PhD position in Cybersecurity
Project Title: Security of Machine Learning for Security Applications
- Mekelweg, Delft, Zuid-Holland
- Tijdelijk contract / Tijdelijke opdracht
- Uren per week:
- 38 - 40 uur
- € 2395 - € 3061 per maand
Artificial Intelligence (AI) and Machine Learning (ML) are successfully applied in various domains like automatic translation, autonomous vehicles, and security.
In this project, the PhD candidate will consider security applications and how failure modes in machine learning play a role there.
As such, there are several directions that motivate this project:
- The type of failure modes (perturbation attacks, poisoning attacks, membership inference, backdoor ML, etc.)
- The dynamic changes in the environment the attacks occur.
- The security implications of such attacks.
Finally, in scenarios where machine learning techniques are used as the attack mechanism, it remains to be investigated whether failure modes could provide tailor-made countermeasures.
This project distincts from many others in adversarial machine learning as we aim to rigorously investigate the failure modes of ML, but in the context of security. As such, we do not only ask the question how to do something, but also why to do it for a specific context. What is more, we are interested in the physical security of ML, so we will be exploring side-channel and fault injection attacks on ML (to enhance the effectiveness of failure modes or to detect them).
For this project, the PhD candidate should possess a strong background knowledge in machine learning as we aim to provide new paradigms for failure modes in ML: both from the offense and defense perspectives.
The candidate will join the AISyLab team at the Technical University Delft.
The PhD candidate will work on this project and is also expected to participate in the group activities and have regular meetings with his/her supervisors.
- Batina, L., Bhasin, S., Jap, D., & Picek, S. (2019). CSI NN: Reverse Engineering of Neural Network Architectures
- Through Electromagnetic Side Channel. 28th USENIX Security Symposium (USENIX Security 19), 515-532
- Picek, S., Jap, D., & Bhasin, S. (2019). Poster: When Adversary Becomes the Guardian -- Towards Side-channel Security With Adversarial Attacks. CCS
- '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications SecurityNovember 2019, 2673-2675
- Vorobeychik, Y., Kantarcioglu, M., & Brachman, R. (2018). Adversarial Machine Learning. Morgan & Claypool Publishers
- Moosavi-Dezfooli, S. M., Fawzi , A., Fawzi , O., & Frossard, P. (2018). Universal adversarial perturbations. CoRR abs/1610.08401
A master’s degree (completed, or to be completed shortly) in computer science or a closely related field. A master’s degree in security or artificial intelligence is a plus.
Excellent analytical skills and experience in programming languages (especially Python). Background knowledge on machine learning.
Solid interest in, and proven experience with, cybersecurity and machine learning (through publications, projects, etc.).
Excellent command of English, both oral and in writing.
Team spirit and communication skills, as you will work and collaborate in a large team..
TU Delft offers PhD-candidates a 4-year contract, with an official go/no go progress assessment after one year. Salary and benefits are in accordance with the Collective Labour Agreement for Dutch Universities, increasing from € 2395 per month in the first year to € 3061 in the fourth year. As a PhD candidate you will be enrolled in the TU Delft Graduate School. The TU Delft Graduate School provides an inspiring research environment with an excellent team of supervisors, academic staff and a mentor. The Doctoral Education Programme is aimed at developing your transferable, discipline-related and research skills.
The TU Delft offers a customisable compensation package, discounts on health insurance and sport memberships, and a monthly work costs contribution. Flexible work schedules can be arranged. For international applicants we offer the Coming to Delft Service and Partner Career Advice to assist you with your relocation.
For information about this vacancy, please contact Dr. Stjepan Picek, Assistant Professor, email: firstname.lastname@example.org, tel: +31 15 2789319.