Schedule
Course Schedule (Tentative)
- To assist your understanding of the topic, you are highly recommended to go through the corresponding supplementary reading materials for each lecture. Note that the papers listed here are different from the papers for which you need to write a review.
- Links to slides and homework will be made available from time to time, so you may want to come back to this page frequently.
- The course schedule may be subject to changes, which will be announced on CMS in time.
|
Date
|
Topic
|
Supplementary Reading Materials
|
|---|---|---|
|
Oct 26
|
Overview of Robust Machine Learning (slides)
|
Chapters 9,11,12 of "Trustworthy Machine Learning", Kush R. Varshney, 2022 (link)
|
|
Nov 02
|
Machine Learning & Deep Learning Basics (slides)
Paper review registration open
|
Chapters 5-9 of "Deep Learning", Goodfellow et al., 2016 (link)
|
|
Nov 09
|
Introduction to Adversarial Examples (slides)
HW1 released (link)
|
Explaining and Harnessing Adversarial Examples (link)
Black-box Adversarial Attacks with Limited Queries and Information (link)
|
|
Nov 16
|
Black-box Attacks & Empirical Defenses (slides)
|
|
|
Towards Deep Learning Models Resistant to Adversarial Attacks (link)
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples (link)
|
||
|
Nov 23
|
Certification Methods (slides)
HW1 due; HW2 released (link)
|
Provable Defenses against Adversarial Examples via the Convex Outer Adversarial Polytope (link)
Certified Adversarial Robustness via Randomized Smoothing (link)
|
|
Nov 30
|
Understanding the Cause of Adversarial Vulnerability (slides)
Review paper registration due; Team finalization due
|
The Relationship Between High-Dimensional Geometry and Adversarial Examples (link)
Robustness May be at Odds with Accuracy (link)
|
|
Dec 07
|
Robust Generalization & Semi-supervised Methods (slides)
HW2 due
|
Overfitting in Adversarially Robust Deep Learning (link)
Unlabeled Data Improves Adversarial Robustness (link)
|
|
Dec 14
|
Q&A Session on Assignments and Proposal (led by TAs)
|
|
|
Dec 21
|
Robust Mean Estimation (slides)
Proposal due
|
Chapter 1 of Jacob Steinhardt's thesis (link)
Lecture notes of Jerry Li's class (1d Gaussian, high-dim Gaussian)
|
|
Dec 28
|
No Lecture: Winter Break
|
|
|
Jan 04
|
Introduction to Data Poisoning Attacks (slides)
HW3 released (link)
|
Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses (link)
|
|
Jan 11
|
Poisoning Attacks & Defenses (slides)
|
Unlearnable Examples: Making Personal Data Unexploitable (link)
Certified Defenses for Data Poisoning Attacks (link)
|
|
Jan 18
|
Explainability in Machine Learning (slides)
HW3 due; HW4 released (link)
|
Chapters 3,10 of "Interpretable Machine Learning", Christoph Molnar, 2022 (link)
|
|
Jan 25
|
Robustness to Distribution Shifts (slides)
|
In Search of Lost Domain Generalization (link)
Distributionally Robust Neural Networks for Group Shifts (link)
|
|
Feb 01
|
Robust Machine Learning in NLP (slides)
|
Measure and Improve Robustness in NLP Models: A Survey (link)
|
|
Feb 08
|
Oral Presentation (see Course Project page)
Paper review due; HW4 due
|
|
|
Feb 15
|
Presentation slides due; Final report due
|