Overview
This course aims to teach learners how to defend Deep Generative Models (DGMs) against adversarial attacks. The learning outcomes include understanding the threat model for training-time attacks on DGMs, detecting backdoors in pre-trained DGMs, and implementing effective defense mechanisms. The course covers skills such as model inspection, brute force sampling, and basic defense strategies. The teaching method involves a presentation that includes research goals, applications of DGMs, potential attack scenarios, and defense strategies. The intended audience for this course includes individuals interested in cybersecurity, machine learning, and deep learning.
Syllabus
Introduction
Research Goals
What are Deep Generative Models
Applications of Deep Generative Models
What Could Go Wrong
What Makes a Successful Attack
Model Inspection
Brute Force Sampling
mnist
Training
Can you do something better
Approach trail
Approach schematic
Student Model
Redundancy
Token Example
Stylegun
Attack Goals
Basic Defenses
Whitebox Access
Taught by
Black Hat