Instructor | Gang Wang (gangw@illinois.edu) |
TA | Adil Inam (mainam2@illinois.edu) and Lakshmi Alluri (lalluri2@illinois.edu) |
Time/Location | Tuesday/Thursday 03:30 - 04:45 PM. 1310 Digital Computer Laboratory | Office Hour | TA Office Hour, Instructor Office Hour |
8/21/2024: [Paper presentation signup] Students should sign up for paper presentation slots (first come, first served) before or during the first week of class. Please check out this post for the paper signup sheet.
8/10/2024: [First week of class] Enrolled students will be added/invited to CS 562 Campuswire before the first week of the class. If you registered during/after the first week and did not get the Campuswire invitation, please email the instructor or the TAs for the invitation code.Advanced topics in security and privacy problems in machine learning systems, selected from areas of current research such as: This section will primarily focus on using machine learning for system, networking, and security applications. Example topics include using ML to build novel security defenses (e.g., detecting network intrusions, cybercrime, and disinformation, and performing user authentication and vulnerability analysis), launch novel attacks (e.g., privacy attacks, password guessing, deepfake-based social engineering), and support system optimizations. We will explore new research directions and seek to understand the limitations and potential risks of ML-based approaches. Students will read, present, and discuss research papers, and work on an original research project. The goal of the project is to extend machine learning techniques to new problems and produce publishable results.
Reading: students will be reading and reviewing all the required papers, and participating in paper discussions during the class and over the online discussion board.
Participation: students are required to attend all the in-person lectures. Please inform the instructor via email if you cannot make it to the class due to travel or sickness. We take attendance in the class.
Team Project: 3-4 students will form a team to work on a single research project throughout the semester. The project should aim to solve a real problem in the intersection area of machine learning and security/system/networking. Each team will write a project proposal, perform literature surveys, give a short talk in the midterm, and give a final presentation at the end of the semester. Each team is also expected to write up a final project report.
Paper Presentation: students will present papers during the class to lead the discussion.
All deadlines are 11:59 PM (CT) of the specific date (not including paper reviews).
Week / Date | Papers | Deadline |
---|---|---|
Week 1: Aug 27 | Class overview and background introduction. | |
Week 1: Aug 29 | Attacking ML: evasion and poisoning | Claim paper slot |
Week 2: Sep 3 | Attacking ML: backdoor | |
Week 2: Sep 5 | Attacking ML: problem-space constraints | |
Week 3: Sep 10 | ML for offense: e-crime | |
Week 3: Sep 12 |
ML for security: phishing
|
|
Week 4: Sep 17 | ML for security: binary code analysis | Project proposal |
Week 4: Sep 19 |
ML for security: code authorship
|
|
Week 5: Sep 24 | ML for security: network intrusion | |
Week 5: Sep 26 |
ML for security: evaluation and biases
|
|
Week 6: Oct 1 | Midterm project presentation (session 1) | |
Week 6: Oct 3 | Midterm project presentation (session 2) | Midterm report due |
Week 7: Oct 8 |
ML for security: concept drift
|
|
Week 7: Oct 10 | ML for attack: password guessing | |
Week 8: Oct 15 | ML explanation: method | |
Week 8: Oct 17 |
ML explanation: limitations
|
|
Week 9: Oct 22 |
LLM jailbreak
|
|
Week 9: Oct 24 | LLM privacy | |
Week 10: Oct 29 | Code LLM: security | |
Week 10: Oct 31 |
Code LLM: attacks
|
|
Week 11: Nov 5 | Attacking ML: copyright | Progress update slides |
Week 11: Nov 7 | Attacking ML: perception | |
Week 12: Nov 12 | ML and networks: Tor | |
Week 12: Nov 14 | ML and networks: data generation | |
Week 13: Nov 19 | ML explanation for networks | |
Week 13: Nov 21 | ML for alert triage | |
Week 14: Nov 26 | Fall Break | |
Week 14: Nov 28 | Fall Break | |
Week 15: Dec 3 | ML vs. authentication | |
Week 15: Dec 5 |
Multi-modal ML
|
|
Week 16: Dec 10 | Work on your final project, no class meeting | |
Week 16: Dec 12 | Reading day, no class meeting | |
Week 17: Dec 16 | Final exam week: project presentation in class | |
Week 17: Dec 17 | Final project report | Final report due |
Class attendance (based on attendance records) | 15% |
Paper reviews | 20% |
Paper presentation in class | 15% |
Project: proposal | 10% |
Project: midterm presentation | 10% | Project: final presentation | 10% |
Project: midterm report + progress update slides | 10% |
Project: final report | 10% |
To calculate final grades, I simply sum up the points obtained by each student (the points will sum up to some number x out of 100) and then use the following scale to determine the letter grade: [0-60] F, [60-62] D-, [63-66] D, [67-69] D+, [70-72] C-, [73-76] C, [77-79] C+, [80-82] B-, [83-86] B, [87-89] B+, [90-92] A-, [93-100] A.
We read two papers before each class meeting. Before each class, students are expected to read both papers and submit a short review via Google Form. The deadline for the review is 2:30 PM (CT) on the day of class. The review should contain sufficient content (about 400-500 words; it can be longer if needed). The review can focus on the key contributions of the paper, the strengths and weaknesses, and potential issues with the experiment methodologies and results. You can also discuss the practical implications of the paper and suggest new ideas. The review should reflect your own thoughts.
Late Policy: All the deadlines are hard deadlines. Any late submissions will be subject to point reduction. For paper reviews, and project-related assignments: submitting within 3 days (72 hours) after the deadline = 60% of the points. This policy does not apply to the final project report, for which a late submission is not allowed.
Academic Integrity:
Students must follow the university's guidelines on academic conduct (quick link). This course will have a zero-tolerance policy regarding plagiarism. You (or your team) should complete all the assignments and project tasks on your own. When you use the code or tools developed by other people, please acknowledge the source. If an idea or a concept used in your project has been proposed by others, please make the proper citations. All electronic work submitted for this course will be archived and subjected to automatic plagiarism detection. Whenever in doubt, please seek clarifications from the instructor. Students who violate Academic Integrity policies will be immediately reported to the department and the college.
When presenting research papers in the class, you may NOT use the authors' slides directly. Please make your own slides.
Special Accommodations: If you need special accommodations because of a disability, please contact the instructor in the first week of classes.
Diminished mental health, including significant stress, mood changes, excessive worry, substance/alcohol abuse, or problems with eating and/or sleeping can interfere with optimal academic performance, social development, and emotional wellbeing. The University of Illinois offers a variety of confidential services including individual and group counseling, crisis intervention, psychiatric services, and specialized screenings at no additional cost. If you or someone you know experiences any of the above mental health concerns, it is strongly encouraged to contact or visit any of the University’s resources provided below. Getting help is a smart and courageous thing to do -- for yourself and for those who care about you. Counseling Center: 217-333-3704, 610 East John Street Champaign, IL 61820 McKinley Health Center:217-333-2700, 1109 South Lincoln Avenue, Urbana, Illinois 61801