Calendar (tentative)
| Date | Topic | Presenters | Summarizers | Notes |
|---|---|---|---|---|
Differential Privacy |
||||
| 9/4 | Course welcome Reading: How to Read a Paper |
JH | --- | |
| 9/6 | Basic private mechanisms Reading: Dwork and Roth 3.2-4 |
JH | --- | |
| 9/9 | Composition and closure properties Reading: Dwork and Roth 3.5 |
JH | --- | Signups Due |
| 9/11 | What does differential privacy actually mean? Reading: Lunchtime for Differential Privacy |
JH | --- | |
| 9/13 | Differentially private machine learning Reading: On the Protection of Private Information in Machine Learning Systems: Two Recent Approaches Reading: Semi-supervised Knowledge Transfer for Deep Learning from Private Training Data |
Robert/Shengwen | Zach/Jialu | |
Adversarial Machine Learning |
||||
| 9/16 | Overview and basic concepts | JH | --- | |
| 9/18 | Adversarial examples Reading: Intriguing Properties of Neural Networks Reading: Explaining and Harnessing Adversarial Examples |
JH | Robert/Shengwen | |
| 9/20 | Data poisoning Reading: Poisoning Attacks against Support Vector Machines Reading: Poison Frogs! Targeted Clean-Label Poisoning Attacks on Neural Networks |
Somya/Zi | Miru/Pierre | |
| 9/23 | Defenses and detection: challenges Reading: Towards Evaluating the Robustness of Neural Networks Reading: Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods |
JH | --- | |
| 9/25 | Certified defenses Reading: Certified Defenses for Data Poisoning Attacks Reading: Certified Defenses against Adversarial Examples |
Joseph/Nils | Siddhant/Goutham | |
| 9/27 | Adversarial training Reading: Towards Deep Learning Models Resistant to Adversarial Attacks See also: Ensemble Adversarial Training: Attacks and Defenses |
Siddhant/Goutham | Somya/Zi | |
Applied Cryptography |
||||
| 9/30 | Overview and basic constructions Reading: Boneh and Shoup, 11.6, 19.4 See also: Evans, Kolesnikov, and Rosulek, Chapter 3 |
JH | --- | |
| 10/2 | SMC for machine learning Reading: Helen: Maliciously Secure Coopetitive Learning for Linear Models See also: Secure Computation for Machine Learning With SPDZ |
Varun/Vibhor/Adarsh | --- | |
| 10/4 | Secure data collection at scale Reading: Prio: Private, Robust, and Scalable Computation of Aggregate Statistics |
Abhirav/Rajan | --- | |
| 10/7 | Verifiable computing Reading: SafetyNets: Verifiable Execution of Deep Neural Networks on an Untrusted Cloud |
JH | --- | |
| 10/9 | Side channels and implementation issues Reading: On Significance of the Least Significant Bits For Differential Privacy |
JH | --- | |
| 10/11 | Model watermarking Reading: Turning Your Weakness Into a Strength: Watermarking Deep Neural Networks by Backdooring See also: Protecting Intellectual Property of Deep Neural Networks with Watermarking |
Noor/Shashank | Joseph/Nils | MS1 Due |
Algorithmic Fairness |
||||
| 10/14 | Overview and basic notions Reading: Barocas, Hardt, and Narayanan, Chapter 1-2 |
JH | --- | |
| 10/16 | Individual and group fairness Reading: Fairness through Awarness Reading: Equality of Opportunity in Supervised Learning |
JH | Jack/Jack | |
| 10/18 | Inherent tradeoffs Reading: Inherent Trade-Offs in the Fair Determination of Risk Scores |
Bobby | --- | |
| 10/21 | Defining fairness: challenges Reading: 50 Years of Test (Un)fairness: Lessons for Machine Learning Reading: Barocas, Hardt, and Narayanan, Chapter 4 |
JH | Bobby | |
| 10/23 | Fairness in unsupervised learning Reading: Man is to Computer Programmer as Woman is to Homemaker? Debiasing Word Embeddings See also: Men Also Like Shopping: Reducing Gender Bias Amplification using Corpus-level Constraints |
Zach/Jialu | Noor/Shashank | |
| 10/25 | Beyond observational measures Reading: Avoiding Discrimination through Causal Reasoning See also: Counterfactual Fairness |
Nat/Geetika | Varun/Vibhor/Adarsh | |
PL and Verification |
||||
| 10/28 | Overview and basic notions | JH | --- | |
| 10/30 | Probabilistic programming languages Reading: Probabilistic Programming |
Miru/Pierre | Nat/Geetika | |
| 11/1 | Automata learning and interpretability Reading: Model Learning Reading: Interpreting Finite Automata for Sequential Data |
Jack/Jack | Abhirav/Rajan | |
| 11/4 | Programming languages for differential privacy Reading: Distance Makes the Types Grow Stronger: A Calculus for Differential Privacy See also: Programming Language Techniques for Differential Privacy |
JH | --- | |
| 11/6 | Verifying neural networks Reading: AI2: Safety and Robustness Certification of Neural Networks with Abstract Interpretation See also: DL2: Training and Querying Neural Networks with Logic |
JH | --- | |
| 11/8 | Verifying probabilistic programs Reading: A Program Logic for Union Bounds See also: Advances and Challenges of Probabilistic Model Checking |
JH | MS2 Due | |
No Lectures: Work on Projects |
||||
| 12/9 | Project Presentations 1 - Nils, Joseph, Abhirav - Robert, Noor, Shashank - Jack L., Geetika - Zi |
|||
| 12/11 | Project Presentations 2 - Vibhor, Varun, Adarsh - Siddhant, Goutham, Somya - Nat, Zach, Jialu - Miru, Pierre, Jack S. - Shengwen, Rajan, Bobby |
Projects Due |