Machine Learning for Systems and Network Security

The course aims to provide students with in-depth skills in applying machine learning within the context of cybersecurity, exploring its applications, benefits, limitations, and future prospects. In particular, the curriculum seeks to convey the theoretical and practical principles of malware analysis and to highlight the challenges related to dataset size and diversity, model generalization, and the phenomenon of concept drift. Students will also delve into attack and defense techniques in the realm of adversarial machine learning by studying real-world scenarios.

By the end of the course, students will be able to design and implement machine learning pipelines for malware analysis and classification—managing imbalanced datasets, performing static and dynamic analysis, and addressing concept drift—critically evaluate the limitations and potentials of security models (overfitting, bias, generalization), develop and apply countermeasures against adversarial attacks (white-box and black-box) through retraining, ensembling, and model hardening strategies, integrate advanced authentication techniques, and leverage Large Language Models for reverse engineering and defensive code generation.