Adversarial Machine Learning

Key Information

Course Dates


Powered by: 


Earn a digital badge after successful completion of the module.


A certificate will be awarded upon successful completion of 4 CCET modules.

Must pass assessments with 80% or higher to receive a certificate and digital badge.


Adversarial Machine Learning has profound implications for safety-critical systems that rely on machine learning techniques, like autonomous driving. Machine learning models, such as neural networks, are often not robust to adversarial inputs. This module introduces concepts from machine learning and then discusses how to generate adversarial inputs for assessing robustness of machine learning models. Potential defenses — and their limits — are also discussed.


  • Understand why robustness of machine learning models is important in different application contexts, including autonomous driving
    Understand different types of attacks on machine learning systems
  • Machine learning concepts review: regression, loss, model training goals, gradient descent, and classification
  • Understand attack strategies on machine learning systems by modifying inputs
  • Understand different types of defenses and their limits


  • Introduction (5 min)
  • Adversarial Machine Learning Overview (21 min)
  • Adversarial Attacks on Machine Learning Models (8 min)
  • Physical Attacks on Machine Learning Models (32 min)
  • Short Intro to (Non-Adversarial) Machine Learning (18 min)
  • Types of Machine Learning Problems: Regression and Classification (8 min)
  • Linear Regression: Training and Loss (20 min)
  • Linear Regression: Model Fitting Using Gradient Descent (34 min)
  • Classification (18 min)
  • Neural Networks (29 min)
  • Adversarial Attacks on Neural Networks (41 min)
  • Advanced Attacks (32 min)
  • Physical-World Adversarial Attacks (22 min)
  • Defenses: Making Models Robust Against Adversarial Attacks on Neural Networks (32 min)

Modules are divided into shorter segments making it easier to learn at your own pace.

If completing a specialization, all four modules must be purchased together and completed in 180 days. For individual modules, you will have 60 days to complete.

Successful completion requires you to receive an 80% passing grade on the module assessment.

Upon successful completion of 4 modules purchased as a group, you will receive the U-M Certificate in Current and Emerging Technologies.

Select 4 modules from one concentration to deepen your knowledge in a subject or area. If you choose a specialization, your certificate will note the specialization you completed.

There are no prerequisites for this module. A bachelor’s degree in a science, engineering, or technical field is recommended, but not required.

To view technical requirements, click here.

Administrative/Online Technical Support

Support staff are available via phone and email to help with administrative and technical issues during our normal business hours (Monday through Friday 8:00 a.m. to 5:00 p.m. Eastern Time). 

Content Questions and Support

Candidates are welcome to contact the course instructors and/or their course assistants with content-related questions and support.


Atul Prakash

Atul Prakash, PhD

  • Professor, Electrical and Computer Science

Contact Nexus

Scroll to Top


Would you like to request a custom course? Please email Andrea Schuitman at [email protected] or submit the form below.

Become Our Next Partner

We want to build relationships with people and organizations and welcome the opportunity to connect with you.

Please submit form or call (734) 647-7200 to get started.