CS-E400101 - Research Seminar in Computer Science D: Research Seminar on Security and Privacy of Machine Learning, Lectures, 1.3.2022-27.5.2022

Topic outline

• Assignments
  Assignments during the course consist of 5 tasks

  1. Reading 3 scientific papers before each discussion session: once a week.
  2. Write takeaways and questions about each paper read (details here).
     
  3. Participate to every discussion session: once a week.
     
  4. Presenting and leading the discussion on a scientific paper: twice over the course (details here).
  5. Completing two programming assignments: 1) crafting adversarial examples; 2) watermarking a model (details here).
     

  
  

  Grading takes 4 components into account

  
  

  1. Presentation and leading paper discussion (40% of the grade)

  • Completeness and relevance of the objective paper presentation
  • Quality of the oral speech and of the support for presentation (slides)
    
  • Quality of the critical synthesis
  • Quantity and quality of discussion topics
  • Ability to engage the audience in the discussion

  
  

  2. Participation in discussions (15% of the grade)

  • Reply to questions/topics launched by discussion leader
  • Extend the discussion
  • Launch new topics of discussion

  
  

  3. Writing personal paper takeaways (15% of the grade)

  • Submit 1-2 pages summarizing the paper's takeaways in your opinion: what did you learn from this paper? How your perception of ML security changed?
  • Submit a few question/discussion topics based on paper reading before each discussion.
    
  • Submissions are evaluated in a coarse manner. The criticality and sensibility of the takeaways are the main evaluation criteria.
    
  • Submit your assignment before each discussion session (Deadline: 11:55 on discussion day)

  
  

  4. Completing programming assignments (30% of the grade)

  Assignment 1: crafting adversarial examples

  • Choose a black-box adversarial example crafting method.
    
  • Introduce its main concepts.
  • Implement it.
  • Perform the evaluation and the analysis. Describe your findings.

  Assignment 2: watermarking a model

  • Choose a watermarking method (black-box or white-box).
    
  • Introduce its main concepts.
  • Implement it.
  • Perform the evaluation and the analysis. Describe your findings.