Graphic is from the paper “Knowledge-Enriched Distributional Model Inversion Attacks”

With privacy a growing concern, Si Chen, a Ph.D. student in the Bradley Department of Electrical and Computer Engineering is using machine learning to study potential attacks and defenses against machine learning models. 

She was attracted to this area of research because it is important and practical in real-world settings.

“For example,” said Chen, “if a company trains a medical diagnosis model on a training set containing sensitive information, an attacker may be able to infer the training set’s knowledge even if he or she only has access to the model. Our job is to research better attack algorithms that can aid development of defense techniques.”

Chen is advised by Ruoxi Jia, faculty at the Sanghani Center. “I really enjoy the academic atmosphere, diverse and inclusive environment, and the college culture at Virginia Tech and at the center. My advisor and lab mates are wonderful people who are always willing to lend a helping hand.”  

In October, Chen will present the paper, Knowledge-Enriched Distributional Model Inversion Attacks at ICCV 2021. During the summer another paper that she and Ruoxi collaborated on — Zero-Round Active Learning — was published as an arvix preprint. Their previous paper, One-Round Active Learning, published on that site in Spring 2021.

Chen earned a bachelor’s degree in electrical and electronics engineering from the Beijing Institute of Technology.

Projected to graduate in 2024, Chen hopes to have an industry job where she can continue to work on her research area of interest.