CSE 600 Talk, Chao Chen: "Detection of Trojan Attacks to Deep Neural Networks – A Topological Perspective"

Friday, October 15, 2021 - 2:40pm to 3:40pm
New Computer Science Room 120
Event Description: 

Abstract: Deep neural networks are known to have security issues. One particular threat is the Trojan attack. It occurs when the attackers stealthily manipulate the model's behavior through Trojaned training samples, i.e., samples with special trigger injected and labels altered. To identify a Trojaned model at deployment is challenging, due to limited access to the training data. We propose different approaches to identify Trojaned neural networks by (1) inspecting high-order topological features of the neuron interactions and (2) reverse engineering the injected triggers using a topological loss. These approaches take different angles and reveal insights into the behavior of neural networks when their strong memorialization power is exploited maliciously. We will also briefly review other works such as how to train a robust model with label noise, and how to improve the robustness of graph neural networks against structural attacks.


Biography: Dr. Chao Chen is an assistant professor of Biomedical Informatics at Stony Brook University. His research interests span topological data analysis (TDA), machine learning and biomedical image analysis. He develops principled learning methods inspired by the theory from TDA, such as persistent homology and discrete Morse theory. These methods address problems in biomedical image analysis, robust machine learning, and graph neural networks from a unique topological view. His research results have been published in major machine learning, computer vision, and medical image analysis conferences. He is serving as an area chair for MICCAI, AAAI, CVPR and NeurIPS.

Computed Event Type: 
Event Title: 
CSE 600 Talk, Chao Chen: "Detection of Trojan Attacks to Deep Neural Networks – A Topological Perspective"