Machine Learning Security Reproducibility

Lea Schönherr

News

HotCRP fInal version

Written on 16.02.24 by Lea Schönherr

Hi everyone!

There had been some troubles with the HotCRP settings for the final paper submission. It should work now.

Best regards,

Lea Schönherr

Final submission

Written on 12.02.24 by Lea Schönherr

Hi everyone,

this is a friendly reminder that the final deadline for both, the artefact report and the paper, is due to this Friday, Febuary 16th (AoE).

For the paper please use HotCRP. The artefact report you can send via email to schoenherr@cispa.de

Thank you,

Lea Schönherr

Link for questions

Written on 08.01.24 by Lea Schönherr

Link for the shared questions:

 

https://docs.google.com/document/d/1dq6tnsyv-CBzJfwWVWYVyFz22zjhwH8ebkNOlTL-urk/edit?usp=sharing

List of attendances

Written on 19.12.23 by Lea Schönherr

Hi everyone,

unfortunately I noticed that we have some problems with people not attending the seminar, especially without informing me. 

There are always reasons not to be able to attend, however, it should be an exception and you would need to inform me. 

Especially for the discussions in… Read more

Hi everyone,

unfortunately I noticed that we have some problems with people not attending the seminar, especially without informing me. 

There are always reasons not to be able to attend, however, it should be an exception and you would need to inform me. 

Especially for the discussions in the new year, your active participation is required. Therefore, I decided to keep track with a list who is attending and unclear absences will lead to fail the seminar. 

Best regards,

Lea Schönherr

Presentation days

Written on 18.12.23 by Lea Schönherr

Hi everyone!

We assigned the presentation days and session chair roles today here.

Again, please make sure to be present for the discussions. 

After the deadline for the survey paper, I will assign reviews to you in HotCRP. You can find today's slides and an example review and presentation in… Read more

Hi everyone!

We assigned the presentation days and session chair roles today here.

Again, please make sure to be present for the discussions. 

After the deadline for the survey paper, I will assign reviews to you in HotCRP. You can find today's slides and an example review and presentation in the material section of CMS.

Best regards,

Lea Schönherr

LSF registration

Written on 11.12.23 by Lea Schönherr

Hi everyone!

Because of some miscommunication with LSF, the registration deadline for the seminar has been set to an earlier date. It should now be fixed and open again.

Please make sure to register until Dec 14 in LSF.

Best regards,

Lea Schönherr

Next Meeting + Deadline Reminder

Written on 08.12.23 by Lea Schönherr

Hi everyone!

I hope the preparations of the first versions of the paper and artefact report is going well.

  • I wanted to remind you that the deadline for the survey paper is due to Dec 18 (Anywhere on Earth, which should be Dec 19, 1pm CET). For submitting and reviewing the paper, we will use a… Read more

Hi everyone!

I hope the preparations of the first versions of the paper and artefact report is going well.

  • I wanted to remind you that the deadline for the survey paper is due to Dec 18 (Anywhere on Earth, which should be Dec 19, 1pm CET). For submitting and reviewing the paper, we will use a HotCRP instance. You can find the link here. For the submission, you can register and fill out all required information and upload your PDF. Your affiliation will be "Universität des Saarlandes". There are updates, including uploading a new PDF, possible until the deadline. So please make use of the time to check the platform early enough. If there are any troubles, let me know. We also have a meeting before the final deadline which we can use for fixing issues.
     
  • As a general note, our schedule has been announced during the kick-off and you can also find it in the slides. I also added it to the main page now. There is one change: The meeting for this Monday (Dec 11), will be combined with the meeting the week after (Dec 18). Therefore, we have no meeting Monday, Dec 11. In our next meeting we will also agree on the presentation slots. We have five slots and five topics. Please think about your preferences, but in principleI expect you to join all the presentation meetings no matter if you are presenting or be an active part of the discussion. The general setting for presenting and discussion leads will be presented Dec 18.

Best regards,

Lea Schönherr

Artefact report reminder

Written on 06.12.23 by Lea Schönherr

Hi everyone!

I hope you are all doing well and that.
This is a friendly reminder that the deadline for submitting the first version of the artefact report is due next week (December 11, entire day).

Please send the Report to me via email (schoenherr@cispa.de)

Best regards,
Lea Schönherr

Topic assignment

Written on 16.11.23 by Lea Schönherr

Hi everyone!

 

The topic assignment is (almost) complete. Please check the google spreadsheet for this.

Next week Monday we will talk about how to write a survey paper and how to run an artefact evaluation. For this, we have a change in the room. Our meeting will be in 0.07 (same building,… Read more

Hi everyone!

 

The topic assignment is (almost) complete. Please check the google spreadsheet for this.

Next week Monday we will talk about how to write a survey paper and how to run an artefact evaluation. For this, we have a change in the room. Our meeting will be in 0.07 (same building, same floor).

As we already lost some time, please take care to not loose track of the time and start early. Also do not forgot to register in LSF. The deadline for this is Dec 14.

 

Best regards,

Lea Schönherr

Slides Kick-off

Written on 06.11.23 by Lea Schönherr

Hi everyone,

I just uploaded the first slide deck. Unfortunately next week we can not meet but we will finalize the assignments async such that you can start with your topic. For the "How to" survey paper and artefact evaluation I will merge the two meetings to give you enough time to work on both.… Read more

Hi everyone,

I just uploaded the first slide deck. Unfortunately next week we can not meet but we will finalize the assignments async such that you can start with your topic. For the "How to" survey paper and artefact evaluation I will merge the two meetings to give you enough time to work on both. I have updated the schedule in the slides accordingly.

