Research Projects

Here is a (almost) complete archive of my research projects📚. For visitors' convinience, I have grouped the projects into several themes, but some of them may cover two or more themes.

Security of Machine Learning Systems: Attacks and Defenses

Certified Defense against Adversarial Examples

Joint work with Furong Huang and Jiahao Su at Maryland and Huimin Zeng at TU Munich

Machine learning models have been shown to be vulnerable to adversarial examples. Tiny perturbation in the input can result in totally different predictions. For example, by adding noise to a "panda" picture, the adversary can force the model to recognize it as a "truck". In this project, we try to achieve provable robustness against adversarial examples (a.k.a. certified defense).
Current methods suffer from either high computational complexity or loose relaxation. To solve the issues, we propose a technique called latent space encoding which is a much lighter mechanism. More specifically, we map clean data and adversaries into a latent space, and provably reduce the divergence between the latent distributions. Experiments on MNIST show that our method achieves certified robustness without a large drop in accuracy.

  • Paper: "Certified Defense of Adversarial Examples via Latent Space Encoding" (in submission)

Adversarial Attacks against Text Classification (Fake News Detection)

Joint work with Justin Hsu at Wisconsin, Huankang Guan at Wuhan University and Meghana Moorthy Bhat at Ohio State

News plays a significant role in shaping people's beliefs and opinions. Fake news has always been a problem and quite a few detection methods have been proposed to combat fake news. However, they focus mainly on linguistic aspects of an article without any fact checking. We argue that fact-tampering fake news can escape such detection and under-written real news can be wrongly flagged. Through experiments on Fakebox, a state-of-the-art fake news detector, we show that fact tampering attacks (fact distortion, subject-object exchange and cause confounding) can be effective. To address such weaknesses, we argue that fact checking should be adopted in conjunction with linguistic analysis, so as to truly separate fake news from real news. A crowdsourced knowledge graph is proposed as a straw man solution to collecting timely facts about news events.

  • Paper 1: "Fake News Detection via NLP is Vulnerable to Adversarial Attacks" (ICAART)
  • Paper 2: "Fake News Detection via NLP Becomes Harder" (WiML Workshop)

Machine Learning for Security

Mitigating Cheating Behavior in Games

Joint work with Song Liang and Boya Yin at Tencent

We use machine learning algorithms to mitigate cheating behavior in games, creating a fairer environment for players. It's a "top-secret" project currently, but we may publish it later.

Stay tuned!

Robust Rumor Detection with Graph Convolutional Networks and Human Collaboration

Joint work with Xu Han at HUST, Huimin Zeng at TU Munich, Chenliang Li at Wuhan University and Yang Wang at UIUC

Some recent work tried to detect rumor in social media with graph convolutional networks (GCN). GCN can better capture propagation features of rumor compared to models solely based on linguistic characteristics, achieving SOTA performance. However, GCN is vulnerable to adversarial attacks. As a result, rumor sources are able to escape GCN-based detection with the manipulation of adversaries, which I call graph perturbation. One example escape strategy is to create some robot accounts which seem to be "uninfected" as the rumor source's followers. We will first propose an adversarial attack, and then make the GCN detector more robust. While algorithms alone cannot mitigate rumor robustly, we also want to include human in the process, e.g., building a tool that allows people to collaborate on the task.

Social Computing

Video Streaming for Life Management and Active Ageing

Joint work with Xianghua Ding and Xinru Tang at Fudan, Xinning Gui at Penn State and Yunan Chen at UC Irvine

We conduct interviews to understand how people utilize online video streaming platforms such as YouTube for a) daily life management and b) active ageing. It turns out that eating-related user generated videos (UGV) play important roles in daily life management. They are well integrated into viewers' daily lives, shaping eating and sleeping behaviors, relieving stress, and providing comfort. In a concurrent work, we find that online streaming also enables a form of active ageing by providing great motivations and opportunities for older adults to present themselves to a broad audience, interact with others, and engage in various types of learning.

  • Paper 1: "Watching for Life: Eating Shows and Daily Life Management" (in submission)
  • Paper 2: "Active Entertainment and Beyond: A Study of the Use of Short Video Streaming Platforms among Older Adults" (in submission)