Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
class:gradsec2026 [2026/05/15 08:58]
hanwoo [Agenda]
class:gradsec2026 [2026/06/15 11:25] (current)
hanwoo [Agenda]
Line 37: Line 37:
 | ::: | Jo | [[https://​www.usenix.org/​system/​files/​sec21-schuster.pdf|You autocomplete me: Poisoning vulnerabilities in neural code completion]] | {{ :​class:​인공지능보안_03_11_조현준.pptx |}} |  | | ::: | Jo | [[https://​www.usenix.org/​system/​files/​sec21-schuster.pdf|You autocomplete me: Poisoning vulnerabilities in neural code completion]] | {{ :​class:​인공지능보안_03_11_조현준.pptx |}} |  |
 | 3/18 | Minho |  |  |  | | 3/18 | Minho |  |  |  |
-| ::: | Han | [[https://​arxiv.org/​pdf/​2102.07995.pdf|D2a:​ A dataset built for ai-based vulnerability detection methods using differential analysis]] | {{ :​class:​d2a.pptx |}} |  |+| ::: | Han | [[https://​arxiv.org/​pdf/​2102.07995.pdf|D2a:​ A dataset built for ai-based vulnerability detection methods using differential analysis]] | {{ :​class:​d2a.pptx |}} |  |
 | 3/27 | Minho |  |  |  | | 3/27 | Minho |  |  |  |
 | ::: | Kwak| [[https://​www.mdpi.com/​1424-8220/​23/​9/​4403/​pdf|A Deep Learning-Based Innovative Technique for Phishing Detection with URLs]] | {{ :​class:​현대_보안에서_url을_이용한_피싱_탐지를_위한_딥러닝_기반_혁신_기법.pdf |}} |  | | ::: | Kwak| [[https://​www.mdpi.com/​1424-8220/​23/​9/​4403/​pdf|A Deep Learning-Based Innovative Technique for Phishing Detection with URLs]] | {{ :​class:​현대_보안에서_url을_이용한_피싱_탐지를_위한_딥러닝_기반_혁신_기법.pdf |}} |  |
Line 44: Line 44:
 Learning for Malware Detection in Executables]] |{{ :​class:​dl_for_malware_detection_in_ex_인공지능보안_조현준.pptx |}}  |  | Learning for Malware Detection in Executables]] |{{ :​class:​dl_for_malware_detection_in_ex_인공지능보안_조현준.pptx |}}  |  |
 | 4/15 | Han | [[https://​arxiv.org/​pdf/​1904.12843|Adversarial Training for Free!]] |{{ :​class:​adversarial_training_for_free_.pdf |}}  |  | | 4/15 | Han | [[https://​arxiv.org/​pdf/​1904.12843|Adversarial Training for Free!]] |{{ :​class:​adversarial_training_for_free_.pdf |}}  |  |
-| ::: | Minho | LLM | {{ :​class:​ai-introduction.pdf |}} |  +| ::: | Minho | LLM | {{ :​class:​ai-introduction.pdf |}} | 
 | 4/24 | No class |  |  |  | | 4/24 | No class |  |  |  |
 | 4/29 | Kwak | Deep reinforcement learning for time series:​playing idealized trading games |{{ :​class:​시계열_데이터를_이용한_강화학습_기반_이상화된_트레이딩_.pdf |}}  |  | | 4/29 | Kwak | Deep reinforcement learning for time series:​playing idealized trading games |{{ :​class:​시계열_데이터를_이용한_강화학습_기반_이상화된_트레이딩_.pdf |}}  |  |
Line 51: Line 51:
 | ::: | Han | [[https://​arxiv.org/​pdf/​2305.00944|Poisoning Language Models During Instruction Tuning]] | {{ :​class:​poisoning_language_models_during_instruction_tuning.pdf|poisoning_language_models_during_instruction_tuning}} |  | | ::: | Han | [[https://​arxiv.org/​pdf/​2305.00944|Poisoning Language Models During Instruction Tuning]] | {{ :​class:​poisoning_language_models_during_instruction_tuning.pdf|poisoning_language_models_during_instruction_tuning}} |  |
 | 5/13 | Han | [[https://​arxiv.org/​pdf/​2004.04692 |RETHINKING THE TRIGGER OF BACKDOOR ATTACK]] | {{ :​class:​rethinking_the_trigger_of_backdoor_attack.pdf |rethinking_the_trigger_of_backdoor_attack}} |  | | 5/13 | Han | [[https://​arxiv.org/​pdf/​2004.04692 |RETHINKING THE TRIGGER OF BACKDOOR ATTACK]] | {{ :​class:​rethinking_the_trigger_of_backdoor_attack.pdf |rethinking_the_trigger_of_backdoor_attack}} |  |
-| ::: | Kwak |   |  | +| ::: | Kwak | [[https://​arxiv.org/​pdf/​1910.00033 ​|Hidden Trigger Backdoor Attacks]] | {{ :​class:​hidden_trigger_backdoor_attacks.pdf |}} |  | 
-| 5/20 | Kwak |   |  | +| 5/20 | Kwak | [[https://​arxiv.org/​pdf/​2012.07805 ​|Extracting Training Data from Large Language Models]] | {{ :​class:​extracting_training_data_from_large_language_models_2_.pdf|pdf}} ​|  | 
-| ::: | Jo |    |+| ::: | Jo | [[https://​www.ndss-symposium.org/​wp-content/​uploads/​2026-f797-paper.pdf]] ​|{{ :​class:​발표자료_조현준.pptx |}}| |
 | 5/27 | Jo |  |  |  | | 5/27 | Jo |  |  |  |
-| ::: | Han |   |  | +| ::: | Han | [[https://​arxiv.org/​pdf/​2307.02483.pdf|Jailbroken-How Does LLM Safety Training Fail]] | {{ :​class:​jailbroken-how_does_llm_safety_training_fail.pdf |발표자료}} ​|  | 
-| 6/5 | Kwak |   |  |+| 6/5 | Kwak | [[https://​arxiv.org/​pdf/​2010.08138.pdf|Input-Aware Dynamic Backdoor Attack ]] | {{ :​class:​input-aware_dynamic_backdoor_attack.pdf |}} |  |
 | 6/10 | No Class |  |  |  | | 6/10 | No Class |  |  |  |
 ====== Class Information ====== ====== Class Information ======
Line 162: Line 162:
     * Keywords: Physical adversarial examples, backdoor attacks, computer vision, robust perturbations,​ physical-world attacks     * Keywords: Physical adversarial examples, backdoor attacks, computer vision, robust perturbations,​ physical-world attacks
     * URL: https://​arxiv.org/​pdf/​2004.04692.pdf     * URL: https://​arxiv.org/​pdf/​2004.04692.pdf
-  - **Hidden Trigger Backdoor Attacks**+  - <fc red>​(kawk)</​fc> ​**Hidden Trigger Backdoor Attacks**
     * Aniruddha Saha et al., AAAI 2020 | Pages: 8 | Difficulty: 3/5     * Aniruddha Saha et al., AAAI 2020 | Pages: 8 | Difficulty: 3/5
     * Abstract: Proposes backdoor attacks where triggers are hidden in the neural network'​s feature space rather than being visible patterns in the input. These attacks are harder to detect because there'​s no visible trigger pattern that can be identified through input inspection or trigger inversion techniques.     * Abstract: Proposes backdoor attacks where triggers are hidden in the neural network'​s feature space rather than being visible patterns in the input. These attacks are harder to detect because there'​s no visible trigger pattern that can be identified through input inspection or trigger inversion techniques.
Line 179: Line 179:
  
