401-4661-DRL  Robustness of Deep Neural Networks

SemesterAutumn Semester 2022
LecturersR. Alaifari
Periodicitynon-recurring course
Language of instructionEnglish
CommentOnly for ZGSM (ETH D-MATH and UZH I-MATH) doctoral students. The latter need to register at myStudies and then send an email to info@zgsm.ch with their name, course number and student ID. Please see https://zgsm.math.uzh.ch/index.php?id=forum0


AbstractWhile deep neural networks have been very successfully employed in classification problems, their stability properties remain still unclear. In particular, the presence of adversarial examples has demonstrated that state-of-the-art networks are vulnerable to small perturbations in the data. This course serves as an introduction to adversarial attacks and defenses for deep neural nework algorithms.
Learning objective1. Theory: in this course, we will discuss the trade-off between accuracy and stability of classification algorithms and study the state-of-the-art for robust image classification, adversarial attacks and adversarial training.
2. Practice: students will train and attack deep neural networks themselves, to get a hands-on experience.
Prerequisites / NoticeCourses on linear algebra, optimization and machine learning. Basic programming skills in Python, and experience with PyTorch or TensorFlow.