News
Grades in LSFWritten on 30.08.23 by Lea Schönherr Hi everyone! After an unexpected busy August I submitted your grades to LSF. Sorry again for the delay : ) Hi everyone! After an unexpected busy August I submitted your grades to LSF. Sorry again for the delay : ) Best regards, |
Deadline ReminderWritten on 11.07.23 by Lea Schönherr Hi everyone! I hope you are all doing well and that you could improve the survey paper and the artefact report. As a reminder: the survey paper should be… Read more Hi everyone! I hope you are all doing well and that you could improve the survey paper and the artefact report. As a reminder: the survey paper should be updated in HotCRP and the artefact report, please send it to me via email (schoenherr@cispa.de) Best regards, |
Feedback MeetingWritten on 20.06.23 by Lea Schönherr Hi everyone! Please pick a slot for a the feedback meeting (in-person or via Zoom) together with your teammate between June 27 and 30 using the following link. During the meeting I will provide you some feedback for the submitted papers and reports. Best regards, Lea Schönherr |
HotCRPWritten on 13.06.23 by Lea Schönherr Hi everyone! I uploaded today's slides. Please don't forgot to register yourself and your paper in HotCRP. |
Deadline reminderWritten on 31.05.23 by Lea Schönherr Hi everyone! I hope you are all doing well and that. Please send the Report to me via email (schoenherr@cispa.de) Best regards, |
Seminar Description
The intersection between security and machine learning can be viewed from two perspectives: The security of machine learning algorithms and systems, e.g., adversarial examples and poisoning attacks. Second is the use machine learning methods to improve and analyze the security of a system, e.g., malware detection or decompilation. In this seminar, we will cover recent publications from both sides by reading and summarizing the state-of-the-art on these two topics and performing an artefact evaluation of their code to verify and comprehend the practical implementations of the latest scientific publications.
Organisation
The seminar is structured into two parts. In both parts, you will work in groups of two:
- You will write a short survey paper on the main topic of your assigned paper.
- You will evaluate the code of the paper during an artefact evaluation.
Survey
Your group will be assigned a topic (related to your assigned paper) for which you will read and summarize the current research in a survey paper. The resulting survey papers will undergo a peer review process similar to academic conferences. This includes review, rebuttal, and revision phases in which everyone must participate.
This includes:
- Writing a short survey paper on the main topic of the group's papers (max. 6 pages)
- Reviewing two works from other groups to provide feedback
- Improving the original survey paper based on the feedback
Artefact Evaluation
Artefacts such as code and datasets are an essential part of today's research to be able to reproduce results and foster future research. Top computer science and security conferences conduct artefact evaluations performed by independent reviewers to ensure that the quality of provided artefacts meets certain criteria. These criteria include reproducibility, consistency with the paper, and the quality of the documentation.
In this seminar, we will review the artefacts of research papers. During the assessment, you will check and run the code and verify that you can reproduce the results reported in the paper. At the end of the semester, your group will submit a report that covers the above criteria.
Important Dates
- Kick-off meeting in the first week of the semester: TBA
- Group and paper assignments: TBA
- Submission of first version of survey paper: TBA
- Submission of reviews: TBA
- Submission of final version of survey paper: TBA
- Submission of artefact evaluation report: TBA
List of Papers
Chong Xiang, Saeed Mahloujifar, and Prateek Mittal, "PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier," USENIX Security Symposium, 2022 [paper]
Pratik Vaishnavi, Kevin Eykholt, and Amir Rahmati, "Transferring Adversarial Robustness Through Robust Representation Matching," USENIX Security Symposium, 2022 [paper]
Giulio Lovisotto, Henry Turner, Ivo Sluganovic, Martin Strohmeier, and Ivan Martinovic, "SLAP: Improving Physical Adversarial Examples with Short-Lived Adversarial Perturbations," USENIX Security Symposium, 2021 [paper]
Eugene Bagdasaryan and Vitaly Shmatikov, "Blind Backdoors in Deep Learning Models," USENIX Security Symposium, 2021[paper]
Xiaoyong Yuan and Lan Zhang, "Membership Inference Attacks and Defenses in Neural Network Pruning," USENIX Security Symposium, 2022 [paper]
Limin Yang, Wenbo Guo, Qingying Hao, Arridhana Ciptadi, Ali Ahmadzadeh, and Xinyu Xing, The Pennsylvania State University; Gang Wang, "CADE: Detecting and Explaining Concept Drift Samples for Security Applications," USENIX Security Symposium, 2021[paper]
Deliverables
- Final survey paper (50 % of your final grade)
- Reviews (10 % of your final grade)
- Artefact evaluation report (40 % of your final grade)