Our research group conducts fundamental research at the intersection of computer security and machine learning. On the one end, we are interested in developing intelligent systems that can learn to protect computers from attacks and identify security problems automatically. On the other end, we explore the security and privacy of machine learning by developing novel attacks and defenses.
We are part of the new Berlin Institute for the Foundations of Learning and Data (BIFOLD) at Technische Universität Berlin. Previously, we have been working at Technische Universität Braunschweig and the University of Göttingen.
July 4, 2024 — We present four papers at ASIACCS in Singapore, 🇸🇬. Felix discusses target selection in fuzzing, Jonas explores differential testing of JSON, Josiane tackles simbox fraud, and Alwin investigates instruction embeddings.
May 20, 2024 — We are honored and grateful to receive the IEEE S&P Test-of-Time Award for our work on code property graphs. Thank you all so much! 🏆😊
May 12, 2024 — As part of a guest professorship, Konrad is visiting our dear colleages from the security and privacy group at TU Wien. He is teaching a doctoral course on artificial intelligence in security.
April 26, 2024 — Congratulations to Tom on successfully defending his PhD thesis about improving software defect localization using machine learning. Great work, Dr. Ganz 🎓!
See all news and updates of the research group.
Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting.
Proc. of the 33rd USENIX Security Symposium, 2024. (to appear)
SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024. (to appear)
Cross-Language Differential Testing of JSON Parsers.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024. (to appear)
On the Role of Pre-trained Embeddings in Binary Code Analysis.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024. (to appear)
See all publications of the research group.
AIGENCY — Opportunities and Risks of Generative AI in Security
The project aims to systematically investigate the opportunities and risks of generative artificial intelligence in computer security. It explores generative models as a new tool as well as a new threat. The project is joint work with Fraunhofer AISEC, CISPA, FU Berlin, and Aleph Alpha.
MALFOY — Machine Learning for Offensive Computer Security
The ERC Consolidator Grant MALFOY explores the application of machine learning in offensive computer security. It is an effort to understand how learning algorithms can be used by attackers and how this threat can be effectively mitigated.
ALISON — Attacks against Machine Learning in Structured Domains
The goal of this project is to investigate the security of learning algorithms in structured domains. That is, the project develops a better understanding of attacks and defenses that operate in the problem space of learning algorithms rather than the feature space.
See all projects of the research group.
We are generally looking for motivated and skilled PhD students and postdocs to join our group—even if we currently do not announce open positions. If you are passionate about research and interested in combining machine learning and computer security, contact us directly at jobs@mlsec.org.
Before writing an unsolicited email, take some time to write a good cover letter. In this letter, you should describe why you are a good fit for our group and what research you enjoy doing. Include the result of (0x62df**215)%0xf0e5
in the subject line of your email.
Technische Universität Berlin
Machine Learning and Security, TEL 8-2
Ernst-Reuter-Platz 7
10587 Berlin, Germany
Office: office@mlsec.tu-berlin.de
Responsibility under the German Press Law §55 Sect. 2 RStV:
Prof. Dr. Konrad Rieck