ECE Department Seminar

Hardware Support for Securing Machine Learning Systems Against Adversarial Attacks

Khaled N. Khasawneh, Ph.D.

Monday, April 12, 2021
3:00 - 4:00 PM
Zoom Meeting Link:

Abstract: In the past few years, an increasing number of machine-learning and deep-learning structures have been applied to solving a wide range of real-life problems. However, these structures are vulnerable to adversarial attacks: inputs crafted carefully to force the system output to a wrong label. Since machine-learning is being deployed in safety-critical and security-sensitive domains, such attacks may have catastrophic security and safety consequences. My work investigates the boundary between hardware and software with respect to machine learning security, exploring attacks that originate in the hardware, but also architecture support for securing machine learning systems against adversarial attacks. In this presentation, I will first show an example of how architecture can help computer security through the use of robust evasion-resilient hardware malware detectors. Then, I will describe how to use hardware-supported approximate computing to improve the robustness of machine learning image classifiers.

Bio: Khaled N. Khasawneh received his BSc degree in Computer Engineering from Jordan University of Science and Technology in 2012, his MS degree in Computer Science from SUNY Binghamton in 2014, and his PhD degree in Computer Science from the University of California-Riverside in 2019. His research interest is in computer architecture support for security, malware detection, adversarial machine learning, and side-channel attacks. He previously interned at Facebook on the Community Integrity team. His 2018 paper in USENIX Workshop on offensive technologies received the best paper award. He is the recipient of the Dissertation Year Program Award and The International Student Recognition Award from the University of California at Riverside. Several of his contributions have been reported on by technical news outlets, including ZDNet, Digital Trends, Tech Republic, The Register, Threat Post, Beta News, Bleeping Computer, and more.