KDD 2019 Tutorial on Zeroth Order Optimization and Applications to Adversarial Robustness

Presenters: Pin-Yu Chen and Sijia Liu , IBM Research

Time: August 4th, 1-5 pm (local time)

Location: Summit 4- Ground Level, Egan

Tutorial material: Link

Title: Recent Progress in Zeroth Order Optimization and Its Applications to Adversarial Robustness in Data Mining and Machine Learning

Short description:

Zeroth-order (ZO) optimization is increasingly embraced for solving big data and machine learning problems when explicit expressions of the gradients are difficult or infeasible to obtain. It achieves gradient-free optimization by approximating the full gradient via efficient gradient estimators. Some recent important applications include: a) generation of prediction-evasive, black-box adversarial attacks on deep neural networks, b) online network management with limited computation capacity, c) parameter inference of black-box/complex systems, and d) bandit optimization in which a player receives partial feedback in terms of loss function values revealed by her adversary.

This tutorial aims to provide a comprehensive introduction to recent advances in ZO optimization methods in both theory and applications. On the theory side, we will cover convergence rate and iteration complexity analysis of ZO algorithms and make comparisons to their first-order counterparts. On the application side, we will highlight one appealing application of ZO optimization to studying the robustness of deep neural networks - practical and efficient adversarial attacks that generate adversarial examples from a black-box machine learning model. We will also summarize potential research directions regarding ZO optimization, big data challenges and some open-ended data mining and machine learning problems.


Pin-Yu Chen

(IBM Research)

Sijia Liu

(IBM Research)

Presenters' information:

Pin-Yu Chen received the B.S. degree in electrical engineering and computer science (undergraduate honors program) from National Chiao Tung University, Taiwan, in 2009, the M.S. degree in communication engineering from National Taiwan University, Taiwan, in 2011, and the Ph.D. degree in electrical engineering and computer science and the M.A. degree in Statistics from the University of Michigan, Ann Arbor, USA, in 2016. He is currently a research staff member at IBM Thomas J. Watson Research Center, Yorktown Heights, NY, USA. He is also affiliated with the MIT-IBM Watson AI Lab and is a co-PI of MIT-IBM projects. Dr. Chen’s recent research is on adversarial machine learning and robustness analysis of neural networks. His research interest includes graph and network data analytics and their applications to data mining, machine learning, signal processing, and cyber security. He was the recipient of the Chia-Lun Lo Fellowship from the University of Michigan Ann Arbor. He received the NIPS 2017 Best Reviewer Award, and was also the recipient of the IEEE GLOBECOM 2010 GOLD Best Paper Award and several conference travel grants. Dr. Chen is currently on the editorial board of PLOS ONE. He is a workshop co-chair of “Signal Processing for Adversarial Machine Learning” at GlobalSIP 2018 and “Adversarial Learning Methods for Machine Learning and Data Mining” at KDD 2019.

Sijia Liu is a research staff member at MIT-IBM Watson AI Lab, IBM Research. He received the B.S. and M.S. degrees in electrical engineering from Xian Jiaotong University, Xian, China, in 2008 and 2011, respectively. He received the Ph.D. degree (with All University Doctoral Prize) in electrical and computer engineering from Syracuse University, Syracuse, NY, USA, in 2016. He was a Postdoctoral Research Fellow at the University of Michigan, before joining in IBM Research. His research interests include optimization for machine learning, graph signal processing, information fusion, network data analysis and sensor networks. He received the Best Student Paper Award (third place) at the 42nd IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) in 2017. He was also among the seven finalists of the Best Student Paper Award at the Asilomar Conference on Signals, Systems, and Computers in 2013. He was the winner of the Nunan research poster competition at Syracuse University in 2012. He is the co-chair of workshop “Signal Processing for Adversarial Machine Learning” at GlobalSIP 2018.