diff --git a/website/docs/resources/readings.md b/website/docs/resources/readings.md
index fd7eb8a..ac782f6 100644
--- a/website/docs/resources/readings.md
+++ b/website/docs/resources/readings.md
@@ -54,6 +54,9 @@
 - Battista Biggio, Blaine Nelson, and Pavel Laskov.
   [*Poisoning Attacks against Support Vector Machines*](https://arxiv.org/pdf/1206.6389).
   ICML 2012.
+- Battista Biggio, Ignazio Pillai, Samuel Rota Bulò, Davide Ariu, Marcello Pelillo, and Fabio Roli.
+  [*Is Data Clustering in Adversarial Settings Secure?*](https://arxiv.org/abs/1811.09982). 
+  AISec 2013.
 - Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, and Rob Fergus.
   [*Intriguing Properties of Neural Networks*](https://arxiv.org/pdf/1312.6199.pdf).
   ICLR 2014.