AI Model Protection, Helsinki System Security Lab Internship (1H/2025 or summer 2025)

Looking for a summer internship? Join us at Huawei! At Huawei, innovation is at the heart of everything we do. We transform bold ideas into groundbreaking products and services that redefine industries. Bring your passion and dedication, and you’ll have the opportunity to make a real impact. Our team of forward-thinking professionals collaborates to develop world-class technology that empowers millions of people globally. We're committed to digital transformation, sustainability, and creating a more connected, intelligent world.

If you're passionate about AI model protection and want to contribute to this exciting area, we'd love to invite you join us! We are seeking a Master’s student for a thesis-based internship focusing on “Protection of AI Models Using Secure Enclaves.”

Protecting AI models is crucial to preserving their intellectual property (stealing and analyzing model), ensuring operational integrity, and meeting privacy standards. With significant investments behind each model from data collection to algorithm training secure storage and attestation within enclave’s guard against unauthorized access and model poisoning.

The project aims to establish a secure, trusted platform for AI model deployment within secure enclaves, utilizing attestation protocols to validate the trustworthiness of the underlying platform, including crucial peripherals like NPUs and GPUs. This position offers an opportunity to design and implement a comprehensive proof-of-concept, exploring advanced security protocols and secure enclave applications in AI.

The intern will explore a publish-subscribe model for attestation, where attestations can be efficiently managed and distributed among model owners, secure enclave administrators, and model users to ensure integrity and security before provisioning the model.

The project addresses critical challenges in AI model protection by combining secure enclaves, trusted attestation, and publish-subscribe communication models. Key areas of focus will include:

• Platform Trustworthiness Attestation: Investigate methods for attesting platform integrity, including the secure verification of peripherals like NPUs and GPUs, ensuring that these components operate within the bounds of security policies.
• Enclave-Based Model Protection: Develop methods to securely store and execute the AI model in a sandboxed environment within the secure enclave, preventing unauthorized access and tampering.
• User-Level Attestation and Verification: Create protocols that enable model users to verify the model’s integrity and trustworthiness within the secure enclave, ensuring it meets security standards and operates as expected.
• Publish-Subscribe Attestation Model: Analyze and implement a publish-subscribe model for distributed attestation that allows for scalable, real-time attestation updates and notifications for model owners, administrators, and end-users.

We are looking for:

• Students who have completed most of their M.Sc. courses, in the field of CS/E.Eng
• Experience on programming languages such as C, C++, Python, or Rust.
• Background (courses) in cryptographic protocols, particularly in attestation and encryption methods.
• Familiarity with AI/ML models.
• Familiarity with containerization and virtualization technologies.
• Sufficient skills to work and interact in English
• Good team-working skills

The following we count as advantage:

• Knowledge of secure hardware for NPUs and GPUs, as well as attestation techniques for trusted peripherals.

Location and internship period: This is a 6-month internship based at our Helsinki, Ruoholahti office. 

The Helsinki Systems Security Laboratory in Huawei Finland (HSSL) drives renewal and mastery in the field of platform / device related security technologies for the mobile device. Our topical expertise lies in hardware-assisted isolation and system protection (hypervisor, TEE, kernel hardening) as well as functions like device key management, attestation and integrity.