Robust and Secure AI - Ph.D. Course (20 hours)

📖 Course Overview

The course is designed to provide an introductory yet technical understanding of the security vulnerabilities and threats that modern AI systems face, with a focus on deep neural networks and computer vision applications. Participants will explore key definitions and techniques for designing and implementing AI-based security attacks and safety threats while also gaining a foundational understanding of how to protect AI systems against them. A portion of the course will be devoted to hands-on laboratory sessions, where participants will implement attacks and countermeasures in practical deep neural network applications.

The main topics of the course are organized as follows:

  1. Introduction and Foundations of AI
  2. Adversarial Attacks and Robustness
  3. Adversarial Defenses and Robust Training
  4. Poisoning Attacks and Backdoors
  5. Out-of-Distribution Detection & Uncertainty Analysis
  6. Introduction to Privacy Attacks
  7. Hands-on Laboratories and Research Tips in Secure and Safe AI.

🛠️ Format & Exam

  • Lectures: 20 hours (in-person).
  • Exam (2 CFU): Project/Research work + oral discussion.

To attend the course in the first semester of the 2025–2026 academic year, please fill out the following form: Course Registration Form.

A Microsoft Teams channel will be set up soon for feedback, questions, and announcements.

🗓️ Schedule

Scheduled lectures are showed in the following, while next dates and rooms will be confirmed soon.

  • Lecture 1 – Introduction and Foundations of DNNs in Vision – 13 October (14:00–17:00) 15 October (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 2 – Adversarial Attacks and DNN Robustness – 14 October (14:00–17:00) 16 October (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 3 – Adversarial Defenses – 22 October (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 4 – Out of Distribution and Uncertainty – 23 October (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 5 – Explainable AI and Challenges – 28 October (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 6 – Poisoning and Backdoor Attacks – 29 October (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 7 – DNNs Stealing and Privacy Attacks – 4 November (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

  • Lecture 8 – Laboratory and Conclusion – 5 November (14:00–17:00) , PC Room, Tecip, Scuola Superiore Sant’Anna, Via Giuseppe Moruzzi 1

📂 Lectures

You can find all lectures and notebooks in the following OneDrive folder: LINK

The folder is password-protected. Attendees can contact me directly to request access.

📬 Contact

giulio.rossolini@santannapisa.it