Reliable and Interpretable Artificial Intelligence

Open in Course Catalogue
Fall 2019
263-2400-00L
Prof. Dr. Martin Vechev
Dr. Petar TsankovBenjamin BichselSamuel SteffenGagandeep SinghMislav BalunovićMarc FischerMaximilian BaaderJingxuan He
Wed 15-17, HG G 3
Mon 13-14, LFW C4 or Wed 11-12 CAB G59
5

Overview

Creating reliable and explainable probabilistic models is a fundamental challenge to solving the artificial intelligence problem. This course covers some of the latest and most exciting advances that bring us closer to constructing such models. The main objective of this course is to expose students to the latest and most exciting research in the area of explainable and interpretable artificial intelligence, a topic of fundamental and increasing importance. Upon completion of the course, the students should have mastered the underlying methods and be able to apply them to a variety of problems. To facilitate deeper understanding, an important part of the course will be a group hands-on programming project where students will build a system based on the learned material.

The course covers some of the latest research (over the last 2-3 years) underlying the creation of safe, trustworthy, and reliable AI:

  • Adversarial Attacks on Deep Learning (noise-based, geometry attacks, sound attacks, physical attacks, autonomous driving, out-of-distribution)
  • Defenses against attacks
  • Combining gradient-based optimization with logic for encoding background knowledge
  • Complete Certification of deep neural networks via automated reasoning (e.g., via numerical abstractions, mixed-integer solvers)
  • Probabilistic certification of deep neural networks
  • Training deep neural networks to be provably robust via automated reasoning
  • Understanding and Interpreting Deep Networks
  • Probabilistic Programming

Course project

The description of the course project can be found here. Code template, trained networks and sample test cases are uploaded here.

Lectures

No. DateContentSlides Exercises Solutions
1 Sept 18 Introduction PDF PDF
2 Sept 25 Adversarial attacks I PDF PDF PDF PDF PDF PDF
3 Oct 2 Adversarial attacks II PDF PDF PDF
4 Oct 9 Adversarial defenses + Certification PDF PDF PDF
5 Oct 16 Box and MILP certification PDFPDF PDF PDF
6 Oct 23 Zonotope approximation PDF PDF PDF
7 Nov 6 DeepPoly + Geometric Robustness PDF PDF PDF
8 Nov 13 Visualizing CNNs PDF PDF PDF
9 Nov 20 Querying and Training Deep Learning with Logic PDF PDF PDF
10 Nov 27 Provable Defenses + Beyond the Single Neuron Convex Relaxations PDF PDF PDF PDF
11 Dec 4 Randomized Smoothing PDF PDF PDF PDF
12 Dec 11 Differential Privacy PDF PDF PDF
13 Dec 18 Final lecture: exam overview and open problem PDF