The Cybersecurity Lecture Series at Georgia Tech is a free, one-hour lecture from a thought leader who is advancing the field of information security and privacy. Invited speakers include executives and researchers from Fortune 500 companies, federal intelligence agencies, start-ups, and incubators, as well as Georgia Tech faculty and students presenting their research. Lectures are open to all -- students, faculty, industry, government, or simply the curious.

RSVP

Abstract:

Deep learning on graph structures has shown exciting results in cybersecurity applications, such as risk management, binary code similarity detection, etc. However, few attentions have been paid to the robustness of such models, in contrast to numerous research work for image or text adversarial attack and defense. In this paper, we focus on the adversarial attacks that fool deep learning models by modifying the combinatorial structure of data. We first propose a reinforcement learning based attack method that learns the generalizable attack policy, while only requiring prediction labels from the target classifier. We further propose attack methods based on genetic algorithms and gradient descent in the scenario where additional prediction confidence or gradients are available. We use both synthetic and real-world data to show that, a family of Graph Neural Network models are vulnerable to these attacks, in both graph-level and node-level classification tasks. We also show such attacks can be used to diagnose the learned classifiers.  

Bio: 

Hanjun Dai is a fifth-year Ph.D. student at Georgia Institute of Technology, whose advisor is Prof. Le Song. His research mainly focuses on deep learning for structured data, reinforcement learning, and its applications in chemistry, bioinformatics, social network, programming, and natural language. He has also extended his research work through several internships in Amazon AI, OpenAI and DeepMind. His work has won several best paper awards, including AISTATS 2016, and Recsys Workshop on Deep Learning for Recommender Systems 2016 and NIPS 2017 Workshop on Machine Learning for Molecules and Materials.