Human vs. Machine: Secure Machine Learning and Data Mining (90453)

Seminar in Winter Term 2015/2016

General Information
Juniorprof. Dr.-Ing. Christian Hammer
David Pfaff, M.Sc.
Marie-Therese Walter, M.Sc.
Stefan N├╝rnberger, M.Sc.
Seminar (7 credit points)
Course Material:
Slides and papers suggested during the course
Building E 9.1, Room 2.21
Friday, 14:00–16:00 (c.t.) (bi-weekly meetings)
(25th Jan): Presentation assignments have been added.
(11th Jan): Lecture Materials from the fourth reading group have been uploaded.
(14th Dec): Lecture Materials from the third reading group have been uploaded.
(30th Nov): Lecture Materials from the second reading group have been uploaded. Reminder: Review period was changed!
(16th Nov): Lecture Materials from the first reading group have been uploaded.
(6th Nov): Lecture Materials from the second session have been uploaded.
(4th Nov): Lecture Materials from the kick-off session have been uploaded.
Kick-off meeting was on Friday, 30 October.
The registration is closed.


Learning approaches have emerged as a means of countering sophisticated and evolving adversaries in settings with large amounts of data, which are too complex for hand-crafted solutions. However, in adversarial settings, the assets of learning can potentially be subverted by malicious manipulation. On the one hand, this exposes applications that are based on machine learning and data mining tasks to a new type of vulnerability in which an adversary can adapt to counter learning-based methods. For example, spammers may add unrelated words to junk mail to avoid detection by a spam filter. On the other hand, malicious users may use machine learning or data mining to host her own attacks, e.g. by correlating entries in multiple databases to identify (and thereby de-anonimyze) individual users. Thus, unlike most application domains, computer security applications present a unique data domain that requires careful consideration because of its adversarial nature.

In this seminar, we investiagte different application areas in which machine learning, data mining and security converge, such as Intrusion and Malware Detection, Adversarial Data Mining, Spam Filters, Machine Learning-based Side Channels, De-anonymization, and more.

If you are still interested and want to know more:
Here's a funny, academic and industry-bashing and at least partially serious talk by Alex Pinto from the latest DEFCON22: Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring

Lecture Material

The lecture notes and tools can only be viewed from within Saarland University. Please use a VPN to connect.