Security and Privacy of Machine Learning

Date: June, 2019

Location: Long Beach, CA, USA

As machine learning has increasingly been deployed in critical real-world applications, the dangers of manipulation and misuse of these models has become of paramount importance to public safety and user privacy. In applications such as online content recognition to financial analytics to autonomous vehicles all have shown the be vulnerable to adversaries wishing to manipulate the models or mislead models to their malicious ends.

This workshop will focus on recent research and future directions about the security and privacy problems in real-world machine learning systems. We aim to bring together experts from machine learning, security, and privacy communities in an attempt to highlight recent work in these area as well as to clarify the foundations of secure and private machine learning strategies. We seek to come to a consensus on a rigorous framework to formulate adversarial attacks targeting machine learning models, and to characterize the properties that ensure the security and privacy of machine learning systems. Finally, we hope to chart out important directions for future work and cross-community collaborations.


8:40am-9:00am Opening Remarks
Session 1:Security Vulnerabilities of Machine Learning Systems
9:00am-9:30am Invited Talk #1: Patrick McDaniel
9:30am-10:00am Inivted Talk #2: Una-May O'Reilly
10:00am-10:15am Contributed Talk #1:
10:15am-10:30am Spotlight Presentations
10:30am-10:45am Coffee Break
Session 2:Secure and Private Machine Learning in Practice
10:45am-11:15am Invited Talk #3: Le Song
11:15am-11:30am Contributed Talk #2:
11:30am-12:00pm Invited Talk #4: Allen Qi
12:00pm-1:15pm Lunch
Session 3:Provable Robustness and Verifiable Machine Learning Approaches
1:15pm-1:45pm Invited Talk #5: Ziko Kolter
1:45pm-2:00pm Contributed Talk #3:
2:00pm-2:45pm Poster Session followed by break
Session 4: Trustworthy and Interpretable Machine Learning Towards
2:45pm-3:15pm Invited Talk #6: Alexander Madry
3:15pm-3:45pm Invited Talk #7: Been Kim
3:45pm-4:00pm Contributed Talk #4:
4:00pm-4:15pm Spotlight Presentations
4:15pm-5:15pm Panel discussion
5:15pm-6:00pm Poster Sesson

Call For Papers

Submission deadline: May 10, 2019 Anywhere on Earth (AoE)

Notification sent to authors: June 1, 2019 Anywhere on Earth (AoE)

Submission server:

Submissions to this track will introduce novel ideas or results. Submissions should follow the ICML format and not exceed 4 pages (excluding references, appendices or large figures).

The workshop will include contributed papers. Based on the PC’s recommendation, each paper accepted to the workshop will be allocated either a contributed talk or poster presentation .

We invite submissions on any aspect of machine learning that relates to computer security and privacy (and vice versa). This includes, but is not limited to:

Organizing Committee

(Listed by alphabetical order)

Program Committee

  • Bhavya Khailkhura (Lawrence Livermore National Lab)
  • Catherine Olsson (Google Brain)
  • Chaowei Xiao (University of Michigan)
  • David Evans (University of Virginia)
  • Dimitris Tsipras (Massachusetts Institute of Technology)
  • Earlence Fernandes (University of Washington)
  • Eric Wong (Carnegie Mellon University)
  • Fartash Faghri (University of Toronto)
  • Florian Tramer (Stanford University)
  • Hadi Abdullah (University of Florida)
  • Hao Su (UCSD)
  • Jonathan Uesato (DeepMind)
  • Karl Ni (In-Q-Tel)
  • Kassem Fawaz (University of Wisconsin-Madison)
  • Kathrin Grosse (CISPA)
  • Krishna Gummadi (MPI-SWS)
  • Matthew Wicker (University of Georgia)
  • Nathan Mundhenk (Lawrence Livermore National Lab)
  • Nicholas Carlini (Google Brain)
  • Nicolas Papernot (Google Brain and University of Toronto)
  • Octavian Suciu (University of Maryland)
  • Pin-Yu Chen (IBM)
  • Pushmeet Kohli (DeepMind)
  • Qian Chen (Tencent)
  • Shreya Shankar (Stanford University)
  • Suman Jana (Columbia University)
  • Varun Chandrasekaran (University of Wisconsin-Madison)
  • Xiaowei Huang (Liverpool University)
  • Yanjun Qi (University of Virginia)
  • Yigitcan Kaya (University of Maryland)
  • Yizheng Chen (Georgia Tech)