Home > Research > Publications & Outputs > Compilation as a Defense

Electronic data

  • ffjkxhnxrfqkhzsqpffbjwtjkwrnsmdg

    Accepted author manuscript, 159 KB, application/zip

    Available under license: CC BY-NC-SA: Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

View graph of relations

Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization

Research output: Contribution to conference - Without ISBN/ISSN Conference paperpeer-review

Published

Standard

Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization. / Trawicki, Stefan; Hackett, William; Birch, Lewis et al.
2023. Paper presented at Conference on Applied Machine Learning for Information Security, Arlington, United Kingdom.

Research output: Contribution to conference - Without ISBN/ISSN Conference paperpeer-review

Harvard

Trawicki, S, Hackett, W, Birch, L, Suri, N & Garraghan, P 2023, 'Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization', Paper presented at Conference on Applied Machine Learning for Information Security, Arlington, United Kingdom, 19/10/23 - 20/10/23.

APA

Trawicki, S., Hackett, W., Birch, L., Suri, N., & Garraghan, P. (2023). Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization. Paper presented at Conference on Applied Machine Learning for Information Security, Arlington, United Kingdom.

Vancouver

Trawicki S, Hackett W, Birch L, Suri N, Garraghan P. Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization. 2023. Paper presented at Conference on Applied Machine Learning for Information Security, Arlington, United Kingdom.

Author

Trawicki, Stefan ; Hackett, William ; Birch, Lewis et al. / Compilation as a Defense : Enhancing DL Model Attack Robustness via Tensor Optimization. Paper presented at Conference on Applied Machine Learning for Information Security, Arlington, United Kingdom.2 p.

Bibtex

@conference{698c7f8d6e1445318e0931292b53b399,
title = "Compilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization",
abstract = "Adversarial Machine Learning (AML) is a rapidly growing field of security research, with an often overlooked area being model attacks through side-channels. Previous works show such attacks to be serious threats, though little progress has been made on efficient remediation strategies that avoid costly model re-engineering. This work demonstrates a new defense against AML side-channel attacks using model compilation techniques, namely tensor optimization. We show relative model attack effectiveness decreases of up to 43% using tensor optimization, discuss the implications, and direction of future work.",
author = "Stefan Trawicki and William Hackett and Lewis Birch and Neeraj Suri and Peter Garraghan",
year = "2023",
month = oct,
day = "20",
language = "English",
note = "Conference on Applied Machine Learning for Information Security, CAMLIS ; Conference date: 19-10-2023 Through 20-10-2023",
url = "https://www.camlis.org/",

}

RIS

TY - CONF

T1 - Compilation as a Defense

T2 - Conference on Applied Machine Learning for Information Security

AU - Trawicki, Stefan

AU - Hackett, William

AU - Birch, Lewis

AU - Suri, Neeraj

AU - Garraghan, Peter

PY - 2023/10/20

Y1 - 2023/10/20

N2 - Adversarial Machine Learning (AML) is a rapidly growing field of security research, with an often overlooked area being model attacks through side-channels. Previous works show such attacks to be serious threats, though little progress has been made on efficient remediation strategies that avoid costly model re-engineering. This work demonstrates a new defense against AML side-channel attacks using model compilation techniques, namely tensor optimization. We show relative model attack effectiveness decreases of up to 43% using tensor optimization, discuss the implications, and direction of future work.

AB - Adversarial Machine Learning (AML) is a rapidly growing field of security research, with an often overlooked area being model attacks through side-channels. Previous works show such attacks to be serious threats, though little progress has been made on efficient remediation strategies that avoid costly model re-engineering. This work demonstrates a new defense against AML side-channel attacks using model compilation techniques, namely tensor optimization. We show relative model attack effectiveness decreases of up to 43% using tensor optimization, discuss the implications, and direction of future work.

M3 - Conference paper

Y2 - 19 October 2023 through 20 October 2023

ER -