Adjust course organization.

This commit is contained in:
Justin Hsu 2019-07-30 23:12:03 -05:00
parent b255bfa101
commit 6b5991482f
3 changed files with 59 additions and 52 deletions

View File

@ -1,11 +1,12 @@
# Welcome to CS 763! # Welcome to CS 763!
This is a graduate-level course covering advanced topics in security and privacy This is a graduate-level course covering advanced topics in security and privacy
in data science. We will focus on four areas at the current research frontier: in data science. We will focus on three core areas at the current research
(1) differential privacy, (2) applied cryptography, (3) language-based security, frontier: **differential privacy**, **adversarial machine learning**, and
and (4) adversarial machine learning. Students will read, present, and discuss **applied cryptography** in machine learning. We will also cover selected
papers from the research literature (i.e., conference and journal papers), and advanced topics; this year, **algorithmic fairness** and **formal verification**
complete a final project. for data science. This is primarily a project-based course, though there will
also be paper presentations and small homework assignments.
## Logistics ## Logistics
- **Course**: CS 763, Fall 2019 - **Course**: CS 763, Fall 2019

View File

@ -7,21 +7,36 @@ This is a graduate seminar, so not all lectures are set in stone and there is
considerable flexibility in the material. If you are interested in something not considerable flexibility in the material. If you are interested in something not
covered in the syllabus, please let me know! covered in the syllabus, please let me know!
## Readings and Homework ## Course Materials
**Paper discussions** are a core component of this course. You are expected to For differential privacy, we will use the textbook *Algorithmic Foundations of
read papers before lecture, attend lectures, and participate in discussions. Data Privacy* (AFDP) by Cynthia Dwork and Aaron Roth, available
Before every paper presentation, students are expected to read the paper closely [here](https://www.cis.upenn.edu/~aaroth/Papers/privacybook.pdf).
and understand its significance, including (a) the main problem addressed by the
paper, (b) the primary contributions of the paper, and (c) how the authors solve
the problem in some technical detail.
The topics we will be reading and thinking about are from the recent research ## Grading and Evaluation
literature---peer-reviewed and published, but not always completely refined.
Most research papers focus on a very narrow topic and are written for a very Grades will be assigned as follows:
specific technical audience. It also doesn't help that computer science
researchers are generally not the clearest writers, though there are certainly - **Paper presentations: 25%**
exceptions. These - **Homeworks: 15%**
- **Final project: 60%** (Milestones 1 and 2, and final writeup)
These three components are detailed below.
### Paper presentations
**Paper discussions** are one of the main components of this course. Before
every presentation, you are expected to read the paper closely and understand
its significance, including (a) the main problem addressed by the paper, (b) the
primary contributions of the paper, and (c) how the authors solve the problem in
some technical detail. Of course, you are also expected to attend discussions
and actively participate in the discussion.
The topics we will be reading about are from the recent research
literature---peer-reviewed and published, but not completely refined. Most
research papers focus on a very narrow topic and are written for a very specific
technical audience. It also doesn't help that researchers are generally not the
clearest writers, though there are certainly exceptions. These
[notes](https://web.stanford.edu/class/ee384m/Handouts/HowtoReadPaper.pdf) by [notes](https://web.stanford.edu/class/ee384m/Handouts/HowtoReadPaper.pdf) by
Srinivasan Keshav may help you get more out of reading papers. Srinivasan Keshav may help you get more out of reading papers.
@ -32,36 +47,29 @@ a few sentences per question. These questions will help you check that you have
understood the papers---they are not meant to be very difficult or understood the papers---they are not meant to be very difficult or
time-consuming and they will not be graded in detail. time-consuming and they will not be graded in detail.
## Course Materials ### Homeworks
For differential privacy, we will use the textbook *Algorithmic Foundations of After each of the first three core modules, we will assign a small homework
Data Privacy* (AFDP) by Cynthia Dwork and Aaron Roth, available assignment. These assignments are not weighed heavily---though they will be
[here](https://www.cis.upenn.edu/~aaroth/Papers/privacybook.pdf). graded---but they are mostly for you to check that you have grasped the
material.
## Course Project ### Course Project
The other main component is the **course project**. You will work individually The main component is the **course project**. You will work individually or in
or in pairs on a topic of your choice, producing a conference-style write-up and pairs on a topic of your choice, producing a conference-style write-up and
presenting the project at the end of the semester. Successful projects may have presenting the project at the end of the semester. Successful projects may have
the potential to turn into an eventual research paper or survey. Details can be the potential to turn into an eventual research paper or survey. Details can be
found [here](assignments/project.md). found [here](assignments/project.md).
## Grading and Evaluation
Grades will be assigned as follows:
- **Discussions: 15%** (Pre-lecture questions and class participation)
- **Paper presentation: 25%**
- **Final project: 60%** (First and second milestones, and final writeup)
## Learning Outcomes ## Learning Outcomes
By the end of this course, you should be able to... By the end of this course, you should be able to...
- Summarize the basic concepts in differential privacy, applied cryptography, - Summarize the basic concepts in differential privacy, applied cryptography,
language-based security, and adversarial machine learning. language-based security, and adversarial machine learning.
- Use standard techniques from differential privacy to design privacy-preserving - Use techniques from differential privacy to design privacy-preserving data
data analyses. analyses.
- Grasp the high-level concepts from research literature on the main course - Grasp the high-level concepts from research literature on the main course
topics. topics.
- Present and lead a discussion on recent research results. - Present and lead a discussion on recent research results.
@ -70,16 +78,19 @@ By the end of this course, you should be able to...
## Credit Information ## Credit Information
This is a **3-credit** graduate seminar. We will meet for two 75-minute class This is a **3-credit** graduate seminar. For the first 10 weeks of the fall
periods each week over the fall semester, and you should expect to work on semester, we will meet for three 75-minute class periods each week. You should
course learning activities for about 3 hours out of classroom for every class expect to work on course learning activities for about 3 hours out of classroom
period. for each hour of class.
## Academic Integrity ## Academic Integrity
The final project may be done individually or in groups of two students. The final project may be done in groups of three (or in rare situations, two)
Collaborative projects with people outside the class may be allowed, but please students. Collaborative projects with people outside the class may be allowed,
check with me first. but check with me first. Everything else you turn in---from homework assignments
to discussion questions---should be **your own work**. Concretely: you may
discuss together, but **you must write up solutions entirely on your own,
without any records of the discussion (physical, digital, or otherwise)**.
## Access and Accommodation ## Access and Accommodation

View File

@ -15,17 +15,12 @@ areas, depending on student interest:
- Advanced mechanisms - Advanced mechanisms
- Local differential privacy - Local differential privacy
### Cryptographic Techniques
- Zero-knowledge proofs
- Secure multi-party computation
- Verifiable computation
### Language-Based Security
- Secure information flow
- Differential privacy
- Symbolic cryptography
### Adversarial Machine Learning ### Adversarial Machine Learning
- Training-time attacks - Training-time attacks
- Test-time attacks - Test-time attacks
- Model-theft attacks - Model-theft attacks
### Cryptographic Techniques
- Zero-knowledge proofs
- Secure multi-party computation
- Verifiable computation