Main Page

News

registration

Written on 14.04.25 by Yang Zhang

Hi all,

Thank you so much for choosing the lecture; we will try our best not to let you down.

However, there have been more than 70 students sending us emails during the past few days regarding registration, so for those who manage to register but are not that into the lecture, please… Read more

Hi all,

Thank you so much for choosing the lecture; we will try our best not to let you down.

Many thanks!

Yang

First Lecture Time

Written on 07.04.25 by Yixin Wu

Dear All,

The first lecture will start on April 14th, 2025.

Best,

Yixin

Attacks Against Machine Learning Models

Overview

This course will cover the topic of attacks against machine learning models

Privacy
- Membership inference
- Dataset reconstruction
- Attribute inference
Security
- Backdoor
- Model stealing
Safety
- Hijacking
- Toxicity

Prerequisites

Basic knowledge of machine learning and data mining
A security background is not needed

Logistics

Location: Lecture hall, CISPA Building, E9 1

Lecturer: Yang Zhang

TAs: Yixin Wu, Xinyue Shen, Yiting Qu

Contact: yixin.wu@cispa.de

Time: Monday 12:00 - 13:30; start from April 14th.

Schedule

04.14 Membership inference (Rui); Campus E9 1 0.05

04.28 Poisoning (Yixin); Campus E9 1 0.05

05.05 Adversarial example (Mingjie); Campus E9 1 0.05

05.12 Plot + MLDoctor + SecurityNet (Boyang); Campus E9 1 0.05

05.19 Jailbreak +GPTs (Xinyue); Campus E9 1 0.05

05.26 Safety of VLM (Yiting); Campus E9 1 0.02

06.02 Deepfake detection (Yiting); Zoom (link will be available later)

06.16 Prompt stealing (Xinyue); Campus E9 1 0.02

06.23 Prompt injection (Yixin); Campus E9 1 0.05

06.30 Agent + Simlife (Yixin); Campus E9 1 0.05

Grading

The course will be graded by 100% via oral exam.

Note that students who have taken the advanced lectures

- Machine Learning Privacy

- Privacy Enhancing Technologies (2018-2021)

cannot take this one due to the significant overlap between them.