Overview
The course provides an overview of adversarial example research and future research directions in the field of defense against the dark arts. Students will learn about attacks on the machine learning pipeline, different types of attacks, defense failures, and future directions in developing better attack models. The teaching method involves a keynote presentation by Ian Goodfellow. This course is intended for individuals interested in deep learning, security, and adversarial machine learning research.
Syllabus
Intro
I.I.D. Machine Learning
Attacks on the machine learning pipeline
Define a game
Fifty Shades of Gray Box Attacks
Transfer Attack
Norm Balls: A Toy Game
Tradeoff
Gradient Masking
Pipeline of Defense Failures
Adversarial Logit Pairing (ALP)
Future Directions: Indirect Methods
Future Directions: Better Attack Models
Some Non-Security Reasons to Study Adversarial Examples
Clever Hans
Taught by
IEEE Symposium on Security and Privacy