Using Explainable Machine Learning to educate machines to "unlearn"
On April 16, 2024 Dr. Alexander Warnecke, former PhD candidate in the researchgroup Machine Learning and Security, chaired by Prof. Dr. Konrad Rieck, successfully defended his PhD: "Security Viewpoints on Explainable Machine Learning". In the short interview Alexander Warnecke explains, why machines sometimes need to unlearn.
Please describe and explain your research focus?
Alexander: "Explainable machine learning is a relatively novel research field – and a prominent topic in BIFOLD – that develops algorithms to help humans understand the inner working of neural networks better. I analyzed these techniques from different “security viewpoints”. On the one hand I investigated their usage for applications in the security sector, like detecting malicious applications on a smartphone or finding vulnerabilities in source code of software, for example. In this context I found out that many of these models are not ready for deployment in reality yet, especially due to the datasets that we currently rely on when training such models. On the other hand, I explored implications in the context of “machine unlearning”: If an explanation for a neural network tells us that it makes use of private information of users or has a bias with respect to gender, race or something similar, how can we remove this bias from a model effectively? An easy way would be to retrain the model from scratch without these features, however, this can be expensive in terms of run-time and resources. Therefore, I proposed two update strategies that add a small epsilon to the model parameters and thereby approximate the retraining effect. To be sure that the unlearning was successful, I derived the concept of "certified unlearning", a strong theoretical guarantee that ensures that unlearning and retraining are "indistinguishable". Although this guarantee does not hold for most modern neural networks, I could still show that the approach can be effective and efficient for these models."
What personally motivated you to enter this specific research-field?
Alexander: "I heard a very interesting lecture of my supervisor when I was a student and the “machine learning hype” just started when I graduated. So I thought why not dive into this?"
What was your greatest success/failure as a scientist?
Alexander: "Success: I was probably the first one to apply explainable machine learning to security applications.
Failure: I fell for a method that sounded great in the research paper but turned out to be very limited in reality."
Which living or historical scientist has fascinated you and why?
Alexander: "Coming from a mathematics background I find Evariste Galois (1811-1832) fascinating: He died at the age of 20 in a duel but - scared by the possibility to die - wrote a letter the night before the duel where he sketched some of his findings. About ten years later it turned out that the ideas from this letter were revolutionary and reshaped the research field of Algebra forever."
AI is considered a disruptive technology - in which areas of life do you expect the greatest upheaval in the next ten years?
Alexander: "1. Healthcare where we hopefully can move towards personalized therapies and detect diseases much earlier and cheaper (with computers instead of humans) reliably.
2. Transportation where I hope that autonomous vehicles will reduce the number of cars we have in cities nowadays.
3. Education where I hope that intelligent chatbots will allow every student to learn at his/her own speed with the best possible supervision.."
Where would one find you, if you are not sitting in front of the computer?
Alexander: "Either on the playground with my daughter or in the woods running 10k to refresh my mind."