Master's thesis; Dynamic Privacy Protection for Interactive Database Systems

The project is hosted by RISE Research Institutes of Sweden, a state-owned research institute that supports sustainable innovation across academia, industry, and the public sector.

Background
Interactive database systems allow analysts to perform aggregate queries and learn valuable insights, e.g., statistics, about the underlying data population, but these insights might leak sensitive information about individuals in the database. To this end, it is common practice for database owners to employ privacy-enhancing transformations, e.g., noise injection, to the answers of the queries before sharing them with the analysts. However, such transformations may destroy the utility of the database system, hence, there is a need for employing appropriate strategies that balance the privacy-utility trade-off.

Description
In this thesis project, we will investigate how machine learning-based agents can assist database owners in identifying optimal strategies for protecting the privacy of statistical queries without harming the data utility. To this end, we will design a multi-agent adversarial learning environment simulating both privacy attackers which aim at maximizing the performance of adversarial attacks on the sensitive data and privacy defenders which aim at protecting the data while preserving its utility, with the overarching goal of uncovering dynamic defensive approaches which effectively balance the inherent trade-off between privacy and utility.

Key Responsibilities

• Study the literature on multi-agent reinforcement learning, privacy-inference attacks against interactive database systems, and protection techniques, e.g., differential privacy
• Design and implement a multi-agent adversarial environment encompassing privacy adversaries and defenders, each with their own goal of respectively maximizing attack performance and privacy protection without harming utility
• Experimentally evaluate the correctness and efficiency of the developed environment on various interactive database scenarios involving sensitive data and analysis of the optimal strategies for the privacy offensive and defensive agents
• Document the activities and findings in a scientific thesis report

Qualifications

• Strong background in agentic machine learning, e.g., reinforcement learning
• Proficiency in Python and frameworks, e.g., PyTorch
• Good spoken and written English
• Familiarity with privacy-enhancing technologies, e.g., differential privacy, is a plus

Terms

• Scope: 30 hp, one semester full-time
• Location: Kista, Stockholm
• Start Date: Flexible
• Compensation: 39 990 SEK for travel, materials, and similar costs after the project has been completed and approved.

Please note: You need to have a valid student visa that allows you to study in Sweden during the thesis period.

Welcome with your application!
Last day of application: December 5, 2025

Contact: Apostolos Pyrgelis (apostolos.pyrgelis@ri.se),