AI Projects

As a graduate student, you have the unique opportunity to embark on an exciting journey in the field of deep learning and natural language processing. In this project, you will dive into the realm of Language Vision Pretraining, a cutting-edge area that combines the power of large-scale models, advanced hardware, and state-of-the-art software tools. This project will not only expand your knowledge but also provide hands-on experience in setting up a deep learning environment for billion-parameter models, working with advanced NVIDIA servers, and using recent versions of PyTorch and CUDA.

In this project, you will be at the forefront of the evolving field of autonomous vehicles (AVs), tasked with creating a specialized laboratory for robustness analysis of AV systems. Your journey will be marked by gaining expertise in assessing and enhancing the resilience of AVs, working with open-source deep learning tools, and deploying large-scale computer vision models.

Adversarial perturbations are small bounded-norm perturbations of a network’s input that aim to alter the network’s output and are known to mislead and undermine the performance of deep neural networks (DNNs). Sparse adversarial perturbations constitute a setting in which the perturbations are limited to affect a relatively small number of points in the input. Patch adversarial attacks are then sparse attacks in which the perturbed points are additionally limited to a given structure and location.

Adversarial perturbations are small bounded-norm perturbations of a network’s input that aim to alter the network’s output and are known to mislead and undermine the performance of deep neural networks (DNNs). Sparse adversarial perturbations constitute a setting in which the perturbations are limited to affect a relatively small number of points in the input. Patch adversarial attacks are then sparse attacks in which the perturbed points are additionally limited to a given structure and location.

Adversarial attacks were first discovered in the context of deep neural networks (DNNs), where the networks’ gradients were used to produce small bounded-norm perturbations of the input that significantly altered their output. Such attacks target the increase of the model’s loss or the decrease of its accuracy and were shown to undermine the impressive performance of DNNs in multiple fields. The usually considered accessibility setting for adversarial attacks is “white-box” attacks, in which the attacks can access the weights and gradients of the model. However, attacks have also been shown to exist in a “black-box” setting, in which they can only access the input and output of the model.

Strategic classification is an online classification problem in which the data is generated by strategic agents who manipulate their features aiming to change the classification outcome. In rounds, the learner deploys a classifier, then an adversarially chosen agent manipulates some data samples to optimally respond to the learner’s choice of classifier. Such settings arise when machine learning models are used to make important decisions about the welfare (employment, education, health) of strategic individuals. Knowing information about the classifier, such individuals may manipulate their attributes to obtain a better classification outcome.

Adversarial perturbations are small bounded-norm perturbations of a network’s input that aim to alter the network’s output and are known to mislead and undermine the performance of deep neural networks (DNNs). Sparse adversarial perturbations constitute a setting in which the perturbations are limited to affect a relatively small number of points in the input.

Adversarial perturbations are small bounded-norm perturbations of a network’s input that aim to alter the network’s output and are known to mislead and undermine the performance of deep neural networks (DNNs). Sparse adversarial perturbations constitute a setting in which the perturbations are limited to affect a relatively small number of points in the input.

Adversarial perturbations were first discovered in the context of deep neural networks (DNNs), where the networks’ gradients were used to produce small bounded-norm perturbations of the input that significantly altered their output. Methods for producing such perturbations and the resulting perturbed inputs are referred to as adversarial attacks and adversarial inputs. Such attacks target the increase of the model’s loss or the decrease of its accuracy and were shown to undermine the impressive performance of DNNs in multiple fields.

Adversarial attacks are small bounded-norm perturbations of a network’s input that aim to alter the network’s output and are known to mislead and undermine the performance of deep neural networks (DNNs). Adversarial defenses then aim to mitigate the effect of such attacks.

Natural language generation (NLG) is the production of understandable texts via machine learning models. It is used in a variety of fields and commonly in chatbots such as ChatGPT. However, the produced chatbots are easily misled and often respond with incorrect answers. Moreover, some chatbots are known to engage in improper conduct, such as Meta’s “BlenderBot” repeating antisemitic and right-wing conspiracy theories.

Adversarial attacks are small bounded-norm perturbations of a network’s input that aim to alter the network’s output and are known to mislead and undermine the performance of deep neural networks (DNNs). Adversarial defenses then aim to mitigate the effect of such attacks, and unadverserial are the self-application of attacks for improved performance.