课程号：AI206005

课程名：统计学习与对抗机器学习

英文课程名：Statistical Learning and Adversarial Machine Learning

开课单位：人工智能学院

授课教师：Fabio Roli

责任教师：缑水平袁景

学分/学时：1学分/16学时

教师简介：Fabio Roli教授供职于意大利卡利亚里大学计算机工程系。从事模式识别与机器学习系统研究长达30余年，同时是IEEE和IAPR的fellow。目前Google scholar的h-index高达66，2008年至2011年曾任北约信息与通讯安全咨询委员会成员。 Fabio Roli is a Full Professor of Computer Engineering at the University of Cagliari. He has been doing research on the design of pattern recognition and machine learning systems for thirty years. His current h-index is 66 according to Google Scholar (December 2019). He has been appointed Fellow of the IEEE and Fellow of the International Association for Pattern Recognition. He was a member of NATO advisory panel for Information and Communications Security, NATO Science for Peace and Security (2008–2011).

课程简介：本课程的主要内容是向本科生，特别是人工智能和信息科学专业的本科学生，讲授当代人工智能科学中的统计学习基本概念，讲解学习过程中有针对性设计的攻击与对抗的安全性问题，并介绍对抗机器学习的基本原理和一些评估机器学习算法易受攻击性的技术，包括测试时间逃避和训练时间有毒攻击（也称为对抗性示例）。课程内容精选自IEEE和IAPR Fellow，Fabio Roli教授长期教学的教材与课件，该课程教学过程中使用的多种应用实例，包括图像识别、生物特征识别、垃圾邮件和恶意软件检测。

The objective of this course is to provide undergraduate students, especially the undergraduate students on AI and information science, with the fundamental concepts of statistical machine learning for modern AI science. This course introduces the security problems against well-crafted attacks and presents the fundamentals of adversarial machine learning and some techniques to assess the vulnerability of machine-learning algorithms to adversarial attacks, including test-time evasion and training-time poisoning attacks (also known as adversarial examples). The lecture slides are well organized from the related teaching material and courseware by Prof. Fabio Roli, fellow of both IEEE and IAPR. This course uses multiple real-world application examples including object recognition in images, biometric identity recognition, spam and malware detection.

先修课程：线性代数

概率论