Instructor Gang Wang (
Time/Location Tuesday/Thursday 3:30 PM - 4:45 PM in McBryde Hall 226
Office Hour By appointment. My CRC office is in KnowledgeWorks II, room 2223 (Reachable via CRC shuttle)
Text Book The majority of reading material for this course will come in the form of research papers. There is no required textbook.

Class Description

Machine learning has become a mainstream tool that significantly extends the capabilities of data-driven systems in a variety of areas. This class will focus on understanding the recent inter-play between machine learning and security. 1) machine learning is a useful technique to build new solutions for many security problems. 2) Similarly, attackers may also use machine learning to launch more intelligent attacks. 3) machine learning itself can introduce a whole new class of risks, allowing adversaries to manipulate the machine learning process and the outcome.

This is not a typical machine learning class: we will not focus on developing new theories or methods in machine learning. Instead, we will study the state of the art in applied machine learning in security related topics. We will focus on understanding the best, most creative ways to apply existing machine learning tools and techniques as well as their limitations and potential risks. In this class, we will read a number of technical papers, and work on a research project in teams of 2-3 students. The goal of the project is to extend current machine learning techniques to new problems, with the end goal of producing real and publishable results by the end of the semester. In addition, students are expected to gain experience in two valuable skills: quickly reading technical papers (without sacrificing understanding), and giving good public presentations.

Expected Work

Participation: students are required to attend all lectures, read all required papers and participate in paper discussions both online and in-class.

Team Project: 2-3 students will form a team to work on a single research project throughout the semester. The project should aim to solve a real problem in the intersection area of machine learning and security/privacy. Each team will give a short talk in the midterm and have a final presentation at the end of the semester. Each team is also expected to write up a final project report.

Paper Presentation: students will present papers during the class to lead the discussion. Each student will cover 1-2 papers depending on the class size.


If any student needs special accommodations because of a disability, please contact the instructor in the first week of classes.