Teaching

AML — Adversarial Machine Learning

This integrated lecture is concerned with adversarial machine learning. It explores various attacks on learning algorithms, including white-box and black-box adversarial examples, poisoning, backdoors, membership inference, and model extraction. It also examines the security and privacy implications of these attacks and discusses defensive strategies, ranging from threat modeling to integrated countermeasures.

   Course Website    Module 41117 Type: Lecture Audience: Master

SMARTLAB — Smart Security Lab

This lab is a hands-on course that explores machine learning in computer security. Students design and develop intelligent systems for security problems such as attack detection, malware clustering, and vulnerability discovery. The developed systems are trained and evaluated on real-world data, providing insight into their strengths and weaknesses in practice. The lab is a continuation of the lecture "Machine Learning for Computer Security" and thus knowledge from that course is expected.

   Course Website    Module 41116 Type: Lab course Audience: Master

AURA — Automatic Vulnerability Repair and Analysis

This project explores recent advances in automated software analysis and repair. Students will develop, implement, and evaluate techniques for analyzing source code, identifying security vulnerabilities, and automatically creating patches. The project is inspired by the DARPA AI Cyber Challenge (AIxCC) with the goal of developing AI-driven code analysis, identifying its capabilities, but also uncovering its limitations.

   Course Website    Module 41102 Type: Project Audience: Master

RAID — Reproducing AI Attacks and Defense

This project puts recent AI research to the test. Participants will re-implement current attack and defense techniques that utilize machine learning, evaluate their capabilities, and design improvements. Possible techniques include attacks and defenses for large language models and computer vision systems. The overall goal is to learn about the state of the art in AI security and reproduce results where possible.

   Course Website    Module 41102 Type: Project Audience: Master

LEAK — Unusual Side Channels and Privacy Leaks

In this block seminar, we will look at unusual ways in which an attacker can obtain secret information. We examine various physical side channels through which information can escape from a computer, such as acoustic, optical, and electromagnetic leaks. We also examine the security and privacy implications of the attacks and discuss appropriate defenses. The seminar is aimed at Bachelor students. No prior knowledge of side channels is required, but a strong interest is assumed.

   Course Website    Module 41103 Type: Seminar Audience: Bachelor

CARE — Code Analysis and Reverse Engineering

This block seminar is concerned with the analysis and reverse engineering of code. We will cover different techniques for program analysis of source code and binary code. In addition, we will look at concepts for understanding unknown software, reverse engineering its functionality, and discovering security vulnerabilities. The seminar is intended for Master students.

   Course Website    Module 41104 Type: Seminar Audience: Master