Attacks Against Machine Learning Models

Yang Zhang

News

Venue Change for Lectures on June 16th and June 30th

Written on 05.06.25 by Yixin Wu

Hi all,

Due to unforeseen circumstances, the lectures on June 16th and June 30th will be moved online. The time will remain the same.

The Zoom links:

6.16 https://cispa-de.zoom-x.de/j/68708140905

6.30 https://cispa-de.zoom-x.de/j/62743453909

We appreciate your understanding.

Best,

Yixin

Zoom Link for Fake Image Detection (02.06.2025)

Written on 02.06.25 (last change on 02.06.25) by Yiting Qu

Hi, greetings,

Today, we will provide an online lecture due to a room conflict.

Zoom Link: https://cispa-de.zoom-x.de/j/63662347623?pwd=ZyRsyaaJ1mb8hnnrIbmaGXCw8KYkHI.1

Time: 12-13:30, 02.06.2025

Best,

Yiting Qu

registration

Written on 14.04.25 by Yang Zhang

Hi all,

Thank you so much for choosing the lecture; we will try our best not to let you down.

However, there have been more than 70 students sending us emails during the past few days regarding registration, so for those who manage to register but are not that into the lecture, please… Read more

Hi all,

Thank you so much for choosing the lecture; we will try our best not to let you down.

However, there have been more than 70 students sending us emails during the past few days regarding registration, so for those who manage to register but are not that into the lecture, please de-register asap.

Many thanks!

Yang

First Lecture Time

Written on 07.04.25 by Yixin Wu

Dear All,

The first lecture will start on April 14th, 2025.

Best,

Yixin

Attacks Against Machine Learning Models

 

Overview

This course will cover the topic of attacks against machine learning models

  • Privacy
    • Membership inference
    • Dataset reconstruction
    • Attribute inference
  • Security
    • Backdoor
    • Model stealing
  • Safety
    • Hijacking
    • Toxicity

Prerequisites

  • Basic knowledge of machine learning and data mining
  • A security background is not needed

 

Logistics

Location: Lecture hall, CISPA Building, E9 1

Lecturer: Yang Zhang

TAs: Yixin Wu, Xinyue Shen, Yiting Qu

Contact: yixin.wu@cispa.de

Time: Monday 12:00 - 13:30; start from April 14th.

 

Schedule

04.14 Membership inference (Rui); Campus E9 1 0.05

04.28 Poisoning (Yixin); Campus E9 1 0.05

05.05 Adversarial example (Mingjie); Campus E9 1 0.05

05.12 Plot + MLDoctor + SecurityNet (Boyang); Campus E9 1 0.05

05.19 Jailbreak +GPTs (Xinyue); Campus E9 1 0.05

05.26 Safety of VLM (Yiting); Campus E9 1 0.02

06.02 Deepfake detection (Yiting); Zoom (https://cispa-de.zoom-x.de/j/63662347623?pwd=ZyRsyaaJ1mb8hnnrIbmaGXCw8KYkHI.1)

06.16 Prompt injection (Yixin);  Zoom (https://cispa-de.zoom-x.de/j/68708140905)

06.23 Prompt stealing (Xinyue); Campus E9 1 0.05

06.30 Agent + Simlife (Yixin); Zoom (https://cispa-de.zoom-x.de/j/62743453909)

Grading

The course will be graded by 100% via oral exam. 

Note that students who have taken the advanced lectures

- Machine Learning Privacy

- Privacy Enhancing Technologies (2018-2021) 

cannot take this one due to the significant overlap between them.

 

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.