Tech Transfer eNews Blog
Industry-Sponsored Research Management sample issue

Georgia Tech researchers team with Intel on technology to protect AI from malicious attacks


By Jesse Schwartz
Published: June 13th, 2018

Researchers at the Georgia Institute of Technology (Georgia Tech), in collaboration with scientists from Intel, have developed a technology to protect artificial intelligence (AI) systems from malicious software attacks.

The researchers focused on image recognition software, such as is found in self-driving cars. The goal is to avoid events in which, for example, an attacker misleads machines into reading stop signs as yield signs, or simply disables machines from reading signs at all.

The Georgia Tech team has created SHIELD, or Secure Heterogeneous Image Ensemble with Local Denoising, which offers a novel and efficient approach using JPEG compression to protect deep neural networks (DDNs), which are used to train AI systems and are highly vulnerable to malicious pixel manipulation.

“The treat of adversarial attack casts a shadow over deploying DDNs in security and safety-critical applications,” says Nilaksh Das, head of the research team. “There is an urgent need to resolve this threat with fast, practical approaches, for which we leverage JPEG compression in this work, which is already a widely used and mature technique.”

SHIELD provides additional protection by utilizing randomization at test time, which makes it harder for an attacker to estimate the performed transformation.

“This is a fast and practical way to protect AI,” says Georgia Tech professor and team member Polo Chau. “There has been a lot of research into coming up with methods to harm or attack AI, but much less on how to protect them, and even less on designing fast and practical methods. And SHIELD targets this need.”

Moving forward, the researchers plan to test their approach on more hardware platforms and in more types of compression modes such as audio compression for voice recognition software.

Source: Georgia Tech

Posted under: Tech Transfer e-News

Twitter Facebook Linkedin Pinterest Email

No Comments so far ↓

There are no comments yet...Kick things off by filling out the form below.

Leave a Comment