Deep Neural Networks (DNNs) have been shown to be brittle to various adversarial attacks, necessitating robust defense mechanisms, especially for DNNs-based mission-critical applications. Concurrently, anti-social DNNs-based applications are on the rise, while pro-social ones are less motivated, thus promoting the development of pro-social applications is crucial.
Adversarial robustness is a dual-purpose research field that can address these concerns. It contributes to robustifying DNNs-based models against adversarial attacks, and it can be utilized to innovate pro-social applications and mitigate the negative impact of anti-social ones.
In essence, adversarial robustness enhances security and promotes the socio-technical aspects of DNNs-based applications.
This dissertation sheds light on and contributes to both aspects of adversarial robustness considering real-world settings. It comprises two parts:
The first part focuses on the security aspect of adversarial robustness. In particular, it contributes to enhancing the robustness of DNNs-based applications against various data distribution shifts, including natural and adversarial perturbations, considering applications with online settings.
Some works in this part utilize a budgeted crowdsourcing layer for online relabeling of potential adversarial attacks, thereby enhancing the reliability of the targeted DNNs-based application by increasing the rate of successful predictions. Other works in this part enhance the robustness of DNNs-based applications by implementing a systematic active fine-tuning process to address the natural distribution shifts in online DNNs-based applications. %using augmented test-time adaptation.
The second part goes beyond the sole technical aspect of adversarial robustness (the security aspect) and embraces a socio-technical
aspect where both technical and social considerations matter, with greater emphasis
on the societal dimension. The works in this part reframe adversarial attack techniques as allies and leverage them to innovate pro-social applications and mitigate anti-social ones.
Through these contributions, this dissertation aims to develop more trustworthy and socially beneficial real-world applications.
| Date of Award | 2023 |
|---|
| Original language | American English |
|---|
| Awarding Institution | - HBKU College of Science and Engineering
|
|---|
- Adversarial Machine Learning
- Adversarial Robustness
- Machine Learning Security
- Socially Good Applications
Adversarial Robustness and Beyond: Towards Trustworthy and Socially Good ML-based Real-World Applications
Al-Maliki, S. (Author). 2023
Student thesis: Doctoral Dissertation