Available theses and projects

The following is a list of research fields available for master’s theses and master/Ph.D. projects. Each research field may offer multiple thesis topics, aiming to familiarize students with current and relevant areas of interest in the field of artificial intelligence, spanning both industrial and academic domains. All theses are conducted in collaboration with the Scuola Superiore Sant’Anna of Pisa in the TeCIP institute area (CNR).

Please contact me to get more details and schedule a meeting. If you would like to address other topics close to safe and secure aspects of AI, feel free to contact me too!

General requirements (not hard) : a basic knowledge of deep neural networks and computer vision tasks; a minimum level of programming skills with python and classic AI libraries (e.g., Torch, Tensorflow, SciPy).

1 - Simulators and Synthetic Datasets for Testing Computer Vision Algorithms in Driving Scenarios

To address the challenge of acquiring extensive and annotated datasets for computer vision models in autonomous domains, the presence of reliable simulators and suitable synthetic datasets is of utmost importance. The following topics explore various aspects related to simulators and synthetic datasets and contribute to the advancement of computer vision algorithms in driving scenarios, particularly in terms of robustness, generalization, and transferability to real-world domains:

  1. Evaluating the Robustness of Computer Vision Models Against Attacks and Environmental Changes .
  2. Improving the Testing of Computer Vision Algorithms against Out-of-Distribution Samples through Simulators.
  3. Reducing the Domain Shift for Domain Adaptation through Simulators and Games for Synthetic Datasets.

Fig. - (a) CarlaGear framework [REF]; (b) GTA Dataset [REF]

2 - Physically-Realizable Adversarial Attacks in Real-World Machine Learning Applications

With the increasing adoption of machine learning models in real-world applications, concerns have arisen about their vulnerability to physically-realizable adversarial attacks. The following topics delve into the phenomenon of adversarial attacks in real-world scenarios and explore methods to mitigate their impact, while also considering potential new threats. The study specifically addresses the following aspects:

  • Run-time Defense Monitoring of Internal DNNs Behaviors Against Physical Attacks.
  • Reviewing Certification Approaches for Assessing Robustness against Physical Attacks.
  • Examining the Transferability of Physical Attacks and Backdoor Attack Scenarios .

Fig. -Adversarial patch attack for image classification [REF]

3 - Recent Topics in Secure AI

The following theses delve into emerging areas of secure AI, providing students with the opportunity to explore the literature, review advancements, and address specific challenges related to the development of safe and robust AI systems.

  1. Deep Steganography - Exploring Generative Models and High-Resolution Datasets. This project focuses on the concept of deep steganography, which involves hiding information within data. The student will begin by gaining a comprehensive understanding of the existing literature on deep steganography. Then, the thesis will delve into the challenges associated with steganography using generative models and high-resolution datasets.
  2. Addressing the Transferability of Black-Box Attacks. This thesis focuses on black-box adversarial attacks and aims to investigate the state-of-the-art techniques in this area. The student will explore methods to improve the transferability of such attacks across different models, thus enhancing the understanding and defense mechanisms against black-box attacks in AI systems.
  3. Studying Adversarial Perturbations in the Fourier Domain. This research aims to investigate adversarial perturbations in the frequency domain as a means to enhance and understand the robustness of computer vision models against adversarial attacks from a new perspective.

Fig. -Example of a Deep Steganography scheme [REF].

Fig. - Decoupling the frequencies of an original image and a perturbed image in the Fourier domain.

4 - Domain Adaptation for Autonomous Domains

Domain adaptation techniques are crucial for enhancing the accuracy of neural models when real-world annotated samples are scarce, especially in outdoor environments like the railway and driving domains. These theses provide opportunities to tackle recent challenges in the field of domain adaptation.

  • Unsupervised Domain Adaptation for Railway Segmentation. The student will explore methods to adapt semantic segmentation models to railway datasets without the need for additional annotations.
  • Self-learning Approaches with Label Refinements. This project aims to review and improving pseudo-labelling approaches for unsupervised domain adaptation.
  • Reviewing Style Transfer Strategies for Domain Adaptation. This research involves reviewing and analyzing image-to-image strategies for domain adaptation. The student will explore state-of-the-art methods that align images from source domain to target domains and so enabling effective knowledge transfer.

Fig. - Example of style transfer from a synthetic domain to a real-world domain.

Other topics (contact me for further details)

  • Safe and robustness topics with Transformers
  • Data anonimization in autonomous driving with DeepFake models
  • Attention mechanisms for semantic segmentation and object detection

Contact

giulio.rossolini@santannapisa.it

Last update

July 5, 2023