Senior x Junior Talk Session: Faces of Fujitsu Researcher (Security Version) Part 1

It is a pleasure for me to be able to have an open discussion with two senior researchers today. I am really keen to get different perspectives on our work, particularly from Jumpei, who, like me, conducts research on document trust^*1, and Toshiya, who conducts research on AI security. I am also very interested in learning more about their backgrounds.

I know that you have recently received awards for your papers. I’d like to hear more about what this means to you.

My research topic involved looking at one of the techniques for security measures in AI, proposing a new method to use generative models to detect attacks called backdoors against machine learning models. This technology is for AI that recognizes images and makes decisions. In order to inspect whether a machine learning model has been subjected to a backdoor attack, you need to find a trigger^*2 , but previously only very small triggers could be found due to computation time issues. With this new method, we can find larger triggers than before by applying an AI technique called generative modeling, allowing us to inspect a larger number of models for backdoors.

AI Security is a fast-growing field over the past few years.

That is exactly right. I was very happy to receive this award, because it gave me a really good opportunity to promote the importance of this field to the wider world.

In my award-winning paper, I proposed a new formulation for the security evaluation of lattice cryptography using Digital Annealers^*3 , which uses the unique properties of lattice cryptography. With this formulation, I succeeded in dramatically increasing the speed of solving lattice ciphers using Digital Annealers – in fact by several factors of ten on average compared to conventional methods. Up until now, the problem was solved by devising the parameter settings of the Digital Annealer, because the rules of the formulation have strict restrictions and are not very flexible. We were able to challenge this with a new formulation, speeding up the problem solving by a factor of several dozen as a result. We are very happy that this result resulted in an award-winning paper.

It is both motivating and gratifying for a researcher to be associated with a result like this. I also presented my master's thesis at a conference when I was a student, and like the two of you, I was truly happy that the results of my work were recognized.

In my case, I remember that I lacked the basic knowledge necessary for the research at the beginning, and had difficulty understanding the contents. I had to spend a lot of time reading and understanding what had already been published before being able to move forwards.

AI security research is often very time-consuming, because it involves the training of AI. The training of a single model itself can take more than a day, and after coming up with a method, verification takes time. I remember that it was very difficult to keep the cycle of experimentation, verification, and method improvement going. I believe that the results of this project were derives from our steady process of experimentation and validation, with the team reviewing and discussing the results carefully together at each stage.

In my case, it was a battle against time. My research on cryptoanalysis using Digital Annealers was conducted as a sub-topic separate from my main research, and that limited the amount of time I had to work on it. It actually took me about three and a half years, and I am relieved that I was able to produce some good results, such as receiving this award and being accepted for publication in an English-language journal.

I get the impression you enjoy doing research on the underlying sub-themes. I am particularly impressed with how you conduct your sub-research in the small amount of time you have; it’s very ingenious in terms of time management.

I really enjoy being able to use state-of-the-art computing equipment. By combining my personal hobby and interest in this research, I was able to find the time to advance my research steadily.

The research topic for which I received the award was a good starting point for the trust research and development I am currently working on. As cryptography is necessary to realize trust, I can make real use of the knowledge and experience I gained from the award-winning research. What do you think about your two award-winning papers?

I am currently conducting research on AI security with Ben-Gurion University^*4 in Israel. It’s great that we are able to fully utilize the findings of my original research and work together to develop technology that will surpass it.

In my case, it is difficult to say whether I can make use of my experience, as the award-winning theme and trust research are completely different. Nevertheless, it has given my personal confidence a boost – particularly being accepted by an English-language journal and is helping me to be proactive in my future trust-based research.

Could you tell us more about your current research?

I am working in a field called AI security, where AI is a program that learns from its own data, making decisions and inferences autonomously. This means that it may make decisions whose causes are unknown. AI security is research on vulnerabilities that take advantage of the nature of AI. New attacks have been discovered and studied, such as tricking AI by making specific changes to its input or contaminating AI models by tampering with training data.

What are the major challenges involved in the project you are currently involved in?

AI security relies heavily on models and data, and no definitive countermeasures are considered to exist. I hope to contribute to a world where AI can be used more safely.

Thank you for that insight. To update your research on AI security in the future, how do you obtain information on the latest technologies?

I always investigate new academic papers. Each team member also researches the conferences they have attended and the latest technologies, compiling useful and meaningful information to share with the team. We also have a weekly study session where team members bring in papers that they have recently found interesting or even amazing and share them with each other. We always try to keep ourselves updated on the latest technology.

We are not able to look at as much information as your team does, but our team basically follows the same updating method.

I heard that the AI security team has been doing a lot of joint research with universities recently.

Being able to conduct multifaceted research by conversing and collaborating with people from various backgrounds and industries is a really interesting part of our work. Not only can we deepen our research through joint research with universities, but we can also interact with researchers from other companies, as well as people who actually sell services and products that make use of the technologies we are researching. We can also engage with project members from a variety of different backgrounds such as engineering, science, and humanities, which allows us to advance our research from a broader perspective. For example, in our current research on AI security, we are deepening our research on the core aspects of machine learning with people in the mathematical field, while at the same time listening to the voices of the actual AI developer community to find out what kind of problems they are facing in the field and how security-conscious they are.

In your project, Toshiya, I understand that you have many opportunities to interact with overseas researchers. How do you find collaborating with overseas people and the different languages involved?

I have a bit of a hard time with English, but when we have regular meetings with overseas researchers, we work by sharing materials in advance. By carefully reading the materials in advance and being well-prepared, the meetings somehow turn out well!

Please tell us about how you two usually switch on and off between work and your private lives. I personally find it difficult to separate my work from my private life after the clock strikes, as teleworking has become part of my daily routine.

I am the same as Toshiya. Ideas come to me on a daily basis, and I tend to work without a clear separation between my private life and my work. I know it would perhaps be better to be more disciplined about this. However, on the positive side, I can control both my time and research. My work is flexible, so I take a short break when things don't go well, and I work in a way that allows me to concentrate on the work when it fires me up.

Jumpei is very similar to me. Toshiya, what do you do to recalibrate yourself?

When I am stuck on a problem or can't come up with an idea, I put it on hold and go for a run as something completely different to refresh my mind. And when I am stuck on something with my work, my other tactic is to go and find something else interesting or look at other research for fun.

Thank you for that advice – I will certainly take that on board in future.