| Semester | Winter 2023 |
| Course type | Block Seminar |
| Lecturer | Jun.-Prof. Dr. Wressnegger |
| Audience | Informatik Master & Bachelor |
| Credits | 4 ECTS |
| Room | 148, Building 50.34 |
| Language | English or German |
| Link | https://campus.kit.edu/campus/all/event.asp?gguid=0x0ADE8C79D0434919A68190ED644806BA |
| Registration | https://ilias.studium.kit.edu/goto.php?target=crs_2214302&client_id=produktiv |
This seminar is concerned with different aspects of adversarial machine learning. Next to the use of machine learning for security, also the security of machine learning algorithms is essential in practice. For a long time, machine learning has not considered worst-case scenarios and corner cases as those exploited by an adversarial nowadays.
The module introduces students to the recently extremely active field of attacks against machine learning and teaches them to work up results from recent research. To this end, the students will read up on a sub-field, prepare a seminar report, and present their work at the end of the term to their colleagues.
Topics include but are not limited to adversarial examples, model stealing, membership inferences, poisoning attacks, and defenses against such threats.
| Date | Step |
| Mon, 23. Oct, 14:00–15:30 | Primer on academic writing, topic presentation |
| Wed, 25. Oct, 11:59 | Send topic selection(assignment happens till 18:00) |
| Thu, 26. Oct, 11:59 | Officially register for assigned topic (missed opportunities will be reassigned to waiting list till 18:00) |
| Thu, 2. Nov | Arrange appointment with assistant |
| Mon, 6. Nov - Fri, 10. Nov | Individual meeting (Provide first overview and ToC) |
| Thu, 4. Jan | Submit final paper |
| Thu, 11. Jan | Submit review for fellow students |
| Thu, 18. Jan | End of discussion phase |
| Fri, 19. Jan | Notification about paper acceptance/rejection |
| Fri, 26. Jan | Submit camera-ready version of your paper |
| Fri, 16. Feb | Presentation at final colloquium |
News about the seminar, potential updates to the schedule, and additional material are distributed using the course's matrix room. Moreover, matrix enables students to discuss topics and solution approaches.
You find the link to the matrix room on ILIAS.
Every student may choose one of the following topics. For each of these, we additionally provide a few recent top-tier publication that you should use as a starting point for your own research. For the seminar and your final report, you should not merely summarize that paper, but try to go beyond and arrive at your own conclusions.
Moreover, most of these papers come with open-source implementations. Play around with these and include the lessons learned in your report.