讲座题目：Extracting Deep Learning Models for Fun and Profit

讲座时间：2023年4月7日 15:45-16:30

讲座人：张天威 助理教授

讲座地点：T5-503

讲座内容：

Deep Learning (DL) has gained popularity due to its strong capability in handling complex tasks and environments. Various algorithms and methodologies have been designed to facilitate DL-based applications in different artificial intelligent domains, including computer vision, natural language processing and robotics control. Meanwhile, the commercialization of DL technology motivates adversaries to steal production models, possibly leading to severe copyright violation and financial loss. Such model extraction attack has been widely explored over the past years. In this talk, we will provide new insights about model extraction threats to state-of-the-art DL technology. We present new attack techniques to steal advanced deep reinforcement learning models, AutoML models and robust models. These methodologies highlight the importance of protecting modern DL-based applications and inspire more efficient and secure solutions.

讲座人简介：

Tianwei Zhang（张天威教授） is currently an assistant professor at School of Computer Science and Engineering, Nanyang Technological University. He received his Bachelor’s degree at Peking University in 2011, and Ph.D degree at Princeton University in 2017. His research focuses on computer system security. He is particularly interested in AI security, autonomous system security and computer architecture security. He has been involved in the organization committee of numerous technical conferences, including serving as the general chair of KSEM’22. He serves on the editorial board of IEEE Transactions on Circuits and Systems for Video Technology (TCSVT) since 2021. He has published more than 90 papers in top-tier AI, security and system conferences and journals. He has received several best paper awards including ASPLOS’23, ICDIS’22 and ISPA’21.