PhD Position in Security and Privacy of Edge AI

Updated: about 1 month ago
Deadline: 18 Sep 2021

We are seeking a highly motivated candidate to work on cutting-edge research in the field of security and privacy of edge AI. The successful candidate will work in the Complex Cyber Infrastructure group (Research groups - Informatics Institute - University of Amsterdam ( , under supervision of Dr. Zoltan Mann.

Edge AI refers to the deployment of artificial intelligence (AI), and especially machine learning (ML) applications to a large number of geographically distributed devices with limited computational capabilities (edge devices). This way, large amounts of data produced at the network edge can be processed locally, without the need to send the data to distant data centers. Edge AI has many important applications in various domains, including manufacturing, healthcare, and smart cities.

Existing ML approaches are associated with considerable security and privacy challenges. In recent years, several successful attacks on ML systems have been demonstrated, in which attackers were able to mislead ML systems or to gain access to confidential training data. Given the potentially devastating consequences of such attacks, this has led to great interest in secure and privacy-preserving ML approaches.

Ensuring security and privacy of ML is especially challenging in the edge AI setting, because edge devices are usually resource-constrained, highly distributed, heterogeneous, and prone to attacks. Applying recently proposed solutions for secure and privacy-preserving ML (for example, based on homomorphic encryption or differential privacy) in the context of edge AI is difficult, for example because of limitations of computing power and energy consumption.

Thus, there is a need for research on secure and privacy-preserving ML that takes into account the specific properties and limitations inherent in edge AI.

What are you going to do

You are expected to:

  • perform original research on security and privacy of ML, taking into consideration the specifics of edge AI;
  • develop new algorithms, models, architectures and tools;
  • complement theoretical work with implementation and validation in practical scenarios;
  • actively participate in the activities of the Complex Cyber Infrastructure group, including project activities and cooperation with partners;
  • contribute to teaching and supervision of students;
  • publish and present your results in renowned international journals and conferences.

View or Apply

Similar Positions