[an error occurred while processing this directive]
<meta NAME="ROBOTS" CONTENT="index,follow">
<meta NAME="keywords" CONTENT=" communication, course, verification, network, department, properties, example, participants, protocol, information, system, different, concrete, knowledge, oblivious, secure, retrieval, distance, bounding, location, transfer, building, describe, unusual, assumptions, design, blocks, message, security, number, understand, requirements, students, zero, adversary, enable, university, provide, complex, remaining, computer, science, authentication, oxford, places, interactive, able, held, private, confidentiality, cryptogrphic, localisation, intersection, introduction, primitives, interception, objectives, successful, localization, compromise, introduce, important, networked, necessary, currencies, technical, frequency, statements, including, agreement, integrity, familiarity, contracts, services, normally, accomplish, insecure, preserving, liveness, beneficial, familiar, encryption, advanced, signatures, ordering, spending, explore, workings, between, devices, contents, details, channel, cellular, choices, analysis, achieve, perfect, forward, secrecy, problems, purpose, exchange, manner, skills, studies, changed, cannot, changes, modeled, concepts, basics, analyse, respect, desired, various, simple, context">
<meta name="DESCRIPTION" content="Communication Security course To describe and enable participants to explore how cryptogrphic primitives are used to enable secure communication The course will introduce the students to a large number of important goals and properties between networked devices that is necessary to provide the services we use every day in a secure manner The course will focus on concrete and technical skills that enable students to understand the details of what a communication protocol can and cannot provide Frequency This course normally runs twice a year ">


<meta name="Edited" content="Thu, 13 Nov 2025 13:45:01 GMT">
<meta name="Published" content="Thu, 13 Nov 2025 13:45:04 GMT">

<title>Software Engineering at Oxford | Security and Privacy of ML </title>

<!-- icon -->
<link rel="shortcut icon" type="image/ico" href="../favicon.ico">

<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"></script>
<script type="text/javascript">_uacct = "UA-1306673-1";urchinTracker();/*UA-579489-1*/</script>
<META name="verify-v1" content="CwYQSB0rDIbG5v7tQy+2xKxvNEoOxCNSFYYF7mSW7bo=" />
[an error occurred while processing this directive]

<div id="breadcrumb">
   
   <ul class="mainnav">
      <li>
         <a href="/">Computer Science</a></li><li><a href="/softeng/">Professional Masters</a>
      </li>
      <li>
         <a href="/softeng/courses/">Courses</a>
      </li>
      <li>
         <a href="/softeng/courses/subjects.html">Subjects</a>
      </li>
      <li>
         <span class="youarehere">Security and Privacy of ML </span>
      </li>
   </ul>
</div>


<!--
<span id="headerItem">
  <a href="../programme/contact.html" title="Contacts">Contact</a> | 
  <a href="../search/search.jsp" title="Search">Search</a> |
  <a href="../sitemap.html" title="Sitemap">Site map</a> | 
  <a href="https://www.softeng.ox.ac.uk/signin/" title="Sign in">Sign
  in</a>
</span>
-->

<div id="content">

<table cellpadding="0" cellspacing="0" border="0"><tr><td style="width: 75px"><div style="width: 75px;height: 75px"><div style="width: 55px;height: 55px; margin: 10px;-moz-box-shadow: 0px 5px 5px rgba(0,0,0,0.3), -2px 1px 5px rgba(0,0,0,0.3), 2px 1px 5px rgba(0,0,0,0.3); -webkit-box-shadow: 0px 5px 5px rgba(0,0,0,0.3), -2px 1px 5px rgba(0,0,0,0.3), 2px 1px 5px rgba(0,0,0,0.3); box-shadow: 0px 5px 5px rgba(0,0,0,0.3), -2px 1px 5px rgba(0,0,0,0.3), 2px 1px 5px rgba(0,0,0,0.3);-moz-border-radius: 8px;-webkit-border-radius: 8px; border-radius: 8px;" id="CMSBg"><div style="font-size: 14px; font-weight: bold; text-align:center; position: relative; top: 20px; background-color: transparent; color: white"> </div></div></div></td><td style="vertical-align:middle"><h1>Security and Privacy of ML</h1></td></tr></table>
      <div>
	<h4>Summary </h4>
	<p><p>This course considers the new threat classes arising from incorporating Machine Learning in a system, exploring the potential vulnerabilities, potential modes of attack and opportunities for defence, detection, and reaction, providing an approach to the evaluation of the robustness of particular ML approaches.  Adversarial machine learning will be a central theme of the course, including attack vectors like evasion, poisoning, and model extraction/inversion.  </p>
<h4>Objectives</h4>
<p><p>The objectives of this course are to:</p>
<ul>
<li>explore the vulnerabilities of deep learning architectures; </li>
<li>learn about defence mechanisms such as adversarial training, input sanitization, and certified defences, together with prompt injection attacks and strategies for making AI systems robust against manipulation via prompt engineering;</li>
<li>study applications and analyse implications of these threats to privacy and safety to inform wider business discussions of risk.
</li>
</ul></p>
<h4>Contents</h4>
<p><ul>
<li>Privacy attacks on ML models: Threat modelling in ML deployment contexts; Attacks on training data, including: membership inference attacks (inferring if an instance is in the training data), model inversion attacks (reconstructing the training data); Model stealing attacks; White-box vs black-box attack settings. </li>
<li>Privacy-preserving ML: Differential Privacy for ML Training; Federated Learning with Differential Privacy; Homomorphic Encryption and Secure Multi-Party Computation (for private training and private inference).</li>
</ul></p>
<h4>Requirements</h4>
<p>Required background knowledge includes fundamentals of machine learning, security and privacy. </p>

	
      </div>

<br>

    
[an error occurred while processing this directive]

<!--  mainnav div starts -->
<div id="nav">     
 <h2 id="mainsections">Main sections</h2>
 
 <h2 id="inthissection">Programme</h2>
 <ul class="mainnav" >
  <li>
   <a href="../" title="Return to the Home page" class="menu" >Home</a>
  </li>
  <li>
   <a href="../programme/index.html" title="About the programme" class="menu">About</a>
  </li>
  
  <li>
   <a href="../programme/people.html" title="The people involved" class="menu">People</a>
  </li>
  <li>
   <a href="http://www.cs.ox.ac.uk" target="_blank" title="Department of Computer Science" class="menu">Department</a>
  </li>
  <li>
   <a href="../programme/contact.html" title="Getting in touch" class="menu">Contact us</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">Courses</h2>
  <ul class="mainnav">
  <li>
   <a href="../courses/" title="About the courses" class="menu">About</a>
  </li>
  <li>
   <a href="../courses/subjects.html" title="Subjects offered" class="currentsection">Subjects</a>
  </li>
  <li>
   <a href="../courses/calendar.html" title="Course dates" class="menu">Calendar</a>
  </li>
  <li>
   <a href="../courses/booking.html" title="How to book a place on a course" class="menu">Booking</a>
  </li>
  </ul>
  
  
  <h2 id="inthissection">MSc Study</h2>
  <ul class="mainnav">
  <li>
   <a href="../study/" title="Flexible, postgraduate study" class="menu">About</a>
  </li>
   
  <li>
   <a href="../study/fees.html" title="University fees" class="menu">Fees</a>
  </li>
  <li>
   <a href="../study/apply.html" title="How to apply" class="menu">Applications</a>
  </li>

  </ul>
  
  
  <h2 id="inthissection">Resources</h2>
  <ul class="mainnav">
  <li>
   <a href="../handbook/" title="Handbook" class="menu">Handbook</a>
  </li>
   
 </ul>



[an error occurred while processing this directive]