401-4661-DRL  Robustness of Deep Neural Networks

SemesterHerbstsemester 2022
DozierendeR. Alaifari
Periodizitäteinmalige Veranstaltung
LehrspracheEnglisch
KommentarOnly for ZGSM (ETH D-MATH and UZH I-MATH) doctoral students. The latter need to register at myStudies and then send an email to Link with their name, course number and student ID. Please see Link


KurzbeschreibungWhile deep neural networks have been very successfully employed in classification problems, their stability properties remain still unclear. In particular, the presence of adversarial examples has demonstrated that state-of-the-art networks are vulnerable to small perturbations in the data. This course serves as an introduction to adversarial attacks and defenses for deep neural nework algorithms.
Lernziel1. Theory: in this course, we will discuss the trade-off between accuracy and stability of classification algorithms and study the state-of-the-art for robust image classification, adversarial attacks and adversarial training.
2. Practice: students will train and attack deep neural networks themselves, to get a hands-on experience.
Voraussetzungen / BesonderesCourses on linear algebra, optimization and machine learning. Basic programming skills in Python, and experience with PyTorch or TensorFlow.