110 lines
5.2 KiB
Markdown
110 lines
5.2 KiB
Markdown
Lectures will be loosely organized around three core modules: differential
|
||
privacy, adversarial machine learning, and applied cryptography. We will also
|
||
cover two advanced modules: algorithmic fairness, and PL and verification
|
||
techniques.
|
||
|
||
This is a graduate seminar, so not all lectures are set in stone and there is
|
||
considerable flexibility in the material. If you are interested in something not
|
||
covered in the syllabus, please let me know!
|
||
|
||
## Course Materials
|
||
|
||
For differential privacy, we will use the textbook *Algorithmic Foundations of
|
||
Data Privacy* (AFDP) by Cynthia Dwork and Aaron Roth, available
|
||
[here](https://www.cis.upenn.edu/~aaroth/Papers/privacybook.pdf).
|
||
|
||
## Grading and Evaluation
|
||
|
||
Grades will be assigned as follows:
|
||
|
||
- **Paper presentations: 25%**
|
||
- **Homeworks: 15%**
|
||
- **Final project: 60%** (Milestones 1 and 2, and final writeup)
|
||
|
||
These three components are detailed below.
|
||
|
||
### Paper presentations
|
||
|
||
**Paper discussions** are one of the main components of this course. Before
|
||
every presentation, you are expected to read the paper closely and understand
|
||
its significance, including (a) the main problem addressed by the paper, (b) the
|
||
primary contributions of the paper, and (c) how the authors solve the problem in
|
||
some technical detail. Of course, you are also expected to attend discussions
|
||
and actively participate in the discussion.
|
||
|
||
The topics we will be reading about are from the recent research
|
||
literature---peer-reviewed and published, but not completely refined. Most
|
||
research papers focus on a very narrow topic and are written for a very specific
|
||
technical audience. It also doesn't help that researchers are generally not the
|
||
clearest writers, though there are certainly exceptions. These
|
||
[notes](https://web.stanford.edu/class/ee384m/Handouts/HowtoReadPaper.pdf) by
|
||
Srinivasan Keshav may help you get more out of reading papers.
|
||
|
||
To help you prepare for the class discussions, I will also send out a few
|
||
questions at least 24 hours before every paper presentation. **Before** each
|
||
lecture, you should send me brief answers---a short email is fine, no more than
|
||
a few sentences per question. These questions will help you check that you have
|
||
understood the papers---they are not meant to be very difficult or
|
||
time-consuming and they will not be graded in detail.
|
||
|
||
### Homeworks
|
||
|
||
There will be three small homework assignments, one for each of the core
|
||
modules. You will play with software implementations of the methods we cover in
|
||
class. These assignments are not weighted heavily, though they will be lightly
|
||
graded; the goal is to give you a chance to write some code.
|
||
|
||
### Course Project
|
||
|
||
The main component is the **course project**. You will work individually or in
|
||
pairs on a topic of your choice, producing a conference-style write-up and
|
||
presenting the project at the end of the semester. Successful projects may have
|
||
the potential to turn into an eventual research paper or survey. Details can be
|
||
found [here](assignments/project.md).
|
||
|
||
## Learning Outcomes
|
||
|
||
By the end of this course, you should be able to...
|
||
|
||
- Summarize the basic concepts in differential privacy, applied cryptography,
|
||
language-based security, and adversarial machine learning.
|
||
- Use techniques from differential privacy to design privacy-preserving data
|
||
analyses.
|
||
- Grasp the high-level concepts from research literature on the main course
|
||
topics.
|
||
- Present and lead a discussion on recent research results.
|
||
- Carry out an in-depth exploration of one topic in the form of a self-directed
|
||
research project.
|
||
|
||
## Credit Information
|
||
|
||
This is a **3-credit** graduate seminar. For the first 10 weeks of the fall
|
||
semester, we will meet for three 75-minute class periods each week. You should
|
||
expect to work on course learning activities for about 3 hours out of classroom
|
||
for each hour of class.
|
||
|
||
## Academic Integrity
|
||
|
||
The final project may be done in groups of three (or in rare situations, two)
|
||
students. Collaborative projects with people outside the class may be allowed,
|
||
but check with me first. Everything else you turn in---from homework assignments
|
||
to discussion questions---should be **your own work**. Concretely: you may
|
||
discuss together, but **you must write up solutions entirely on your own,
|
||
without any records of the discussion (physical, digital, or otherwise)**.
|
||
|
||
## Access and Accommodation
|
||
|
||
The University of Wisconsin-Madison supports the right of all enrolled students
|
||
to a full and equal educational opportunity. The Americans with Disabilities Act
|
||
(ADA), Wisconsin State Statute (36.12), and UW-Madison policy (Faculty Document
|
||
1071) require that students with disabilities be reasonably accommodated in
|
||
instruction and campus life. Reasonable accommodations for students with
|
||
disabilities is a shared faculty and student responsibility. Students are
|
||
expected to inform me of their need for instructional accommodations by the end
|
||
of the third week of the semester, or as soon as possible after a disability has
|
||
been incurred or recognized. I will work either directly with you or in
|
||
coordination with the McBurney Center to identify and provide reasonable
|
||
instructional accommodations. Disability information, including instructional
|
||
accommodations as part of a student’s educational record, is confidential and
|
||
protected under FERPA.
|