THE UNIVERSITY of EDINBURGH

DEGREE REGULATIONS & PROGRAMMES OF STUDY 2024/2025

Timetable information in the Course Catalogue may be subject to change.
University Homepage
DRPS Homepage
DRPS Search
DRPS Contact
DRPS : Course Catalogue : School of Informatics : Informatics

Undergraduate Course: Privacy and Security with Machine Learning (UG) (INFR11252)

Course Outline
SchoolSchool of Informatics CollegeCollege of Science and Engineering
Credit level (Normal year taken)SCQF Level 11 (Year 4 Undergraduate) AvailabilityNot available to visiting students
SCQF Credits10 ECTS Credits5
SummaryThis course follows the delivery and assessment of Privacy and Security with Machine Learning (INFR11240) exactly. Undergraduate students must register for this course, while MSc students must register for INFR11240 instead.
Course description This course follows the delivery and assessment of Privacy and Security with Machine Learning (INFR11240) exactly. Undergraduate students must register for this course, while MSc students must register for INFR11240 instead.
Entry Requirements (not applicable to Visiting Students)
Pre-requisites Students MUST have passed: Computer Security (INFR10067)
It is RECOMMENDED that students have passed Machine Learning (INFR10086) AND Applied Machine Learning (INFR11211) AND Machine Learning and Pattern Recognition (INFR11130)
Co-requisites
Prohibited Combinations Students MUST NOT also be taking Privacy and Security with Machine Learning (INFR11240)
Other requirements This course follows the delivery and assessment of Privacy and Security with Machine Learning (INFR11240) exactly. Undergraduate students must register for this course, while MSc students must register for INFR11240 instead.
Course Delivery Information
Academic year 2024/25, Not available to visiting students (SS1) Quota:  None
Course Start Semester 2
Timetable Timetable
Learning and Teaching activities (Further Info) Total Hours: 100 ( Lecture Hours 15, Supervised Practical/Workshop/Studio Hours 3, Summative Assessment Hours 2, Programme Level Learning and Teaching Hours 2, Directed Learning and Independent Learning Hours 78 )
Assessment (Further Info) Written Exam 75 %, Coursework 25 %, Practical Exam 0 %
Additional Information (Assessment) Written Exam 75%«br /»
Coursework 25%«br /»
«br /»
The coursework will not require an implementation; it will be a report (10 pages max) that the students will have to write in teams about the privacy and security risks of an ML application of their choice. The students will receive feedback on a draft of a report that will not be marked and will submit the final report (15%) in the last week of the semester.«br /»
«br /»
There will be a quiz at the end of the first part of the course (10%).«br /»
«br /»
There will be two lab sessions that require implementing one of the attacks. The lab sessions are not marked but the students are strongly encouraged to attend the sessions in preparation for the exam.«br /»
«br /»
There will be a final exam (75%) to assess the students' progress in achieving the course's learning outcomes.
Feedback The students will receive detailed feedback from the draft of the report indicating what aspects they can improve. They will also receive feedback from the lab demonstrators and obtain the correct answers to the quiz.
Exam Information
Exam Diet Paper Name Hours & Minutes
Main Exam Diet S2 (April/May)Privacy and Security with Machine Learning (UG) (INFR11252)2:00
Learning Outcomes
On completion of this course, the student will be able to:
  1. classify the attacks covered by the course according to their adversary model (e.g., objective, background knowledge, and capabilities)
  2. define the underlying privacy and security properties undermined by the attacks
  3. identify properties and assumptions of each setting that are necessary for the effectiveness of some of the attacks (e.g., in attacks against a supervised model: overfitting of the model, i.i.d. assumption, etc)
  4. discuss the challenges in mitigating specific attacks (e.g., trade-offs between accuracy and privacy)
  5. identify the privacy and security concerns in real-world applications of ML. For example, if you train an ML model on healthcare data, what could go wrong for your future users¿ privacy?
Reading List
Mark Stamp. Introduction to Machine Learning with Applications in Information Security. 2022.

Nelson, Rubinstein, Joseph, Tygar. Adversarial Machine Learning. Cambridge University Press, 2019.

Papernot et al. SoK: Security and Privacy in Machine Learning. IEEE Euro S&P 2018

MITRE's ATLAS: https://atlas.mitre.org
Additional Information
Graduate Attributes and Skills Critical thinking, adversarial thinking, and knowledge integration. Creativity. Teamwork skills, verbal, and cross-disciplinary communication.
KeywordsPrivacy,Cyber Security,Machine Learning
Contacts
Course organiserDr Marc Juarez Miro
Tel: (0131 6)50 2707
Email: marc.juarez@ed.ac.uk		 Course secretaryMiss Yesica Marco Azorin
Tel: (0131 6)50 5194
Email: ymarcoa@ed.ac.uk
Navigation
Help & Information
Home
Introduction
Glossary
Search DPTs and Courses
Regulations
Regulations
Degree Programmes
Introduction
Browse DPTs
Courses
Introduction
Humanities and Social Science
Science and Engineering
Medicine and Veterinary Medicine
Other Information
Combined Course Timetable
Prospectuses
Important Information
 
Privacy & cookies
© Copyright 2024 The University of Edinburgh - 15 January 2025 9:20 pm