This project investigates cyber resilience in Machine Learning (ML).
Studentship group name
Digital Resilience
Department/School
School of Computer Science and Electronic Engineering
Research group(s)
Nature Inspired Computer and Engineering Research Group
Project Description
A system is said to be resilient if there exists a strategy that can drive the system state back to “normal” after any perturbation. (De Lara 2019)
This project investigates cyber resilience in Machine Learning (ML). We will focus on the following aspects: 1) ML algorithms to identify cyber-attacks; 2) ML able to function “normally” when under attack. These attacks aim at eluding the control activities performed by ML and/or affecting how ML makes decisions.
For example, a video surveillance system trained to recognise criminal activities can be hacked by blurring and distorting the input images. A resilient ML algorithm should be able to identify the attack and still be able to function despite the attack. To be resilient, when under attack, an ML algorithm should be able to adapt quickly and flexibly to solve a problem which was not thought for.
To pursue this aim, we will focus on deep learning neural networks and make use of Neural Architecture Search (NAS) (Elsken 2019) to perform the resilient ML design. More specifically we will embed resilience strategies which will evolve as part of the neural architecture. This will be inspired by modern studies in transfer and multi-task learning (Choong 2022) which propose protypes of ML algorithms able to solve multiple and diverse tasks. In our case, the multiplicity of tasks is to be intended as the capability of reacting to changes in the task they solve. The alternative tasks will be generated by randomly altering the data sets. Some of the actions to train the resilience of the network will include removal of data, replacement of data, deterioration of data.
We will also explore the evolution candidate neural architectures within a NAS formulated as a multi-objective optimisation problem where besides objective functions signifying the accuracy and FLOPS, we will include objective functions measuring the resilience of the candidate ML.
Choong, H. X., Ong, Y.-S., Gupta, A., Lim, R., 2022. Jack and Masters of All Trades: One-Pass Learning of a Set of Model Sets from Foundation AI Models, arXiv, https://arxiv.org/abs/2205.00671
De Lara, M., 2018. A Mathematical Framework for Resilience: Dynamics, Uncertainties, Strategies, and Recovery Regimes. Environ Model Assess 23, 703–712
Elsken T., Metze, J. H., Hutter F., 2019. Neural architecture search: a survey, The Journal of Machine Learning Research, 20, 1, 1997–2017
How to Apply
Applications should be submitted via the Computer Science PhD programme page. In place of a research proposal you should upload a document stating the title of the projects (up to 2) that you wish to apply for and the name(s) of the relevant supervisor. You must upload your full CV and any transcripts of previous academic qualifications. You should enter ’Faculty Funded Competition’ under funding type.
Funding
The studentship will provide a stipend at UKRI rates (currently £17,668 for 2022/23) and tuition fees for 3.5 years. An additional bursary of £1700 per annum for the duration of the studentship will be offered to exceptional candidates.