Arjun Nitin Bhagoji

Bio: Arjun studies the security of machine learning systems, with a focus on adversarial and distributed learning. His work has exposed new vulnerabilities in learning algorithms, along with the development of a theoretical framework to analyze them. He was a finalist for the 2020 Bede Liu Best Dissertation Award, and won the 2019 Yan Huo *94 Graduate Fellowship and 2018 SEAS Award for Excellence at Princeton University. He received the 2018 Siemens FutureMakers Fellowship in Machine Learning, and was a finalist for the 2017 Bell Labs Prize. He is currently a postdoctoral scholar at UChicago with Ben Zhao and Nick Feamster.

Talk Title: The Role of Data Geometry in Adversarial Machine Learning

Talk Abstract: Understanding the robustness of machine learning systems has become a problem of critical interest due to their increasing deployment in safety critical systems. Of particular interest are adversarial examples, which are maliciously pertrubed test-time examples designed to induce misclassification. Most research on adversarial examples has focused on developing better attacks and ad hoc defenses, resulting in an attacker-defender arms race.

In this talk, we will step away from this paradigm and show how fundamental bounds on learning in the presence of adversarial examples can be obtained by viewing the problem through an information-theoretic lens. For fixed but arbitrary distributions, we demonstrate lower bounds on both the 0-1 and cross-entropy losses for robust learning. We compare these bounds to the performance of state-of-the-art robust classifiers and analyze the impact of different layers on robustness.