SHANGHAI, Nov. 27, 2018 /PRNewswire/ -- On October 24th, GeekPwn2018, the world's leading hacker contest focusing on securing our digital lifestyles, arrived in style. Thousands of white-hat hackers from around the world gathered at the Grand Stage of the Himalaya Art Center in Shanghai to compete and communicate with each other to develop and explore the safety limits of smart devices and artificial intelligence. At the end of the contest, the GeekPwn organizers announced the final results of the CAAD CTF and CAAD2018 online competitions.
As a new challenge competition launched by GeekPwn2018, CAAD (Competition on Adversarial Attacks and Defenses) aims to exploit potential security issues in the field of Artificial Intelligence by focusing on the hottest adversarial examples in machine learning, and to conduct attack and defense competitions in the world's leading competition environment. In CAAD CTF, GeekPwn players conducted real-time attacks and defenses on the spot, with professional technical competitions and visual demonstrations to unveil the potential security risks of Artificial Intelligence and protect the healthy growth of Artificial Intelligence.
Hailing from Tsinghua University, China's University of Science and Technology, USA's John Hopkins University, Facebook, Tencent, Alibaba, Shanbay as well as six other AI teams from well-known universities and enterprises, the competitors tussled it out on stage for the audience. After two stages of tug-of-war intense battles, the IYSWIM team emerged as GeekPwn 2018's CAAD CTF champion, with OWLET and TSAIL picking up the runner-up and second runner-up prizes respectively. In addition, Blade, USTC-ALIBABA and the RNG team won special mention prizes for their innovative solutions.
The current CAAD CTF champion team IYSWIM consists of two members, one is Mr. Wu Yuxin, who specializes in computer vision research at Facebook AI Research, and Dr. Xie Cihang, who is a Ph.D. student in computer vision at Johns Hopkins University, and is advised by Alan Yuille. At the scene, the adversarial examples they generated successfully deceived Amazon celebrity recognition, which made a mistake in identifying the special guest host Jiang Changjian (the "Most Strong Brain" program Season Five host) as Arnold Schwarzenegger. It was this extremely difficult successful challenge that made IYSWIM stand out amongst the crowd and win the championship.
The CAAD2018 online competition, which was launched in May this year, has proven to be extremely popular with the community after its release. After nearly a hundred international top teams competed over several months, the strongest teams separated themselves from the pack through sheer quality. Among them, ysharma1126, Labmem2018, TSAIL, NorthwestSec, and Teaflow teams ranked in the top five in the Non-targeted Adversarial Attack sub-competition; while the ysharma1126, TSAIL, NorthwestSec, teaflow, and RNG teams were ranked the best in the Targeted Adversarial Attack sub-competition. The top five; FAIR & JHU, TSAIL, ysharma1126, dlight, Kunlin team ranked the top five in the Defense Against Adversarial Attack sub-competition.
According to the competition rules, the CAAD2018 online competition is divided into three sub-competitions: Non-targeted Adversarial Attack, Targeted Adversarial Attack, and Defense Against Adversarial Attack. The objective of the Non-targeted Adversarial Attack competition is to create adversarial examples by modifying the original image slightly, so that the unknown classifier will mis-classify the modified image. The goal of the Targeted Adversarial Attack is to slightly modify the original image so that the unknown classifier will mis-classify the modified image to the specified class. The goal of the Defense Against Adversarial Attack is to generate a machine-learning classifier that has a strong defense against attacks, i.e., to correctly classify adversarial examples.
As the overall champion of the CAAD2018 online competition, the ysharma1126 team excelled in all three sub-competitions, winning first place in both the non-targeted and targeted attacks and third place in the defense sub-competition. The team is comprised of:
- Yash Sharma, who is a research intern at Borealis AI, holds a Bachelors and Masters from the Cooper Union, and has presented in conferences such as DEFCON 26.
- Tien-Dung Le, who is a Big Data scientist, holds a Ph.D. in Robotics in Japan and has 10 years of working experience at universities as well as AI start-ups and scale-ups.
- Moustafa Alzantot, who is a Ph.D. Candidate in Computer Science at UCLA.
