[AIP AI Security and Privacy team seminar] (Un)Trustworthy Data in Adversarial Machine Learning. Dr. Rui Wen (CISPA)

• Title: (Un)Trustworthy Data in Adversarial Machine Learning
• Abstract: Data plays a pivotal role in machine learning (ML) systems, serving as the foundation for training models that generalize well and remain unbiased. However, this essential role also makes data a significant source of vulnerabilities in ML systems. In this talk, I will examine how data can be exploited maliciously in ML attacks from two perspectives. First, data can become the target, as demonstrated by privacy breaches such as membership inference attacks, which reveal whether specific data points were part of the training set. Our research highlights that this risk persists even in cutting-edge large language models. Second, data can act as a powerful tool for adversaries, particularly in data poisoning attacks, where manipulated data degrades model performance or embeds harmful behaviors. Our findings reveal that current defenses offer inadequate protection, creating a false sense of security. The talk will conclude with a detailed analysis of how data with varying characteristics, such as data importance, influence the effectiveness of ML attacks, providing insights to guide the development of more robust and trustworthy machine learning systems.

Dr. Rui Wen focuses on the intersection of machine learning and security, with a particular interest in exploring the role of data in adversarial machine learning. He has published many papers in top conferences in computer security and machine learning, including NDSS2025, NeurIPS2024, USENIX Security 24, ACMCCS 2024, and ICLR2024.