• Assistant Professor, Umeå University
  • Senior Member, ADSLab
  • Leading Cyber Analytics and Learning Group
  • Member, Umeå AI

  • Research

    Our research interests envision the advancement of the areas of machine learning, anomaly detection, security and privacy, and edge AI. Our work has broadly combined principles of designing, analysing, and developing fundamental machine learning algorithms with diverse application areas, including cloud RAN, Internet of Things (IoT), Edge clouds, Edge AI, Multi-clouds, Anomaly detection, and Complex data analysis. We look forward to the security and privacy problem leveraging machine learning for various autonomous systems. Over the past five years, our interests have evolved to include topics in (big and small data) security analytics, machine learning, anomaly detection, threat modelling, adversarial attacks (e.g., backdoor, bit-flip), and Internet measurement. Our approach to researching these areas is considered exploratory, constructive, and empirical methods. A common theme in our most recent research is developing or improving machine learning algorithms with applications to detect, prevent, and diagnose faults, failures, anomalies, or attacks from a single system to large-scale infrastructures. Further, we have been looking into security for AI systems against emerging attacks such as backdoor, bit-flip, poisoning, evasion, gradient leakage, and data leakage. Our earlier work focused on understanding various security issues in the context of multiple enterprise networks by design and analysis.

    Research Areas

    • Machine Learning
    • Anomaly Detection
    • Security and Privacy
    • Edge AI
    • Distributed Systems

    Research Grants

    • WASP NEST grant - AIR2: AI for Attack Identification, Response and Recovery (Simin Nadjm-Tehrani as coordinator, Linkoping University, Sweden [2024 - yet to start]
    • UMU PI - SovereignEdge.Cognit - A Cognitive Serverless Framework for the Cloud-Edge Continuum, where Paul Townend is a Scinetific Coordinator, EU Horizon Europe Grant [2023 - ongoing].
    • UMU Leading with Virginia Dignum - LEMUR - Learning with Multiple Representations (MARIE Sklodowska-CURIE ACTIONS - a doctoral networks grant, EU Horizon Europe Grant) [2023 - ongoing].
    • Kempe Foundations - De facto Center of Excellence in Autonomous Distributed Systems (co-applicant with Prof. Erik Elmroth) [2022 - ongoing].
    • WASP NEST grant - CloudRobotics - Intelligent Cloud Robotics for Real-Time Manipulation at Scale (co-applicant with Florian Pokorny, KTH, Sweden) [2022 - ongoing].
    • WASP industry bridge grant - WCIB: WARA Common Information Bridge for Enabling Research on Data-Driven Cloud Operations (co-applicant with Paul Townend) [2021-2022].
    • STINT initiation grant - Leveraging Reinforcement Learning for Anomaly Detection and Resolution in Edge-clouds (Principal Investigator, Umeå University, Sweden) in collaboration with Ma Maode, Nanyang Technological University (NTU), Singapore [2020 - ongoing].
    • WASP funded PhD student grant - Anomaly Detection and Countermeasures for Edge-clouds (co-applicant with Erik Elmroth) [2020 - ongoing].
    • NICT exchange grant - ADEMS : Anomaly Detection and Resolution for Softwarized Networks (Principal Investigator, Umeå University, Sweden in collaboration with Youki Kadobayashi , Nara Institute of Science and Technology (NAIST), Japan [2019 - 2020].

    Machine learning

    Almost all scientific and social disciplines are faced with an ever-increasing demand to analyze data that are unprecedented in scale (amount of data and its dimensionality) as well as the degree of corruption (noise, outliers, missing and indirect observations). Extracting meaningful information from such extensive and dirty data requires achieving the competing goals of computational efficiency and statistical optimality (optimal accuracy for a given amount of data). My research goal is to understand the fundamental tradeoffs between these two quantities and design algorithms that can learn and leverage the inherent structure of data in the form of clusters, graphs, subspaces and manifolds to achieve such tradeoffs.

