Protecting computer vision models against tampering when using transfer-learning

Research a method to protect state-of-the-art computer vision models against tampering in transfer-learning scenarios.

Required interest(s)

  • Deepfakes
  • Image recognition/detection/segmentation
  • Applied deep learning

What do you get

  • A challenging assignment within a practical environment
  • € 1000 compensation, € 500 + lease car or € 600 + living space
  • Professional guidance
  • Courses aimed at your graduation period
  • Support from our academic Research center at your disposal
  • Two vacation days per month

What you will do

  • 65% Research
  • 10% Analyze, design, realize
  • 25% Documentation

Now that deep learning is more widely used by companies to build computer vision solutions, we’re also seeing an increasing effort from hackers to break deep learning models that are used for image recognition.

Within Info Support, we typically don’t build image recognition models from scratch, since the open source models are exceptionally good at what they do. Since we’re building new models on top of existing models using transfer-learning, we want to make sure we can protect our models against tampering without having to retrain the full model.

There’s some research happening in the field of tamper prevention. For example, obfuscation seems like a good candidate to prevent hackers from figuring out the structure of the neural network. Which could help in preventing a hacker getting a grip on the model to generate tampered input for the model. Obfuscation doesn’t protect the network from black-box-based hacking attempts. So, we’re interested in other methods of tamper protection as well.

About Info Support Research Center

We anticipate on upcoming and future challenges and ensures our engineers develop cutting-edge solutions based on the latest scientific insights. Our research community proactively tackles emerging technologies. We do this in cooperation with renowned scientists, making sure that research teams are positioned and embedded throughout our organisation and our community, so that their insights are directly applied to our business. We truly believe in sharing knowledge, so we want to do this without any restrictions.

Sign up for this assignment

  • Geaccepteerde bestandstypen: docx, doc, txt, pdf.
  • Geaccepteerde bestandstypen: docx, doc, txt, pdf.

Application procedure

  1. 1
  2. Introductory meeting

    Discuss (study) career, interests and ambitions and introduction Info Support.

  1. 2
  2. Review

    Assessment of professional knowledge and personality (capacity, competences and motives).

  1. 3
  2. Selection interview

    Deepen professional knowledge and personality.

  1. 4
  2. The signing of a contract

    Contract offer and invitation for drawing moments.

Other Mastertheses

graduation assignment

IoT and edge analytics for farming equipment

Within IoT, the research on Edge analytics that is done in agricultural domain is very focused to the USA market. In this Master thesis you will explore applications for Edge analytics within the Dutc…

graduation assignment

Fair food supply chains using IRMA

Can open source identity platform IRMA be used to validate food chains now that blockchain has many disadvantages? This Master Thesis focusses on the application of IRMA for food chain validation on p…

graduation assignment

Integrating the privacy-by-design system IRMA in CryptPad

IRMA (I Reveal My Attributes) is a system to protect your privacy. It does this by only revealing so called 'attributes' of a person. Can CryptPad be improved by integrating IRMA by comparing approach…

graduation assignment

Faster mutation testing with Stryker

Mutation testing is a way to measure the effectiveness of unit tests. Stryker Mutator, an open-source mutation testing framework by Info Support is allready fast. Find areas where improvements can sti…