Machine Learning Security
Academic Year 2024-2025
The course will start on October 1, 2024. Teams link.
Instructors: Prof. Battista Biggio
Teaching Assistants: Dr. Maura Pintor, Dr. Ambra Demontis, Dr. Angelo Sotgiu
External Seminars: Dr. Antonio Emanuele CinĂ , Dr. Luca Demetrio
MSc in Computer Engineering, Cybersecurity and Artificial Intelligence (Univ. Cagliari)
National PhD Program in Artificial Intelligence
PhD Program in Electronic and Computer Engineering (Univ. Cagliari)
GitHub repository for course material: https://github.com/unica-mlsec/mlsec
Lectures
- Tuesday, 15-18, room I_ID (ex AN), building I
- Thursday, 12-14, I_IB (ex BA), building I
Course objectives and outcome
Objectives
The objective of this course is to provide students with the fundamental elements of machine learning security in the context of different application domains. The main concepts and methods of adversarial machine learning are presented, from threat modeling to attacks and defenses, as well as basic methods to properly evaluate adversarial robustness of a machine learning model against different attacks.
Outcome
An understanding of fundamental concepts and methods of machine learning security and its applications. An ability to analyse and evaluate attacks and defenses in the context of application-specific domains. An ability to design and evaluate robust machine learning models with Python and test them on benchmark data sets.
Course materials
- Introduction to the course (Updated)
- Threat modeling and attacks on AI/ML models
- Evasion Attacks
- Certified Defenses (Guest Lecture by Dr. Fabio Brau)
- Poisoning Attacks and Defenses (updated)
- Privacy Attacks and Defenses
- Explainable AI/ML (updated)
- Adversarial Windows Malware (Adversarial EXEmples) - Guest Lecture by Dr. Luca Demetrio