Leading discussion session
Guidelines
Leading a discussion on a paper is composed of 2 parts taking 50 minutes altogether.
1. A presentation type power point composed of the following items (20 minutes):
1.a. An objective paper presentation that contains for instance:
- Problem statement
- Adversary/threat model
- Summary of main findings & contributions
- Results
1.b. A critical personal synthesis that contains for instance:
- Analysis of correctness/completeness
- Potential flaws
- Relation to related work
- (A support for following discussion)
- Etc.
2. An interactive discussion with the rest of the class (30 minutes)
- Prepare a set of points to discuss
- Make it interactive and raise issues where opinions are likely to be divided
- Develop provocative opinions
- Ask controversial questions
- Correlate research with recent events (e.g., news headlines on the use of AI)
Paper assignment
Go to this Google form and select 5 papers that you would like to present before Monday March 08, 23:55
Presentation assignment:
Discussion session |
Title | Presenter |
---|---|---|
1. Model evasion |
Devil’s Whisper: A General Approach for Physical... |
Albert Mohwald |
On Adaptive Attacks to Adversarial Example Defenses |
Oliver Jarnefelt |
|
2. Model poisoning | Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization |
Seb |
Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning |
Yujia Guo |
|
3. Compromised training |
BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain |
Paavo Reinikka |
Machine Learning Models that Remember Too Much |
Ananth Mahadevan |
|
4. Model stealing |
High Accuracy and High Fidelity Extraction of Neural Networks |
Albert Mohwald |
Imitation Attacks and Defenses for Black-box Machine Translation Systems |
Yujia Guo |
|
5. Protecting intellectual property of models |
Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring |
Buse |
Samuel |
||
6. Training data leakage |
The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks |
Samuel |
6. Tracing training data |
Radioactive data: tracing through training |
Oliver Jarnefelt |
7. Privacy-preserving training |
||
Auditing Differentially Private Machine Learning: How Private is Private SGD? |
Paavo Reinikka |
|
7. Fairness & bias in ML prediction |
Characterising Bias in Compressed Models |
Ananth Mahadevan |
- Make a submission
- Make a submission