Ting Wang

CSE590 Adversarial Machine Learning

Welcome to CSE590 Adversarial Machine Learning!

Learning Objectives:

Machine learning has become one mainstream technique underlying numerous data-driven systems and applications, including those in security-sensitive domains (e.g., cyber-security defense, autonomous driving, and medical diagnosis). This course will focus on understanding the challenges of applying machine learning in adversarial environments, wherein potential adversaries may purposely manipulate and sabotage the learning processes and outcomes. This 3-credit course will study state-of-the-art attack and defense techniques, and understand their strengths and limitations. The objective of the course is to provide students with sufficient background knowledge relevant to challenges and opportunities for advanced adversarial machine learning systems to better defend against adversarial attacks and manipulations.

Prerequisites:

This course requires the knowledge of an undergrad-level machine learning course and a basic background in linear algebra and calculus.

Logistics:

• Time: Tue/Thur 1:00 - 2:20 PM
• Location: HUMANITIES 1023
• Instructor: Ting Wang (twang@cs.stonybrook.edu)
• Office hours: Tue 2:30 - 3:30 PM, NCS 154

Tentative Schedule

The tentative schedule and reading materials can be found here, where you also sign up your presentation.

Grading Policy:

Grades will be calculated based on the following factors:

• Course Project 60%
• Paper Presentation 30%
• Class Participation 10%
• Paper Review (optional: 2% bonus for each review)

Paper Presentation Each student will present 2 papers of his/her choice. Students need to sign up here for the presentation before Week 2. The assignment will be granted on a first-come-first-serve basis. Students are expected to prepare the slides by themselves, but the original authors’ slides are allowed to be used with proper citations. Students need to send to the instructor the slides at least one day before the presentation.

Paper Reviews (Optional) Students are encouraged to review papers from the piles that other students presented (different from the papers you present). Please use the provided template to prepare your review. Students receive 2% bonus points for each review they write (after the instructor’s approval).

Course Project Group is allowed for the course project (with a maximum of 2 students per group). The expectation for a 2-person group will be relatively higher. Please let the instructor know by Week 2 if you plan to work in groups. The goal of the course project is to provide the students with an opportunity to explore research directions in adversarial machine learning. Therefore, the project should be related to the course content. An expected project includes but is not limited to:

• A novel and sound solution to an interesting problem
• Solving an interesting new real-world problem with adversarial machine learning
• Thorough theoretical analysis of existing approaches
• The best outcome of the project is a manuscript that is publishable in major machine learning/AI/Security conferences (ICML, NeurIPS, ICLR, CVPR, KDD, ACL, CCS, etc.).

The project will have a few milestones including project proposals, midterm presentation, and final presentation, with specific due dates.

Late Submission Policy All reviews/reports are due at 11:59 PM (EST) one day before the class. Students can submit late till noon (EST) of the class day. No more late submission is allowed after that. Extensions can only be granted in special cases (email the instructor)

Exams There will be no exams.

Student Accessibility Support Center Statement

If you have a physical, psychological, medical, or learning disability that may impact your course work, please contact the Student Accessibility Support Center, Stony Brook Union Suite 107, (631) 632-6748, or at sasc@stonybrook.edu. They will determine with you what accommodations are necessary and appropriate. All information and documentation is confidential.

Students who require assistance during emergency evacuation are encouraged to discuss their needs with their professors and the Student Accessibility Support Center. For procedures and information go to the following website and search Fire Safety and Evacuation and Disabilities.

Academic Integrity Statement

Each student must pursue his or her academic goals honestly and be personally accountable for all submitted work. Representing another person’s work as your own is always wrong. Faculty is required to report any suspected instances of academic dishonesty to the Academic Judiciary. Faculty in the Health Sciences Center (School of Health Technology & Management, Nursing, Social Welfare, Dental Medicine) and School of Medicine are required to follow their school-specific procedures. For more comprehensive information on academic integrity, including categories of academic dishonesty please refer to the academic judiciary website. The Department of Computer Science also has the following policy at here.

Critical Incident Management

Stony Brook University expects students to respect the rights, privileges, and property of other people. Faculty are required to report to the Office of Student Conduct and Community Standards any disruptive behavior that interrupts their ability to teach, compromises the safety of the learning environment, or inhibits students’ ability to learn. Faculty in the HSC Schools and the School of Medicine are required to follow their school-specific procedures. Further information about most academic matters can be found in the Undergraduate Bulletin, the Undergraduate Class Schedule, and the Faculty-Employee Handbook.

Powered by Jekyll and Minimal Light theme.