About this Research Topic
With continued advances in science and technology, digital data have grown at an astonishing rate in various domains and forms, such as business, geography, health, multimedia, network, text, and web data. Machine learning, a powerful tool for automatically extracting, managing, inferencing, and transferring knowledge, has been proven to be extremely useful in understanding the intrinsic nature of real-world big data. Despite achieving remarkable performance, machine learning models, especially deep learning models, suffer from harassment caused by small adversarial perturbations injected by malicious parties and users. There is an immediate and crucial need for theoretical and practical techniques to identify the vulnerability of machine learning models and explore the defense mechanism and the certifiable robustness.
The goal of this Research Topic is to present state-of-the-art methodologies build upon an innovative blend of techniques from computer science, mathematics, and statistics, and to greatly expand the reach of adversarial machine learning from both theoretical and practical points of view, allowing the machine learning models to be deployed in safety and security-critical applications. This Research Topic will focus on three main research tasks: (1) How to develop effective modification 'attack' strategies to tamper with intrinsic characteristics of data by injecting fake information? (2) How to develop defense strategies to offer sufficient protection to machine learning models against adversarial attacks? (3) How to verify certifiable robustness to adversarial perturbations for a general class of machine learning models? This Research Topic also aims at identifying future challenges and research directions related to adversarial machine learning.
We invite submissions of high-quality manuscripts reporting research in the areas of analyzing, characterizing, understanding, and tackling the vulnerability and robustness analysis of various machine learning models under different real-world scenarios.
Topics of interest include, but not limited to:
• White-box Attack, Gray-box Attack, and Black-box Attack
• Poisoning Attack and Evasion Attack
• Targeted Attack and Non-targeted Attack
• Backdoor Attack
• Privacy Attack
• Model-agnostic Attack
• Attack Imperceivability
• Adversarial Defense
• Attack Detection
• Defensive Distillation
• Privacy Defense
• Model-agnostic Defense
• Certifiable Robustness
• Robustness and Regularization
• Attack and Defense Transferability
• Attack and Defense Automation
• Adversarial Attack/Defense on Image/Graph/Text Data
Keywords: Adversarial Machine Learning, Adversarial Attack, Adversarial Defense, Certifiable Robustness, Big Data Analytics
Important Note: All contributions to this Research Topic must be within the scope of the section and journal to which they are submitted, as defined in their mission statements. Frontiers reserves the right to guide an out-of-scope manuscript to a more suitable section or journal at any stage of peer review.