Gaurang Sriramanan (University of Maryland)
Gaurang Sriramanan is a second-year PhD student in Computer Science at the University of Maryland, College Park. He received his bachelor’s and master's degrees in Mathematics at the Indian Institute of Science, Bangalore. His research focuses on understanding the phenomenon of adversarial examples and robust generalization in Neural Networks, and on building robust Machine Learning systems for a low computational budget.
Short Abstract: While current Machine Learning models achieve excellent performance on standard data, they are overwhelmingly susceptible to imperceptible perturbations to their inputs, known as adversarial attacks. Efficient and effective attacks are crucial for reliable evaluation of defenses, and also for developing robust models. In this talk, I will present some of our research work that focuses on addressing both these directions. We first propose Guided Adversarial Margin Attack, wherein we introduce a relaxation term to the standard loss that finds more suitable gradient-directions, increases attack efficacy and leads to more efficient adversarial training. In the latter part of the talk, I shall present our work on utilizing Nuclear Norm regularization that uses the joint statistics of adversarial samples across a minibatch to enhance optimization. We further demonstrate how Nuclear Norm based training can be extended to achieve robustness under a union of threat models simultaneously, while utilizing only single-step adversaries during the training regime. Using the techniques so mentioned, we demonstrate equivalent or superior robustness when compared to multi-step adversarial defenses, while requiring a significantly lower computational cost.