Here is a (almost) complete archive of my research projects📚. For visitors' convinience, I have grouped the projects into several themes, but some of them may cover two or more themes.
Security of Machine Learning Systems: Attacks and Defenses
Certified Defense against Adversarial Examples
Machine learning models have been shown to be vulnerable to adversarial examples.
Tiny perturbation in the input can result in totally different predictions.
For example, by adding noise to a "panda" picture, the adversary can force the model to recognize it as a "truck".
In this project, we try to achieve provable robustness against adversarial examples (a.k.a. certified defense).
Current methods suffer from either high computational complexity or loose relaxation. To solve the issues, we propose a technique called latent space encoding which is a much lighter mechanism. More specifically, we map clean data and adversaries into a latent space, and provably reduce the divergence between the latent distributions. Experiments on MNIST show that our method achieves certiﬁed robustness without a large drop in accuracy.
- Paper: "Certified Defense of Adversarial Examples via Latent Space Encoding" (in submission)
Adversarial Attacks against Text Classification (Fake News Detection)
News plays a signiﬁcant role in shaping people's beliefs and opinions. Fake news has always been a problem and quite a few detection methods have been proposed to combat fake news. However, they focus mainly on linguistic aspects of an article without any fact checking. We argue that fact-tampering fake news can escape such detection and under-written real news can be wrongly flagged. Through experiments on Fakebox, a state-of-the-art fake news detector, we show that fact tampering attacks (fact distortion, subject-object exchange and cause confounding) can be effective. To address such weaknesses, we argue that fact checking should be adopted in conjunction with linguistic analysis, so as to truly separate fake news from real news. A crowdsourced knowledge graph is proposed as a straw man solution to collecting timely facts about news events.
- Paper 1: "Fake News Detection via NLP is Vulnerable to Adversarial Attacks" (ICAART)
- Paper 2: "Fake News Detection via NLP Becomes Harder" (WiML Workshop)
Machine Learning for Security
Mitigating Cheating Behavior in Games
Joint work with Song Liang and Boya Yin at Tencent
We use machine learning algorithms to mitigate cheating behavior in games, creating a fairer environment for players. It's a "top-secret" project currently, but we may publish it later.
Robust Rumor Detection with Graph Convolutional Networks and Human Collaboration
Some recent work tried to detect rumor in social media with graph convolutional networks (GCN). GCN can better capture propagation features of rumor compared to models solely based on linguistic characteristics, achieving SOTA performance. However, GCN is vulnerable to adversarial attacks. As a result, rumor sources are able to escape GCN-based detection with the manipulation of adversaries, which I call graph perturbation. One example escape strategy is to create some robot accounts which seem to be "uninfected" as the rumor source's followers. We will first propose an adversarial attack, and then make the GCN detector more robust. While algorithms alone cannot mitigate rumor robustly, we also want to include human in the process, e.g., building a tool that allows people to collaborate on the task.
Video Streaming for Life Management and Active Ageing
We conduct interviews to understand how people utilize online video streaming platforms such as YouTube for a) daily life management and b) active ageing. It turns out that eating-related user generated videos (UGV) play important roles in daily life management. They are well integrated into viewers' daily lives, shaping eating and sleeping behaviors, relieving stress, and providing comfort. In a concurrent work, we ﬁnd that online streaming also enables a form of active ageing by providing great motivations and opportunities for older adults to present themselves to a broad audience, interact with others, and engage in various types of learning.
- Paper 1: "Watching for Life: Eating Shows and Daily Life Management" (in submission)
- Paper 2: "Active Entertainment and Beyond: A Study of the Use of Short Video Streaming Platforms among Older Adults" (in submission)