Machine Learning in Cybersecurity Mario Fritz


Currently, no news are available

Machine Learning in Cyber Security


Course Description

Recent advances in Machine Learning has lead to near (or beyond) human-level performance in many tasks - autonomous driving, voice assistance, playing a variety of games. In terms of privacy and security, this is a double-edged sword. ML techniques can be used to efficiently detect and prevent attacks (e.g., intrusion detection). However, their deployment to many real-world sensitive systems (e.g., self-driving cars, the cloud) also makes them susceptible to numerous attacks, such as introducing imperceptible perturbations in inputs and forcing ML systems behave in unintended ways.

The course explores in-depth both of these sides to Machine Learning and Cyber Security. The content addresses the following areas:

  1. ML overview
  2. ML for improving security
  3. Attacks on ML models
  4. ML and Privacy


Class Time and Location

Winter Semester 2018/19
Lectures: Wednesday, 12:00 - 14:00  (starts at 12:15)
Exercises: Monday, 12:00 - 14:00  (starts at 12:15)
Location: E91, 0.05

Instructor: Mario Fritz
Teaching Assistants: Tribhuvanesh Orekondy, Hossein Hajipour, Kathrin Grosse


Schedule and Syllabus

Event Type   Date Description Course Materials
Lecture   October 17 Course Overview Slides
Tutorial   October 22 Primer on Python and Jupyter Slides
Notebook | Collab-hosted
Lecture   October 24 Machine Learning Overview Slides
Tutorial   October 29 Hands-on ML with Python and Scikit-learn Notebook | Collab-hosted
Project 1       Notebook | Collab-hosted
Due on: 11-Nov-2018 (23:59)
Lecture   October 31 Deep Learning Overview Slides
Tutorial   November 5 Applying Deep Learning

Notebook numpy | Notebook Keras

Lecture   November 7 Anomaly Detection Slides
Lecture   November 14 Evasion Attacks Slides
Tutorial   November 19 Project 1: Summary and Discussion Slides
Project 2       Notebook
Due on: 9-Dec-2018 (23:59)
Lecture   November 21 Membership Inference Slides
Tutorial   November 26 Q&A (TA office hours)  
Lecture   November 28 Malware Analysis Slides
Project 3      

Due on: 3-Feb-2019 (23:59)

Lecture   December 12 Model Stealing & Watermarking Slides
Tutorial   December 17 Project 2: Summary and Discussion Slides
Lecture   December 19 Poisoning Slides
Lecture   January 9 Network Traffic Analysis Slides
      Using the GPU Machines Slides
Lecture   January 16 Generative Adversarial Networks Slides
Lecture   January 23 Differential Privacy Slides
Lecture   February 6 Variational Auto-Encoders Slides



  • Programming: Basic programming skills and familiarity with Python. All assignments will be in Python.
  • Machine Learning: Prior knowledge in ML is helpful.
  • Linear Algebra, Probability, Statistics and Calculus: Introductory level.


Course Discussions

For course-related discussion (or to find team-mates for projects), you can optionally use the following google group:


Project Honor Code

We encourage discussing ideas and concepts with other students to help you learn and better understand the course content. However, the work you submit and present must be original and demonstrate your effort in solving the presented problems. We will not tolerate blatantly using existing solutions (such as from the internet), improper collaboration (e.g., sharing code or experimental data between groups) and plagiarism. If the honor code is not met, no points will be awarded.

Project Presentation Schedule

Place E91, 0.01 (Small lecture hall, ground floor, right corner.), except the meeting on Feb. 8th, which takes place in the top floor rotunda at MPI.

Feb 8th Group Feb 11th Group Feb 13th Group
10:00 Watchers on the Wall 14:00 The A-Team 14:00 Team 1
10:20 DKK 14:20 Winter is coming 14:20 Rage against ML
    14:40 Pandas 14:40 Gradient Ninjas
    15:00 Fastest Neighbors 15:00 Overestimators
    15:20 - - - 15:20 Security Monks
    15:40 - - - 15:40 Fast 3


Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators