商品描述
This book provides a systematic and in-depth introduction to machine unlearning (MU) for foundation models, framed through an optimization-model-data tri-design perspective and complemented by assessments and applications. As foundation models are continuously adapted and reused, the ability to selectively remove unwanted data, knowledge, or model behavior, without full retraining, poses new theoretical and practical challenges. Thus, MU has become a critical capability for trustworthy, deployable, and regulation-ready artificial intelligence. From the optimization viewpoint, this book treats unlearning as a multi-objective and often adversarial problem that must simultaneously enforce targeted forgetting, preserve model utility, resist recovery attacks, and remain computationally efficient. From the model perspective, the book examines how knowledge is distributed across layers and latent subspaces, motivating modular and localized unlearning. From the data perspective, the book explores forget-set construction, data attribution, corruption, and coresets as key drivers of reliable forgetting. Bridging theory and practice, the book also provides a comprehensive review of benchmark datasets and evaluation metrics for machine unlearning, critically examining their strengths and limitations. The authors further survey a wide range of applications in computer vision and large language models, including AI safety, privacy, fairness, and industrial deployment, highlighting why post-training model modification is often preferred over repeated retraining in real-world systems. By unifying optimization, model, data, evaluation, and application perspectives, this book offers both a foundational framework and a practical toolkit for designing machine unlearning methods that are effective, robust, and ready for large-scale, regulated deployment.
商品描述(中文翻譯)
本書系統性且深入地介紹了基於基礎模型的機器遺忘(MU),從優化-模型-數據三重設計的角度進行框架構建,並輔以評估和應用。隨著基礎模型的不斷適應和重用,選擇性地移除不需要的數據、知識或模型行為的能力,而無需完全重新訓練,帶來了新的理論和實踐挑戰。因此,MU已成為可信、可部署且符合規範的人工智慧的重要能力。從優化的角度來看,本書將遺忘視為一個多目標且通常具有對抗性的問題,必須同時強制執行目標性遺忘、保持模型效用、抵抗恢復攻擊,並保持計算效率。從模型的角度,本書探討了知識如何在層和潛在子空間中分佈,激勵模組化和局部化的遺忘。從數據的角度,本書探討了遺忘集的構建、數據歸因、數據損壞和核心集作為可靠遺忘的關鍵驅動因素。
本書在理論與實踐之間架起橋樑,還提供了機器遺忘的基準數據集和評估指標的全面回顧,批判性地檢視其優勢和局限性。作者進一步調查了計算機視覺和大型語言模型中的廣泛應用,包括人工智慧安全、隱私、公平性和工業部署,強調為何在現實系統中,後訓練模型修改通常比重複訓練更受青睞。通過統一優化、模型、數據、評估和應用的視角,本書提供了一個基礎框架和實用工具包,用於設計有效、穩健且準備好進行大規模、受規範部署的機器遺忘方法。
作者簡介
Sijia Liu, Ph.D, is a Red Cedar Distinguished Associate Professor in the Department of Computer Science and Engineering at Michigan State University (MSU), Principal Investigator of the OPTML Lab, and an Affiliated Professor at the MIT-IBM Watson AI Lab, IBM Research. His research focuses on scalable and trustworthy AI, spanning both foundational and use-inspired aspects. Examples include machine unlearning for vision and language models, scalable optimization for deep models, adversarial robustness, and data-model efficiency. He is a co-author of the textbook Introduction to Foundation Models (Springer, 2024). His honors include the NSF CAREER Award, the INNS Aharon Katzir Young Investigator Award, MSU's Withrow Rising Scholar Award, Best Paper Runner-Up at UAI (2022), and Best Student Paper Award at ICASSP (2017). He co-founded the New Frontiers in Adversarial Machine Learning Workshop series (ICML/NeurIPS 2021-2024) and has delivered tutorials on trustworthy and scalable ML and their applications at major AI/ML/CV conferences. Yang Liu, Ph.D., is an Associate Professor of Computer Science and Engineering at UC Santa Cruz. His research focuses on developing fair and robust machine learning algorithms to tackle the challenges of biased and shifting data. He is a recipient of the NSF CAREER Award. He has been selected to participate in several high-profile projects, including NSF-Amazon Fairness in AI, DARPA SCORE, and IARPA HFC. His recent work on trustworthy ML has been recognized with four best paper awards from workshops co-located with ICML/ICLR/IJCAI. Nathalie Baracaldo is a Senior Research Scientist and Master Inventor at IBM Research in San Jose, California. Her research focuses on safeguarding generative AI models through a variety of techniques, including unlearning. She has extensive experience delivering impactful machine learning solutions that are highly accurate, withstand adversarial attacks, and protect data privacy. She served as the primary investigator for the DARPA GARD program, where her focus was to ensure her team extended and maintained the Adversarial Robustness Toolbox (ART) to support red teaming evaluations. She also led the IBM federated learning effort and co-edited the book Federated Learning: A Comprehensive Overview of Methods and Applications (Springer, 2022). In 2020 and 2021, she received the IBM Master Inventor distinction and the Corporate Technical Recognition, respectively. Her research has been published in top conferences in the fields of AI and Security and has received multiple best paper awards and numerous citations. She received her doctorate degree from the University of Pittsburgh.
作者簡介(中文翻譯)
劉思佳博士是密西根州立大學(MSU)計算機科學與工程系的紅雪松傑出副教授,OPTML實驗室的首席研究員,以及麻省理工學院-IBM Watson人工智慧實驗室的附屬教授。他的研究專注於可擴展且可信賴的人工智慧,涵蓋基礎和應用啟發的各個方面。研究範例包括視覺和語言模型的機器遺忘、深度模型的可擴展優化、對抗穩健性以及數據-模型效率。他是教科書《Foundation Models簡介》(Springer, 2024)的共同作者。他的榮譽包括NSF CAREER獎、INNS Aharon Katzir年輕研究者獎、MSU的Withrow Rising Scholar獎、UAI(2022)最佳論文亞軍以及ICASSP(2017)最佳學生論文獎。他共同創辦了《對抗機器學習新前沿研討會系列》(ICML/NeurIPS 2021-2024),並在主要的AI/ML/CV會議上提供有關可信賴和可擴展機器學習及其應用的教程。
劉揚博士是加州聖塔克魯茲大學計算機科學與工程系的副教授。他的研究專注於開發公平且穩健的機器學習算法,以應對偏見和變化數據的挑戰。他是NSF CAREER獎的獲得者。他被選中參加幾個高知名度的項目,包括NSF-Amazon AI公平性、DARPA SCORE和IARPA HFC。他最近在可信賴機器學習方面的工作獲得了四個與ICML/ICLR/IJCAI共同舉辦的研討會的最佳論文獎。
Nathalie Baracaldo是位於加州聖荷西的IBM Research的高級研究科學家和首席發明家。她的研究專注於通過各種技術(包括遺忘)來保護生成式AI模型。她在提供高準確度、能抵抗對抗攻擊並保護數據隱私的影響力機器學習解決方案方面擁有豐富的經驗。她曾擔任DARPA GARD計劃的主要研究員,專注於確保她的團隊擴展和維護對抗穩健性工具箱(ART),以支持紅隊評估。她還領導了IBM的聯邦學習工作,並共同編輯了《聯邦學習:方法與應用的綜合概述》(Springer, 2022)一書。在2020年和2021年,她分別獲得了IBM首席發明家的榮譽和企業技術認可。她的研究已在AI和安全領域的頂級會議上發表,並獲得多個最佳論文獎和大量引用。她在匹茲堡大學獲得博士學位。
