I am a Ph.D. student at the University of Wisconsin–Madison’s Department of Computer and Sciences, advised by Kassem Fawaz. My research interests mainly lie on adversarial machine learning. I also actively work with Somesh Jha on robust machine learning, and with Earlence Fernandes and Rahul Chatterjee on interesting system security problems.

Please find my personal homepage at this link.

News

June, 2021
Started my summer internship at MSR Redmond, where I worked with Jay Stokes and Emre Kiciman on Machine Learning System Security.

Selected Projects

Analyzing Accuracy Loss in Randomized Smoothing Defenses

Randomized smoothing is one popular approach for certified defence against adversarial attacks. We perform an in-depth exploration of this approach, and its relation to noise augmentation during training. Our main result identifies a critical noise threshold, beyond which the realizable hypothesis class after smoothing is a strict subset of that before smoothing. We empirically observe that, noise augmentation alone can already provide adversarial robustness, yet smoothing is not effective without noise augmentation.

Publications

On the Limitations of Stochastic Pre-processing Defenses

Yue Gao, Ilia Shumailov, Kassem Fawaz, Nicolas Papernot.

The Interplay Between Vulnerabilities in Machine Learning Systems

Yue Gao, Ilia Shumailov, Kassem Fawaz.

Experimental Security Analysis of the App Model in Business Collaboration Platforms

Yunang Chen*, Yue Gao*, Nick Ceccio, Rahul Chatterjee, Kassem Fawaz, Earlence Fernandes.

Analyzing Accuracy Loss in Randomized Smoothing Defenses

Yue Gao*, Harrison Rosenberg*, Kassem Fawaz, Justin Hsu, Somesh Jha.

Variational Autoencoder for Low Bit-rate Image Compression

Lei Zhou, Chunlei Cai, Yue Gao, Sanbao Su, Junmin Wu.