Episode
#95 – Dawn Song: Adversarial Machine Learning and Computer Security
2:13:04
Published: Tue May 12 2020
Description
Dawn Song is a professor of computer science at UC Berkeley with research interests in security, most recently with a focus on the intersection between computer security and machine learning. Support this podcast by signing up with these sponsors: – Cash App – use code “LexPodcast” and download: – Cash App (App Store): https://apple.co/2sPrUHe – Cash App (Google Play): https://bit.ly/2MlvP5w EPISODE LINKS: Dawn's Twitter: https://twitter.com/dawnsongtweets Dawn's Website: https://people.eecs.berkeley.edu/~dawnsong/ Oasis Labs: https://www.oasislabs.com This conversation is part of the Artificial Intelligence podcast. If you would like to get more information about this podcast go to https://lexfridman.com/ai or connect with @lexfridman on Twitter, LinkedIn, Facebook, Medium, or YouTube where you can watch the video versions of these conversations. If you enjoy the podcast, please rate it 5 stars on Apple Podcasts, follow on Spotify, or support it on Patreon. Here's the outline of the episode. On some podcast players you should be able to click the timestamp to jump to that time. OUTLINE: 00:00 - Introduction 01:53 - Will software always have security vulnerabilities? 09:06 - Human are the weakest link in security 16:50 - Adversarial machine learning 51:27 - Adversarial attacks on Tesla Autopilot and self-driving cars 57:33 - Privacy attacks 1:05:47 - Ownership of data 1:22:13 - Blockchain and cryptocurrency 1:32:13 - Program synthesis 1:44:57 - A journey from physics to computer science 1:56:03 - US and China 1:58:19 - Transformative moment 2:00:02 - Meaning of life
Chapters
Dawn Song, a professor of computer science at UC Berkeley, praises Cash App's fractional share trading as a step up to the next layer of abstraction over the stock market and an algorithmic marvel.
00:00 - 01:32 (01:32)
Summary
Dawn Song, a professor of computer science at UC Berkeley, praises Cash App's fractional share trading as a step up to the next layer of abstraction over the stock market and an algorithmic marvel. However, an advertisement is present in the episode.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
With attacks moving more towards humans through social engineering tactics, it's important to consider the security of the entire stack, from networking security to software security.
01:32 - 12:46 (11:14)
Summary
With attacks moving more towards humans through social engineering tactics, it's important to consider the security of the entire stack, from networking security to software security.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The risks of backdoor attacks in machine learning systems, which involve feeding poisoned data points to create incorrect models, can cause major implications for security and efficiency.
12:46 - 21:07 (08:21)
Summary
The risks of backdoor attacks in machine learning systems, which involve feeding poisoned data points to create incorrect models, can cause major implications for security and efficiency. Such attacks may only be identifiable in specific situations or trigger inputs, leading to biased or incorrect predictions.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
Researchers explore the concept of adversarial attacks, which aim to deceive artificial intelligence algorithms by planting small amounts of malicious code into their programs.
21:07 - 30:37 (09:30)
Summary
Researchers explore the concept of adversarial attacks, which aim to deceive artificial intelligence algorithms by planting small amounts of malicious code into their programs. They demonstrate how simple optical illusions could trick image recognition software, or how a perturbed stop sign could be misidentified as a speed limit sign by autonomous driving systems.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
This podcast discusses the difficulties of creating successful adversarial examples in the physical world due to the need for perceptible changes in images that can cause a difference from the camera side, which can be more challenging than in the digital world where presentations can be added anywhere in the image.
30:37 - 42:11 (11:33)
Summary
This podcast discusses the difficulties of creating successful adversarial examples in the physical world due to the need for perceptible changes in images that can cause a difference from the camera side, which can be more challenging than in the digital world where presentations can be added anywhere in the image.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
Adversarial attacks pose a challenge for image segmentation systems in autonomous vehicles that use vision as their primary sensor, such as Tesla's autopilot.
42:11 - 52:14 (10:03)
Summary
Adversarial attacks pose a challenge for image segmentation systems in autonomous vehicles that use vision as their primary sensor, such as Tesla's autopilot. These attacks can result in incorrect segmentation and pose a threat to the safety and security of these systems.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
Researchers discuss the possibility of orchestrating end to end attacks on Tesla's Autopilot system and stealing sensitive information from the original training data of the model through white box attacks that only require querying the machine learning model.
