Rules & Guidelines
Recent work has shown that neural networks can contain stealthy backdoors, much like traditional software that allow attackers to trigger malicious behavior. The HackML competition will challenge teams to design new, more powerful backdoor attacks on neural networks, and to develop novel defenses and detections.
This competition is open to students enrolled in undergraduate or graduate degree programs from around the world.
The competition is divided into two qualifying rounds and a final round, as follows:
Online Attack Round
Submission Deadline: 31 August 2019, 23:59 EST
Competitors submit a trained neural network that contains a backdoor, along with a validation set, which does not contain triggering inputs. Triggering inputs must be privately provided to the organizers.
Detailed instructions are available here: csaw.engineering.nyu.edu/hackml/competition-details-files
Online Defense Round
Submission Deadline: 30 September 2019, 23:59 EST
Competitors must develop defenses against a selection of trojaned models from the Attack Round.
will be released on Friday, 6 September, 2019. : are available here:
Qualification Round Status
Notification by 7 October 2019
Once the Defense Round deadline has passed, team submissions will be assessed by NYU organizers. Assessors will evaluate submissions from the attack and defense rounds based on several criteria, including clean data prediction accuracy, backdoor attack success rate, backdoored network resistance during defense round, and backdoor trigger quality.
The top three (3) attacking and top three (3) defending teams will be invited to compete in Finals.
7 - 8 November 2019
Finalist teams from universities located within the US-Canada region will demonstrate attacks and defenses in-person at NYU Tandon School of Engineering. Finalist teams from other countries will participate remotely in Finals.
Judges will determine the winning team from each category. Winners will be announced at the Award Ceremony on Friday 8 November 2019.
Rules for the Qualifying Rounds
- Registration is required and will remain open from 8 August through 30 September 2019, 23:59 EST. Registrations after August 31 will mean that participants only do the defense round.
- There is no limit to the number of team members during the Attack and Defense Rounds, but all members must be students enrolled in an undergraduate or graduate degree program. Please note that only 2 team members will be invited to participate in Finals.
- Team members do not need to attend the same university/college.
- All players must compete under only 1 team name; playing for multiple teams is not permitted.
- Teams should work independently. Sharing answers privately or publicly, or collaborating with another team to secure multiple spots at Finals constitutes cheating.
Final Round Eligibility
Teams will be asked to verify their university enrollment prior to being offered a Finalist position. Up to two (2) members per team will be invited to compete at Finals.
Travel Awards for Teams in US-Canada
Following the enrollment verification process, a Travel Award will be presented to a maximum of two (2) team members. Teams will be provided with details when they are invited to finals. As applicable, participation in-person at NYU Tandon School of Engineering is contingent on the competitors ability to enter the United States.
Remote Participation Details
A maximum of two (2) team members per team will be invited to compete remotely. Remote participation details will be presented to Finalist teams following the enrollment verification process.
The winning Attack Team and the winning Defense Team will each earn $US 1000. Prizes will be distributed in late November 2019.
HackML registrants will be automatically added to the CSAW mailing list. This list is used to provide occasional updates on CSAW and to promote cybersecurity related events being organized by CSAW regional partner schools. CSAW will not rent, sell, or share emails with non-partner schools or other entities or organizations. Registrants can opt-out of the mailing list at anytime.
Please direct your inquiries to [email protected].