Collaborative Research: AF: Small: Exploring the Frontiers of Adversarial Robustness

合作研究：AF：小型：探索对抗鲁棒性的前沿

• 批准号: 2335411
• 负责人: Samson Zhou
• 金额: $ 29.99万
• 依托单位: Texas A&M Engineering Experiment Station
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2024
• 资助国家: 美国
• 起止时间: 2024-01-01 至 2026-12-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2335411&HistoricalAwards=false
• 关键词: Collaborative; Research; AF; Small; Exploring

In an age where artificial intelligence (AI) is deeply integrated into our lives yet both cyber and physical threats are ever-present, robustness to adversarial input is critically important for ensuring the reliability, security, and trustworthiness of algorithmic design in the face of intentional attacks and manipulations. Unfortunately, many standard big data algorithms are susceptible to exploitation by adversarial input, resulting in major roadblocks to the widespread deployment of AI in safety-critical domains like healthcare and finance. The goal of this project is to identify and address new emerging directions in adversarial robustness and to develop the fundamental principles underlying vulnerabilities to adversarial input. The project will not only realize new elements of algorithmic design and mathematical tools, but also have immediate impact on the wide-ranging applications of trustworthy artificial intelligence. The research team will involve graduate students in this project and plans two workshops on new directions in adversarial robustness and adaptive data analysis. In addition, the team will initiate outreach with a local high school to mentor students in grades 5-12.The goal of this project is to develop new big data algorithms that are robust to adversarial input. At a high level, the primary focal points of this project are: 1) adversarial robustness in the black-box streaming setting, where an adversary has access to the previous outputs but not the internal states of the algorithm, 2) adversarial robustness in the white-box streaming setting, where an adversary additionally has access to the internal state and previous random bits used by the algorithm, and 3) adaptive data analysis with bounded space. Additionally, the research team will explore and integrate new attack models as they emerge, allowing for continuous adaptation to evolving challenges.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

在人工智能（AI）深深融入我们生活的时代，网络和物理威胁始终存在，对抗性输入的鲁棒性对于确保算法设计在面对故意攻击和操纵时的可靠性，安全性和可信度至关重要。不幸的是，许多标准的大数据算法很容易受到敌对输入的利用，这给人工智能在医疗保健和金融等安全关键领域的广泛部署带来了重大障碍。该项目的目标是确定和解决对抗性鲁棒性的新方向，并制定对抗性输入脆弱性的基本原则。该项目不仅将实现算法设计和数学工具的新元素，而且将对可信赖人工智能的广泛应用产生直接影响。研究团队将让研究生参与该项目，并计划举办两个关于对抗鲁棒性和自适应数据分析新方向的研讨会。 此外，该团队还将与当地一所高中合作，指导5- 12年级的学生。该项目的目标是开发新的大数据算法，这些算法对对抗性输入具有鲁棒性。在高级别上，该项目的主要协调中心是：1）黑盒流设置中的对抗鲁棒性，其中对手可以访问算法的先前输出但不能访问算法的内部状态，2）白盒流设置中的对抗鲁棒性，其中对手另外可以访问算法使用的内部状态和先前随机比特，3）有界空间自适应数据分析。此外，该研究团队将探索和整合新的攻击模型，以便不断适应不断变化的挑战。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。