cis700 security and privacy of machine learning
play

CIS700: Security and Privacy of Machine Learning Prof. Ferdinando - PowerPoint PPT Presentation

Jan 27, 2024 •214 likes •563 views

CIS700: Security and Privacy of Machine Learning Prof. Ferdinando Fioretto ffiorett@syr.edu Tell us your: Name (how you like to be called) Position (MS / PhD) and year Research Interests What do you expect from this

  1. CIS700: Security and Privacy of Machine Learning Prof. Ferdinando Fioretto 
 ffiorett@syr.edu

  2. Tell us your: • Name (how you like to be called) • Position (MS / PhD) and year • Research Interests • What do you expect from this course! Introductions Let us know each other

  3. Preliminaries • Syllabus: http://web.ecs.syr.edu/~ffiorett/classes/spring20.html • Schedule and Material (will be updated) • Teams (more on this later) • Assigned reading (will be updated) • Assigned reports (will be updated) • Grading information • Ethics statement • Class Schedule: Mon + Wed 5:15 — 6:35pm • Office Hours: Fri 12:30 — 1:30pm • Office Location: 4-125 CST Syracuse University 3

  4. Slack! • (Couse’ we all like to slack a bit) • Join the Slack channel: ff-cis700-spring20.slack.com • Send me your email (if you have not received an invitation) at ffiorett@syr.edu with email subject: “CIS700 Slack contact” • Accept the invitation (you may have already received it) • To be used for: • All form of communication with teammates, class, and me (please don’t slack me too much) • All submissions: Presentation slides, reports, projects 
 #report-submission (for your report submissions 
 #slides-submission (…) 
 #paper-discussion (Q&A about papers between classmates) Syracuse University 4

  5. The Team Universe Coruscant Kamino Mandalore Alderaan Mu Bai Zuhal Altundal S. Dinparvar Amin Fallahi Cuong Tran David Castello M. SP Madala 
 Jindi Wu Lin Zhang Weiheng Chai ?? Tejas Bharambe Naboo Onderon Yavin Team composition 
 may change Kunj Gosai Kun Wu Jiyang Wang slightly 
 Ankit Khare Chenbin Pan Pratik A Paranjape Haoyu Li Vedhas S Patkar Chirag Sachdev during this week Syracuse University 5

  6. What is this class about? • This is not an ML course! • Seminar-type class: we will Security read lots of paper Privacy Syracuse University 6

  7. Class Format • 1h presentation of reading materials • Research papers or book chapters • One team will present and lead the discussion • Everyone should be reading the material ahead! • One team will take notes and synthesize the discussion • 20 min — Discussion and Q&A (but should arise during the presentation!) • Deadlines: • 2 days prior to the class: presenting team submits slides (by 11:59pm) • 2 days after the last class of the module: notes team submits document (by 11:59pm) Syracuse University 7

  8. Presentation Format • Be creative! • Slides are okay • Interactive demos are great • Code tutorials are great • Combination of the above is awesome • Requirements: • Involve the class in active discussion • Cover all papers assigned • Questions: • Can I use other authors’ available material? Yes — with disclaimer Syracuse University 8

  9. Presentation Grading • Rubric: http://web.ecs.syr.edu/~ffiorett/classes/spring20/rubric.pdf • Technical: • Depth of the content • Accuracy of the content • Discussion of the paper Pro and Cons • Discussion Lead • Non-technical • Time management • Responsiveness to the audience • Organization • Presentation Format Syracuse University 9

  10. Notes Format • Notes should be produced in LaTeX • Use the AAAI format (https://aaai.org/Press/Author/ authorguide.php) • At least 3 pages; No more than 8 pages • Include all references and images Syracuse University 10

  11. Notes Grading • Reports will be evaluated based on: • Readability • Technical content • Accuracy of the information provided • Reports should be written and are graded per team Syracuse University 11

  12. Lateness policy • Paper presentation • Deadline: Must be turned in by 11:59pm 2 days before the class • 10% per day late-penalty • 0 point if the presentation is not ready for the day in which the team is supposed to present • Class Notes • Deadline: 2 days after the last class of the module: notes team submits document (by 11:59pm) • 10% per day late-penalty • Up to a max of 4 days Syracuse University 12

