ACE Seminar: Towards Adversarial Sample Detection in Constraint devices, Key Embedding and Neural Cryptography

Speaker: Ilia Shumailov

Date/Time: 09-May-2019, 16:00 UTC




Deep Neural Networks (DNNs) have become a powerful tool for a wide range of problems. Yet recent work has shown an increasing variety of adversarial samples that can fool them. Most existing detection mechanisms impose significant costs, either by using additional classifiers to spot adversarial samples, or by requiring the DNN to be restructured. In this presentation, we introduce a novel defense, Taboo Trap. We explain how one should go about training networks with Taboo Trap and show that it allows the user to perform adversarial sample attribution and cryptography-like operations. Taboo Trap requires no additional computation in the run time, making it the first defence that can be used in the constrained devices.


Ilia Shumailov holds a BSc in Computer Science from University of St Andrews and MPhil in Advanced Computer Science from the University of Cambridge. Since 2017 Ilia has been reading for a PhD in Computer Science under the supervision of Prof Ross Anderson. During his first year, he worked on a number of projects spanning the fields of machine learning, cybercrime analysis and signal processing. Some of Ilia’s recent work appeared at WEIS and SysML.

This page was last modified on 27 Mar 2014.