Difference between revisions of "Identifying Appropriate Machine Learning Models for Multi Robot Secure Coordination in a Healthcare Facility"

From REU@MU
Jump to: navigation, search
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Student Researcher:''' Shota Nemoto
+
'''Student Researcher:''' [[User:Snemoto|Shota Nemoto]]
  
 
'''Mentor:''' [https://www.marquette.edu/computer-science/directory/debbie-perouli.php Dr. Debbie Perouli]
 
'''Mentor:''' [https://www.marquette.edu/computer-science/directory/debbie-perouli.php Dr. Debbie Perouli]
Line 7: Line 7:
 
In the near future, the U.S. will experience a severe shortage of Registered Nurses. A proposed solution is the development of Robotic Caregivers (RCGs), both service and social robots, which will be able to provide care autonomously. Commercial service robots that are currently available, such as Temi and Loomo, provide APIs for developers to create applications for these RCGs. Many applications will input sensor data into machine learning models, which may leave it vulnerable to attack from an adversary attempting to retrieve a patient’s personal data or fool a model into mislabeling or misclassifying an input.  
 
In the near future, the U.S. will experience a severe shortage of Registered Nurses. A proposed solution is the development of Robotic Caregivers (RCGs), both service and social robots, which will be able to provide care autonomously. Commercial service robots that are currently available, such as Temi and Loomo, provide APIs for developers to create applications for these RCGs. Many applications will input sensor data into machine learning models, which may leave it vulnerable to attack from an adversary attempting to retrieve a patient’s personal data or fool a model into mislabeling or misclassifying an input.  
  
The objective of this project is to research an adversarial attack on these robots.
+
The objective of this project is to evaluate the performance of an adversarial attack on these robots. The attack being evaluated is an evasion attack called Hop Skip Jump attack. The model the attack is evaluated on is a neural network developed for detecting arrhythmia using an electrocardiogram.  
  
 
==Milestones and Goals==
 
==Milestones and Goals==
Line 37: Line 37:
 
|4: Design Experiements and Methodology
 
|4: Design Experiements and Methodology
 
|
 
|
* TBD
+
* Recreate L-BFGS-B method for finding adversarial examples
 +
* Learn about finding the Jacobian of a neural network
 +
* Find other potential optimization methods for finding adversarial examples
 
|-
 
|-
  
Line 43: Line 45:
 
|
 
|
 
* Present Current Progress
 
* Present Current Progress
 +
* Recreate a Black-Box Adversarial Attack
 
|-
 
|-
  
 
|6: Implement System
 
|6: Implement System
 
|
 
|
* TBD
+
* Recreate Hop Skip Jump Attack on a simple MNIST model
 +
* Find a healthcare model to attack
 
|-
 
|-
  
 
|7: Run Experiments
 
|7: Run Experiments
 
|
 
|
* TBD
+
* Train model for arrhythmia detection on electrocardiograms (ECGS)
 +
* Adapt Hop Skip Jump Attack to apply to arrhythmia model
 +
* Generate some adversarial electrocardiograms
 
|-
 
|-
  
 
|8: Evaluation
 
|8: Evaluation
 
|
 
|
* Evaluate research on adversarial attack
+
* Automate creation of adversarial examples on ECG dataset
* Prepare report on results
+
* Gather statistics and evaluate success of algorithm
 
|-
 
|-
  
Line 65: Line 71:
 
* Create graphics for poster and paper
 
* Create graphics for poster and paper
 
* Write descriptions of experiments and methods
 
* Write descriptions of experiments and methods
 +
* Adjust parameters for Hop Skip Jump Attack and create more adversarial ECGs as needed
 
|-
 
|-
  

Latest revision as of 19:05, 25 August 2020

Student Researcher: Shota Nemoto

Mentor: Dr. Debbie Perouli

Project Description

In the near future, the U.S. will experience a severe shortage of Registered Nurses. A proposed solution is the development of Robotic Caregivers (RCGs), both service and social robots, which will be able to provide care autonomously. Commercial service robots that are currently available, such as Temi and Loomo, provide APIs for developers to create applications for these RCGs. Many applications will input sensor data into machine learning models, which may leave it vulnerable to attack from an adversary attempting to retrieve a patient’s personal data or fool a model into mislabeling or misclassifying an input.

The objective of this project is to evaluate the performance of an adversarial attack on these robots. The attack being evaluated is an evasion attack called Hop Skip Jump attack. The model the attack is evaluated on is a neural network developed for detecting arrhythmia using an electrocardiogram.

Milestones and Goals

Week Description
1: Orientation
  • Meet other REU students and mentors
  • Learn basic data science concepts
2: Initial Reading
  • Investigate API for Temi and Loomo robots.
  • Learn about adversarial networks and potential attacks by looking at recent conferences, workshops, and journals published.
  • Find a specific adversarial attack to research
3: Form Research Hypothesis
  • Investigate deeper into selected adversarial attack
  • Form research hypothesis
4: Design Experiements and Methodology
  • Recreate L-BFGS-B method for finding adversarial examples
  • Learn about finding the Jacobian of a neural network
  • Find other potential optimization methods for finding adversarial examples
5: Begin Poster and Paper Creation
  • Present Current Progress
  • Recreate a Black-Box Adversarial Attack
6: Implement System
  • Recreate Hop Skip Jump Attack on a simple MNIST model
  • Find a healthcare model to attack
7: Run Experiments
  • Train model for arrhythmia detection on electrocardiograms (ECGS)
  • Adapt Hop Skip Jump Attack to apply to arrhythmia model
  • Generate some adversarial electrocardiograms
8: Evaluation
  • Automate creation of adversarial examples on ECG dataset
  • Gather statistics and evaluate success of algorithm
9: Finalize Poster and Paper
  • Create graphics for poster and paper
  • Write descriptions of experiments and methods
  • Adjust parameters for Hop Skip Jump Attack and create more adversarial ECGs as needed
10: Present Research
  • Finish / Polish final poster and paper
  • Present Poster