News
first lecture timeWritten on 12.04.24 by Yang Zhang Dear all, The first lecture will start on April 29th. Best, Yang |
Attacks Against Machine Learning Models
Overview
This course will cover the topic of attacks against machine learning models
- Privacy
- Membership inference
- Dataset reconstruction
- Attribute inference
- Security
- Backdoor
- Model stealing
- Safety
- Hijacking
- Toxicity
Prerequisites
- Basic knowledge of machine learning and data mining
- A security background is not needed
Logistics
Location: Lecture hall, CISPA Building, E9 1
Lecturer: Yang Zhang
Assistants:
Contact:
Time: Monday 14:00 - 15:30
Contact:
Schedule
4.29 Yang Zhang (Membership inference)
5.6 Zheng Li (Membership inference)
5.13 Rui Wen (Data reconstruction + model stealing)
5.27 Boyang Zhang (Plot + SecurityNet)
6.3 Yugeng Liu (Backdoor + Poisoning)
6.10 Mingjie Li (Adversarial Example)
6.17 Yiting Qu (Safety of VLM)
6.24 Zeyang Sha (Deepfake Detection)
7.1 Wai Man Si (Safety + Hijacking)
7.8 Xinyue Shen (Prompt stealing + Jailbreak)
Grading
The course will be graded by 100% via oral exam.
Note that students who have taken the advanced lectures
- Machine Learning Privacy
- Privacy Enhancing Technologies (2018-2021)
cannot take this one due to the significant overlap between them.