Topics in Adversarial Machine Learning

1 minute

Seminar Course, Summer 2023

Department of Computer Science, Saarland University

Instructor: Xiao Zhang, CISPA Helmholtz Center for Information Security

Meeting Time & Location: 14:15 - 15:45 on Wednesdays in Room 0.07, CISPA Main Building



Landscape

Image credit: HackerNoon



In this seminar, we will focus on understanding the security threats adversaries pose to machine learning systems (evasion and poisoning attacks) and the recent algorithmic advancements of building more robust machine learning systems to mitigate those threats. In addition, we will look into several theoretical works on understanding and characterizing the fundamental limits of adversarial machine learning.



Collections

Sections

Blog Posts

The course syllabus, course-relevant information and all blogs of in-class presentation and discussions will be posted here.

1 minute

Course Schedule

A complete course schedule will be posted here after team and topic assignments.

According to the results received from the two online polls, the weekly class meeting time is going to be 14:15 - 15:45 on each Wednesday of the class meeting week. The detailed presentation schedule with presenter information is summarized below. Note that this schedule might be subject to change. Week Topic Presenters 08.05 - 12.05 Adversarial Examples & Robustness Evaluation Shreyash (Guest) 15.05 - 19.05 Robustness Certification Methods Gopal 22.05 - 26.

1 minute

Course Syllabus

Course Objective: In this seminar, we will focus on understanding the security threats adversaries pose to machine learning systems (evasion and poisoning attacks) and the recent algorithmic advancements of building more robust machine learning systems to mitigate those threats. In addition, we will look into several theoretical works on understanding and characterizing the fundamental limits of adversarial machine learning. Expected Background: Previous background in mathematics, statistics, machine learning, and security would be beneficial but optional as long as you are motivated and able to learn relevant fundamentals.

7 minutes

Teams

Team assignment and topic assignment will be posted here.

Below is the topic assignment for presentations after gathering all the topic preferences. Note that each student is assiged to (at most) two reseach topics. Topic Assigned Students Adversarial Examples & Robustness Evaluation Shreyash (Guest) Robustness Certification Methods Gopal Robust Overfitting & Mitigation Methods Xiao Robust Generalization & Semi-Supervised Methods Somrita & Shreyash (Guest) Indiscriminate Poisoning & Backdoor Attacks Baoshuang & Wenhao (Guest) Targeted Poisoning Attacks & Certification Gopal Intrinsic Limits on Adversarial Robustness Somrita Adversarial ML Beyond Image Classification Baoshuang For team project and final seminar paper, the course instructor will not assign you to a team.

1 minute