Description
Book SynopsisDesigned for upper undergraduate and graduate courses on adversarial learning and AI security, this textbook connects theory with practice using real-world examples, case studies, and hands-on student projects.
Trade Review'This textbook is one of the first major efforts to systematically examine adversarial machine learning. It clearly outlines the most common types of attacks on machine learning/AI, and defenses, with rigorous yet practical discussions. I would highly recommend it to any instructor or machine learning student who seeks to understand how to make machine learning more robust and secure.' Carlee Joe-Wong, Carnegie Mellon University
'This is a clear and timely introduction to the vital topic of adversarial learning. As leading international experts, the authors provide an accessible explanation of the foundational principles and then deliver a nuanced and extensive survey of recent attack and defense strategies. Multiple suggested projects allow the book to serve as the core of a graduate course.' Mark Coates, McGill University
'Remarkably comprehensive, this book explores the realm of adversarial learning, revealing the vulnerabilities and defenses associated with deep learning. With a mix of theoretical insights and practical projects, the book challenges the misconceptions about the robustness of Deep Neural Networks, offering strategies to fortify them. It is well suited for students and professionals with basic calculus, linear algebra, and probability knowledge, and provides foundational background on deep learning and statistical modeling. A must-read for practitioners in the machine learning field, this book is a good guide to understanding adversarial learning, the evolving landscape of defenses, and attacks.' Ferdinando Fioretto, Syracuse University
'In a field that is moving at break-neck speed, this book provides a strong foundation for anyone interested in joining the fray.' Amir Rahmati, Stony Brook
Table of ContentsContents; Preface; Notation; 1. Overview of adversarial learning; 2. Deep learning background; 3. Basics of detection and mixture models; 4. Test-time evasion attacks (adversarial inputs); 5. Backdoors and before/during training defenses; 6. Post-training reverse-engineering defense (PT-RED) Against Imperceptible Backdoors; 7. Post-training reverse-engineering defense (PT-RED) against patch-incorporated backdoors; 8. Transfer post-training reverse-engineering defense (T-PT-RED) against backdoors; 9. Universal post-training backdoor defenses; 10. Test-time detection of backdoor triggers; 11. Backdoors for 3D point cloud (PC) classifiers; 12. Robust deep regression and active learning; 13. Error generic data poisoning defense; 14. Reverse-engineering attacks (REAs) on classifiers; Appendix. Support Vector Machines (SVMs); References; Index.
