diff --git a/website/docs/schedule/lectures.md b/website/docs/schedule/lectures.md index 3c3b6fc..96c7f8d 100644 --- a/website/docs/schedule/lectures.md +++ b/website/docs/schedule/lectures.md @@ -13,30 +13,30 @@ Data Privacy* (AFDP) by Cynthia Dwork and Aaron Roth, available 9/17 | What does differential privacy actually mean?
**Reading:** McSherry. [*Lunchtime for Differential Privacy*](https://github.com/frankmcsherry/blog/blob/master/posts/2016-08-16.md) (see also these [two](https://github.com/frankmcsherry/blog/blob/master/posts/2016-06-14.md) [posts](https://github.com/frankmcsherry/blog/blob/master/posts/2016-08-29.md)) | JH 9/19 | Exponential mechanism
**Paper:** McSherry and Talwar. [*Mechanism Design via Differential Privacy*](http://kunaltalwar.org/papers/expmech.pdf).
**Due: Project topics and groups**
| JH **9/21 (FRI)** | Identity-Based Encryption from the Diffie-Hellman Assumption
**SPECIAL TIME AND PLACE: 4 PM, CS 1240**
| Sanjam Garg -9/24 | Privacy for data streams
**Paper:** Chan, Shi, and Song. [*Private and Continual Release of Statistics*](https://eprint.iacr.org/2010/076.pdf). | -9/26 | Report-noisy-max and the Sparse Vector Technique
**Reading:** AFDP 3.3, 3.5 | JH -10/1 | Answering lots of queries: Private multiplicative weights
**Paper:** Hardt, Ligett, and McSherry. [*A Simple and Practical Algorithm for Differentially Private Data Release*](https://papers.nips.cc/paper/4548-a-simple-and-practical-algorithm-for-differentially-private-data-release.pdf). | -10/3 | Local and joint differential privacy
**Reading:** AFDP 12.1 | JH -10/8 | Local differential privacy
**Paper:** Erlingsson, Pihur, and Korolova. [*RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response*](https://arxiv.org/pdf/1407.6981.pdf). | -10/10 | More differential privacy
**Paper:** | +9/24 | Report-noisy-max and the Sparse Vector Technique
**Reading:** AFDP 3.3, 3.5 | JH +9/26 | Privacy for data streams
**Paper:** Chan, Shi, and Song. [*Private and Continual Release of Statistics*](https://eprint.iacr.org/2010/076.pdf). | Yinglun +10/1 | Local differential privacy
**Paper:** Erlingsson, Pihur, and Korolova. [*RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response*](https://arxiv.org/pdf/1407.6981.pdf). | JH + |

**Adversarial Machine Learning**

| +10/3 | AML: overview and basics
**GUEST LECTURE**
| Somesh Jha +10/8 | History of Adversarial ML
**Paper:** Biggio and Roli. [*Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning*](https://arxiv.org/pdf/1712.03141). | Meghana +10/10 | Adversarial examples
**Paper:** Szegedy, Zaremba, Sutskever, et al. [*Intriguing Properties of Neural Networks*](https://arxiv.org/pdf/1312.6199.pdf). | Shimaa 10/15 |
**NO CLASS: INSTRUCTOR AWAY**
| 10/17 |
**NO CLASS: INSTRUCTOR AWAY**
**Due: Milestone 1**
| +10/22 | Adversarial examples
**Paper:** Goodfellow, Schlens, and Szegedy. [*Explaining and Harnessing Adversarial Examples*](https://arxiv.org/abs/1412.6572). | Kyrie +10/24 | Real-world attacks
**Paper:** Eykholt, Evtimov, Fernandes, et al. [*Robust Physical-World Attacks on Deep Learning Models*](https://arxiv.org/pdf/1707.08945.pdf). | Hiba +10/29 | Detection methods
**Paper:** Carlini and Wagner. [*Towards Evaluating the Robustness of Neural Networks*](https://arxiv.org/pdf/1608.04644.pdf). | Yiqin +10/31 | Detection methods
**Paper:** Carlini and Wagner. [*Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods*](https://arxiv.org/pdf/1705.07263.pdf). | Junxiong +11/5 | Defensive measures
**Paper:** Steinhardt, Koh, and Liang. [*Certified Defenses for Data Poisoning Attacks*](https://arxiv.org/pdf/1706.03691.pdf). | Yaman +11/7 | Defensive measures
**Paper:** Madry, Makelov, Schmidt, Schmidt, Tsipras, and Valdu. [*Towards Deep Learning Models Resistant to Adversarial Attacks*](https://arxiv.org/pdf/1706.06083.pdf). | Maddy |

