Publication Date
5-2024
Date of Final Oral Examination (Defense)
3-25-2022
Type of Culminating Activity
Dissertation
Degree Title
Doctor of Philosophy in Computing
Department Filter
Computer Science
Department
Computer Science
Supervisory Committee Chair
Edoardo Serra, Ph.D.
Supervisory Committee Member
Francesca Spezzano, Ph.D.
Supervisory Committee Member
Maria Soledad Pera, Ph.D.
Abstract
The advent of sophisticated Machine Learning (ML) models has revolutionized the cybersecurity landscape, offering unprecedented capabilities to address complex challenges. Despite the ML model's capabilities, such models are still perceived as black boxes, the critical aspects of interpretability and robustness within these models often remain underexplored, rendering them susceptible to adversarial attacks and hindering their integration into sensitive applications. This dissertation focuses on interpretability and robustness of black-box ML models, aiming to fortify the cyberinfrastructure. Through a meticulous investigation of advanced techniques and methodologies, this work contributes towards elucidating and enhancing the interpretability and robustness of ML models in cybersecurity contexts, thereby laying the groundwork for the development of ML systems that are both reliable and trustworthy.
This research has four contributions: Firstly, it analyzes the resilience of Automatic Scientific Claim Verification (ASCV) tools against sophisticated adversarial rephrasing, underscoring the imperative for robust model design and introducing an innovative attack model that crafts precise adversarial examples. Secondly, it assesses the impact of attribution methods on improving ML interpretability, highlighting their crucial role in fostering human-AI trust. Thirdly, the dissertation introduces the Generality and Precision Shapley Attributions (GAPS) method, a novel approach that enhances ML model explanations. Lastly, as a possible use case, this thesis explores a few-shot transfer learning approach tailored for rapid user personalization in privacy-sensitive image classification, to show the practical applicability of interpretable ML techniques within the privacy domain. Collectively, these contributions not only advance the understanding of ML model dynamics but also pave the way for their effective application in safeguarding cyberspaces.
DOI
https://doi.org/10.18122/td.2258.boisestate
Recommended Citation
Ratul, Qudrat E. Alahy, "Interpretation and Robustness of Black-Box ML Models for Secure Cyber Space" (2024). Boise State University Theses and Dissertations. 2258.
https://doi.org/10.18122/td.2258.boisestate
