Army Research Office project aiming to increase the robustness of ML techniques using the game-theoretic framework.
Widespread use of machine learning (ML) techniques motivates studying their vulnerability to adversarial attacks. In autonomous defense systems, a successful attack can have severe, life-threatening consequences. Recent results show that the existing attempts to increase robustness of ML techniques are not guaranteed to mitigate the attack. To provide such guarantees, the problem must be modeled using the game-theoretic framework that explicitly reasons about goals and possible future actions of the adversaries.
We propose to:
- formally define problems of adversarial machine learning as games and provide characterization of these models (describe the existence of (approximate) equilibria)),
- use recent game- theoretic algorithms to directly compute provably robust strategies for ML classifiers.
