Security Aspects of Machine Learning
The course exposes students to the security aspects and implications of machine learning. In the first part of the course, machine learning is treated as an application that, as such, needs to operate securely and needs to be protected. In this part, the course explains the main techniques currently used to attack machine learning (such as adversarial attacks, cloning, side channels attacks) and the most common techniques used to protect machine learning implementations (such as watermarking and fingerprinting, side channel countermeasures, and protections against adversarial attacks). In the second part of the course, machine learning is used as tool to enhance security (malware detection, penetration testing, fraud detection) or to carry out more advanced attacks (advanced side channel attacks, attacks to security primitives, advanced cryptanalisis). The course includes many in-class laboratories were student will apply the acquired knowledge to practical problems, such as side channel key recovery using machine learning, adversarial attacks, or a capture the flag context.
Learn security aspects and implications of machine learning
Frontal lectures, assignments, and lab sessions
Exam and presentations done by the students.