Seminar: Machine Learning and Cybersecurity

General Information

Instructor

Dr. Hongxin Hu

Homepage: https://cse.buffalo.edu/~hongxinh/

Office Hours: By Appointment

Time and Location: R 9:30 AM-11:30 PM, Davis 113A.

Overview

In this seminar class, we will discuss the use of machine learning, especially deep learning, for detecting and mitigating cyber threats arising in commercial systems and applications. We will also discuss security issues in machine learning (adversarial attacks and defenses on deep learning, backdoor attacks and defenses on deep learning, Security in Large Language Models including ChatGPT etc.). Our ability to identify the type of machine learning algorithms that are useful for specific security applications can help us improve our defenses against attacks such as credit card fraud, malware, and spam, and also anticipate the potential attack variants that may arise in the future. In addition to lectures, you'll participate in hands-on projects that will simulate a cyber threat and defense. You'll learn how to extract essential features, preprocess data and then identify a suitable suite of machine learning algorithms that can be used to detect and mitigate the cyber threat.

The main goal of the seminar is to help students understand the state of the art in a variety of topics in emerging machine learning and cybersecurity. As a secondary goal, students will learn how to read research papers and how to communicate technical material effectively.

The seminar is suitable for students who have strong interest in achine learning and cybersecurity and intent to pursue a career in the area, e.g., PhD students already working in ML and cybersecurity or MS students interested in pursuing a PhD or doing research in the field (in the form of independent studies and/or MS Thesis). One of the goals of this seminar is to identify, by the end of the semester, a set of open research problems on which students can work during the next semester, e.g., in the form of independent studies.

Tentative Schedule

Week	Date	Topic	Papers (Presenters)	Notes
1	Feb 2	Class Overview	N/A
2	Feb 9	Cybersecurity Overview	N/A
3	Feb 16	Network Security Overview	N/A
4	Feb 23	Deep Learning Overview	N/A	Ke Yan
5	March 2	Adversarial Machine Learning & Labs	N/A	Ke Yan
6	March 9	Machine Learning in Computer Security	N/A	Invited Talk from Feng Wei
7	March 16	Understanding and Defending Against Cyberharassment in the Era of Machine Learning	N/A	Invited Talk from Nishant Vishwamitra
8	March 23	Spring Break	N/A
9	March 30	Topic #1: Adversarial Attacks and Defenses in Deep Learning	Simple Black-box Adversarial Attacks (Madhavi Akupathny; Akash Chaitanya Yadav) Bad Characters: Imperceptible NLP Attacks (Kanupriya Pandey; Venkata Sai Yalamanchili)
10	April 6	Topic #2: Backdoor Attacks and Defenses in Deep Learning	Simple Backdoor Attack in Deep Neural Networks (Aastha Sood; Tejaswini Vodnala) Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning (Hemanth Krishna Sai Ram Aradhyula; Harshubh Meherishi) PICCOLO: Exposing Complex Backdoors in NLP Transformer Models (Bhargav Srinivasamurthy Vasist)	Review #1 (for the paper assigned to you) is due.
11	April 13	Topic #3: ChatGPT Safety	On the Robustness of ChatGPT: An Adversarial and Out-of-distribution Perspective (Vaishnavi Reddy Mamilla; Lakshmi Bhavani Nagavalli) RealToxicityPrompts: Evaluating neural toxic degeneration in language models (Gopi Chand Pendyala; Nikhila Doddapaneni) Exploring AI Ethics of ChatGPT: A Diagnostic Analysis (Nikhila Talla)	The 1st lab is due: Lab Instruction Lab Colab
12	April 20	Topic #4: Security in Large Language Models and Malware Detection	Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots (Sahil Gharat; Himaja Raja) More than you’ve asked for: A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models (Naman Khurpia; Kaushik Kumar Thoguluva Ramkumar S) On Training Robust PDF Malware Classifiers (Natalie Bruzzi)
13	April 27	Topic #5: Online Abuse Defense	The Risk of Racial Bias in Hate Speech Detection (Rohan Rajput; Himani Madan) HateXplain: A Benchmark Dataset for Explainable Hate Speech Detection (Sahithi Pendry; Sainath Reddy Hyderabad) On the Evolution of (Hateful) Memes by Means of Multimodal Contrastive Learning (Abhilash Sampath; Amudheswaran Sanakaranarayanan)	Review #2 (for any paper presented by someone else) is due.
14	May 4	Topic #6: Deep Learning-based Network Intrusion Detection	Evaluating and Improving Adversarial Robustness of Machine Learning-Based Network Intrusion Detectors (Harinath Cingapuram) Throwing darts in the dark? Detecting bots with limited data using neural data augmentation (Dheeraj Kolla; Sri Sai Charan Kachavarapu) Robust physical-world attacks on deep learning visual classification (Arjun Ramesh Kaushik; Ritesh Manchikanti)	The 2nd lab is due: Lab Instruction Lab Colab
15	May 11	Topic #7: Deep Fake Defense	Deepfake Text Detection: Limitations and Opportunities (Dharma Karan Reddy Gaddam; Prem Sai Malladi) Deepfake Videos in the Wild: Analysis and Detection (Dhiraj Gunasheela; Shubh Jaroria)

Seminar Structure and Assignments

I will present material during the first 3 classes, followed by 2 lectures present by one of my PhD student Keyan Guo. Students then present selected papers during the remaining classes including two invited talks. A list of papers from top security and ML conferences (IEEE S&P - Oakland, USENIX Security, ACM CCS, NDSS, NeurIPS, ICML, etc.) will be provided for each topic. All students are encouraged to read all papers, submit reviews for a subset of them, and participate in discussions in class.

The course includes the following assignments:

Paper reading: if you are not familar with reading research papers, I recommend reading "How to Read a Paper" by S. Keshav.
Paper presentation: each student will present around 1 research paper at a class. You can find a set of recommendations on how to give a good presentation here.
Paper reviews: you will write reviews for 2 papers (you will choose which ones). The template of a review can be download here. You can find a set of recommendations on how to write a good reviews here.
Labs: 3-credit students will finish 2 labs.

Course Cridits

You can take this seminar for either 1 credit or 3 credits. With 1 credit, your responsibility is to read papers, write reviews, and present papers to the class. With 3 credits, you will also finish labs.