The study of attacks against machine learning systems and defenses to make them more robust. Includes adversarial examples designed to fool models and techniques to defend against such attacks.