Robustness in Machine Learning

Good Morning Everyone,

Due to the heavy snow this morning, we will have an online class today over Zoom (link: https://cispa-de.zoom-x.de/j/65081098332?pwd=eFBYdzUzYUkwQnlOT2RnNmtOTSswZz09). The whole invitation is attached at the end of this email. In addition, homework assignment 4 will be released later tomorrow. I apologize for the delay. No worries; the submission deadline of HW4 will be postponed accordingly.

Be safe, and hope to see you in the afternoon on Zoom

Xiao

Xiao Zhang is inviting you to a scheduled Zoom meeting.

Topic: [Advanced Lecture] Robustness in Machine Learning
Time: Jan 18, 2024, 02:00 PM Amsterdam, Berlin, Rome, Stockholm, Vienna

Join Zoom Meeting
https://cispa-de.zoom-x.de/j/65081098332?pwd=eFBYdzUzYUkwQnlOT2RnNmtOTSswZz09

Meeting ID: 650 8109 8332
Passcode: qQL4!D
One tap mobile
+496938980596,,65081098332# Germany

Dial by your location
        +49 69 389 805 96 Germany
Meeting ID: 650 8109 8332
Find your local number: https://cispa-de.zoom-x.de/u/cb8FpEGLNT

Privacy Notice:
Please refer to https://cispa.de/en/data-privacy-policy-zoom for our privacy notice regarding the use of Zoom at CISPA

Hi everyone,

Happy New Year, and I hope this email finds you well.

We are currently trying to finalize the oral presentation schedule, but we need your input. The oral presentation is scheduled for 13:00 - 17:00 on Feb. 08. In principle; every student is expected to attend the oral presentation event as much as possible to support others' presentations and learn from them. If your team has schedule conflicts for the period, please notify us (me and the TAs) by email as soon as possible. In the email, you should specify which period between 13:00 and 17:00 on Feb. 08 works for your team and which does not. If your team can not be present at any time during the period, please provide us with at least three time slots that work for you in the following week (Feb. 12 - Feb. 16). In addition, I have updated the instructions for paper review, oral presentation, and final report on the course website. Please remember to take a look and let us know if you have any questions.

Have a nice weekend,

Xiao

Happy New Year, everyone!

We have released our feedback on your submitted proposals. Each proposal should receive two feedback (one from a TA and one from the instructor).

We hope the feedback is useful to improve your projects. 

Please carefully check the assignment and project requirements, including but not limited to the template requirement.

Another noteworthy thing is to submit the correct file(s); otherwise, we cannot understand the content.

Additional clarification:

- For each paper, the review is limited to 2 pages.

Best,

Minxing

Hi everyone,

All your submissions have been scored, please feel free to contact the TA who scored your submission if you have any questions.

- If you find my name (i.e., Minxing) in your feedback, that means I scored your submission.

Here are some submission suggestions.

For the following submissions, please only submit the necessary files.

For example, regarding homework assignments, please submit and only submit 2 files, i.e., .pdf and .ipynb (the have-run version), which correspond to the theoretical and the programming questions.

Regarding the programming part,

- please read the questions and instructions carefully, and make sure that the submission contains all required outputs;

- please do NOT print non-required output.

Thanks for your understanding in advance!

Best,

Minxing

Hi everyone,

The scores of your homework assignment 1 can be checked on our CMS website now.

Please feel free to contact the teaching assistant who scores your assignment if you have questions.

- If you find my name (i.e., Minxing) on the feedback, it means I scored your assignment.

By the way, the deadline for homework assignment 2 is closed, do not miss it.

Enjoy the winter time and take care,

Minxing

Hi everyone,

There will be a very interesting talk from Lujo Bauer (Carnegie Mellon University) at 4:00 pm in Lecture Hall 0.05 right after tomorrow's lecture.

The talk is about "From pandas and gibbons to malware detection: Attacking and defending real-world uses of machine learning", which is highly relevant to what we have learnt about adversarial robustness so far. You can find more details in the forwarded message below. I highly recommended you to attend the talk if you have time.

Best regards and see you tomorrow,

Xiao 

Dear all,

As part of CISPA's Distinguished Lecture Series, we are pleased to announce that

   Lujo Bauer (Carnegie Mellon University)

will give a talk on

   From pandas and gibbons to malware detection: Attacking and defending real-world uses of machine learning 

on Thursday, 16th of November, at 4pm. The talk will take place in a hybrid mode with a physical presentation in the Bernd Therre lecture hall at CISPA and via Zoom:

https://cispa-de.zoom-x.de/j/62011223528?pwd=TW9xWWE4ZnU1WHlHQ0w4ckV2aHFUdz09

Meeting ID: 620 1122 3528
Passcode: w%65qV

We encourage everyone on campus to attend the presentation. Should you want to meet with Lujo as well, please send me an email and I'll try to arrange a meeting.

Abstract:
A multitude of research results has shown that slightly changing the inputs given to an ML algorithm can trick the algorithm into producing "wrong" outputs. Such research typically assumes that an attacker has complete control over the input but also wants to change the input as little as possible. In this talk I'll argue that practical threat models are different: attackers work under constraints and toward goals that most research typically doesn't consider. Using face recognition and malware detection as examples, I'll show that under more realistic constraints, defeating ML requires creating new attack methods. I'll also show that even assessing the risk of real-world uses of ML may require new definitions of robustness, which in turn enable better defenses but also more efficient attacks.

Bio:
Lujo Bauer is a Professor of Electrical and Computer Engineering, and of  Computer Science, at Carnegie Mellon University. He is also a member of  CyLab, Carnegie Mellon's computer security and privacy institute. Lujo  received his Ph.D. in Computer Science from Princeton University in 2003. Lujo's research examines many aspects of computer security and  privacy, including building systems in which usability and security  co-exist and designing practical tools for identifying software  vulnerabilities. His recent work focuses on developing tools and  guidance to help users stay safer online and on examining how advances  in machine learning can (or might not) lead to a more secure future. Lujo served as program (co-)chair for the flagship computer security  conferences of the IEEE (S&P 2015) and the Internet Society (NDSS  2014), and is looking forward to doing so for USENIX in 2025.

Best regards,
Cris Staicu
 

Good morning everyone,

As announced in yesterday's lecture, the oral exam (oral presentation of your team's course project) will take place in Lecture Hall 0.05, CISPA Main Building between 13:00 - 17:00 on Feb 8, 2024. The date and location have been finalized. In addition, the exam registration for this course should be open on LSF soon (until February 1, 2024). You need to register for the exam (before February 1) to receive your final grades. 

Best regards,

Xiao

Good Morning Everyone,

We decided to increase the student limits from 4 to 5 per paper for review, due to the large number of class attendees. You can now edit your preference if there are available slots on the spreadsheet.

Besides, I noticed that some students registered more than 2 papers on the spreadsheet. This is not allowed - each student should register no more than 2 papers so that other students who also interested in the paper will have an opportunity to review it.

Best regards,

Xiao

Hi everyone,

The registration of paper review is now open. You can use this editable link to the Google spreadsheet and put your name to the two papers you would like to read and review. Note that each paper can be registered by at most 4 students (first come, first serve). The registration will be open until the end of this month.

Have a nice evening,

Xiao 

Dear students,

Thank you for registering for the advanced lecture course: Robustness in Machine Learning. We are going to have our first lecture this Thursday (26.10.2023) at 14:15. The meeting place is Bernd Therre Lecture Hall (0.05), CISPA Main Building (C0), Stuhlsatzenhaus 5.

Look forward to meeting you,

Xiao