-演講時間: 114年9月24日（三） 14:00~16:00

-演講地點: E6-A207教室

-演講者: 陳尚澤 副教授(國立臺灣大學 資訊工程學系)

-演講主題: Trapdoor-based Defense against Privacy Attacks.

-演講摘要:

Model Inversion (MI) attacks threaten data privacy by reconstructing training data from AI models. In this talk, I will present Trap-MID, a defense that embeds a trapdoor trigger into the model, causing MI attacks to recover the trapdoor pattern instead of private data. Unlike traditional regularization-based defenses, Trap-MID uses deception to mislead attackers. I will discuss theoretical insights on trapdoor effectiveness and naturalness,along with empirical results showing state-of-the-art performance against various MI attacks—achieved without extra data or significant overhead.

-簡歷 :

Shang-Tse Chen is an Associate Professor in the Department of computer Science and Information Engineering at National Taiwan University. He works at the intersection of applied and theoretical machine learning, with a strong application focus on cybersecurity. His research has led to patented cyber threat detection technology with Symantec, open-sourced adversarial attack and defense tools with Intel, and a deployed fire risk prediction system with the Atlanta Fire Rescue Department. He is a recipient of the K. T. Li Young Researcher Award in 2025. His recent research interests include various aspects of ML models' security, privacy, and fairness.