1 code implementation • 28 Feb 2024 • Mingjia Huo, Sai Ashish Somayajula, Youwei Liang, Ruisi Zhang, Farinaz Koushanfar, Pengtao Xie
Large language models generate high-quality responses with potential misinformation, underscoring the need for regulation by distinguishing AI-generated and human-written texts.
1 code implementation • 27 Feb 2024 • Ruisi Zhang, Farinaz Koushanfar
This paper introduces EmMark, a novel watermarking framework for protecting the intellectual property (IP) of embedded large language models deployed on resource-constrained edge devices.
no code implementations • 29 Nov 2023 • Soheil Zibakhsh Shabgahi, Mohammad Sohail Shariff, Farinaz Koushanfar
Handling the ever-increasing scale of contemporary deep learning and transformer-based models poses a significant challenge.
1 code implementation • 28 Nov 2023 • Soheil Zibakhsh Shabgahi, Nojan Sheybani, Aiden Tabrizi, Farinaz Koushanfar
Extensive evaluations of our framework on standard machine learning training pipelines show saving up to 60 seconds and 5. 4 Kilojoules of energy per hyperparameter change.
no code implementations • 1 Nov 2023 • Jung-Woo Chang, Ke Sun, Nasimeh Heydaribeni, Seira Hidano, Xinyu Zhang, Farinaz Koushanfar
Machine Learning (ML) has been instrumental in enabling joint transceiver optimization by merging all physical layer blocks of the end-to-end wireless communication systems.
1 code implementation • 18 Oct 2023 • Ruisi Zhang, Shehzeen Samarah Hussain, Paarth Neekhara, Farinaz Koushanfar
We present REMARK-LLM, a novel efficient, and robust watermarking framework designed for texts generated by large language models (LLMs).
no code implementations • 14 Oct 2023 • Paarth Neekhara, Shehzeen Hussain, Rafael Valle, Boris Ginsburg, Rishabh Ranjan, Shlomo Dubnov, Farinaz Koushanfar, Julian McAuley
In this work, instead of explicitly disentangling attributes with loss terms, we present a framework to train a controllable voice conversion model on entangled speech representations derived from self-supervised learning (SSL) and speaker verification models.
no code implementations • 4 Aug 2023 • Nasimeh Heydaribeni, Ruisi Zhang, Tara Javidi, Cristina Nita-Rotaru, Farinaz Koushanfar
We theoretically prove the robustness of our algorithm against data and model poisoning attacks in a decentralized linear regression setting.
no code implementations • 4 Apr 2023 • Jung-Woo Chang, Nojan Sheybani, Shehzeen Samarah Hussain, Mojan Javaheripi, Seira Hidano, Farinaz Koushanfar
Experimental results demonstrate that NetFlick can successfully deteriorate the performance of video compression frameworks in both digital- and physical-settings and can be further extended to attack downstream video classification networks.
no code implementations • 18 Jan 2023 • Olivia Weng, Gabriel Marcano, Vladimir Loncar, Alireza Khodamoradi, Nojan Sheybani, Andres Meza, Farinaz Koushanfar, Kristof Denolf, Javier Mauricio Duarte, Ryan Kastner
We argue that while a network's skip connections are needed for the network to learn, they can later be removed or shortened to provide a more hardware efficient implementation with minimal to no accuracy loss.
no code implementations • 26 Sep 2022 • Shehzeen Hussain, Nojan Sheybani, Paarth Neekhara, Xinqiao Zhang, Javier Duarte, Farinaz Koushanfar
In this work, we design the first accelerator platform FastStamp to perform DNN based steganography and digital watermarking of images on hardware.
no code implementations • 21 Sep 2022 • Ruisi Zhang, Seira Hidano, Farinaz Koushanfar
Our attacks faithfully reconstruct private texts included in training data with access to the target model.
no code implementations • 8 Aug 2022 • Diego Garcia-soto, Huili Chen, Farinaz Koushanfar
Deep Neural Networks (DNNs) have been shown to be susceptible to Trojan attacks.
no code implementations • ICCV 2023 • Zahra Ghodsi, Mojan Javaheripi, Nojan Sheybani, Xinqiao Zhang, Ke Huang, Farinaz Koushanfar
However, keeping the individual updates private allows malicious users to perform Byzantine attacks and degrade the accuracy without being detected.
no code implementations • 9 Jun 2022 • Shehzeen Hussain, Todd Huster, Chris Mesterharm, Paarth Neekhara, Kevin An, Malhar Jere, Harshvardhan Sikka, Farinaz Koushanfar
We find that the white-box attack success rate of a pure U-Net ATN falls substantially short of gradient-based attacks like PGD on large face recognition datasets.
