CS499/579 | AI539 :: W25 :: Trustworthy ML

CS499/579 | AI539 :: W25 :: Trustworthy Machine Learning

Overview

In recent years, we've seen the soar of machine learning (ML)-enabled applications in our lives, such as ChatGPT [link] or autonomous driving cars [link], which calls for a comprehensive understanding of their security and privacy implications. Research in the field of Trustworthy ML (TML) studies (potential) security and privacy risks an adversary can inflict. A well-studied risk, and an example of the research outcomes, is predictions manipulated by adversarial examples [link]. It leads to developing defenses, e.g., adversarial training [link]—a training mechanism that reduces the sensitivity of models to small input perturbations. Researchers have extended this concept to language models, referring to it as "jailbreaks," which is an actively studied area [link].

In this class, students will be able to familiarize themselves with the history of attacks and defenses against ML and their extensions to emerging ML-enabled systems, such as generative ML models. The class materials will cover three fundamental threats: (1) adversarial examples, (2) data poisoning, and (3) privacy risks. Students will review prior work, from classical papers to up-to-date ones, implement basic attacks and defenses, evaluate their effectiveness, and conduct a mini-research project on a topic of their choice.

In the end, we expect:

[Security] To learn how to think like an adversary.
[TML] To learn attacks and defenses against ML-enabled systems.
[TML] To have hands-on experience by implementing security mechanisms.
[Research] To learn how to pursue a research problem of your choice and communicate your findings with others.

Latest Announcements [Full List]

01/06/25: Welcome to CS499/579 | AI539 Trustworthy ML!

Course Information

Lecture: TR 12 - 1:50pm
Credits: 4
Location: STAG 212 - Strand Agriculture Hall 212 (GP) and Zoom
Discussion board: Canvas

Instructor

Name: Sanghyun Hong
Contact: sanghyun [dot] hong [at] oregonstate [dot] edu
Office: 2029 KEC - Kelley Engineering Center
Office hours: F 12 - 1:50 pm, after each class
[Subject to change at the instructor's discretion]

Course Policy

The University's Code of Academic Integrity applies, modified as follows:

[Dont's]

Do NOT share your code or write-up with others.
Do NOT copy and paste someone else's code or write-up in yours.
Do NOT ask for the solutions on the Internet
(e.g., do not post your homework to StackOverflow).

[Do's]

Brainstorm your ideas with other students.
Discuss and explain your solutions with other students.
Discuss the problems and concepts for the team project.
Collaborate with your team-members to run experiments for the team project.

Must: Please write down the students' names if you received any help from them. It won't affect the scores for your homework or projects. But, you will learn from this practice how to credit others for their services. It is an essential skill when you collaborate with others in the future.

CS499/579 | AI539 :: W25 :: Trustworthy Machine Learning

Home

Syllabus

Critique, Presentation

Homework