194.055 Security, Privacy and Explainability in Machine Learning
This course is in all assigned curricula part of the STEOP.
This course is in at least 1 assigned curriculum part of the STEOP.

2020S, VU, 2.0h, 3.0EC


  • Semester hours: 2.0
  • Credits: 3.0
  • Type: VU Lecture and Exercise

Learning outcomes

After successful completion of the course, students are able to...

- Identify threats to privacy of individuals in machine learning datasets

- Select fitting solutions for privacy-preserving machine learning

- Understand attack vectors on machine learning models, and how attacls can be detected and mitigated

- Select fitting concepts for explainable and interpretable machine learning

Subject of course

  • Privacy-preserving techniques to anonymize sensitive information in the input data, e.g. to facilitate data sharing, with a specific focus on the implications on the utility of the data and the models trained thereon. This includes e.g. k-anonymity and related models such as l-diversity, as well as differential privacy, etc.
  • Privacy-preserving techniques, such as differential privacy, to prevent information leaks from trained models
  • Attack vectors on machine learning models, e.g. membership attacks, and model stealing, Adversary Input Generation and how to limit them
  • Backdoor embedding to manipulate the behaviour of seemingly benign models for malicious purposes
  • Privacy-preserving computation of machine learning models, e.g. with secure multi-party computation, and homomorphic encryption approaches
  • Explainability of machine learning models to facilitate a better understanding and trust in the models, e.g. via visualization, rule extraction, Zero-Shot Learning


Teaching methods

The course contains classroom lectures and exercises. Exercises include the application of privacy-preserving, secure and explainabel machine learning techniques for various data sets and implementation of thses techniques. The exercises are prepared at home and will be presented/discussed during the exercise classes.  

Mode of examination


Additional information


5.3. 2020: Preliminary talk (Vorbesprechung) & intro


For all other dates, please see TUWEL! Note that the lecture won't take place every week!




Course dates

Thu13:00 - 15:0005.03.2020 - 12.03.2020FAV Hörsaal 2 Vorlesung
Security, Privacy and Explainability in Machine Learning - Single appointments
Thu05.03.202013:00 - 15:00FAV Hörsaal 2 Vorlesung
Thu12.03.202013:00 - 15:00FAV Hörsaal 2 Vorlesung

Examination modalities

- Solving of exercises regarding experiments in secruity, privacy and explainability of machine learning, using a software toolkit of the student's choice (e.g. Python scikit-learn, Matlab, R, WEKA, ...)

- Written exam at the end of the semester


DayTimeDateRoomMode of examinationApplication timeApplication modeExam
Tue - 29.06.2021written&oral01.06.2021 00:00 - 22.06.2021 23:59TISSExam SPEML (Main Date SS 2021)

Course registration

Begin End Deregistration end
01.12.2019 00:00 20.04.2020 23:59 21.04.2020 23:59



No lecture notes are available.

Previous knowledge

184.702 Machine Learning

Preceding courses