  13. Grading Scheme • 30 % paper presentation • 20 % class notes • 10 % class participation • 40 % research project Syracuse University 13

  14. Integrity Please take a moment to review the Code of Student conduct https://policies.syr.edu/policies/academic-rules-student- responsibilities-and-services/code-of-student-conduct/ Instances of plagiarism, copying, and other disallowed behavior will costitute a violation of the code of student conduct. Students are responsible for reporting any violation of these rules by other students, and failure to do so constitute a violation of the code of student conduct. Syracuse University 14

  15. Ethics In this course, you will be learning about and exploring some vulnerabilities that could be exploited to compromise deployed systems. You are trusted to behave responsibility and ethically. You may not attack any system without permission of its owners, and may not use anything you learn in this class for evil. If you have doubts about ethical and legal aspects of what you want to do, you should check with the course instructor before proceeding. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class. Syracuse University 15

  16. The ML Paradigm Training Data Model Fitting Predictions Learning Inference Hypothesis Test Data Syracuse University 16

  17. The ML Paradigm Emails + labels (spam) Model Fitting Spam? Neural Inference Unlabeled 
 Networks email Syracuse University 17

  18. The ML Paradigm in Adversarial Settings Poisoning Training Data Model Fitting Training Time Predictions Learning Inference Hypothesis Test Data Poisoning: An adversary inject bad data into the training pool (spam marked as not spam) and the model learns something it should not Syracuse University 18

  19. The ML Paradigm in Adversarial Settings Poisoning The most common result of a poisoning attack is that the model’s boundary shifts in some way Syracuse University 19

  20. The ML Paradigm in Adversarial Settings Evasion Training Data Model Fitting Predictions Learning Inference Hypothesis Test Data Production Time Poisoning: An adversary design adversarial examples that evades detection )spam marked as good) Syracuse University 20

  21. The ML Paradigm in Adversarial Settings Evasion A typical example is to change some pixels in a picture before uploading, so that image recognition system fails to classify the result Syracuse University 21

  22. The ML Paradigm in Adversarial Settings Evasion These attacks pull the poisoned example across the “fixed” boundary (instead of shifting it) Syracuse University 22

  23. The ML Paradigm in Adversarial Settings Member Inference Training Data Model Production Time Fitting Predictions Learning Inference Hypothesis Test Data Relations with Privacy! Membership inference: Inspect model to detect if a user was in or not in the training data Syracuse University 23

  24. The ML Paradigm in Adversarial Settings Model Extraction Training Data Model Fitting Predictions Learning Inference Hypothesis Test Data Production Time Model extraction: The adversary observes predictions and reconstructs the model 
 locally Syracuse University 24

  25. Privacy Syracuse University 25

  26. The Cost of Privacy $3.86 Syracuse University 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. "Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
SECURITY AND PRIVACY OF MACHINE LEARNING Ian Goodfellow Staff Research Scientist Google Brain

SECURITY AND PRIVACY OF MACHINE LEARNING Ian Goodfellow Staff Research Scientist Google Brain

#RSAC SESSION ID: SECURITY AND PRIVACY OF MACHINE LEARNING Ian Goodfellow Staff Research Scientist Google Brain @goodfellow_ian Machine Learning and Security #RSAC Machine Learning for Security Security against Machine Learning h 1 h 1 y

347 views • 30 slides
Storage, Security, and Privacy in the age of ML Aleatha Parker-Wood, Ph.D. Machine Learning and

Storage, Security, and Privacy in the age of ML Aleatha Parker-Wood, Ph.D. Machine Learning and

Storage, Security, and Privacy in the age of ML Aleatha Parker-Wood, Ph.D. Machine Learning and Privacy Lead, Humu Who am I? Storage systems Ph.D. from UCSC Post-doc in a databases group Joined Symantec Research Labs.

