Intern Program AI security & Cybersecurity

As an intern with the Navinfo Europe Cybersecurity team, you will research and write your master thesis on innovations cybersecurity technologies for Connected cars, IoT, Artificial Intelligence solutions.  

You will have the freedom and support of Navinfo Europe to develop your research in one of the fastest-growing business areas of the world. We will give you the opportunity to gain knowledge and skills on a wide range of the most innovative cybersecurity tools, technologies, and methodologies. 

You are free to write your own research proposal or choose one of the following suggested areas of research:  

1. Penetration testing and reverse engineering of Connected cars and IoT devices. 

2. Automated Man-in-the-middle attacks for the mobile network (2G/3G/4G/5G) traffic with software-defined radio (SDR) solutions. 

3. Cybersecurity protection for Artificial Intelligence solutions, Deep Neural networks (DNN) models. 

Examples of internship projects provided below: 

1. Internship project/Master thesis: Automated Man-in-the-middle attacks for 2G/3G/4G/5G mobile networks with SDR solutions. 

Mobile communications are used by more than two-thirds of the world population who expect security and privacy guarantees. Even though privacy was a requirement, numerous man-in-the-middle attacks, and network traffic interception techniques were demonstrated at the biggest cybersecurity conferences.  

In this research, we will automate mobile traffic interception for different mobile network standards and discover new vulnerabilities in communications protocols. Finally, we will conduct a security analysis of the vulnerability and propose countermeasures to remedy our attacks. 

2. Internship project/Master thesis: Penetration testing and reverse engineering of Connected cars and IoT devices. 

Connected cars are likely the most complex connected devices we see. The attack surface is immense – the Internet, mobile, Bluetooth, custom RF protocols, DAB, media files imported over USB, remote diagnostics, telematics, mobile apps…  As an intern, you will get hands-on experience with penetration testing and software, hardware reverse engineering of modern electric cars and IoT devices: 

• Software fuzzing  
• Exploit development 
• Key fob communication security analyses  
• NFC communication security analyses 
• CAN bus communication security analyses 
• Reverse engineering firmware 
• Reverse engineering mobile application 

3. Internship project/Master thesis: Improve robustness of digital watermarking DNN models 

Comprehensive IP protection of NavInfo Europe models requires robustness of digital watermarking methods against various attacks. Ambiguity attack is one that can be rightfully classified as the most difficult. Ambiguity attack aims to cast doubts on the ownership verification by forging counterfeit watermarks. The ownership is in doubt since both the original and forged watermarks are detected by the verification process. This type of attack poses serious threats to existing DNN watermarking methods. That is why we propose to start the exploration of that topic with a student internship or master thesis project. 

4. Master thesis: Coverage-guided penetration testing of DNN models 

It is well known that DNN models can be easily offended by adversarial attacks. A DNN model is unsafe if even one adversarial example (mislabeled after minor perturbation) can be found. To prevent enormous financial and reputational risks, a penetration test is required. The test can provide a meaningful indication of model performance and robustness; bug finding and structure analysis. Applying various adversarial attacks by using available toolboxes in an unconstrained way is insufficient. The testing that is done within the guidelines from non-structured coverage metrics is much more promising. Coverage-guided penetration test stays away from exhaustive (endless) testing and indicates test completeness. Several recent papers show potential and development in this direction. While testing, random mutation enhanced with the coverage knowledge, i.e., targeted mutation, is designed to generate test cases. However, the attacks generated by random mutations do not correlate with the published one in the available toolboxes. This significantly reduces the tested space as well as its representativeness of actual attacks on DNN. That is why we propose to start the exploration of that topic with a student master thesis. 

5. Internship project/Master thesis: Digital watermarking of proprietary datasets for training DNN models 

NavInfo possesses several proprietary and costly datasets that are used to train DNN models. Hidden labeling such data by digital watermarking could prevent financial and reputational risks caused by data leakage or accidental breaches. Dataset watermarking creates imperceptible changes to a dataset such that any model trained on it will carry an identifiable mark. The watermark should be robust to strong variations during the training such as different architectures or optimization methods. One recent paper addressed that problem by embedding a digital watermark successfully. However, that approach is restricted to blind attacks such as architectural or training changes. In an adversarial scenario, the detectability of that carried mark is reduced and attacks, such as evasion attack, can be performed. Therefore, further research is required in that direction. That is why we propose to start the exploration of that topic with a student internship or master thesis project. 

6. Master thesis: Improved protection against DNN knowledge stealing 

Protecting the confidentiality of DNN models becomes very important nowadays due to the rising popularity of development attacks to steal knowledge via prediction API. These attacks can cause not only IP consequences but also serious performance and reputational consequences. In the second case, an adversary may use a stolen model to find transferable adversarial examples that can evade classification by the original model. Prediction APIs still provide enough information to allow an adversary to mount model extraction attacks by sending repeated queries via the prediction API. Modern stealing attacks do not require a large number of queries to extract the model. On the contrary, they require much fewer queries than iterations during that DNN learning. Recent papers present methods that aimed to protect against knowledge stealing attacks by detection or evasion. However, detection makes strong assumptions on the attack query distribution, which cannot be always guaranteed. Moreover, more popular evasion methods are perturbation-based, hence can affect model prediction accuracy. Therefore, further research is required in that direction. That is why we propose to start the exploration of that topic with a student master thesis project. 

Requirements

Education:

• Background in relevant domain (e.g. Cybersecurity, AI,  Data Analytics, Data Science, BI or related field)
• Finishing bachelor or Master at university (WO) or Applied Sciences university (HBO) in the Netherlands, Belgium, Germany.

Technical skills:

• Ability to read, interpret and analyze researches
• Writing and presenting. Knowledge about information security (focus on people/ process). 
• Able to communicate complexity (verbal and written)

Soft skills:
Ability to work well in an international team environment

Interested?

Does this profile describe you and are you interested in this internship program? Please apply!

You can expect a challenging paid internship with professional guidance. For more information contact the HR department via hrm@navinfo.eu