Security of Agentic AI Systems
(CS 7680)

This site is maintained for public access, if you are enrolled in the class see the Canvas webpage for detailed information.

Class Information
Instructor
Course Description

Agentic AI systems are autonomous entities capable of perceiving, reasoning, learning, and acting toward goals using large language models (LLMs) with minimal human oversight. While these systems offer significant potential advantages, they also introduce systemic risks. Misaligned or poorly defined objectives can drive agents to take unsafe shortcuts, bypass safeguards, or behave deceptively. As AI agents become increasingly embedded in real-world applications, ensuring their security, reliability, and alignment is becoming a critical priority. In this class we will study architectures and applications of agentic AI systems, understand threat models and attacks against them, and study existing proposed defenses.

The objectives of the course are the following:

  • Provide an overview of current frameworks to develop agentic AI systems, and threat models relevant in this context.
  • Read recent, state-of-the-art research papers from both security and machine learning conferences focused on attacks against agentic AI systems and proposed defenses, and discuss them in class. Students will actively participate in class discussions, and lead discussions on multiple papers during the semester.
  • Experiment with agentic AI systems through programming exercises and a semester-long research project. Students can select the topic of the research project.

Grade

The grade will be based on paper review submission (PR), participation in paper discussions in class (PD), presentations of papers in class and discussion lead (PL), one programming assignment (PA) and a research project (RP). Paper reviews are due by 9pm the day before the lecture when the paper is discussed. Submission is through Gradescope. Grade is computed as follows:

Grade = 15%*PR + 15%*PD + 10%*PL + 20%*PA + 40%*RP.
Academic Integrity

Academic Honesty and Ethical behavior are required in this course, as it is in all courses at Northeastern University. There is zero tolerance to cheating.

You are encouraged to talk with the professor about any questions you have about what is permitted on any particular assignment.

Resources

Schedule

A tentative schedule is posted below for public access. Class platform is Canvas available through mynortheastern. All additional material for the class and all class communication will take place on Canvas. For the most updated information check Canvas.

Week Topics
Week 1
Week 2
Week 3
Week 4
Week 5
Week 6
Week 7
Week 8
Week 9
Week 10
Week 11
Week 12
Week 13
Week 14
Week 15



Additional Reading List



Copyright© 2025 Cristina Nita-Rotaru. Send your comments and questions to Cristina Nita-Rotaru