ResearchYevgeniy Vorobeychik logo

Current Projects

Adversarial machine learning: A major thread of my research involves the study of vulnerabilities of ML approaches to attack. For example, in security, machine learning is often used to discern discern malicious behavior from benign (or normal). Since such settings often involve malicious attackers who may attempt to subvert learning, my research investigates the design of machine learning algorithms that are robust to such subversion. A common type of adversarial attacks on learning algorithms are evasion attacks, to which I have thus far devoted much attention. My work includes the design of algorithms that are robust to a large class of evasion attacks, a principled means to add randomization to classifiers to further increase robustness. Another important class of problems involves attacks on computer vision approaches, notably deep neural networks. My work in this space aims to understand end-to-end vulnerabilities, such as attacks on autonomous driving, as well as defense against such attacks, for example, defense against physically realizable attacks.

Adversarial network analysis: The field of network science generally concerns itself with developing tools for analyzing network (often, social network) data, such as to enable identification of links (link prediction), communities (community detection), and predictions of node labels (node classification). I am interested in understanding vulnerabilities of associated algorithmic techniques to adversarial manipulation of network structure, as well as developing methods for robust network analysis.

Crime prediction and response: I have been fortunate to obtain high quality crime incident and police patrol data, which we are now using to develop crime forecasting and police patrol algorithms.

Game theory and privacy: In collaboration with Brad Malin's lab, I am involved in several efforts to develop a principled means of privacy risk analysis in data sharing settings, using game theory to reason about adversary's behavior. In the context of privacy, adversary's goal generally involves re-identification of published (and de-identified) data.

Game theory and security: A significant portion of my research falls into this rubric. I have in the past developed methods for plan interdiction as a way to proactively account for attacker circumvention of defensive techniques. I am also interested in understanding and modeling both attacker and computer user behavior in the context of cyber security.

Vaccination: We are applying insights from my past and current work at the intersection of security and game theory to develop new methods for designing vaccines. In particular, we are viewing pathogens (such as viruses) as adversaries who aim to evade vaccination (specifically, antibodies that are elicited by vaccination). Our goal is to design vaccines (antibodies) which are broadly neutralizing, not only with respect to known pathogen types, but also against "low-effort" pathogen mutations from these.

Security design in networked settings: There has been considerable recent literature on designing randomized security strategies in a variety of security domains, such as airport screening and federal air marshall schedules. The growing field of network science has made us aware that many settings can be well modeled using networks. In the context of security, a network carries decision externalities, that is, decisions at network nodes have consequences for other nodes to which they are connected (possibly indirectly). In this project, we focus on developing models to analyze and compute (or approximate) security strategies in such networked settings.

Decentralized decision making in complex systems: Several foundational models of complex systems have been proposed in the literature, the most prominent of which are SOC (self-organized criticality) and HOT (highly optimized tolerance). The SOC model invokes fixed rules embedded in entities in the complex system such that the complex interactions of such rules yield interesting emergent behavior that has properties of critical transition boundaries observed in numerous physical phenomena. The HOT paradigm paints a complex system as a product of optimizing behavior (possibly heuristic). Our model, NOT, conceives of a complex systems as a complex interaction of many decision making entities, each seeking to maximize its selfish gain, accounting for the decisions of others. Our model is thus fundamentally game theoretic, and yields interesting insights about the nature of complex systems, positive impact of negative externalities, and the evolution of cooperation.

Analysis of behavioral experiments on networks: Decentralized coordination has a long history, although only recently has it been studied in the context in which coordination must take place on a network (e.g., social network). This work analyzes a set of human subject experiments in networked decentralized coordination, showing that (a) the actual coordination problem has much to do with the ability of agents to coordinate, (b) behavioral features can have considerable relationship to agent influence, and (c) simple simulation models calibrated on behavioral data replicate the qualitative nature of these and other findings in networked coordination experiments.

Simulation-based and data-driven models of human dynamic behavior on networks: One of the core research problems that I am interested in is predicting behavior of autonomous agents (software or human). This is, in fact, a central question of policy-making and mechanism design: given a particular policy/design choice, how will agents react? I’ve made some progress in the context where agents are essentially game-theoretic (for example, by design). My current thrust is to model human behavior based on data collected in experiments or in the field (for example, making use of the data set of solar PV adoption in San Diego county).

© 2009 Yevgeniy Vorobeychik