Lectures will be loosely organized around three core modules: differential privacy, adversarial machine learning, and applied cryptography. We will also cover two advanced modules: algorithmic fairness, and PL and verification techniques.
This is a graduate seminar, so not all lectures are set in stone and there is considerable flexibility in the material. If you are interested in something not covered in the syllabus, please let me know!
Readings and Homework
Paper discussions are a core component of this course. You are expected to read papers before lecture, attend lectures, and participate in discussions. Before every paper presentation, students are expected to read the paper closely and understand its significance, including (a) the main problem addressed by the paper, (b) the primary contributions of the paper, and (c) how the authors solve the problem in some technical detail.
The topics we will be reading and thinking about are from the recent research literature---peer-reviewed and published, but not always completely refined. Most research papers focus on a very narrow topic and are written for a very specific technical audience. It also doesn't help that computer science researchers are generally not the clearest writers, though there are certainly exceptions. These notes by Srinivasan Keshav may help you get more out of reading papers.
To help you prepare for the class discussions, I will also send out a few questions at least 24 hours before every paper presentation. Before each lecture, you should send me brief answers---a short email is fine, no more than a few sentences per question. These questions will help you check that you have understood the papers---they are not meant to be very difficult or time-consuming and they will not be graded in detail.
For differential privacy, we will use the textbook Algorithmic Foundations of Data Privacy (AFDP) by Cynthia Dwork and Aaron Roth, available here.
The other main component is the course project. You will work individually or in pairs on a topic of your choice, producing a conference-style write-up and presenting the project at the end of the semester. Successful projects may have the potential to turn into an eventual research paper or survey. Details can be found here.
Grading and Evaluation
Grades will be assigned as follows:
- Discussions: 15% (Pre-lecture questions and class participation)
- Paper presentation: 25%
- Final project: 60% (First and second milestones, and final writeup)
By the end of this course, you should be able to...
- Summarize the basic concepts in differential privacy, applied cryptography, language-based security, and adversarial machine learning.
- Use standard techniques from differential privacy to design privacy-preserving data analyses.
- Grasp the high-level concepts from research literature on the main course topics.
- Present and lead a discussion on recent research results.
- Carry out an in-depth exploration of one topic in the form of a self-directed research project.
This is a 3-credit graduate seminar. We will meet for two 75-minute class periods each week over the fall semester, and you should expect to work on course learning activities for about 3 hours out of classroom for every class period.
The final project may be done individually or in groups of two students. Collaborative projects with people outside the class may be allowed, but please check with me first.
Access and Accommodation
The University of Wisconsin-Madison supports the right of all enrolled students to a full and equal educational opportunity. The Americans with Disabilities Act (ADA), Wisconsin State Statute (36.12), and UW-Madison policy (Faculty Document 1071) require that students with disabilities be reasonably accommodated in instruction and campus life. Reasonable accommodations for students with disabilities is a shared faculty and student responsibility. Students are expected to inform me of their need for instructional accommodations by the end of the third week of the semester, or as soon as possible after a disability has been incurred or recognized. I will work either directly with you or in coordination with the McBurney Center to identify and provide reasonable instructional accommodations. Disability information, including instructional accommodations as part of a student’s educational record, is confidential and protected under FERPA.