Author: Killian Levacher, Research Scientist (IBM Research Europe – Dublin)
One of the research domains where AI4Media has focused on is the critical infrastructure necessary for the inclusion of AI tools within our society by investigating the various dimensions of Trusted AI. During the first year of the project, our activities have already successfully provided various research contributions in areas such as AI Robustness, AI Fairness, Explainable AI and AI Privacy.
This work has also led to the publication of 6 papers in prestigious AI conferences, and the submission of 4 conference papers and 1 journal paper. These early accomplishments represent a solid foundation to expand our research throughout the remaining years of the project.
Artificial Intelligence (AI) is an area of strategic importance to the European Union with respect to its ability to support and shape future economic and social development. While the recent leaps in innovation in this space offer immense opportunities, due to the increasing importance and prevalence of AI systems across industries various aspects of this technology present many security, as well as, societal risks which may conflict with the ethical and democratic principles shared across the European Union such as transparency, privacy and inclusion among others.
Trustworthy AI hence aims at providing a framework for the development of Machine Learning (ML) technologies, which guarantees their suitability with respect to the democratic and ethical values shared in our society. This recently emerging field of AI can be typically divided into four broad dimensions, namely AI robustness, Explainable AI, AI fairness and AI privacy.
AI Robustness focuses on machine learning vulnerabilities that can be exploited by malicious attackers seeking to either steal capacities of proprietary models, identify private information used to train these models, or purposely push a model in making incorrect predictions. These attacks can be achieved through the use of adversarial samples in various forms (images, texts, tabular data, etc.) and across a wide range of model types. In the first year of the AI4Media project, our activities already successfully provided various research contributions in this field.
Explainable AI deals with the trust that needs to be established between an AI model and its user. European legislation states that technical measures must be put in place in order to facilitate the interpretation of the outputs of AI systems by the public. In other words, users of AI models must be able to understand why predictions were made, regardless of the precision or validity of each prediction. While the recent explosion of deep learning models has led to amazing gains in performance, these models in particular provide very limited visibility even to their own designers as to how they reached a decision. It is, therefore, crucial to develop a set of technologies that can support users in understanding how specific predictions were made, in order for these technologies to be safely incorporated within the fabric of society.
During the first year of the project, AI4Media partners successfully made a few contributions in this dimension of Trusted AI.
Thanks to the collaboration of various partners, a public workshop (available on YouTube), dedicated to developing a taxonomy of Explainable AI across various disciplines was also organised, bringing together 16 experts (7 invited speakers and 6 invited panelists) from a wide range of disciplines (technologists, philosophers, lawyers etc.) to discuss the various meanings, legal constraints and social impacts of Explainable AI and how these will impact the future technical development of the field.
Finally, the process of training and building AI models requires the management of large amounts of data which in many cases contain sensitive information which should not be shared beyond a dedicated group of data processors and owners. This generates a conflict of interest between the need to have the most numerous and accurate data available to reach high precision accuracy while at the same time reducing the amount of data being used to minimise any impact on an individual’s privacy.
Private information leakage can occur both while a model is being trained as well as after deployment. AI Privacy hence aims at threading the needle between these two forces by providing the means to produce reliable ML models while simultaneously protecting individuals’, as well as, corporations’ sensitive information. In this domain, during the first year of the project, the IDIAP Research Institute developed a new tool to secure privacy within a specific type of neural network based on graphs. (Read the paper)
This resulted in a publication on “Locally Private Graph Neural Networks” which was shortlisted as one of the ten finalists for the CSAW 2021 Europe Applied Research Competition. This competition awards the best paper of the year written by doctoral students in the field of security and privacy. A differential privacy library for AI models (Access the GitRepo), was developed by IBM and a novel method for data protection using adversarial attack was developed by the Aristotle University of Thessaloniki (Read the paper).