News

registration

Written on 14.04.25 by Yang Zhang

Hi all,

Thank you so much for choosing the lecture; we will try our best not to let you down.

However, there have been more than 70 students sending us emails during the past few days regarding registration, so for those who manage to register but are not that into the lecture, please… Read more

Hi all,

Thank you so much for choosing the lecture; we will try our best not to let you down.

However, there have been more than 70 students sending us emails during the past few days regarding registration, so for those who manage to register but are not that into the lecture, please de-register asap.

Many thanks!

Yang

First Lecture Time

Written on 07.04.25 by Yixin Wu

Dear All,

The first lecture will start on April 14th, 2025.

Best,

Yixin

Attacks Against Machine Learning Models

 

Overview


This course will cover the topic of attacks against machine learning models

  • Privacy
    • Membership inference
    • Dataset reconstruction
    • Attribute inference
  • Security
    • Backdoor
    • Model stealing
  • Safety
    • Hijacking
    • Toxicity

Prerequisites


  • Basic knowledge of machine learning and data mining
  • A security background is not needed

 

Logistics


Location: Lecture hall, CISPA Building, E9 1

Lecturer: Yang Zhang

TAs: Yixin Wu, Xinyue Shen, Yiting Qu

Contact: yixin.wu@cispa.de

Time: Monday 12:00 - 13:30; start from April 14th.

 

Schedule


04.14 Membership inference (Rui); Campus E9 1 0.05

04.28 Poisoning (Yixin); Campus E9 1 0.05

05.05 Adversarial example (Mingjie); Campus E9 1 0.05

05.12 Plot + MLDoctor + SecurityNet (Boyang); Campus E9 1 0.05

05.19 Jailbreak +GPTs (Xinyue); Campus E9 1 0.05

05.26 Safety of VLM (Yiting); Campus E9 1 0.02

06.02 Deepfake detection (Yiting); Zoom (link will be available later)

06.16 Prompt stealing (Xinyue);  Campus E9 1 0.02

06.23 Prompt injection (Yixin); Campus E9 1 0.05

06.30 Agent + Simlife (Yixin); Campus E9 1 0.05

Grading


The course will be graded by 100% via oral exam. 

Note that students who have taken the advanced lectures

- Machine Learning Privacy

- Privacy Enhancing Technologies (2018-2021) 

cannot take this one due to the significant overlap between them.

 

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.