The Secure and Private AI (SPY) Lab conducts research on the security, privacy and trustworthiness of machine learning systems. We often approach these problems from an adversarial perspective, by designing attacks that probe the worst-case performance of a system to ultimately understand and improve its safety.

Visit our GitHub organization Twitter account

News

Nov 4, 2024

Our paper showing how unlearning methods fail to remove knowledge from LLMs got a spotlight and oral presentation at the SoLaR Workshop at NeurIPS 2024.

Oct 17, 2024

The report for our LLM CTF hosted at SaTML 2024 got a Spotlight at NeurIPS D&B 2024.

Sep 11, 2024

Our lab member Javier Rando is co-organizing the LLMail Inject competition at SaTML 2025 on adaptive attacks against prompt injection defenses.

Jul 27, 2024

Our papers Stealing part of a production language model and Position: Considerations for Differentially Private Learning with Large-Scale Public Pretraining obtained best paper awards at ICML 2024.

People


Avatar

Florian Tramèr

Faculty

Avatar

Edoardo Debenedetti

PhD Student

Avatar

Daniel Paleka

PhD Student

Avatar

Javier Rando

PhD Student

Avatar

Michael Aerni

PhD Student

Avatar

Jie Zhang

PhD Student

Avatar

Kristina Nikolic

PhD Student