**Cryptographic Techniques**

| -10/22 | Crypto: overview and basics | JH -10/24 | Secure multiparty computation
**Paper:** | -10/29 | Homomorphic encryption
**Paper:** | -10/31 | Verifiable computing
**Paper:** | -11/5 | More applied crypto
**Paper:** | +11/12 | Applied crypto: overview and basics | JH +11/14 | Verifiable computing
**Paper:** Braun, Feldman, Ren, et al. [*Verifying Computations with State*](https://eprint.iacr.org/2013/356.pdf).
**Due: Milestone 2**
| Kan +11/19 | Verifiable differential privacy
**Paper:** Narayan, Feldman, Papadimitriou, and Haeberlen. [*Verifiable Differential Privacy*](https://www.cis.upenn.edu/~ahae/papers/verdp-eurosys2015.pdf). | Fayi +11/21 | Homomorphic encryption
**Paper:** Ducas and Micciancio. [*FHEW: Bootstrapping Homomorphic Encryption in Less than a Second*](https://eprint.iacr.org/2014/816.pdf). | Yue |

**Language-Based Security**

| -11/7 | LangSec: overview and basics | JH -11/12 | Secure Information Flow
**Paper:** | -11/14 | Languages for privacy
**Paper:**
**Due: Milestone 2**
| -11/19 | Symbolic cryptography
**Paper:** | -11/21 | More LangSec
**Paper:** | - |

**Adversarial Machine Learning**

| -11/26 | AML: overview and basics
**GUEST LECTURE**
| Somesh Jha -11/28 | AML: overview and basics
**GUEST LECTURE**
| Somesh Jha -12/3 | Adversarial examples
**Paper:** | -12/5 | Training-time attacks
**Paper:** | -12/10 | Model-theft attacks
**Paper:** | -12/12 | More AML
**Paper:** | +11/26 | Language-based security: overview and basics | JH +11/28 | Languages for privacy
**Paper:** Reed and Pierce. [*Distance Makes the Types Grow Stronger: A Calculus for Differential Privacy*](https://www.cis.upenn.edu/~bcpierce/papers/dp.pdf). | Sam +12/3 | Languages for authenticated datastructures
**Paper:** Miller, Hicks, Katz, and Shi. [*Authenticated Data Structures, Generically*](https://www.cs.umd.edu/~mwh/papers/gpads.pdf). | Zichuan +12/5 | Languages for oblivous computing
**Paper:** Zahur and Evans. [*Obliv-C: A Language for Extensible Data-Oblivious Computation*](https://eprint.iacr.org/2015/1153.pdf). | Zhiyi +12/10 | Languages for information flow
**Paper:** Griffin, Levy, Stefan, et al. [*Hails: Protecting Data Privacy in Untrusted Web Applications*](https://www.usenix.org/system/files/conference/osdi12/osdi12-final-35.pdf). | Arjun +12/12 | Languages for preventing timing channels
**Paper:** Zhang, Askarov, and Myers. [*Language-Based Control and Mitigation of Timing Channels*](https://www.cs.cornell.edu/andru/papers/pltiming-pldi12.pdf). | Yan