Bo Li

Talk Title: Certifiably Robust Learning via Knowledge-Enabled Logical Reasoning

Abstract:
The ubiquity of intelligent systems underscores the paramount importance of ensuring their trustworthiness. Traditional machine learning approaches often assume that training and test data follow similar distributions, neglecting the possibility of adversaries manipulating either distribution or natural distribution shifts, which can lead to severe trustworthiness issues in machine learning. Our previous research has demonstrated that motivated adversaries can circumvent anomaly detection or other machine learning models at test-time through evasion attacks, or inject malicious instances into training data to induce errors through poisoning attacks. In this talk, I will provide a succinct overview of our research on trustworthy machine learning, including robustness, privacy, generalization, and their underlying interconnections, with a focus on robustness. Specifically, I will first discuss the current state of the art in certifiably robust defenses based on purely data-driven models and demonstrate that they have reached a bottleneck. I will then present our recent research on certifiably robust learning via knowledge-enabled logical reasoning, showing that it is possible to: 1) certify the robustness of such an end-to-end framework and significantly improve the certified robustness on large-scale datasets, 2) prove that such a framework is more robust than a single data-driven model under mild conditions, and 3) scale it for a variety of downstream tasks such as image classification, information extraction, PDF malware classification, and data generation.