报 告 人 |
Yanjun Zhang, Assistant Professor, School of Computer Science, University of Technology Sydney, Australia |
报 告 内 容 简 介 |
报告内容简介: The increasing integration of machine learning into critical domains necessitates a heightened focus on the trustworthiness of AI systems. This seminar will explore the dual pillars of trustworthy artificial intelligence: privacy preservation and robustness against adversarial threats. It first will delve into cutting-edge research on privacy leakage in machine learning models, including membership inference and data reconstruction attacks. To mitigate these threats, the seminar introduces a novel Composite Differential Privacy mechanism designed to balance boundedness, unbiased outputs, and privacy guarantees.In parallel, the session will also focus on robustness challenges such as backdoor and poisoning attacks in both centralized and federated learning settings. A particular focus is placed on enhancing the resilience of Byzantine-robust aggregation methods, ensuring minimal performance degradation even under sophisticated attacks. 报告人简介: Dr. Yanjun Zhang is a highly accomplished scholar in computer science and information technology. His research covers artificial intelligence, information security, and privacy protection.In AI, his papers explore federated learning robustness, gradient inversion attacks, etc. In information security, he studies model extraction and backdoor detection. For privacy protection, he offers innovative solutions to differential privacy and federated learning privacy issues.He has published many high-quality papers in top international conferences and journals like IEEE SP, TIFS, CVPR, and AAAI (all CCF Class A). He also holds an international patent, showing his application ability.Awards-wise, he has won several best paper-related awards at international conferences and the Best Presentation Award at a university workshop. |
