Research Group
Machine Learning
and Security
and Security
View from our building over Berlin.
Our research group conducts fundamental research at the intersection of computer security and machine learning. On the one end, we are interested in developing intelligent systems that can learn to protect computers from attacks and identify security problems automatically. On the other end, we explore the security and privacy of machine learning by developing novel attacks and defenses.
We are part of the Berlin Institute for the Foundations of Learning and Data (BIFOLD) at Technische Universität Berlin. Previously, we have been working at Technische Universität Braunschweig and the University of Göttingen.
April 22, 2025 — We are starting the summer semester with new courses, including our lecure on machine learning for security and a project on reproducing AI attacks and defenses. Register in the ISIS platform 📚.
April 9, 2025 — We are attending SaTML in Copenhagen, 🇩🇰. Thorsten is presenting his paper on verifiable machine unlearning, while Konrad is chairing the conference.
January 6, 2025 — There are 10 open PhD student positions in the BIFOLD Graduate School! Further details are available here. The deadline for application is February 3, 2025.
See all news and updates of the research group.
MLSEC — Machine Learning for Computer Security
This integrated lecture is concerned with using machine learning in computer security. Many tasks in security, such as the analysis of malicious software or the discovery of vulnerabilities, rest on manual work. Methods from machine learning can help accelerate this process and make security systems more intelligent. The lecture explores different approaches for constructing such learning-based security systems.
This lab is a hands-on, entry-level course that explores the security analysis of systems. It provides an introduction to practical system security and serves a preparation for later advanced security labs. This includes developing strategies and tools for security analysis as well as investigating the security of real-world systems. In each unit of the lab, a different system is analyzed, ranging from Android applications to network hosts.
See all teaching course.
Seeing through: Analyzing and Attacking Virtual Backgrounds in Video Calls.
Proc. of the 34th USENIX Security Symposium, 2025. (to appear)
Adversarial Inputs for Linear Algebra Backends.
Proc. of the 42nd International Conference on Machine Learning (ICML), 2025. (to appear)
Evil from Within: Machine Learning Backdoors Through Dormant Hardware Trojans.
Proc. of the 40th Annual Computer Security Applications Conference (ACSAC), 2024.
Pitfalls in Machine Learning for Computer Security.
Communications of the ACM, 67, (11), 2024.
See all publications of the research group.
AIGENCY — Opportunities and Risks of Generative AI in Security
The project aims to systematically investigate the opportunities and risks of generative artificial intelligence in computer security. It explores generative models as a new tool as well as a new threat. The project is joint work with Fraunhofer AISEC, CISPA, FU Berlin, and Aleph Alpha.
MALFOY — Machine Learning for Offensive Computer Security
The ERC Consolidator Grant MALFOY explores the application of machine learning in offensive computer security. It is an effort to understand how learning algorithms can be used by attackers and how this threat can be effectively mitigated.
ALISON — Attacks against Machine Learning in Structured Domains
The goal of this project is to investigate the security of learning algorithms in structured domains. That is, the project develops a better understanding of attacks and defenses that operate in the problem space of learning algorithms rather than the feature space.
See all projects of the research group.
Technische Universität Berlin
Machine Learning and Security, TEL 8-2
Hardenbergstr. 40A
10623 Berlin, Germany
Office: office@mlsec.tu-berlin.de
Responsibility under the German Press Law §55 Sect. 2 RStV:
Prof. Dr. Konrad Rieck