I am a M.S. student in the Computer and Sciences department at the University of Wisconsin, Madison. My research interests focus on system security and adversarial machine learning. I am co-advised by Prof. Kassem Fawaz and Prof. Somesh Jha.

Selected Projects

Analyzing Accuracy Loss in Randomized Smoothing Defenses

Randomized smoothing is one popular approach for certified defence against adversarial attacks. We perform an in-depth exploration of this approach, and its relation to noise augmentation during training. Our main result identifies a critical noise threshold, beyond which the realizable hypothesis class after smoothing is a strict subset of that before smoothing. We empirically observe that, noise augmentation alone can already provide adversarial robustness, yet smoothing is not effective without noise augmentation.

Publications

Analyzing Accuracy Loss in Randomized Smoothing Defenses
Yue Gao*, Harrison Rosenberg*, Kassem Fawaz, Justin Hsu, Somesh Jha.
In submission to USENIX Security 2020