고신뢰성 에너지용 지능형 시스템반도체 교육연구단
아래와 같이 오레곤주립대 홍상현 교수님의 특강이 예정되어 있습니다.
참여대학원생 및 관심있는 분들의 많은 참여를 바랍니다.
- 일 시 : 2022. 12. 22.(목) 10:30
- 장 소 : 제3공학관 315호
Great Haste Makes Great Waste:
Exploiting and Attacking Efficient Deep Learning
Recent increases in the computational demands of deep neural networks have sparked interest in efficient deep learning mechanisms, such as neural network quantization or input-adaptive multi-exit inferences. These mechanisms provide significant computational savings while preserving a network's accuracy, making it practical to run commercial-scale networks in resource-constrained settings, e.g., IoT scenarios. However, most mechanisms focus on "hastiness"—i.e., how fast and efficiently they can get correct predictions—and it overlooks the security and privacy threats that can "waste" their practicality.
In this talk, I will revisit efficient deep learning mechanisms from a security perspective and introduce emerging research on exploiting and attacking these mechanisms to achieve malicious objectives. First, I will show how an adversary can exploit neural network quantization to induce malicious behaviors. An adversary can manipulate a pre-trained model to behave maliciously upon quantization. Next, I will show how input-adaptive mechanisms, such as multi-exit models, fail to promise computational efficiency in adversarial settings. By adding human-imperceptible input perturbations, an attacker can completely offset the computational savings provided by these input-adaptive models. Finally, I will conclude my talk by encouraging the audience to examine efficient deep learning practices with an adversarial lens and discuss future research directions for building defense mechanisms. I believe that this is the best moment to listen to Benjamin's advice: "Take time for all the things."
Sanghyun Hong is an Assistant Professor of Computer Science at Oregon State University. His research interests lie at the intersection of computer security/privacy and machine learning. He works on building trustworthy and socially responsible AI systems for the future. He is the recipient of the Samsung Global Research (GRO) Award 2022 and was selected as a DARPA Riser 2022. He was also an invited speaker at USENIX Enigma 2021, where he talked about practical hardware-level attacks on deep learning. He earned his Ph.D. at the University of Maryland, College Park, under the guidance of Prof. Tudor Dumitras. He was also a recipient of the Ann G. Wylie Dissertation Fellowship. He received his B.S. at Seoul National University.