Program

8.45-9.45: Adversarial examples: 10 years of worst case 15' break 10.00-11.30: Hands on 15' break 11.45-12.15: Closing remarks (TBPD) -------------------------------------------------- Adversarial examples: 10 years of worst case Abstract: In machine learning, adversarial examples are inputs designed by an adversary to fool a target classifier. More precisely, these examples are crafted by adding imperceptible noise to originally well-classified inputs in order to change the resulting classification. Introduced a decade ago (circa 2014), they generated a wide spectrum of research that ranges from very practical questions (can I fool an autonomous vehicle) to more fundamental ones (are there classifiers that resist adversarial inputs, and at which cost ?). This talk is a humble introduction to these various topics by a non-expert. -------------------------------------------------- Hands on: Ever wondered how a few pixels can fool a deep neural network? In this hands-on session, you’ll craft adversarial attacks like FGSM and PGD on image models, visualize how tiny perturbations can cause big misclassifications, and measure the fallout on model performance. Then, we’ll see if countermeasures are possible—with adversarial training and a look at its cost in robustness vs. accuracy. Come learn how to outsmart (or secure) the machine. ---------------------------------------------------- Closing remarks (to be precisely determined) Abstract: This session will close the morning session on adversarial examples. We will discuss some limitations of adversarial defenses and practical applications of adversarial examples for model watermarking. Finally, we'll quickly discuss the transposition of adversarial examples from classifiers to the large language models realm.

8.45-9.45: Adversarial examples: 10 years of worst case 15' break 10.00-11.30: Hands on 15' break 11.45-12.15: Closing remarks (TBPD) -------------------------------------------------- Adversarial examples: 10 years of worst case Abstract: In machine learning, adversarial examples are inputs designed by an adversary to fool a target classifier. More precisely, these examples are crafted by adding imperceptible noise to originally well-classified inputs in order to change the resulting classification. Introduced a decade ago (circa 2014), they generated a wide spectrum of research that ranges from very practical questions (can I fool an autonomous vehicle) to more fundamental ones (are there classifiers that resist adversarial inputs, and at which cost ?). This talk is a humble introduction to these various topics by a non-expert. -------------------------------------------------- Hands on: Ever wondered how a few pixels can fool a deep neural network? In this hands-on session, you’ll craft adversarial attacks like FGSM and PGD on image models, visualize how tiny perturbations can cause big misclassifications, and measure the fallout on model performance. Then, we’ll see if countermeasures are possible—with adversarial training and a look at its cost in robustness vs. accuracy. Come learn how to outsmart (or secure) the machine. ---------------------------------------------------- Closing remarks (to be precisely determined) Abstract: This session will close the morning session on adversarial examples. We will discuss some limitations of adversarial defenses and practical applications of adversarial examples for model watermarking. Finally, we'll quickly discuss the transposition of adversarial examples from classifiers to the large language models realm.

Social event