Adversarial AI

This course will explore the nascent field of adversarial machine learning, which seeks to design machine learning algorithms that maintain suitable classification performance in the presence of adversarially chosen inputs. It will also cover some topics in the related fields of robust statistics (where some of the training data is adversarially perturbed) and adaptive data analysis (where analyst queries may be selected adversarially). In other words, we will interrogate each step of a machine learning process, from the input data itself, to the training process, to the final model performance and analyst queries, and ask: what happens if things go wrong? How might we make choices that are less vulnerable to mistakes and potentially harmful manipulation? Prior familiarity with statistics and algorithms is helpful, but no prior course in machine learning is required.