Spring 2025 - CMPT 419 E300

Special Topics in Artificial Intelligence (3)

Class Number: 7262

Delivery Method: In Person

Overview

  • Course Times + Location:

    Jan 6 – Apr 9, 2025: Tue, 4:30–6:20 p.m.
    Burnaby

    Jan 6 – Apr 9, 2025: Thu, 5:30–6:20 p.m.
    Burnaby

Description

CALENDAR DESCRIPTION:

Current topics in artificial intelligence depending on faculty and student interest.

COURSE DETAILS:

Deep learning, represented by large language models, is revolutionizing human lives. However, trustworthiness threats in deep learning widely exist, posing great challenges to AI safety, security, and reliability. This course introduces state-of-the-art frontiers on deep learning research for a wide range of trustworthiness issues, including threat discovery, mitigation, and certification methods through seminar-style presentations and hands-on projects.

This is a seminar-style course for trustworthy deep learning. The first half of the course is an overview of deep learning and preliminaries for trustworthy AI methods, including training of neural networks, common neural network architectures, large language models, the definition of AI attacks, defences, and certification and verification in the context of AI. The second half of the course visits representative and recent research papers in the field through student presentations, covering topics like evasion attacks and defences, robustness certification, differential privacy, membership inference attacks, watermarks, detection of AI-generated contents, machine unlearning, prompt injection attacks, model stealing, and finetuning attacks. The course will be tentatively graded by 30% paper presentation, 20% lecture notes, and 50% course project. The course project is the implementation and improvement of a simple neural network verifier under a given framework.

There is no formal pre-requisites. Background in algorithms, calculus, linear algebra (e.g., MATH 151, MATH 152, MATH 232, CMPT 225), CMPT 410/726 strongly recommended.

COURSE-LEVEL EDUCATIONAL GOALS:

Students will gain exposure to the following state-of-the-art research topics:

  1. Deep learning basics
  2. Language model basics
  3. Deep learning safety and security basics
  4. Robustness: Evasion attacks, data poisoning attacks, defences, and certifications
  5. Privacy: Differential privacy, membership inference attacks, machine unlearning, watermarking, model stealing, and AI content generation
  6. Alignment: Fine-tuning from human feedback, finetuning attacks, prompt injection attacks
  7. Implementation of neural network verifier

The course will aim to develop the following skills:
- reading and summarizing the latest research papers in trustworthy and responsible AI
- advanced application of deep learning frameworks (e.g., PyTorch), especially for neural network verification
- presentation skills of professional research topics

Grading

NOTES:

Readings, assignments, and class structure will be discussed in class. Readings will involve a mix of research papers and other materials.

Materials

MATERIALS + SUPPLIES:

Materials will be provided by the instructor. There will be no primary reference material -- rather, we will read an assortment of research papers, book chapters, etc.

Before the course, the Deep Learning (https://www.deeplearningbook.org/) book by Ian Goodfellow, Yoshua Bengio, and Aaron Courville is recommended.

REQUIRED READING NOTES:

Your personalized Course Material list, including digital and physical textbooks, are available through the SFU Bookstore website by simply entering your Computing ID at: shop.sfu.ca/course-materials/my-personalized-course-materials.

Registrar Notes:

ACADEMIC INTEGRITY: YOUR WORK, YOUR SUCCESS

SFU’s Academic Integrity website http://www.sfu.ca/students/academicintegrity.html is filled with information on what is meant by academic dishonesty, where you can find resources to help with your studies and the consequences of cheating. Check out the site for more information and videos that help explain the issues in plain English.

Each student is responsible for his or her conduct as it affects the university community. Academic dishonesty, in whatever form, is ultimately destructive of the values of the university. Furthermore, it is unfair and discouraging to the majority of students who pursue their studies honestly. Scholarly integrity is required of all members of the university. http://www.sfu.ca/policies/gazette/student/s10-01.html

RELIGIOUS ACCOMMODATION

Students with a faith background who may need accommodations during the term are encouraged to assess their needs as soon as possible and review the Multifaith religious accommodations website. The page outlines ways they begin working toward an accommodation and ensure solutions can be reached in a timely fashion.