Security Aspects of Machine Learning
People
Course director
Assistant
Description
The course exposes students to the security aspects and implications of machine learning. In the first part of the course, machine learning is treated as an application that, as such, needs to operate securely and needs to be protected. In this part, the course explains the main techniques currently used to attack machine learning (such as adversarial attacks, cloning, side channels attacks) and the most common techniques used to protect machine learning implementations (such as watermarking and fingerprinting, side channel countermeasures, and protections against adversarial attacks). In the second part of the course, machine learning is used as tool to enhance security (malware detection, penetration testing, fraud detection) or to carry out more advanced attacks (advanced side channel attacks, attacks to security primitives, advanced cryptanalisis). The course includes many in-class laboratories were student will apply the acquired knowledge to practical problems, such as side channel key recovery using machine learning, adversarial attacks, or a capture the flag context.
Objectives
Learn security aspects and implications of machine learning
Teaching mode
In presence
Learning methods
Frontal lectures, assignments, and lab sessions
Examination information
Exam and presentations done by the students.
Education
- Master of Science in Artificial Intelligence, Lecture, Elective, 1st year
- Master of Science in Informatics, Lecture, Computer Systems, Elective, 1st year
- Master of Science in Informatics, Lecture, Computer Systems, Elective, 2nd year
- Master of Science in Informatics, Lecture, Artificial Intelligence, Elective, 1st year
- Master of Science in Informatics, Lecture, Artificial Intelligence, Elective, 2nd year
- PhD programme of the Faculty of Informatics, Lecture, Elective, 1st year (2 ECTS)