286 views • 25 slides
Security and Privacy in Machine Learning Nicolas Papernot Pennsylvania State University &

Security and Privacy in Machine Learning Nicolas Papernot Pennsylvania State University &

Security and Privacy in Machine Learning Nicolas Papernot Pennsylvania State University & Google Brain Lecture for Prof. Trent Jaegers CSE 543 Computer Security Class November 2017 - Penn State Thank you to my collaborators Patrick

635 views • 59 slides
Attacking Machine Learning: On the Security and Privacy of Neural Networks Nicholas Carlini

Attacking Machine Learning: On the Security and Privacy of Neural Networks Nicholas Carlini

SESSION ID: MLAI-W03 Attacking Machine Learning: On the Security and Privacy of Neural Networks Nicholas Carlini Research Scientist, Google Brain #RSAC Act I: On the Security and Privacy of Neural Networks #RSAC Let's play a game

1.07k views • 103 slides
Privacy in Machine Learning Fatemehsadat Mireshghallah ICLR2020 Privacy: A Major Concern for

Privacy in Machine Learning Fatemehsadat Mireshghallah ICLR2020 Privacy: A Major Concern for

Privacy in Machine Learning Fatemehsadat Mireshghallah ICLR2020 Privacy: A Major Concern for Machine Learning Graphics Adopted from The New York Times Privacy Project 2 Famous incidents - Anonymization - A Face Is Exposed for AOL

1.03k views • 7 slides
The Unspoken Problems With Machine Learning in Security Noa Weiss Hi! AI & Machine Learning

The Unspoken Problems With Machine Learning in Security Noa Weiss Hi! AI & Machine Learning

The Unspoken Problems With Machine Learning in Security Noa Weiss Hi! AI & Machine Learning Consultant Playing with data for over a decade Risk and Security PayPal, Armis 2 Hi! Deep Voice foundation Leader of

554 views • 54 slides
Differential Privacy Maria-Florina Balcan 04/22/2015 Learning and Privacy To do machine

Differential Privacy Maria-Florina Balcan 04/22/2015 Learning and Privacy To do machine

Machine Learning and Differential Privacy Maria-Florina Balcan 04/22/2015 Learning and Privacy To do machine learning, we need data. What if the data contains sensitive information? medical data, web search query data, salary data,

725 views • 15 slides
How to build privacy and security into deep learning models Yishay Carmiel @YishayCarmiel The

How to build privacy and security into deep learning models Yishay Carmiel @YishayCarmiel The

How to build privacy and security into deep learning models Yishay Carmiel @YishayCarmiel The evolution of AI AI has evolved a lot over the last few years Speech Recognition Computer Vision Machine Translation Natural Language Processing

939 views • 54 slides
in Machine Learning Nicholas Carlini University of California, Berkeley (now Google Brain) This

in Machine Learning Nicholas Carlini University of California, Berkeley (now Google Brain) This

Security (and Privacy) in Machine Learning Nicholas Carlini University of California, Berkeley (now Google Brain) This talk: neural networks Machine learning is amazing But there's a catch Understandability This talk: Discuss security

892 views • 55 slides
Privacy in Machine Learning Fatemehsadat Mireshghallah WiMLDS NeurIPS19 Meet-up Why is privacy a

Privacy in Machine Learning Fatemehsadat Mireshghallah WiMLDS NeurIPS19 Meet-up Why is privacy a

Privacy in Machine Learning Fatemehsadat Mireshghallah WiMLDS NeurIPS19 Meet-up Why is privacy a concern in ML? Patient History Genetic Data Search History Famous incidents - Anonymization - A Face Is Exposed for AOL Searcher No.

1.51k views • 17 slides
New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of California, San Diego Sensitive Data Medical Records Genetic Data Search Logs AOL Violates Privacy AOL Violates Privacy Netflix Violates Privacy [NS08]

957 views • 92 slides
Privacy Advances in Machine Learning Systems Katharine Jarmul OReilly AI London kjamistan

Privacy Advances in Machine Learning Systems Katharine Jarmul OReilly AI London kjamistan

Privacy Advances in Machine Learning Systems Katharine Jarmul OReilly AI London kjamistan When did consumers become concerned about privacy and computing? From Understanding Privacy Concerns (1992) A 1990 Louis Harris survey commissioned

443 views • 30 slides
Machine Learning for Compressive Privacy S.Y. Y. K Kung Prince ceton Un Univer ersi sity

Machine Learning for Compressive Privacy S.Y. Y. K Kung Prince ceton Un Univer ersi sity

Machine Learning for Compressive Privacy S.Y. Y. K Kung Prince ceton Un Univer ersi sity Machine Learning for Compressive Privacy Professor S.Y. Kung Email: kung@princeton.edu References: `Kernel Method and Machine

