At Ericsson, you can be a game changer! Because working here isn’t just a deal. It’s a big deal. This means that you get to leverage our 140+ years of experience and the expertise of more than 95,000 diverse colleagues worldwide. As part of our team, you will help solve some of society´s most complicated challenges, enabling you to be ‘the person that did that.’ We’ve never had a greater opportunity to drive change; setting the bar for technology to be inclusive and accessible; empowering an intelligent, sustainable, and connected world.

Are you in?

Master Thesis Project Adversarial Machine Learning Attacks and Defenses

Job Description

Date: Nov 1, 2019

Do you want to do your thesis with us in Kista?


Come and start your professional journey at Ericsson.


Would you welcome the chance to work in one of the world’s leading technology companies? We are on a quest to enable communication for everyone and everything and we do that by being driven by innovation. If you want to help us to be even more innovative - You are on the right track!


Become a part of a truly global company working across borders in 180 countries, offering a diverse, performance-driven culture and an innovative and engaging environment where employees enhance their potential every day. Learn and grow within Ericsson, to reach your career goals.


Are you driven by innovation? At Ericsson, we apply our innovation to market-based solutions that empower people & society to help shape a more sustainable world.



This Master Thesis work aims to research on Adversarial Machine Learning attacks and defenses.



At Ericsson, we improve mobile networks performance using various Machine Learning (ML) techniques. Protecting the confidentiality of these ML models becomes very critical since it directly impacts business advantage and intellectual property of the company. Machine Learning models, however, have been found vulnerable to well-designed queries called model extraction attacks which aim to clone the functionality of target models and can potentially result in compromising confidentiality as attackers intended. Therefore, it is critical to research not only model extraction attacks but also defense techniques against such attacks.



The objective of this thesis is to research on model extraction attacks and defenses, and to investigate its performance. The work will consist of the following sub-tasks:

  • Studying papers related to model extraction attacks and defenses
  • Implementing model extraction attacks
  • Performing model extraction experiments on victim model
  • Implementing model extraction defenses
  • Performing experiments on both a robust system and corresponding undefended system
  • Proof of concept demo, thesis paper, and presentation



A student will have the freedom to conduct the thesis according to own methodology, and it is advised to follow the following directions:

- Threat model: Model extraction attacks by deep learning

- Performance measurement: Comparing results from clone and victim model as benchmark


The experiments will be conducted over any network traffic dataset that is widely used, moderately complex, and have own labels e.g. UNSW-NB15 or NSL-KDD.

A student must have strong knowledge in deep learning methods and programming skills. It is desirable to have general background in security and networking.

The project is expected to be performed in Kista with one master thesis student, starting in 2020 Q1 and lasting 20 weeks.


Are you in?


Then send in your application (CV, current grades and cover letter written in English collated into one document) as soon as possible.

The application deadline is the 15th November. The process will be ongoing and we will let you know as soon as we can if you move forward. Any questions? Please email Recruitment Specialist at


Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.

Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.

Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.


Primary country and city: Sweden (SE) || || Stockholm || Stud&YP

Req ID: 304455