该奖项反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。