Welcome and Overview

Our research group conducts fundamental research at the intersection of computer security and machine learning. On the one end, we are interested in developing intelligent systems that can learn to protect computers from attacks and identify security problems automatically. On the other end, we explore the security and privacy of machine learning by developing novel attacks and defenses.

We are part of the Berlin Institute for the Foundations of Learning and Data (BIFOLD) at Technische Universität Berlin. Previously, we have been working at Technische Universität Braunschweig and the University of Göttingen.

News and Updates

December 11, 2025 — We are honored and grateful to receive the Test-of-Time Award at ACSAC for our work on detecting JavaScript attacks. Thank you all so much! 🏆😊

October 15, 2025 — We are thrilled to receive the Distinguished Paper Award at CCS for our work on manipulating weather forecasts of AI models 🏆.

October 13, 2025 — We are attending CCS in Taipei, 🇹🇼. Erik is presenting our work on manipulating weather forecasts of AI models, and Anna is presenting a workshop paper on threat modeling for cloud applications.

October 1, 2025 — We are starting the winter semester with new courses, including our lecure on adversarial machine learning and projects on AI attacks and defenses. Register in the ISIS platform 📚.

See all news and updates of the research group.

Recent publications

A Large-Scale Study of Personalized Phishing using Large Language Models.
Stefan Czybik, Anne Josiane Kouam, Peter Heubl, Jan Magnus Nold and Konrad Rieck.
35th USENIX Security Symposium, 2026. (to appear)

PDF

LLM-based Vulnerability Discovery through the Lens of Code Metrics.
Felix Weissberg, Lukas Pirch, Erik Imgrund, Jonas Möller, Thorsten Eisenhofer and Konrad Rieck.
48th IEEE/ACM International Conference on Software Engineering (ICSE), 2026. (to appear)

PDF Code

Manipulating Feature Visualizations with Gradient Slingshots.
Dilyara Bareeva, Marina M.-C. Höhne, Alexander Warnecke, Lukas Pirch, Klaus-Robert Müller, Konrad Rieck, Sebastian Lapuschkin and Kirill Bykov.
Advances in Neural Information Processing Systems 39 (NeurIPS), 2025.

PDF Code

Adversarial Observations in Weather Forecasting.
Erik Imgrund, Thorsten Eisenhofer and Konrad Rieck.
32nd ACM Conference on Computer and Communications Security (CCS), 2025.
Distinguished Paper Award

PDF Code

See all publications of the research group.

Current projects

DISTEL — Differential Security Testing of LLMs

This project introduces differential security testing for LLMs. It aims to compare LLM behavior across model variants, software stacks, and hardware platforms. The goal is to assess whether differences can impact the security and trustworthiness of LLMs. The project is part of the excellence cluster CASA.

DFG 2026 – 2029

AIGENCY — Opportunities and Risks of Generative AI in Security

The project aims to systematically investigate the opportunities and risks of generative artificial intelligence in computer security. It explores generative models as a new tool as well as a new threat. The project is joint work with Fraunhofer AISEC, CISPA, FU Berlin, and Aleph Alpha.

BMBF 2023 – 2026

MALFOY — Machine Learning for Offensive Computer Security

The ERC Consolidator Grant MALFOY explores the application of machine learning in offensive computer security. It is an effort to understand how learning algorithms can be used by attackers and how this threat can be effectively mitigated.

ERC 2023 – 2028 Website

See all projects of the research group.

Contact

BIFOLD & TU Berlin
Machine Learning and Security (FR7-4)
Franklinstraße 28-29
10587 Berlin, Germany

Office: office@mlsec.tu-berlin.de
Responsibility under the German Press Law §55 Sect. 2 RStV:
Prof. Dr. Konrad Rieck