Internship: Security for Distributed Machine Learning F/M

WHAT WE OFFER Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now! ABOUT US (TEAM) Maintaining security is a constantly shifting task, and we need to respond with continuous learning and research. The portfolio of SAP Security Research contains those topics that we believe are most important for SAP’s security future. SAP’s vision to secure business is built on 3 ideals: Zero-Vulnerability, to harden the software by eliminating vulnerabilities, Defensible Application, to enable the software to identify and prevent attacks, and Zero-Knowledge, to make any theft of data useless through encryption. Considering these aspects, SAP Security Research covers the following focal areas: Anonymization for Big Data, Secure Internet of Things, Software security analysis, Open-source analysis, Deceptive application, Applied cryptography, Quantum technology, and Machine Learning as enabler for the next generation of security. PURPOSE AND OBJECTIVES This internship is based in the SAP Labs France Research Lab, in Sophia-Antipolis. The work will be performed in the context of the Research Program “Security & Trust”, and deals with secure integration of Internet of Things with SAP HANA applications. The Internet of Things (IoT) is expected to grow to 50 billion connected devices and $14.4 trillion in value at stake until 2020. SAP is exploiting this trend and centers its IoT development on the SAP HANA Cloud Platform IoT Service. Until now, the backend (on-prem & cloud) deployments were considered as the single source of truth & unique point of access in regards of Enterprise Systems (ES). Nevertheless, a paradigm shift has been recently observed, by the deployment of ES assets towards the Edge sectors of the landscapes; by distributing data, decentralizing applications, de-abstracting technology and integrating edge components seamlessly to the central backend systems. Capitalizing on recent advances on High Performance Computing along with the rising amounts of publicly available labeled data, Deep Neural Networks (DNN), as an implementation of AI, have and will revolutionize virtually every current application domain as well as enable novel ones like those on autonomous, predictive, resilient, self-managed, adaptive, and evolving applications. Distributively deployed AI capabilities will thrust the above-mentioned transition. As reported by Deloitte, “... companies are incorporating artificial intelligence in particular, machine learning into their ’Internet of Things applications’ and seeing capabilities grow, including improving operational efficiency and helping avoid unplanned downtime” [Schatsky et al., 2017]. The deployment of data processing capabilities throughout Distributed Enterprise Systems rises several security challenges related to the protection of input & output data [Parliament and Council, 2016] as well as of software assets. In the specific context of distributed intelligence, DNN based/enhanced software will represent key investments in infrastructure, skills and governance, as well as in the acquisition of data and talents. The software industry is therefore in the direct need to safeguard these strategic investments by enforcing the protection of this new form of Intellectual Property. Furthermore, on the wake of Data Protection (DP) regulations such as the EU-GDPR [Parliament and Council, 2016], Independent Software Vendors (ISVs) have the non-transferable requirement to comply with those. Therefore, ISVs aim to protect both: data and the Intellectual Property of their AI-based software assets, deployed on potentially unsecure edge hardware & platforms [Goodfellow, 2018]. The lack of solutions for IP protection exposes trained NN owners to reverse engineering on their DL models [Tramèr et al., 2016]. As outlined in [Augasta and Kathirvalavakumar, 2012] [Floares, 2008], attackers can steal trained NN models. In such new coding paradigm, where design patterns are enforced in known and legacy implementations, the question of IP is at stake. The question is not so much how to protect the DNN architecture (since most architectures are grounded on well-known research), but rather how to protect the trained DNN model. Schatsky, D., Kumar, N., and Bumb, S. (2017). Intelligent IoT, Bringing the power of AI to the Internet of Things. Deloitte Insights. Goodfellow, I. (2018). Security and privacy of machine learning. RSA Conference. Tramèr, F., Zhang, F., Juels, A., Reiter, M. K., and Ristenpart, T. (2016). Stealing machine learning models via prediction apis. In USENIX Security Symposium, pages 601–618. Augasta, M. G. and Kathirvalavakumar, T. (2012). Reverse engineering the neural networks for rule extraction in classification problems. Neural processing letters, 35(2):131–150. Floares, A. G. (2008). A reverse engineering algorithm for neural networks. Neural Networks, 21(2-3):379–386. Laurent Gomez, Marcus Wilhelm, José Márquez, Patrick Duverger, Security for Distributed Deep Neural Networks Towards Data Confidentiality & Intellectual Property Protection, Secrypt‘19 EXPECTATIONS AND TASKS In this internship, the student will: * Study state of the art on Security for Distributed Machine Learning; * Design of novel approach for AI-based software data protection and IP safeguarding; * Implementation of a Proof of Concept demonstrating the feasibility of such approach on an industrial use case. We expect that 60% of time will be dedicated to development and 40% to research activities. PROFILE/EDUCATION/SKILLS AND COMPETENCIES * University Level: Last year of MSc in Computer Science or beyond * C, Python, Solidity * Experience on Smart Contracts, Blockchain, Machine Learning, Cybersecurity * Fluency in English (working language) * Abilities in organizing meeting and contacting people * Good oral and written communication skills * Capacity to write documents in English, ability to synthesize PROFESSIONAL EXPERIENCE * None required WE ARE SAP SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together. Our inclusion promise SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world. SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com. EOE AA M/F/Vet/Disability: Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability. Successful candidates might be required to undergo a background verification with an external vendor. Requisition ID:313047 | Work Area: Software-Design and Development | Expected Travel: 0 - 10% | Career Status: Student | Employment Type: Intern |