In computer vision, adversarial examples are images subtly altered to give an unexpected result when passed through a trained model are a known phenomenon. However, they are often model-specific: they are usually created using information about a trained model, and thus an image that is adversarial for one trained model may not be adversarial for another. Our research aims to answer the question of whether it is possible to subtly alter a training dataset so that any model trained on it will exhibit some prespecified abnormal behavior on normal inputs.

Through SuperUROP, I hope to improve my skills as a researcher, gain more experience conducting machine learning research, and work on an exciting problem. I’ve taken classes and have conducted research on machine learning in the past, and I hope to deepen my understanding of topics in the field through this project.