Adversarial ML Intern

Adversarial ML Intern

  • Number: 1
  • Location: Beijing

Group Introduction

This is a collaborating project of the following groups in Microsoft:

MSRA Software Analytics: This is a research group of Microsoft Research Asia (MSRA) in Beijing with focuses on software and data analytics, visualization, privacy and security.

Microsoft Defender Advanced Threat Protection (ATP): This is a Microsoft product group in Redmond, USA that owns the Microsoft Defender ATP systems, a complete security solution provided by Microsoft (

MSR AI: This is a research group of Microsoft Research (MSR) in Redmond, USA with a focus on artificial intelligence.

Job Description and Responsibilities

Are you excited to work on Adversarial Machine Learning? Would you like to help secure Microsoft’s AI Systems? The reliability of machine learning systems in the presence of adversarial noise has become quite important in recent years. As machine learning has been used for increasingly security sensitive applications and trained with increasingly unreliable data, the ability for learning algorithms to tolerate worst-case noise has become quite important.

In this project, you will leverage several adversarial ML techniques to evaluate the robustness of real-world ML pipelines against them. You will be part of a joint initiative between Microsoft Research and the Microsoft Defender ATP group. During your internship, you would be paired with some of the world’s best researchers in security and machine learning.

This work offers opportunities for high-impact fundamental research, including potential academic publications, as well as applications with real-life impact on Microsoft products and services.

You would be expected to:

  • Closely work with researchers and product development teams in USA, China, and Israel towards the research goals of the project.
  • Develop and implement research ideas related to this project.
  • Report and present findings.

Microsoft is an equal opportunity employer.



  • Master or Ph. D. student in computer, electric engineering or related majors.
  • Must have at least 1 year of experience applying machine learning/deep learning to real world/ research problems.
  • Demonstrated hands on the experience with Python through previous projects, open source contributions, etc.
  • Familiarity with Deep Learning frameworks like PyTorch, Tensorflow, etc.
  • Keen ability for attention to detail and a strong analytical mindset.
  • Excellent in English reading and reasonably good in English communications.


  • Prior experience in adversarial machine learning.
  • Prior experience in Red Teaming and Threat Modeling.
  • Contribution to open source tools like cleverhans.
  • Security knowledge a plus.

Additional Requirements

  • Advisor’s permission is required.
  • Able to work as an intern for at least 6 months.

Contact Info

If you are qualified and interested, please email your full resume in either English (preferred) or Chinese to: Please use the following email title: “Software Analytics_Adversarial ML Intern”.