CY 7790: Special Topics in Security and Privacy: Machine Learning
Security and Privacy
Instructors:
Class
Schedule:
Office Hours:
Class forum: Piazza Class policies: Academic integrity
policy is strictly enforced Class description: Machine learning is increasingly being used for automated
decisions in applications such as health care, finance, autonomous vehicles,
personalized recommendations, and cyber security. These critical applications
require strong guarantees on both the integrity of the machine learning
models and the privacy of the user data used to train these models. The area
of adversarial machine learning studies the effect of adversarial attacks
against machine learning models and aims to design robust defense algorithms.
In this course, we will study a variety of adversarial attacks on machine
learning and deep learning systems that impact the security and privacy of
these systems, and we will discuss the challenges of designing robust models.
The objectives of the course are the following: ·
Provide an
overview of several machine learning models for classification and
regression, including logistic regression, SVM, decision trees, ensemble
learning, and deep neural network architectures. ·
Discuss
generalization in machine learning, the bias-variance tradeoff, and the
underlying assumptions that most algorithms rely on. ·
Provide an
in-depth coverage of adversarial attacks on machine learning systems,
including evasion attacks at inference time, poisoning attacks at training time,
and privacy attacks. Learn how to classify the attacks according to the
adversarial objective, knowledge, and capability. ·
Discuss
adversarial attacks in real-world applications, including cyber security,
autonomous vehicles, and natural language processing. ·
Understand
existing methods for training robust models and the challenges of achieving
both robustness and accuracy. ·
Discuss fairness
issues in machine learning that might exacerbate existing risks of
adversarial attacks. ·
Read research
papers from both security and machine learning conferences and discuss them
in class. Students will participate in class discussions, lead discussion on
selected papers in teams, and write notes about the class discussion. ·
Provide students
the opportunity to work on a semester-long research project on a topic of
their choice, as well as complete several assignments on machine learning
security and privacy. Pre-requisites:
Grading
The grade will be based on: - Assignments – 10% - Paper summaries– 10% - Discussion leading – 15% - Scribing – 15% - Final project – 50% - |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Calendar (Tentative) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Books:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|