General Information
Instructor
Overview
In this seminar class, we will discuss the use of machine learning, especially deep learning, for detecting and mitigating cyber threats arising in commercial systems and applications. We will also discuss security issues in machine learning (adversarial attacks and defenses on deep learning, backdoor attacks and defenses on deep learning, Security in Large Language Models including ChatGPT etc.). Our ability to identify the type of machine learning algorithms that are useful for specific security applications can help us improve our defenses against attacks such as credit card fraud, malware, and spam, and also anticipate the potential attack variants that may arise in the future. In addition to lectures, you'll participate in hands-on projects that will simulate a cyber threat and defense. You'll learn how to extract essential features, preprocess data and then identify a suitable suite of machine learning algorithms that can be used to detect and mitigate the cyber threat.
The main goal of the seminar is to help students understand the state of the art in a variety of topics in emerging machine learning and cybersecurity. As a secondary goal, students will learn how to read research papers and how to communicate technical material effectively.
The seminar is suitable for students who have strong interest in achine learning and cybersecurity and intent to pursue a career in the area, e.g., PhD students already working in ML and cybersecurity or MS students interested in pursuing a PhD or doing research in the field (in the form of independent studies and/or MS Thesis). One of the goals of this seminar is to identify, by the end of the semester, a set of open research problems on which students can work during the next semester, e.g., in the form of independent studies.
Tentative Schedule
Week | Date | Topic | Papers (Presenters) | Notes |
---|---|---|---|---|
1 | Feb 2 | Class Overview | N/A | |
2 | Feb 9 | Cybersecurity Overview | N/A | |
3 | Feb 16 | Network Security Overview | N/A | |
4 | Feb 23 | Deep Learning Overview | N/A | Ke Yan |
5 | March 2 | Adversarial Machine Learning & Labs | N/A | Ke Yan |
6 | March 9 | Machine Learning in Computer Security | N/A | Invited Talk from Feng Wei |
7 | March 16 | Understanding and Defending Against Cyberharassment in the Era of Machine Learning | N/A | Invited Talk from Nishant Vishwamitra |
8 | March 23 | Spring Break | N/A | |
9 | March 30 | Topic #1: Adversarial Attacks and Defenses in Deep Learning |
|
|
10 | April 6 | Topic #2: Backdoor Attacks and Defenses in Deep Learning |
|
Review #1 (for the paper assigned to you) is due. |
11 | April 13 | Topic #3: ChatGPT Safety |
|
The 1st lab is due: |
12 | April 20 | Topic #4: Security in Large Language Models and Malware Detection |
|
|
13 | April 27 | Topic #5: Online Abuse Defense |
|
Review #2 (for any paper presented by someone else) is due. |
14 | May 4 | Topic #6: Deep Learning-based Network Intrusion Detection |
|
The 2nd lab is due: |
15 | May 11 | Topic #7: Deep Fake Defense |
|
Seminar Structure and Assignments
I will present material during the first 3 classes, followed by 2 lectures present by one of my PhD student Keyan Guo. Students then present selected papers during the remaining classes including two invited talks. A list of papers from top security and ML conferences (IEEE S&P - Oakland, USENIX Security, ACM CCS, NDSS, NeurIPS, ICML, etc.) will be provided for each topic. All students are encouraged to read all papers, submit reviews for a subset of them, and participate in discussions in class.
The course includes the following assignments:
- Paper reading: if you are not familar with reading research papers, I recommend reading "How to Read a Paper" by S. Keshav.
- Paper presentation: each student will present around 1 research paper at a class. You can find a set of recommendations on how to give a good presentation here.
- Paper reviews: you will write reviews for 2 papers (you will choose which ones). The template of a review can be download here. You can find a set of recommendations on how to write a good reviews here.
- Labs: 3-credit students will finish 2 labs.
Course Cridits
- You can take this seminar for either 1 credit or 3 credits. With 1 credit, your responsibility is to read papers, write reviews, and present papers to the class. With 3 credits, you will also finish labs.
Tentative Grading
1 Credit- Paper presentation: 50%
- Paper reviews (2): 30%
- Class participation: 20%
- Paper presentation: 30%
- Paper reviews (2): 20%
- Labs: 30%
- Class participation: 20%
Resources
ACM's Computing Research Repository
IEEE Symposium on Security and Privacy