    Additionally, AI brings several benefits when deploying a model in real-time systems. These features open up several challenges to ensure trustworthiness. Here, the primary goal is to design algorithms that provide trustworthiness under different settings. These algorithms rigorously investigate the input, model and output, leveraging (a) geometric and statistical distribution of data, (b) adversarial features with a significant amount of attack variation, (c) internal behaviour analysis of models, (d) model-agnostic vulnerability analysis, (e) security-aware design of models to address the adversarial attacks, and (f) how responsible are they when deploying in real-time systems. These features improve the performance, scalability, robustness and transparency of the models. Further, it aims to explore the following aspects.

    • Privacy-preserving learning systems: (i) How do we maximize the discovery capability of (deep) machine learning algorithms while maintaining data privacy with minimal resources? (ii) How do you ensure data privacy in federated learning and handle diverse privacy attacks? (iii) How do we ensure privacy in distributed learning?
    • Large-scale machine learning systems: (i) How do we optimize energy usage for machine learning clusters via scheduling and sprinting policies? (ii) how do you optimize the learning algorithms for efficiency and generalizability? (iii) how do we learn from small data?
    • Secure learning: Machine learning processes are vulnerable to attacks like other software systems but add more complexity because attacks are possible in data, models, and inference. Our focus is investigating vulnerabilities across the pipeline and solutions against emerging attacks (e.g., backdoor, bit-flip, poisoning, evasion) and validating them with diverse and intricate threat models.

    Security Analytics

    Software is part of everything electronic around us: software runs on personal computers, refrigerators, security cameras, security gates, and smartphones. There is good software, and the “good software made to do bad things” by malicious authors, i.e., malware. Understanding malware is essential for disinfection, risk assessment, and mitigation. Malware analysis and classification automation became crucial with the ever-increasing infections reported daily. Malware classification and family identification are not new problems. However, the rapid evolution of the malware attack and defence ecosystem has enabled much fruitful research of analysis systems by capitalizing on a more exceptional understanding of the attack posture of today’s adversaries and malware authors.

    In addition, our focus is investigating Distributed Denial of Service attacks in large-scale infrastructures to understand and identify the difference between benign and malicious loads. Co-location and microarchitectural attacks are examples of such problems when applications are deployed in, for instance, cloud-edge continuum scenarios.

    Bringing AI to Edge

    Edge computing and artificial intelligence (AI), especially deep learning algorithms, are gradually intersecting to build novel systems, namely, edge intelligence. However, the development of edge intelligence systems encounters several challenges, and one of these challenges is the computational gap between computation-intensive deep learning algorithms and less-capable edge systems. We focus on developing and deploying methods that push DNNs to the edge, including different metrics-oriented DNN models, applications-agnostic lightweight models, learning on the edge, and the data challenge at the edge. Further, our focus is also to investigate the security issues in resource-constraint devices.

    Application Areas

    There are several application areas; however, the current focus is most likely on the following.

    • Softwarized networks
    • Edge computing
    • Urban infrastructures
    • Internet of Things (IoT)
    • Serverless Computing


    • Maria Kihl (Lund University, Sweden)
    • Alp Yurtsever (Umeå University, Sweden)
    • Guansong Pang (Singapore Management University, Singapore)
    • Nabendu Chaki (University of Calcutta, Kolkata, India)
    • Sriparna Saha (Indian Institute of Technology, Patna, India)
    • Wee Peng Tay (Nangyang Technological University, Singapore)
    • Jugal Kalita (University of Colorado, Colorado Springs, USA)
    • Ma Maode (Nangyang Technological University, Singapore)
    • Anwar Aftab (AT & T Labs Research, USA)
    • Youki Kadobayashi (NAIST, Japan)
    • Ashish Ghosh (Indian Statistical Institute, India)
    • Deep Medhi (University of Missouri, Kansas City, USA)
    • Lydia Chen (TU Delft, Netherland)
    • Daisuke Inoue (NICT, Japan)
    • Yaron Wolfsthal (IBM Cyber Centre of Excellence, Beer Sheva, Israel)
    • Tieto AB, Sweden
    • Elastisys AB, Sweden
    • Ericsson Research, Sweden