Artificial Intelligence & Security

Overview

SemesterWinter 2024
Course typeLecture complemented with Exercises (VÜ)
LecturerTT.-Prof. Dr. Wressnegger
AudienceInformatik Master & Bachelor
Credits6 ECTS
TimeMon, 11:30–13:00 (Lecture); Thu, 17:30–19:00 (Exercises)
Room-101 (50.34)
LanguageEnglish
LinkTBA
RegistrationTBA

Description

The lecture is about combining the fields of artificial intelligence, machine learning and computer security in practice. Many tasks in the computer security landscape are based on manual labor, such as searching for vulnerabilities or analyzing malware. Here, machine learning can be used to establish a higher degree of automation, providing more "intelligent" security solutions (AI for Security). However, also these learning-based systems can be attacked and need to be secured (Security of AI). As an example, viciously crafted inputs can be exploited by an adversary to cause devastating damage in the application area. It thus is of utmost importance to investigate, research, and know about the security properties of AI methods.

The module introduces students to theoretic and practical aspects of AI in computer security as well as security of AI. We cover basics on features and feature engineering in the security domain, discuss fundamental learning settings in security and point out "Dos and Don’ts" of using AI/ML in computer security. Moreover, we put particular focus on "Explainable AI" (XAI) and it’s use in computer security, before we introduce attacks and defense against learning-based systems as discussed in the first half of the course. We cover input-manipulation attacks (e.g., adversarial examples), model-manipulation attacks (e.g., backdooring attacks), privacy attacks (e.g., model stealing and membership inference) and attacks against XAI.

Mode of Operation

We do a regular lecture with course contents presented in-person. Additionally, we offer exercise units, where we discuss solutions to the exercises tasked that week. Participation in the exercises is optional but strongly advised.

Schedule

DateTopicSlides
Mon, 21. OctIntroduction
Bonus MaterialMachine Learning 101
Thu, 24. OctPython 101
Mon, 28. Oct (+ Thu, 31. Nov)From Security Data to Features
Mon, 04. Nov (+ Thu, 07. Nov)Anomaly Detection for Intrusion Detection
Mon, 11. Nov (+ Thu, 14. Nov)Malware Classification
Mon, 18. Nov (+ Thu, 21. Nov)Evaluating learning-based Systems
Mon, 25. Nov (+ Thu, 28. Nov)Explainable AI for Computer Security
Mon, 02. Dez (+ Thu, 05. Dez)Adversarial Machine Learning
Bonus MaterialPrimer on Neural Networks
Mon, 09. Dez (+ Thu, 12. Dez)Adversarial Examples
Mon, 16. Dez (+ Thu, 19. Dez)Adversarial Training
Mon, 23. DezNo lecture
Thu, 9. JanNo exercise
Mon, 13. Jan (+ Thu, 16. Jan)Neural Backdoors
Mon, 20. Jan (+ Thu, 23. Jan)Model Stealing
Mon, 27. Jan (+ Thu, 30. Feb)Membership Inference
Mon, 03. Feb (+ Thu, 06. Feb)Security of Explainable AI
Mon, 10. FebSummary and Outlook
approx. Mon, 24. FebWritten Exam

Matrix Chat

News about the lecture, potential updates to the schedule, and additional material are distributed using the course's matrix room. Moreover, matrix enables students to discuss topics and solution approaches.

You find the link to the matrix room on ILIAS.