News
Written on 17.02.23 by Lea Schönherr Hi everyone! Thank you for submitting the seminar papers and artifact reports :-) Hi everyone! Thank you for submitting the seminar papers and artifact reports :-) Also I wanted to point out that I currently have open positions for students in my group. All positions are highly research oriented and deal with topics related to Machine Learning Security. If you are interested in joining me and my group, please email me with some information about yourself, your interests and experience, and a recent CV. Best regards, |
Deadline reminderWritten on 01.02.23 by Lea Schönherr Hi everyone! I hope you are all doing well and that you could improve the survey paper and the artefact report is in progress. As a reminder: the survey… Read more Hi everyone! I hope you are all doing well and that you could improve the survey paper and the artefact report is in progress. As a reminder: the survey paper should be updated in HotCRP and the artefact report, please send it to me via email (schoenherr@cispa.de) Also, I updated my reviews in HotCRP, you should now see a note in the summary section showing that I wrote it :-) Best regards, |
Evaluation LinkWritten on 16.01.23 by Lea Schönherr Hi everyone! Thank you for submitting all of your reviews. I hope you can now see all the submitted reviews for your paper in HotCRP. This should include my review and overall I want to say that I really enjoyed reading all your submissions. For the final version, you can update your paper in… Read more Hi everyone! Thank you for submitting all of your reviews. I hope you can now see all the submitted reviews for your paper in HotCRP. This should include my review and overall I want to say that I really enjoyed reading all your submissions. For the final version, you can update your paper in HotCRP by February 8 (AoE). For the Artefact Report, please send this to me via Email also by February 8 (AoE), which means for Germany/Saarbrücken until 2 pm February 9 :-) Finally, I also have the evaluation link for the seminar. I hope you find a couple of minutes to fill it: https://qualis.uni-saarland.de/eva/?l=140331&p=JY24ZI I wish you good luck and fun with finalising your artefact report. After you have submitted everything, I will contact you to schedule a meeting with each of your teams to provide feedback on the submitted deliverables. Best regards, |
Deadline reminderWritten on 09.01.23 by Lea Schönherr Hi everyone and happy new year! The deadline for submitting your reviews is this week (January 11, Anywhere on Earth). Please mak sure that you have finished your assigned reviews by that time. Best regards, |
Review AssignmentWritten on 22.12.22 by Lea Schönherr Hi everyone! Thank you for submitting your papers. I am looking forward reading them. I also assignment you reviews, you should be able to see your two paper in HotCRP The deadline for the reviews is January 11 (AoE). Best regards, |
Deadline ReminderWritten on 14.12.22 by Lea Schönherr Hi everyone! I hope you are all well and that the survey paper is in progress. The deadline for submitting the first version of the survey is next week (December 21, Anywhere on Earth). Also, please make sure you have registered for the course at hotCRP for submitting and reviewing the paper.… Read more Hi everyone! I hope you are all well and that the survey paper is in progress. The deadline for submitting the first version of the survey is next week (December 21, Anywhere on Earth). Also, please make sure you have registered for the course at hotCRP for submitting and reviewing the paper. If you still need to do this, please do it as soon as possible and let me know if there are any problems. https://cispa-mls22.hotcrp.com Next week we will talk about the review process. I look forward to seeing you there. Until then, have a wonderful Christmas time. Best regards, |
Registration LSF portalWritten on 17.11.22 by Lea Schönherr Hi everyone! Please note that you have to register for the seminar in the LSF portal by November 23. Best regards, Lea Schönherr |
Page LimitWritten on 09.11.22 by Lea Schönherr Hi everyone, I did not explicitly mention it during our meeting (although it is on the slide): The page limit of six pages is excluding references. So everything from title to conclusion. For the references you can use as many additional pages as you need. Lea Schönherr |
Artefact Evaluation MeetingWritten on 09.11.22 by Lea Schönherr Hello everyone! We have to postpone the meeting for the artefact evaluation "How to" by one week. I will give you the introduction Nov 23 (instead of next week). However, feel free to already start with the evaluation, the meeting will mainly be about how to present the results and what is… Read more Hello everyone! We have to postpone the meeting for the artefact evaluation "How to" by one week. I will give you the introduction Nov 23 (instead of next week). However, feel free to already start with the evaluation, the meeting will mainly be about how to present the results and what is important to check during the evaluation. Lea Schönherr |
Meet and GreetWritten on 06.11.22 by Lea Schönherr The meeting for the get-together will be on Monday at 2 pm. All required information can be found here. If you have any questions or problems feel free to drop me an email or to comment on the post in the forum. |
Group AssignmentWritten on 03.11.22 (last change on 03.11.22) by Lea Schönherr Hello everyone! In the forum is a call for a doodle to meet for the group and paper assignment. I think this is a great idea. Thank you for initiating this :-) |
Forum and MaterialWritten on 02.11.22 by Lea Schönherr Hello everyone! The forum should now be activated. Please let me know if you have any problems accessing it. You can use the "Group Assignment" forum to agree on groups and topic. We will finalize this next week.
|
Seminar Description
The intersection between security and machine learning can be viewed from two perspectives: The security of machine learning algorithms and systems, e.g., adversarial examples and poisoning attacks. Second is the use machine learning methods to improve and analyze the security of a system, e.g., malware detection or decompilation. In this seminar, we will cover recent publications from both sides by reading and summarizing the state-of-the-art on these two topics and performing an artefact evaluation of their code to verify and comprehend the practical implementations of the latest scientific publications.
Organisation
The seminar is structured into two parts. In both parts, you will work in groups of two:
- You will write a short survey paper on the main topic of your assigned paper.
- You will evaluate the code of the paper during an artefact evaluation.
Survey
Your group will be assigned a topic (related to your assigned paper) for which you will read and summarize the current research in a survey paper. The resulting survey papers will undergo a peer review process similar to academic conferences. This includes review, rebuttal, and revision phases in which everyone must participate.
This includes:
- Writing a short survey paper on the main topic of the group's papers (max. 6 pages)
- Reviewing two works from other groups to provide feedback
- Improving the original survey paper based on the feedback
Artefact Evaluation
Artefacts such as code and datasets are an essential part of today's research to be able to reproduce results and foster future research. Top computer science and security conferences conduct artefact evaluations performed by independent reviewers to ensure that the quality of provided artefacts meets certain criteria. These criteria include reproducibility, consistency with the paper, and the quality of the documentation.
In this seminar, we will review the artefacts of research papers. During the assessment, you will check and run the code and verify that you can reproduce the results reported in the paper. At the end of the semester, your group will submit a report that covers the above criteria.
Important Dates
- Kick-off meeting in the first week of the semester: November 2, 12-14pm (online via zoom).
- Group and paper assignments: November 9
- Submission of first version of survey paper: December 21
- Submission of reviews: January 11
- Submission of final version of survey paper: February 8
- Submission of artefact evaluation report: February 8
List of Papers
Chong Xiang, Saeed Mahloujifar, and Prateek Mittal, "PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier," USENIX Security Symposium, 2022 [paper]
Pratik Vaishnavi, Kevin Eykholt, and Amir Rahmati, "Transferring Adversarial Robustness Through Robust Representation Matching," USENIX Security Symposium, 2022 [paper]
Giulio Lovisotto, Henry Turner, Ivo Sluganovic, Martin Strohmeier, and Ivan Martinovic, "SLAP: Improving Physical Adversarial Examples with Short-Lived Adversarial Perturbations," USENIX Security Symposium, 2021 [paper]
Eugene Bagdasaryan and Vitaly Shmatikov, "Blind Backdoors in Deep Learning Models," USENIX Security Symposium, 2021[paper]
Xiaoyong Yuan and Lan Zhang, "Membership Inference Attacks and Defenses in Neural Network Pruning," USENIX Security Symposium, 2022 [paper]
Limin Yang, Wenbo Guo, Qingying Hao, Arridhana Ciptadi, Ali Ahmadzadeh, and Xinyu Xing, The Pennsylvania State University; Gang Wang, "CADE: Detecting and Explaining Concept Drift Samples for Security Applications," USENIX Security Symposium, 2021[paper]
Deliverables
- Final survey paper (50 % of your final grade)
- Reviews (10 % of your final grade)
- Artefact evaluation report (40 % of your final grade)