Safe Machine Learning ( October 19-20 , 2017 ) DARPA workshop at the Simons Institute Organizers :

Recent advancements in machine learning have enabled progress on notoriously challenging artificial intelligence (AI) problems in a broad range of domains. These domains include computer vision, robotics, speech recognition, language translation, autonomous transportation, and game playing. This progress initially prompted a general belief that existing machine learning techniques will play a central role in automation of human intelligence tasks and promote an economic and technological revolution. Recent findings, however, suggest that this belief is overly optimistic. It turns out that existing machine learning methods can be easily manipulated to make arbitrary classifications, introduce statistical biases that lead to discrimination, and compromise individuals’ privacy. These critical vulnerabilities of existing machine learning methods are now the major obstacle to implementing artificial intelligence systems that necessitate reliability, dependability, and security. Already today machine learning algorithms are ubiquitously applied, and their vulnerabilities have non-trivial societal implications.

[1]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[2]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[3]  M. Kearns,et al.  On the complexity of teaching , 1991, COLT '91.

[4]  Uriel Feige,et al.  Heuristics for Semirandom Graph Problems , 2001, J. Comput. Syst. Sci..

[5]  B. Ripley,et al.  Robust Statistics , 2018, Encyclopedia of Mathematical Geosciences.

[6]  Cornelia Fermüller,et al.  Bias in Shape Estimation , 2004, ECCV.

[7]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[8]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[9]  Vinod Vaikuntanathan,et al.  Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages , 2011, CRYPTO.

[10]  Yi Ma,et al.  Robust principal component analysis? , 2009, JACM.

[11]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[12]  Blaine Nelson,et al.  Poisoning Attacks against Support Vector Machines , 2012, ICML.

[13]  Geoffrey E. Hinton,et al.  ImageNet classification with deep convolutional neural networks , 2012, Commun. ACM.

[14]  Toniann Pitassi,et al.  Fairness through awareness , 2011, ITCS '12.

[15]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[16]  Samuel Greengard,et al.  Policing the future , 2012, Commun. ACM.

[17]  Maria-Florina Balcan,et al.  Clustering under approximation stability , 2013, JACM.

[18]  W. B. Roberts,et al.  Machine Learning: The High Interest Credit Card of Technical Debt , 2014 .

[19]  Joan Bruna,et al.  Intriguing properties of neural networks , 2013, ICLR.

[20]  Michael Carl Tschantz,et al.  Better Malware Ground Truth: Techniques for Weighting Anti-Virus Vendor Labels , 2015, AISec@CCS.

[21]  D. Sculley,et al.  Hidden Technical Debt in Machine Learning Systems , 2015, NIPS.

[22]  Jason Yosinski,et al.  Deep neural networks are easily fooled: High confidence predictions for unrecognizable images , 2014, 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[23]  Shafi Goldwasser,et al.  Machine Learning Classification over Encrypted Data , 2015, NDSS.

[24]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[25]  D. Sculley,et al.  What’s your ML test score? A rubric for ML production systems , 2016 .

[26]  Santosh S. Vempala,et al.  Agnostic Estimation of Mean and Covariance , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[27]  Amit Daniely,et al.  Complexity theoretic limitations on learning halfspaces , 2015, STOC.

[28]  Ananthram Swami,et al.  The Limitations of Deep Learning in Adversarial Settings , 2015, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[29]  Nathan Srebro,et al.  Equality of Opportunity in Supervised Learning , 2016, NIPS.

[30]  Percy Liang,et al.  Understanding Black-box Predictions via Influence Functions , 2017, ICML.

[31]  Guy N. Rothblum,et al.  Calibration for the (Computationally-Identifiable) Masses , 2017, ArXiv.

[32]  Alexandra Chouldechova,et al.  Fair prediction with disparate impact: A study of bias in recidivism prediction instruments , 2016, Big Data.

[33]  Gregory Valiant,et al.  Learning from untrusted data , 2016, STOC.

[34]  Mykel J. Kochenderfer,et al.  Reluplex: An Efficient SMT Solver for Verifying Deep Neural Networks , 2017, CAV.

[35]  Samy Bengio,et al.  Adversarial examples in the physical world , 2016, ICLR.

[36]  David L. Dill,et al.  Ground-Truth Adversarial Examples , 2017, ArXiv.

[37]  David A. Wagner,et al.  Towards Evaluating the Robustness of Neural Networks , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[38]  Algorithmic decision making and the cost of fairness , 2017, 1701.08230.

[39]  Jon M. Kleinberg,et al.  Inherent Trade-Offs in the Fair Determination of Risk Scores , 2016, ITCS.

[40]  Bernhard Schölkopf,et al.  Avoiding Discrimination through Causal Reasoning , 2017, NIPS.

[41]  Seth Neel,et al.  Preventing Fairness Gerrymandering: Auditing and Learning for Subgroup Fairness , 2017, ICML.

[42]  Aleksander Madry,et al.  Towards Deep Learning Models Resistant to Adversarial Attacks , 2017, ICLR.

[43]  Logan Engstrom,et al.  Synthesizing Robust Adversarial Examples , 2017, ICML.

[44]  Anantha Chandrakasan,et al.  Gazelle: A Low Latency Framework for Secure Neural Network Inference , 2018, IACR Cryptol. ePrint Arch..

[45]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[46]  Daniel M. Kane,et al.  Robust Estimators in High Dimensions without the Computational Intractability , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).