Luisa Verdoliva

Security in deep learning: an application to multimedia forensics


Abstract: In the short course of a few years, deep learning has changed the rules of the game in a wide array of scientific disciplines, with immediate impact on major applicative areas, from autonomous cars, to data science, to robotics, and profound effects on society and economy that are just beginning to display. However, because of their very nature, deep learning systems are still gray-to-black boxes, with outcomes that are predictable only on a statistical basis. This raises huge concerns on security, under all possible points of view.

This lecture will touch upon the vulnerability of deep learning with reference to the main state-of-the-art architectures.  In particular, it will a) introduce the basic concepts of Convolutional Neural Networks (CNN); b) present security weaknesses of CNNs with reference to adversarial attacks and possible countermeasures; c) illustrate Generative Adversarial Networks (GAN) and how they can be used in an adversarial setting; d) analyze in more depth specific issues in multimedia forensics, considering the main areas of interest, such as source identification, image and video forgery detection.


Bio: Luisa Verdoliva obtained the Ph.D. Degree in Information Engineering from the University Federico II of Naples in 2002, where she is currently Assistant Professor of Telecommunications, and holder of the National Habilitation for Associate Professor in the same field.Her research activity is currently focused on deep learning for multimedia forensics, in particular on source identification, image and video forgery detection and localization. She serves as reviewer for the major conferences and journals in the area of image and video processing. She is member of the IEEE Information Forensics and Security Technical Committee and Associate Editor for IEEE Transactions on Information Forensics and Security.She is Principal Investigator for the Research Unit of University Federico II of Naples in the DISPARITY (Digital, Semantic and Physical Analysis of Media Integrity) project funded by DARPA (Defense Advanced Research Projects Agency) under the MEDIFOR program.