Attacks Against Machine Learning Models Yang Zhang

News

05.06.2023

Forum Opening

Dear all,

The forum for this course has been available. You can post messages on it to find potential group members for the semester project. 

Best,
Hai

05.06.2023

Updates on the Semester Project

Hi everyone,

The Jupyter notebook example and the instructions for the semester project have been uploaded to the CMS (Information -> Materials -> Project). 

Please include the necessary information of your group (i.e., names and student IDs) in your... Read more

Hi everyone,

The Jupyter notebook example and the instructions for the semester project have been uploaded to the CMS (Information -> Materials -> Project). 

Please include the necessary information of your group (i.e., names and student IDs) in your submission email. 

You can submit your results multiple times before the deadline. 

After you submit your prediction results to us, we will send you back the evaluation results in three days. 

Please do NOT share your results with anyone outside of your group.

Best,
Hai

31.05.2023

Semester Project Documents Uploaded

Hi all,

The documents for the semester project have been uploaded to

https://drive.google.com/drive/folders/1LZhRnyw9aJ2NzKpIRqJdZACAQpN5ulTY?usp=sharing.

Please download all data files and refer to README.md for more details. 

You can team up to... Read more

Hi all,

The documents for the semester project have been uploaded to

https://drive.google.com/drive/folders/1LZhRnyw9aJ2NzKpIRqJdZACAQpN5ulTY?usp=sharing.

Please download all data files and refer to README.md for more details. 

You can team up to complete the project with up to four people in each group.

You are required to submit four prediction result files for this project to hai.huang@cispa.de or yugeng.liu@cispa.de.

The real test accuracy will then be evaluated by us. 

The mean of all four test accuracy should be higher than 80% such that all of your group members will be eligible to take the final oral exam. 

The deadline is July 3rd. We will introduce this project in the next lecture on June 5th. 

Thanks!

Best,

Hai

08.05.2023

Re-scheduled Lecture Time on May 8th

Hello everyone,

Today's lecture will start at 2:30 pm, thanks!

Best,

Hai

24.04.2023

kick-off and chapter slides uploaded

Dear all,

The slides are uploaded to cms.

You could find them under information->material.

Best,

Yang

12.04.2023

first lecture time

Hi everyone,

The first lecture will happen on April 24th; the location will be CISPA's lecture hall.

Best,

Yang

Show all
 

Attacks Against Machine Learning Models

 

Overview


This course will cover the topic of attacks against machine learning models

  • Privacy
    • Membership inference
    • Dataset reconstruction
    • Attribute inference
  • Security
    • Backdoor
    • Model stealing
  • Safety
    • Hijacking
    • Toxicity

Prerequisites


  • Basic knowledge of machine learning and data mining
  • Security background is not needed

 

Logistics


Location: Lecture hall, CISPA Building, E9 1

Lecturer: Yang Zhang

Assistants: Yugeng Liu, Boyang Zhang, Xinyue Shen, Hai Huang, Wai Man Si

Contact: boyang.zhang@cispa.de

Time: Monday 14:00 - 15:30

Contact: Boyang Zhang (boyang.zhang@cispa.de)

 

Schedule


  • 4.24 Membership 1
  • 5.8 Membership 2
  • 5.15 Attribute Inference 
  • 5.22 Data Reconstruction 1
  • 6.5 Data Reconstruction 2 + Model Stealing (Rui Wen)
  • 6.12 Adversarial Example 1 (Zhengyu Zhao)
  • 6.19 Poisoning (Zhengyu Zhao)
  • 6.26 Backdoor (Yugeng Liu)
  • 7.3 GNN Attacks (Xinlei He)
  • 7.10 Self-supervised Learning Attacks (Xinlei He)
  • 7.17 Fun (and Funny) Attacks (Edward Boyang Zhang and Vera Xinyue Shen)
     

Grading


The course will be graded by 100% oral exam. 

Note that students who have taken the advanced lectures

- Machine Learning Privacy

- Privacy Enhancing Technologies (2018-2021) 

cannot take this one due to the significant overlap between them.

 



Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators