Description
In this lecture we change perspective, from AI for cryptography to cryptography for AI. In particular, we start with a brief review of neural networks (NN) and their learning algorithms. Then, we move to the security problem of adversarial examples, which are carefully crafted inputs that force a deep NN into making a wrong classification. We look into the so-called one-pixel attack in more detail, where the adversarial example is created by modifying a single pixel of an image through an evolutionary algorithm.
Topics covered:
- Intro to basic concepts of Machine Learning
- Recap of Neural Networks
- Adversarial Examples and their threat models
- The one-pixel attack and differential evolution
Reading Material
Nice textbooks on Machine Learning, freely available online:
- T. Mitchell. Machine Learning. McGraw Hill, 1997
- D. McKay. Information Theory, Inference, and Learning Algorithms. Cambridge University Press, 2003
- G. James, D. Witten, T. Hastie, R. Tibshirani. An Introduction to Statistical Learning. Springer, 2021