52:14 - 1:02:39 (10:24)
Summary
Researchers discuss the possibility of orchestrating end to end attacks on Tesla's Autopilot system and stealing sensitive information from the original training data of the model through white box attacks that only require querying the machine learning model.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The potential risk of attackers exploiting machine learning models and extracting sensitive information in original training datasets without knowing the model details is becoming increasingly important, and scholars are now focusing on defining a person's data privacy beyond their basic demographics.
1:02:39 - 1:10:23 (07:44)
Summary
The potential risk of attackers exploiting machine learning models and extracting sensitive information in original training datasets without knowing the model details is becoming increasingly important, and scholars are now focusing on defining a person's data privacy beyond their basic demographics. A possible defense to this risk was presented in this podcast.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The ownership of data and control could help bring dialogue surrounding the trading of data to the forefront, resulting in more nuanced conversations about our personal data's worth.
1:10:24 - 1:21:11 (10:46)
Summary
The ownership of data and control could help bring dialogue surrounding the trading of data to the forefront, resulting in more nuanced conversations about our personal data's worth. However, the internet may change, and services may lose value with the ownership of data.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
Oasis Labs is developing a platform for responsible data economy that combines secure and privacy-preserving computation with an immutable log of user ownership and data usage policies.
1:21:11 - 1:37:00 (15:48)
Summary
Oasis Labs is developing a platform for responsible data economy that combines secure and privacy-preserving computation with an immutable log of user ownership and data usage policies. The program synthesis and adversarial machine learning fields are focused on by Oasis Labs' effort to build intelligent machines.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
This episode discusses one of the challenges in machine learning, which is programming synthesis, and how it cuts across different fields, including deep reinforcement learning and neural program synthesis, to learn from past tasks and training for the generalization of new tasks.
1:37:00 - 1:45:11 (08:11)
Summary
This episode discusses one of the challenges in machine learning, which is programming synthesis, and how it cuts across different fields, including deep reinforcement learning and neural program synthesis, to learn from past tasks and training for the generalization of new tasks.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The speaker describes their journey from studying physics in undergrad to pursuing computer science at Carnegie Mellon for graduate studies.
1:45:11 - 1:50:06 (04:54)
Summary
The speaker describes their journey from studying physics in undergrad to pursuing computer science at Carnegie Mellon for graduate studies. While many machine learning methods have their roots in physics, the speaker found a passion for computing and sought out one of the best universities in the world for computer science research.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The speaker discusses the difference between computer science and physics, where the latter has simple laws that can derive the entire universe.
1:50:06 - 1:56:21 (06:15)
Summary
The speaker discusses the difference between computer science and physics, where the latter has simple laws that can derive the entire universe. They note that computer science systems are human-defined and artificial, creating many artifacts.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The guest discusses their transformative moment in falling in love with computer science and reflects on the potential for healthy collaboration between the US and China in the development of AI despite differing values and potential for an arms race.
1:56:21 - 2:00:19 (03:57)
Summary
The guest discusses their transformative moment in falling in love with computer science and reflects on the potential for healthy collaboration between the US and China in the development of AI despite differing values and potential for an arms race.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The concept of searching for the meaning of life is an open question and varies from person to person.
2:00:19 - 2:06:07 (05:47)
Summary
The concept of searching for the meaning of life is an open question and varies from person to person. Some believe there is an external force guiding them towards their life's purpose, while others believe it is up to individual interpretation.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
Exploring the tricky concept of the meaning of life and questioning whether it can ever truly be answered or if it's just a trap.
2:06:07 - 2:10:53 (04:46)
Summary
Exploring the tricky concept of the meaning of life and questioning whether it can ever truly be answered or if it's just a trap.
Episode#95 – Dawn Song: Adversarial Machine Learning and Computer Security
PodcastLex Fridman Podcast
The speaker shifted their focus from security to AI machine learning when they realized their purpose was to build intelligent machines.
2:10:53 - 2:12:44 (01:50)
Summary
The speaker shifted their focus from security to AI machine learning when they realized their purpose was to build intelligent machines. They talk about the meaning of their life and the journey they took to become a world-class researcher.