1.79k views • 142 slides
Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

CS 563 - Advanced Computer Security: Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI) Administrative Learning Objectives : Consider the difference between security and privacy Discuss work

814 views • 43 slides
Adversarial Robustness: Theory and Practice Zico Kolter Aleksander Mdry madry-lab.ml

Adversarial Robustness: Theory and Practice Zico Kolter Aleksander Mdry madry-lab.ml

Adversarial Robustness: Theory and Practice Zico Kolter Aleksander Mdry madry-lab.ml Tutorial website: @zicokolter @aleks_madry adversarial-ml-tutorial.org Machine Learning: The Success Story Image classification Reinforcement Learning

528 views • 49 slides
Ho Far Can Robust Learning Go? Mohammad Mahmoody based on joint works from NeurIPS-18, AAAI-19,

Ho Far Can Robust Learning Go? Mohammad Mahmoody based on joint works from NeurIPS-18, AAAI-19,

Ho Far Can Robust Learning Go? Mohammad Mahmoody based on joint works from NeurIPS-18, AAAI-19, ALT-19 with Dimitrios Diochnos Saeed Mahloujifar 1 2 Success of Machine Learning Machine learning (ML) has changed our lives Health

669 views • 32 slides
What do we believe about collaboration? 1 Stand and Declare Collaboration with

What do we believe about collaboration? 1 Stand and Declare Collaboration with

Community Engagement USBC Summer Pre Institute Washington DC Tom Wolff Ph.D. Tom Wolff & Associates Stand and Declare What do we believe about collaboration? 1 Stand and Declare Collaboration with representatives from all parts

693 views • 29 slides
Nutrition Educators as Advocates: A Day on Capitol Hill ACPP Pre-Conference Workshop Thursday,

Nutrition Educators as Advocates: A Day on Capitol Hill ACPP Pre-Conference Workshop Thursday,

Nutrition Educators as Advocates: A Day on Capitol Hill ACPP Pre-Conference Workshop Thursday, July 20, 2017 Why is Advocacy Needed? What is Advocacy? Tracy Fox, MPH, RD President, Food, Nutrition & Policy Consultants, LLC Culver, IN

588 views • 13 slides
MONTEFIORE EINSTEIN: Vertical Consolidation in the Health Care Industry Steven M. Safyer, MD

MONTEFIORE EINSTEIN: Vertical Consolidation in the Health Care Industry Steven M. Safyer, MD

MONTEFIORE EINSTEIN: Vertical Consolidation in the Health Care Industry Steven M. Safyer, MD NATIONAL ACADEMY OF MEDICINE Leadership Consortium for A Value & Science-Driven Health System September 13, 2018 INTEGRATED ACADEMIC HEALTH

489 views • 13 slides
AI and Security: Lessons, Challenges & Future Directions Dawn Song UC Berkeley AI and

AI and Security: Lessons, Challenges & Future Directions Dawn Song UC Berkeley AI and

AI and Security: Lessons, Challenges & Future Directions Dawn Song UC Berkeley AI and Security Enabler AI Security Enabler AI enables security applications Security enables better AI Integrity: produces intended/correct

1.03k views • 81 slides
Poisoning Networks Motjvatjon You are sittjng in an Internet Cafe at the airport heading back

Poisoning Networks Motjvatjon You are sittjng in an Internet Cafe at the airport heading back

create your own exercise Pranav Jagdish & Cristoph Hielscher Poisoning Networks Motjvatjon You are sittjng in an Internet Cafe at the airport heading back from that awesome vacatjon You are wishing your loved ones Happy New Year

581 views • 15 slides
MODULE 3: HOUSING IDIS Online for CDBG Entitlement Communities 1 Eligible Housing Activities

MODULE 3: HOUSING IDIS Online for CDBG Entitlement Communities 1 Eligible Housing Activities

MODULE 3: HOUSING IDIS Online for CDBG Entitlement Communities 1 Eligible Housing Activities 12 Construction of Housing 13 Direct Homeownership Assistance 14A Rehab: Single-Unit Residential 14B Rehab: Multi-Unit Residential

350 views • 8 slides

More recommend