Robert Fisher has been an academic in the School of Informatics (originally in the former Department of Artificial Intelligence) at University of Edinburgh since 1984 and a full professor since 2003. He received his PhD from University of Edinburgh (1987), investigating computer vision in the former Department of Artificial Intelligence. His previous degrees are a BS with honors (Mathematics) from California Institute of Technology (1974) and a MS (Computer Science) from Stanford University (1978). He worked as a software engineer for 5 years before returning to study for his PhD. He has been researching 3D scene understanding since 1982, and has worked on model based object recognition, range image analysis and parallel vision algorithms. Prof. Robert Fisher is an IAPR Fellow.
The TrimBot2020 gardening robot was designed to work outdoors in varying lighting conditions. The robot also needed to perform various tasks: model the garden, navigate without collisions, itentify and servo the vehicle to trimming locations, and identify and servo the cutters to trimming targets. Each of these tasks led to a different computer vision approach. This talk will give an overview of each of the systems, which included 2D intensity, 2D-to-3D, and 3D point cloud processing, using both traditional and deepnet algorithms.
Isabel Trancoso is a full professor at Instituto Superior Técnico (IST, Univ. Lisbon), and the President of the Scientific Council of INESC ID Lisbon. She got her PhD in ECE from IST in 1987. She chaired the ECE Department of IST. She was Editor-in-Chief of the IEEE Transactions on Speech and Audio Processing and had many leadership roles in SPS (Signal Processing Society of IEEE) and ISCA (International Speech Communication Association), namely having been President of ISCA and Chair of the Fellow Evaluation Committees of both SPS and ISCA. She was elevated to IEEE Fellow in 2011, and to ISCA Fellow in 2014.
Speech is the most natural and immediate form of communication. It is ubiquitous. The tremendous progress in language technologies that we have witnessed in the past few years has led to the use of speech as input / outpt modality in a panoplia of applications which have been mostly reserved for text until recently. Many of these applications run on cloud-based platforms that provide remote access to powerful models in what is commonly known as Machine Learning as a Service (MLaaS), enabling the automation of time-consuming tasks (such as transcribing speech), and help users to perform everyday tasks (e.g. voice-based virtual assistants). When a biometric signal such as speech is sent to a remote server for processing, however, this input signal can be used to determine information about the user, including his/her preferences, personality traits, mood, health, political opinions, among other data such as gender, age range, height, accent, education level, etc. Although there is a growing society awareness about user data protection (the GDPR in Europe is such an example), most users of such remote servers are unaware of the amount of information that can be extracted from a handful of their sentences - in particular, about their health status. In fact, the potential of speech as a biomarker for health has been realised for diseases affecting respiratory organs, such as Obstructive Sleep Apnea or COVID-19, for mood disorders such as Depression, and Bipolar Disease, and neurodegenerative diseases such as Parkinson’s or Alzheimer’s disease. The potential for mining this type of information from speech is however largely unknown. The current state of the art in speaker recognition is also largely unknown. Many research studies with humans involve speech recordings. In the past, such recordings were stored, claiming that all user information is anonymised, but given that recent challenges in speaker recognition involve corpora of around 6,000 speakers, this anonimity may nowadays be questionable. Users are also generally unaware of the potential misuse of their speech data for voice cloning from a handful of utterances. This enormous potential can be used for impersonation attacks that may be harmfully used for defamation, misinformation or incrimination. Moreover, this potential also raises crucial spoofing concerns for automatic speaker verification systems. Machine Learning as a Service has been used to process different types of signal, namely using cryptographic techniques such as homomorphic encryption, secure multiparty computation, distance preserving hashing techniques, or differential privacy, among others. Their use for remote speech processing, however, raises many problems, namely in terms of computational and transmission costs, and their use may also imply some performance degradation. The discussion of all these issues thus requires joining forces of different research communities - speech, cryptographic, usability - but also the legal and the policy and non-legal governance communities. Their different taxonomy is probably the first obstacle to conquer. The GDPR contains few norms that have direct applicability to inferred data, requiring an effort of extensive interpretation of many of its norms, with adaptations, to guarantee the effective protection of people's rights in an era where speech must be legally regarded as PII (Personal Identifiable Information).
Battista Biggio (MSc '06, PhD '10) is an Assistant Professor at the Department of Electrical and Electronic Engineering at the University of Cagliari, Italy, and a co-founder of Pluribus One, a startup company developing secure AI algorithms for cybersecurity tasks. His pioneering research on adversarial machine learning involved the development of secure learning algorithms for spam and malware detection, and computer-vision problems, playing a leading role in the establishment and advancement of this research field. On these topics, he has published more than 70 papers, collecting more than 5600 citations (Google Scholar, Oct. 2020). Dr. Biggio regularly serves as a reviewer and program committee member for several international conferences and journals on the aforementioned research topics (including NeurIPS, ICLR, CVPR, IEEE Symp. S&P and USENIX Sec.), co-organizes three well-established workshops (AISec, DLS, S+SSPR) and he is Associate Editor for three high-impact journals (Pattern Recognition, IEEE TNNLS , and IEEE Comp. Intell. Magazine). He is chair of the TC1 on Statistical Pattern Recognition of the IAPR, a senior member of the IEEE and a member of the IAPR and ACM.
In this talk, I will briefly review some recent advancements in the area of machine learning security, including attacks and defenses, with a critical focus on the main factors which are hindering progress in this field. These include the lack of an underlying, systematic and scalable framework to properly evaluate machine-learning models under adversarial and out-of-distribution scenarios, along with suitable tools for easing their debugging. The latter may be helpful to unveil flaws in the evaluation process, as well as the presence of potential dataset biases and spurious features learned during training. I will finally report concrete examples of what our laboratory has been recently working on to enable a first step towards overcoming these limitations, in the context of different applications, including malware detection.
Publisher
Endorsed by
Technical Sponsors
