Calendar (2023)

All classes (except for October 12) are scheduled for Mondays, 1-4 PM.

 

Date Papers to critique and discuss Presenters
September 11 Before the cass:

  1. Read: the information about the course on the course website, including the course syllabus.
  2. Read: Chapter 1 from Computer Security and the Internet: Tools and Jewels.
  3. Optionally: Watch video lectures from introduction to deep learning course.

In the class:

  1. Introduction and overview of the course
  2. Security bootcamp.
September 18 Before the class:

  1. Read: Sections 1 (Introduction) & 2 (Attack Classification) in “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations“.
  2. Read: Keshav, Srinivasan. “How to read a paper
  3. Read: Alan Jay Smith. 1990. “The Task of the Referee,” Computer 23, 4 (April 1990), 65-71.
  4. Using the method explained in “How to Read a Paper”, read
    X. Pan, M. Zhang, S. Ji and M. Yang, “Privacy Risks of General-Purpose Language Models,” 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2020, pp. 1314-1331, doi: 10.1109/SP40000.2020.00095.

In the class:

  1. Discussing how to read academic papers in computing and how to write paper critiques for this course.
  2. Discussing and collectively “writing” a critique for #4.
September 25 Before the class: Write and Submit your Critique of:

  1. Bagdasaryan, Eugene, and Vitaly Shmatikov. “Spinning language models: Risks of propaganda-as-a-service and countermeasures.” In 2022 IEEE Symposium on Security and Privacy (SP), pp. 769-786. IEEE, 2022.
  2. Lukas, Nils, Ahmed Salem, Robert Sim, Shruti Tople, Lukas Wutschitz, and Santiago Zanella-Béguelin. “Analyzing Leakage of Personally Identifiable Information in Language Models.” In 2023 IEEE Symposium on Security and Privacy (SP), pp. 346-363. IEEE Computer Society, 2023.

In the class: Discussion of the critiqued papers.
  1. Arash
  2. Arash
October 2 UBC closed. No classes.
October 9 UBC closed. No classes.
October 12
“Make-up Monday”, class on Thursday.		 Before the class:

  1. Prepare 10-minute presentation of your term paper proposal.
  2. Write and submit your critique of
    Bagdasaryan, Eugene, Tsung-Yin Hsieh, Ben Nassi, and Vitaly Shmatikov. “(Ab)using Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs.” arXiv preprint arXiv:2307.10490 (2023).

During the class:

  1. Presentations of the Term Paper proposals.
  2. Discussion of the critiqued paper.
 2. Aleks
October 13
(Friday)		 Term Paper proposals are due for submission on Canvas by 5 PM.
October 16 Before the class: Write and Submit your Critiques of

  1. H. Pearce, B. Tan, B. Ahmad, R. Karri and B. Dolan-Gavitt, “Examining Zero-Shot Vulnerability Repair with Large Language Models,” 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2023, pp. 2339-2356, doi: 10.1109/SP46215.2023.10179420.
  2. Li, Zheng, Ning Yu, Ahmed Salem, Michael Backes, Mario Fritz, and Yang Zhang. “UnGANable: Defending Against GAN-based Face Manipulation.” In 32nd USENIX Security Symposium (USENIX Security 23), pp. 7213-7230. 2023.

In the class: Discussion of the critiqued papers.
  1. Reza
  2. Aleks
October 23 Before the class: Write and Submit your Critiques of

  1. Sheatsley, Ryan, Blaine Hoak, Eric Pauley, and Patrick McDaniel. “The Space of Adversarial Strategies.” In 32nd USENIX Security Symposium (USENIX Security 23), pp. 3745-3761. 2023.
  2. Pasquini, Dario, Mathilde Raynal, and Carmela Troncoso. “On the (In) security of Peer-to-Peer Decentralized Machine Learning.” In 2023 IEEE Symposium on Security and Privacy (SP), pp. 418-436. IEEE Computer Society, 2023.

In the class: Discussion of the critiqued papers.
  1. Aleks
  2. Reza
October 30 Before the  class: Write and Submit your Critiques of

  1. Goldwasser, Shafi, Michael P. Kim, Vinod Vaikuntanathan, and Or Zamir. “Planting undetectable backdoors in machine learning models.” In 2022 IEEE 63rd Annual Symposium on Foundations of Computer Science (FOCS), pp. 931-942. IEEE, 2022.
  2. Dyrmishi, Salijona, Salah Ghamizi, Thibault Simonetto, Yves Le Traon, and Maxime Cordy. “On the empirical effectiveness of unrealistic adversarial hardening against realistic adversarial attacks.” In 2023 IEEE symposium on security and privacy (SP), pp. 1384-1400. IEEE, 2023.

In the class: Discussion of the critiqued papers.
  1. Reza
  2. Arash
November 6 Before the  class: Write and Submit your Critiques of

  1. Tramèr, Florian, Reza Shokri, Ayrton San Joaquin, Hoang Le, Matthew Jagielski, Sanghyun Hong, and Nicholas Carlini. “Truth serum: Poisoning machine learning models to reveal their secrets.” In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 2779-2792. 2022.
  2. Zhu, Hong, Shengzhi Zhang, and Kai Chen. “AI-Guardian: Defeating Adversarial Attacks using Backdoors.” In 2023 IEEE Symposium on Security and Privacy (SP), pp. 701-718. IEEE Computer Society, 2023.

In the class: Discussion of the critiqued papers.
  1. Aleks
  2. Reza
November 13 Mid-term Break. No class.
November 20 No class. Deadline for optional submission of pre-final draft of the term paper.
November 27 Before the  class: Write and Submit your Critiques of

  1. Mink, Jaron, Hadjer Benkraouda, Limin Yang, Arridhana Ciptadi, Ali Ahmadzadeh, Daniel Votipka, and Gang Wang. “Everybody’s Got ML, Tell Me What Else You Have: Practitioners’ Perception of ML-Based Security Tools and Explanations.” In 2023 IEEE Symposium on Security and Privacy (SP), pp. 2068-2085. IEEE Computer Society, 2023.
  2. Mink, Jaron, Harjot Kaur, Juliane Schmüser, Sascha Fahl, and Yasemin Acar. “” Security is not my field, I’m a stats guy”: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry.” In In 32nd USENIX Security Symposium. 2023.

In the class: Discussion of the critiqued papers.
  1. Arash
  2. Reza
December 4 Term Paper Presentations
December 7 Final versions of the term papers are due via Canvas.