 ==== C3. Privacy Attacks on Machine Learning ==== ==== C3. Privacy Attacks on Machine Learning ====
-  - **Extracting Training Data from Large Language Models**+  -<fc red>​(kawk)</​fc> ​**Extracting Training Data from Large Language Models**
     * Nicholas Carlini et al., USENIX Security 2021 | Pages: 17 | Difficulty: 3/5     * Nicholas Carlini et al., USENIX Security 2021 | Pages: 17 | Difficulty: 3/5
     * Abstract: Demonstrates that large language models like GPT-2 memorize and can be made to emit verbatim training data including personal information,​ phone numbers, and copyrighted content. The paper raises serious privacy concerns for LLMs trained on web data and shows that model size correlates with memorization capability.     * Abstract: Demonstrates that large language models like GPT-2 memorize and can be made to emit verbatim training data including personal information,​ phone numbers, and copyrighted content. The paper raises serious privacy concerns for LLMs trained on web data and shows that model size correlates with memorization capability.
Line 213: Line 213:
  
 ==== C4. LLM Security & Jailbreaking ==== ==== C4. LLM Security & Jailbreaking ====
-  - **Jailbroken:​ How Does LLM Safety Training Fail?**+  - <fc red>​(Han)</​fc> ​**Jailbroken:​ How Does LLM Safety Training Fail?**
     * Alexander Wei et al., NeurIPS 2023 | Pages: 34 | Difficulty: 3/5     * Alexander Wei et al., NeurIPS 2023 | Pages: 34 | Difficulty: 3/5
     * Abstract: Analyzes why safety training in LLMs can be circumvented through jailbreaking. Identifies two fundamental failure modes: competing objectives during training and mismatched generalization between safety and capabilities. Provides theoretical framework for understanding jailbreak vulnerabilities and suggests that current alignment approaches have inherent limitations.     * Abstract: Analyzes why safety training in LLMs can be circumvented through jailbreaking. Identifies two fundamental failure modes: competing objectives during training and mismatched generalization between safety and capabilities. Provides theoretical framework for understanding jailbreak vulnerabilities and suggests that current alignment approaches have inherent limitations.
 
class/gradsec2026.1778810298.txt.gz · Last modified: 2026/05/15 08:58 by hanwoo · [Old revisions]
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki