Adversarial Machine Learning for Structured Data

Adversarial Machine Learning (AML) is a technique to fool a machine learning model through malicious input. Due to its significance in many scenarios, including security, privacy, and health application, AML has attracted a large amount of attention in recent years. However, the underlying theoretical foundation for AML still remains unclear and how to design effective and efficient attack and defence algorithms are remain a challenge in the research community. Furthermore, most existing  AML algorithms can only apply to Euclidean space. How to extend existing AML algorithms to non-Euclidean and structured domains such as trees and graphs is a challenging but important problem.

This project aims to solve these limitations. Novel Adversarial Machine Learning algorithms for structured data will be proposed. The algorithms will be further extended to graph-structured data. Applications of AML will also be investigated to demonstrate the effectiveness of the proposed algorithms.