Trustworthy Machine Learning from Untrusted Models



Many of today’s machine learning (ML) systems are not built from scratch, but are “composed” by an array of pre-trained, third-party models. This paradigm shift significantly simplifies the development cycles of ML systems and propels the trend of ML democratization. However, the lack of standardization or regulation for third-party models entails profound security implications. The goal of this project is two-fold: (i) understanding the security vulnerabilities incurred by reusing third-party models as building blocks of ML systems and (ii) developing rigorous yet practical tools to help developers proactively mitigate such threats throughout the lifecycles of ML systems.


Code & Datasets

nsf nvidia We are grateful for the National Science Foundation (NSF) and Nvidia to support our research.

rss facebook twitter github youtube mail spotify lastfm instagram linkedin google google-plus pinterest medium vimeo stackoverflow reddit quora quora