Security and Privacy in Machine Learning
Sharif University of Technology, Iran
CE Department
Spring 2023
Welcome to the public page for the course on Security and Privacy in Machine Learning (SPML). The main objectives of the course are to introduce students to the principles of security and privacy in machine learning. The students become familiar with the vulnerabilities of machine learning in the training and inference phases and the methods to improve the robustness and privacy of machine learning models.
Course Logistics
- Time: Sat. & Mon. 13:30 - 15:00
- Location: CE-202 & vc.sharif.edu/ch/amsadeghzadeh
- Contact: Announcements and all course-related questions will happen on the Quera forum.
- All official announcements and communication will happen over Quera.
- For external enquiries, emergencies, or personal matters that you don’t wish to put in a private post, you can email me at amsadeghzadeh_at_gmail.com
Instructor
Amir Mahdi Sadeghzadeh
Office: CE-501 (DNSL)
Office Hours: By appointment (through Email)
Email: amsadeghzadeh_at_gmail.com
URL: amsadeghzadeh.github.io
Course Staff
Course Pages
- spml-sut.github.io -> Course information, syllabus, and materials.
- Quera (Get the password from course staff) -> Announcements, assignments, and all course-related questions.
Main References
The main references for the course are many research papers in top-tier conferences and journals in computer security (SP, CCS, Usenix Security, EuroSP) and machine learning (NeurIPS, ICLR, ICML, CVPR, ECCV). Three following books are used for presenting background topics in machine learning and deep learning in
the first part of the course.
Grading Policy
Assignments (30%), Mid-term (and Mini-exam) (20%), Papers review and presentation(20%), and Final (30%).
Course Policy
- This course considers topics involving personal and public privacy
and security. As part of this investigation we will cover
technologies whose abuse may infringe on the rights of others. As an
instructor, I rely on the ethical use of these technologies.
Unethical use may include circumvention of existing security or
privacy measurements for any purpose, or the dissemination,
promotion, or exploitation of vulnerabilities of these services.
Exceptions to these guidelines may occur in the process of reporting
vulnerabilities through public and authoritative channels. Any
activity outside the letter or spirit of these guidelines will be
reported to the proper authorities and may result in dismissal from
the class. When in doubt, please contact the instructor for advice. Do not
undertake any action which could be perceived as technology misuse
anywhere and/or under any circumstances unless you have received
explicit permission from Dr. Sadeghzadeh.
Academic Honesty
Sharif CE Department Honor Code (please read it carefully!)
Homework Submission
Submit your answers in .pdf or .zip file in course page on Quera website, with the following format:
HW[HW#]-[FamilyName]-[std#] (For example HW3-Hoseini-401234567)
Late Policy
- All students have 21 free late days for the assignments.
- You may use up to 7 late days per assignment with no penalty.
- Once you have exhausted your free late days, we will deduct a late penalty of 20% per additional late day.