Banner Banner

When papers choose their reviewers: adversarial Machine Learning in peer review

Icon

March 13, 2024 Icon 18:00 - 19:00

Icon

Forschungsinstitut CODE, Carl-Wery-Straße 18, 81739 München, Room 0812

Icon

Prof. Dr. Konrad Rieck

CODE-KOLLOQUIUM, Munich

When Papers Choose their Reviewers: Adversarial Machine Learning in Peer Review

Abstract: Academia is thriving like never before. Thousands of papers are submitted to conferences on hot research topics, such as artificial intelligence and computer vision. To handle this growth, systems for automatic paper-reviewer assignments are increasingly used during the reviewing process. These systems employ statistical topic models from machine learning to characterize the content of papers and automate their assignment to reviewers. In this talk, we explore the attack surface introduced by entrusting the matching of reviewers to machine-learning algorithms. In particular, we introduce an attack that modifies a given paper so that it selects its own reviewers. Technically, this attack builds on a novel optimization strategy that alternates between fooling the topic model and preserving the semantics of the document. In an empirical evaluation with a (simulated) conference, our attack successfully selects and removes reviewers, while the tampered papers remain plausible and often indistinguishable from innocuous submissions.
 

Paper: No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning. Thorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz and Konrad Rieck. Proc. of the 32nd USENIX Security Symposium, 2023.
Link: https://mlsec.org/docs/2023-sec.pdf / Paper WrapUp / Usenix Presentation (Video, 13min)

Venue: CODE-Kolloquium
Forschungsinstitut CODE, Cascada-Gebäude, Carl-Wery-Straße 18, 81739 München, Room 0812  
Please register here


Bio: Konrad Rieck is a professor at TU Berlin, where he leads the Chair of Machine Learning and Security as part of the Berlin Institute for the Foundations of Learning and Data. Previously, he held academic positions at TU Braunschweig, the University of Göttingen, and Fraunhofer Institute FIRST. His research focuses on the intersection of computer security and machine learning. He has published over 100 papers in this area and serves on the PCs of the top security conferences (system security circus). He has been awarded the CAST/GI Dissertation Award, a Google Faculty Award, and an ERC Consolidator Grant.