Internship | Investigate security of federated computer vision applications
About this position
In conventional training of machine learning models, data is stored in one location. More data often means better performance, thus if multiple parties want to contribute to the training, they have to share their data. Nevertheless, when data is sensitive, data sharing is often not possible or allowed. Federated Learning (FL) is a technique where an AI model can be trained with data from multiple parties without having to upload this data to a central location. This technique proves to be very effective and more secure than conventional training. However, research has shown that still some of the original (private) data can be reconstructed from the model itself, which is done via so-called (gradient) inversion attacks. For example, with such an attack the images and corresponding labels in the private training data can be reconstructed. The aim of the project is to explore the vulnerabilities of the current state-of-the-art algorithms for FL in terms of inversion attacks.
What will be your role?
Your role will be to enhance privacy by exploring vulnerabilities related to inversion attacks and – when possible – mitigate these vulnerabilities. The focus will lie on applying FL on computer vision applications. You will start your internship with a literature study to understand the current state-of-the-art of inversion attacks approaches on FL systems. Furthermore, you will look at weaknesses in the current implementations, and investigate solutions to improve protection of a FL system against inversion attacks. Optionally, you can write a scientific paper on the topic.
Your research could make a direct impact in the development of automatic document verification, where the goal is to detect whether an identity document is fake or genuine. The proposed solution can enhance the accuracy and security of identity verification. This allows multiple EU countries to collaboratively develop models without sharing sensitive data, thereby streamlining processes and protecting traveler information.
You will perform this assignment within TNO’s Intelligent Imaging department. The Intelligent Imaging department is a passionate, creative, and dedicated team of professionals (60 people) specialized in developing groundbreaking applications in the field of computer vision. Our team members have diverse backgrounds, ranging from the medical field to artificial intelligence. Intelligent Imaging is a young and growing department which has built up a lot of expertise over the past years in AI and deep learning.
What we expect from you
We are looking for a student that wants to join our cutting-edge research team to explore the vulnerabilities in FL models. This position is perfect for students who are passionate about AI, data security, and advanced machine learning techniques. You are interested in taking a deep dive into the world of gradient inversion attacks and helping us uncover weaknesses in state-of-the-art AI algorithms.
Additional requirements include that you are in the final stages of your master’s degree in artificial intelligence, computer science, physics, mathematics, electrical engineering, or a similar degree. You have some experience in computer vision, artificial intelligence, deep learning and Python-programming. The duration of the master project or internship is between 6 and 12 months.
What you’ll get in return
You want an internship opportunity on the precursor of your career; an internship gives you an opportunity to take a good look at your prospective future employer. TNO goes a step further. It’s not just looking that interests us; you and your knowledge are essential to our innovation. That’s why we attach a great deal of value to your personal and professional development. You will, of course, be properly supervised during your work placement and be given the scope for you to get the best out of yourself. Furthermore, we provide:
We schrijven zelden, maar alleen de beste inhoud.