Campus Event Calendar

Event Entry

What and Who

Measuring and Enhancing the Security of Machine Learning

Florian Tramer
CIS@MPG Colloquium

Florian Tramèr is a PhD student at Stanford University advised by Dan Boneh. His research interests lie in Computer Security, Cryptography and Machine Learning security. In his current work, he studies the worst-case behavior of Deep Learning systems from an adversarial perspective, to understand and mitigate long-term threats to the safety and privacy of users. Florian is supported by a fellowship from the Swiss National Science Foundation and a gift from the Open Philanthropy Project.
AG Audience

Date, Time and Location

Thursday, 25 February 2021
60 Minutes
Virtual talk
Virtual talk


Failures of machine learning systems can threaten both the security and privacy of their users. My research studies these failures from an adversarial perspective, by building new attacks that highlight critical vulnerabilities in the machine learning pipeline, and designing new defenses that protect users against identified threats. In the first part of this talk, I'll explain why machine learning models are so vulnerable to adversarially chosen inputs. I'll show that many proposed defenses are ineffective and cannot protect models deployed in overtly adversarial settings, such as for content moderation on the Web. In the second part of the talk, I'll focus on the issue of data privacy in machine learning systems, and I'll demonstrate how to enhance privacy by combining techniques from cryptography, statistics, and computer security.


Please contact MPI-SWS Office for link information


Danielle Dalton
+49 681 9303 9106
--email hidden
passcode not visible
logged in users only

Danielle Dalton, 02/10/2021 14:10 -- Created document.