News
|
05.06.2023
|
Forum OpeningDear all, The forum for this course has been available. You can post messages on it to find potential group members for the semester project. Best, |
|
05.06.2023
|
Updates on the Semester ProjectHi everyone, The Jupyter notebook example and the instructions for the semester project have been uploaded to the CMS (Information -> Materials -> Project). Please include the necessary information of your group (i.e., names and student IDs) in your... Read more Hi everyone, The Jupyter notebook example and the instructions for the semester project have been uploaded to the CMS (Information -> Materials -> Project). Please include the necessary information of your group (i.e., names and student IDs) in your submission email. You can submit your results multiple times before the deadline. After you submit your prediction results to us, we will send you back the evaluation results in three days. Please do NOT share your results with anyone outside of your group. Best, |
|
31.05.2023
|
Semester Project Documents UploadedHi all, The documents for the semester project have been uploaded to https://drive.google.com/drive/folders/1LZhRnyw9aJ2NzKpIRqJdZACAQpN5ulTY?usp=sharing. Please download all data files and refer to README.md for more details. You can team up to... Read more Hi all, The documents for the semester project have been uploaded to https://drive.google.com/drive/folders/1LZhRnyw9aJ2NzKpIRqJdZACAQpN5ulTY?usp=sharing. Please download all data files and refer to README.md for more details. You can team up to complete the project with up to four people in each group. You are required to submit four prediction result files for this project to hai.huang@cispa.de or yugeng.liu@cispa.de. The real test accuracy will then be evaluated by us. The mean of all four test accuracy should be higher than 80% such that all of your group members will be eligible to take the final oral exam. The deadline is July 3rd. We will introduce this project in the next lecture on June 5th. Thanks! Best, Hai |
|
08.05.2023
|
Re-scheduled Lecture Time on May 8thHello everyone, Today's lecture will start at 2:30 pm, thanks! Best, Hai |
|
24.04.2023
|
kick-off and chapter slides uploadedDear all, The slides are uploaded to cms. You could find them under information->material. Best, Yang |
|
12.04.2023
|
first lecture timeHi everyone, The first lecture will happen on April 24th; the location will be CISPA's lecture hall. Best, Yang |
Attacks Against Machine Learning Models
Overview
This course will cover the topic of attacks against machine learning models
- Privacy
- Membership inference
- Dataset reconstruction
- Attribute inference
- Security
- Backdoor
- Model stealing
- Safety
- Hijacking
- Toxicity
Prerequisites
- Basic knowledge of machine learning and data mining
- Security background is not needed
Logistics
Location: Lecture hall, CISPA Building, E9 1
Lecturer: Yang Zhang
Assistants: Yugeng Liu, Boyang Zhang, Xinyue Shen, Hai Huang, Wai Man Si
Contact: boyang.zhang@cispa.de
Time: Monday 14:00 - 15:30
Contact: Boyang Zhang (boyang.zhang@cispa.de)
Schedule
- 4.24 Membership 1
- 5.8 Membership 2
- 5.15 Attribute Inference
- 5.22 Data Reconstruction 1
- 6.5 Data Reconstruction 2 + Model Stealing (Rui Wen)
- 6.12 Adversarial Example 1 (Zhengyu Zhao)
- 6.19 Poisoning (Zhengyu Zhao)
- 6.26 Backdoor (Yugeng Liu)
- 7.3 GNN Attacks (Xinlei He)
- 7.10 Self-supervised Learning Attacks (Xinlei He)
- 7.17 Fun (and Funny) Attacks (Edward Boyang Zhang and Vera Xinyue Shen)
Grading
The course will be graded by 100% oral exam.
Note that students who have taken the advanced lectures
- Machine Learning Privacy
- Privacy Enhancing Technologies (2018-2021)
cannot take this one due to the significant overlap between them.