Best regards,

Lea Schönherr

Kick-off

Written on 03.11.23 by Lea Schönherr

Hi everyone!

We're starting our seminar next Monday, Nov 6 at 4:15 PM at the CISPA building (E9.1) in room 0.01. Make sure you've got this time slot blocked in your calendar for the entire semester because we'll be meeting up almost every week. During the kick-off next Monday we will mainly talk… Read more

Hi everyone!

We're starting our seminar next Monday, Nov 6 at 4:15 PM at the CISPA building (E9.1) in room 0.01. Make sure you've got this time slot blocked in your calendar for the entire semester because we'll be meeting up almost every week. During the kick-off next Monday we will mainly talk about administration, schedule and topic assignment.

I hope we do not need any formal specifications and I do not expect you to attend 100% of the meetings, however, especially during the second part of the semester, I am planning some discussion rounds which requires you to attend. Please keep that in mind and consider the seminar meetings as mandatory, with possible individual exceptions.

See you all there.

Lea Schönherr
Show all

Seminar Description

The intersection between security and machine learning can be viewed from two perspectives: The security of machine learning algorithms and systems, e.g., adversarial examples and poisoning attacks. Second is the use machine learning methods to improve and analyze the security of a system, e.g., malware detection or decompilation. In this seminar, we will cover recent publications from both sides by reading and summarizing the state-of-the-art on these two topics and performing an artefact evaluation of their code to verify and comprehend the practical implementations of the latest scientific publications.

Organisation

The seminar is structured into two parts. In both parts, you will work in groups of two:

  • You will write a short survey paper on the main topic of your assigned paper.
  • You will evaluate the code of the paper during an artefact evaluation.

Survey

Your group will be assigned a topic (related to your assigned paper) for which you will read and summarize the current research in a survey paper. The resulting survey papers will undergo a peer review process similar to academic conferences. This includes review, rebuttal, and revision phases in which everyone must participate.

This includes:

  • Writing a short survey paper on the main topic of the group's papers (6 pages)
  • Reviewing two works from other groups to provide feedback
  • Improving the original survey paper based on the feedback

Artefact Evaluation

Artefacts such as code and datasets are an essential part of today's research to be able to reproduce results and foster future research. Top computer science and security conferences conduct artefact evaluations performed by independent reviewers to ensure that the quality of provided artefacts meets certain criteria. These criteria include reproducibility, consistency with the paper, and the quality of the documentation.

In this seminar, we will review the artefacts of research papers. During the assessment, you will check and run the code and verify that you can reproduce the results reported in the paper. At the end of the semester, your group will submit a report that covers the above criteria.

Important Dates

  • Kick-off meeting in the second week of the semester: After assignment I will contact all participants to agree on a time for the kick-off
  • Group and paper assignments: One week after kick-off
  • Submission of first version of survey paper: TBA
  • Submission of reviews: TBA
  • Submission of final version of survey paper: TBA
  • Submission of artefact evaluation report: TBA

List of Papers

The list of papers is based on a list of papers with re-evaluated artifacts. However, you are welcome to suggest your own choice which you can work with after approval. The seminar paper's topic will be about the general topic of the paper of your choice (this list or your own):

  • Defense against Adversarial Examples: Pratik Vaishnavi, Kevin Eykholt, and Amir Rahmati, "Transferring Adversarial Robustness Through Robust Representation Matching," USENIX Security Symposium 2022 [paper]
  • Adversarial Patch Attacks and Defenses: Chong Xiang, Saeed Mahloujifar, and Prateek Mittal, "PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier," USENIX Security Symposium 2022 [paper]
  • Attacks against NLP Systems: Thorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz, Konrad Rieck, "No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning," USENIX Security Symposium 2023 [paper]
  • Poisoning Attacks: Hamid Mozaffari, Virat Shejwalkar, and Amir Houmansadr, "Every Vote Counts: Ranking-Based Training of Federated Learning to Resist Poisoning Attacks," USENIX Security Symposium 2023 [paper]
  • Membership Inference Attacks: Xiaoyong Yuan and Lan Zhang, "Membership Inference Attacks and Defenses in Neural Network Pruning," USENIX Security Symposium 2022 [paper]
  • Concept Drift:  Limin Yang, Wenbo Guo, Qingying Hao, Arridhana Ciptadi, Ali Ahmadzadeh, and Xinyu Xing, Gang Wang, "CADE: Detecting and Explaining Concept Drift Samples for Security Applications," USENIX Security Symposium 2021 [paper]

Deliverables

  • Final survey paper (50 % of your final grade)
  • Reviews (10 % of your final grade)
  • Artefact evaluation report (40 % of your final grade)

Schedule

  • Nov 6: Kick-off (Meeting)
  • Nov 13: Group and paper assignment
  • Nov 20: How to write a survey paper, How to write an artefact report (Meeting)
  • Dec 18: How to write a review, How to present research (Meeting)
  • Jan 8-12: Individual Feedback
  • Jan 8: Presentation topic 1 (Meeting)
  • Jan 15: Presentation topic 2 (Meeting)
  • Jan 22: Presentation topic 3 (Meeting)
  • Jan 29: Presentation topic 4 (Meeting)
  • Feb 5: Presentation topic 5 (Meeting)

 

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.