Logistics

• Lectures: Tue 2:45-3:45pm (PT) will be the main weekly synchronous course meeting in Hewlett 201. Students must also select one weekly lab section to attend. We will arrange this during the first week of class.
• Lecture videos: on Canvas
• Edstem: Class discussion.
• Grading Policy: Five homeworks (60%) + Final Project Report (30%) and class participation on Zoom + Ed (10%).
• Late Day Policy: Students will have 6 late days to use during the whole quarter, but no more than 2 late days can be used for a single homework
• Contact: Students should ask all course-related questions on our Ed forum, where you will also find all the announcements. For external enquiries, personal matters, or in emergencies, you can email us at cs329t-spr2122-staff@lists.stanford.edu.
• Academic accommodations: If you need an academic accommodation based on a disability, you should initiate the request with the Office of Accessible Education (OAE). The OAE will evaluate the request, recommend accommodations, and prepare a letter for faculty. Students should contact the OAE as soon as possible since timely notice is needed to coordinate accommodations.
• Honor code: Very important. See Honor Code.

Overview

What is this course about?

ML models are ubiquitous -- from transportation (self-driving cars) to finance (credit card or mortgage applications) and careers (company hiring). ML, however, does not come without its risks. Some important risks involve model understanding and accountability: models created by machine learning are largely black boxes that are hard for us to peer into and understand; they are susceptible to unforeseen faults, to adversarial manipulation, and to violations of ethical norms in privacy and fairness. This course will provide an introduction to state-of-the-art ML methods designed to make AI more trustworthy. The course focuses on four concepts: explanations, fairness, privacy, and robustness. We first discuss how to explain and interpret ML model outputs and inner workings. Then, we examine how bias and unfairness can arise in ML models and learn strategies to mitigate this problem. Next, we look at differential privacy and membership inference in the context of models leaking sensitive information when they are not supposed to. Finally, we look at adversarial attacks and methods for imparting robustness against adversarial manipulation. Students will gain understanding of a set of methods and tools for deploying transparent, ethically sound, and robust machine learning solutions. Students will complete labs, homework assignments, and discuss weekly readings. Students will also do a course term project on a topic of their choice, using methods presented in the course.

Prerequisites

Students are expected to have the following background:

• Knowledge of basic computer science principles and skills, at a level sufficient to write a reasonably non-trivial computer program (e.g., CS106B/X or equivalent). The assignments will be in Python.
• Good understanding of machine learning algorithms (e.g. at least one of CS229, CS230, CS231N, CS224N or equivalent).
• Familiar with at least one framework such as TensorFlow, PyTorch, Keras, scikit-learn.
• Familiarity with basic probability theory (CS109 or Stat116 or equivalent is sufficient but not necessary).

Honor Code

Permissive but strict. If unsure, please ask the course staff!

• OK to search, ask in public about the systems we’re studying. Cite all the resources you reference.
  E.g. if you read it in a paper, cite it. If you ask on Quora, include the link.
• NOT OK to ask someone to do assignments/projects for you.
• OK to discuss questions with classmates. Disclose your discussion partners.
• NOT OK to copy solutions from classmates.
• OK to use existing solutions as part of your projects/assignments. Clarify your contributions.
• NOT OK to pretend that someone’s solution is yours.
• OK to publish your final project after the course is over (we encourage that!)
• NOT OK to post your assignment solutions online.

Audit policy

We’re generally open to auditing requests by all Stanford affiliates. External requests will be determined on a case by case basis, mostly because the course is hosted on Canvas and we’re not sure how non-Stanford affiliates access Canvas.

You will be able to attend all the lectures, but we won't be able to grade your homework or give advice on final projects. Our human resources are limited. There are only four of us and on top of teaching, we also have full-time jobs or are full-time students.

Even if you’re not auditing, you can still access all the slides, notes, assignments, and final repot instructions. These are posted on the Syllabus page.

To audit the class, please send cs329t-spr2122-staff@lists.stanford.edu an email with the subject title "CS329T: Audit Request" with a few sentences introducing yourself and your relevant background.

We’ll add you as an observer on Canvas -- you need to create an account on Canvas first. You can attend all lectures scheduled there.

• You’re welcome to participate in the discussion in lectures, but please check out the previous lectures first otherwise you might find lectures confusing!
• You’re welcome to attend OHs, though if there are more enrolled students waiting in the line, they’ll be given priority.
• Your feedback is much appreciated. If there’s any concept that you find confusing, incorrect or missing, please let us know!

Reference Text

There's no textbook. The course relies on lecture slides and accompanying readings.