The other team, the TSAIL team from Tsinghua University, is on a par with the ysharma1126, making the top three in all three sub-competitions. It is notable that all members of the TSAIL team are from Tsinghua University, including the postdoctoral stars of the Department of Computer Science and Technology: TSAIL Group Ph.D. student Du Chao, Master of Computer Science, Xiao Zihao, Department of Computer Science and Technology, TSAIL Group Ph.D. student Pang Tianyu, and Dr. Dong Yinpeng, Ph.D. student of TSAIL Group, Department of Computer Science and Technology. Their team instructor is Professor Zhu Jun, also from Tsinghua University. Prior to that, TSAIL had won three titles in the 2017 Neuro-Information Processing Systems Conference (NIPS), specifically in the Adversarial Attack and Defense Competition.
FAIR & JHU, the champion team in the Defense sub-competition, include two winning CAAD CTF champions, IYSWIM (Xie Cihang, Wu Yuxin), and Johns Hopkins University (United States). The team included notable people such as Professor Alan Yuille, who is a Bloomberg Distinguished Professor of Cognitive Science and Computer Science at Johns Hopkins University; Laurens van der Maatenm who is a research scientist at Facebook AI Research, working on topics in machine learning and computer vision, and Kaiming He, a research scientist at Facebook AI Research, working on computer vision and deep learning. Kaiming is most well-known as the author of "ResNet", one of the most cited papers in deep learning.
Taking fourth-place in the defensive competition was DLight, including He Xindong, a former researcher at Sensetime in Shenzhen Shangtang Technology Co., Ltd, Zeng Xingyu, a researcher at Shenzhen Shangtang Technology Co., Ltd., and He Xindong, a Ph.D. degree major in electronic engineering at the Chinese University of Hong Kong.
This year's CAAD (Competition on Adversarial Attacks and Defenses) had prizes totaling USD 100,000. Each sub-competition's top 5 teams took home prizes in USD as follows: 1st place: $16,000, 2nd place: $9,000, 3rd place: $6,000, 4th and 5th places: $1,000. In addition, the overall winner ysharma1126 also took home $38,000 in special awards and mentioned prizes.
In today's "face-recognition era", in which any environment relies on face recognition and validation, AI mapping technology will permeate every aspect of life. Common AI programs, such as face recognition that are applied to smartphones, airport security checks, and smart door locks, are actually AI recognition of images as a certain category. Since most machine learning-based classifiers are highly sensitive to recognize against adversarial examples, subtle modifications that are imperceptible to the human eye will affect machine learning classifiers and make them mis-classify. The adversarial example attack is the technical means of error classification by modifying the AI neural network and making it wrong, thereby identifying weaknesses beforehand.
Therefore, in order to speed up the research on the adversarial attacks, Alexey Kurakin, Ian Goodfellow of Google Brain, and Dawn Song, a professor of computer science at the University of California, Berkeley, jointly launched a simple offensive and defensive match. They called it the Competition on Adversarial Attacks and Defenses 2018, CAAD2018 for short.
After three years of the Robot Agent Challenge, the new competition rules have led eight teams from China, the United States, India and other countries to pit themselves against the challenge environment. On site, teams compete through using self-designed robots to complete specified tasks such as sneaking into simulated labs and stealing secrets. In this sub-category, the OP-USA team from the University of Nevada won the first place.
GeekPwn, the world's first leading platform to explore Artificial Intelligence and professional security, has been focusing on the issue of AI security since 2015. In the future, GeekPwn will continue to promote new forms of competition and work for the long-term promotion of a safe, ecological and healthy cybersecurity environment. In addition to the CAAD CTF initiative, they also held this year's GeekPwn 2018 "Hacking into the future of Artificial Intelligence". Under the theme of the PWN4FUN Challenge, there was no limit to the Open and the PWN4FUN Challenge, which was a special event with different challenge scenarios, Among them, "Recover Blurred Image Challenge", "RFID long-distance reading and writing", "Data Tracking Challenge", "Robot Agent Challenge" and other innovative and interesting competition systems. As contestants constantly kept breaking new boundaries and limits, the host Jiang Changjian couldn't help but marvel at the feats.