Search for contacts, projects,
courses and publications

Security Aspects of Machine Learning


Regazzoni F.

Course director

Slooff T. A.



The course exposes students to the security aspects and implications of machine learning. In the first part of the course, machine learning is treated as an application that, as such, needs to operate securely and needs to be protected. In this part, the course explains the main techniques currently used to attack machine learning (such as adversarial attacks, cloning, side channels attacks) and the most common techniques used to protect machine learning implementations (such as watermarking and fingerprinting, side channel countermeasures, and protections against adversarial attacks). In the second part of the course, machine learning is used as tool to enhance security (malware detection, penetration testing, fraud detection) or to carry out more advanced attacks (advanced side channel attacks, attacks to security primitives, advanced cryptanalisis). The course includes many in-class laboratories  were student will apply the acquired knowledge to practical problems, such as side channel key recovery using machine learning, adversarial attacks, or a capture the flag context.


Learn security aspects and implications of machine learning

Teaching mode

In presence

Learning methods

Frontal lectures, assignments, and lab sessions

Examination information

Exam and presentations done by the students.