Attacks Against Machine Learning Models

Yang Zhang
Registration for this course is open until Friday, 10.05.2024 23:59.

News

Updates on the Semester Project

Written on 29.04.24 (last change on 29.04.24) by Hai Huang

Hi everyone,

The Jupyter notebook example and the instructions for the semester project have been uploaded to the CMS (Information -> Materials -> Project). 

The deadline is June 5th. 

You can team up to complete the project with up to four people in each group.

Please include the… Read more

Hi everyone,

The Jupyter notebook example and the instructions for the semester project have been uploaded to the CMS (Information -> Materials -> Project). 

The deadline is June 5th. 

You can team up to complete the project with up to four people in each group.

Please include the necessary information of your group (i.e., names and student IDs) in your submission email. 

You can submit your results multiple times before the deadline. 

After you submit your prediction results to us, we will send you back the evaluation results in three days. 

Please do NOT share your results with anyone outside of your group.

Best,
Hai

First lecture online

Written on 28.04.24 by Yang Zhang

Dear all,

Tomorrow, the first lecture will be held online via Zoom.

https://cispa-de.zoom-x.de/j/68310074926?pwd=bzRkUkxHWGtHRUg2ejVFQlNKRXdkUT09
Best,

Yang

first lecture time

Written on 12.04.24 by Yang Zhang

Dear all,

The first lecture will start on April 29th.

Best,

Yang

Attacks Against Machine Learning Models

 

Overview

This course will cover the topic of attacks against machine learning models

  • Privacy
    • Membership inference
    • Dataset reconstruction
    • Attribute inference
  • Security
    • Backdoor
    • Model stealing
  • Safety
    • Hijacking
    • Toxicity

Prerequisites

  • Basic knowledge of machine learning and data mining
  • A security background is not needed

 

Logistics

Location: Lecture hall, CISPA Building, E9 1

Lecturer: Yang Zhang

TAs: Yixin Wu, Ziqing Yang, Hai Huang

Contact: yixin.wu@cispa.de

Time: Monday 14:00 - 15:30

 

Schedule

4.29 Yang Zhang (Membership Inference) Online: https://cispa-de.zoom-x.de/j/68310074926?pwd=bzRkUkxHWGtHRUg2ejVFQlNKRXdkUT09
5.6 Zheng Li (Membership Inference II)
5.13 Rui Wen (Data reconstruction + Model Stealing)
5.27 Boyang Zhang (Plot + SecurityNet)
6.3 Yugeng Liu (Backdoor + Poisoning)
6.10 Mingjie Li (Adversarial Example)
6.17 Yiting Qu (Safety of VLM)
6.24 Zeyang Sha (Deepfake Detection)
7.1 Wai Man Si (Safety + Hijacking)
7.8 Xinyue Shen (Prompt stealing + Jailbreak)

Grading

The course will be graded by 100% via oral exam. 

Note that students who have taken the advanced lectures

- Machine Learning Privacy

- Privacy Enhancing Technologies (2018-2021) 

cannot take this one due to the significant overlap between them.

 

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.