1 code implementation • 20 Apr 2022 • Loris Giulivi, Malhar Jere, Loris Rossi, Farinaz Koushanfar, Gabriela Ciocarlie, Briland Hitaj, Giacomo Boracchi
We present Adversarial Scratches: a novel L0 black-box attack, which takes the form of scratches in images, and which possesses much greater deployability than other state-of-the-art attacks.
no code implementations • 12 Apr 2022 • Huili Chen, Xinqiao Zhang, Ke Huang, Farinaz Koushanfar
This paper proposes AdaTest, a novel adaptive test pattern generation framework for efficient and reliable Hardware Trojan (HT) detection.
no code implementations • 8 Apr 2022 • Xinqiao Zhang, Huili Chen, Ke Huang, Farinaz Koushanfar
Deep Neural Networks (DNNs) have demonstrated unprecedented performance across various fields such as medical diagnosis and autonomous driving.
1 code implementation • 5 Apr 2022 • Paarth Neekhara, Shehzeen Hussain, Xinqiao Zhang, Ke Huang, Julian McAuley, Farinaz Koushanfar
We demonstrate that FaceSigns can embed a 128 bit secret as an imperceptible image watermark that can be recovered with a high bit recovery accuracy at several compression levels, while being non-recoverable when unseen Deepfake manipulations are applied.
no code implementations • 18 Mar 2022 • Jung-Woo Chang, Mojan Javaheripi, Seira Hidano, Farinaz Koushanfar
In this paper, we conduct the first systematic study for adversarial attacks on deep learning-based video compression and downstream classification systems.
1 code implementation • 4 Mar 2022 • Mojan Javaheripi, Gustavo H. de Rosa, Subhabrata Mukherjee, Shital Shah, Tomasz L. Religa, Caio C. T. Mendes, Sebastien Bubeck, Farinaz Koushanfar, Debadeepta Dey
Results show that the perplexity of 16-layer GPT-2 and Transformer-XL can be achieved with up to 1. 5x, 2. 5x faster runtime and 1. 2x, 2. 0x lower peak memory utilization.
no code implementations • 21 Feb 2022 • Yein Kim, Huili Chen, Farinaz Koushanfar
The goal of federated learning (FL) is to train one global model by aggregating model parameters updated independently on edge devices without accessing users' private data.
no code implementations • 7 Nov 2021 • Mehran Abbasi Shirsavar, Mehrnoosh Taghavimehr, Lionel J. Ouedraogo, Mojan Javaheripi, Nicole N. Hashemi, Farinaz Koushanfar, Reza Montazami
Electrohydrodynamic-jet (e-jet) printing technique enables the high-resolution printing of complex soft electronic devices.
no code implementations • 2 Nov 2021 • Mojan Javaheripi, Farinaz Koushanfar
We propose HASHTAG, the first framework that enables high-accuracy detection of fault-injection attacks on Deep Neural Networks (DNNs) with provable bounds on detection performance.
no code implementations • 7 Sep 2021 • Greg Fields, Mohammad Samragh, Mojan Javaheripi, Farinaz Koushanfar, Tara Javidi
Deep neural networks have been shown to be vulnerable to backdoor, or trojan, attacks where an adversary has embedded a trigger in the network at training time such that the model correctly classifies all standard inputs, but generates a targeted, incorrect classification on any input which contains the trigger.
no code implementations • 23 Apr 2021 • Mohammad Samragh, Hossein Hosseini, Aleksei Triastcyn, Kambiz Azarian, Joseph Soriaga, Farinaz Koushanfar
In our method, the edge device runs the model up to a split layer determined based on its computational capacity.
no code implementations • 23 Mar 2021 • Oliver Lutz, Huili Chen, Hossein Fereidooni, Christoph Sendner, Alexandra Dmitrienko, Ahmad Reza Sadeghi, Farinaz Koushanfar
When extended to new vulnerability types, ESCORT yields an average F1-score of 93%.
1 code implementation • 4 Mar 2021 • Shehzeen Hussain, Paarth Neekhara, Shlomo Dubnov, Julian McAuley, Farinaz Koushanfar
There has been a recent surge in adversarial attacks on deep learning based automatic speech recognition (ASR) systems.
Automatic Speech Recognition Automatic Speech Recognition (ASR) +1
1 code implementation • 15 Feb 2021 • Paarth Neekhara, Shehzeen Hussain, Jinglong Du, Shlomo Dubnov, Farinaz Koushanfar, Julian McAuley
Recent works on adversarial reprogramming have shown that it is possible to repurpose neural networks for alternate tasks without modifying the network architecture or parameters.
no code implementations • 3 Feb 2021 • Xinqiao Zhang, Huili Chen, Farinaz Koushanfar
While DNNs are widely employed in security-sensitive fields, they are identified to be vulnerable to Neural Trojan (NT) attacks that are controlled and activated by the stealthy trigger.
no code implementations • 30 Jan 2021 • Paarth Neekhara, Shehzeen Hussain, Shlomo Dubnov, Farinaz Koushanfar, Julian McAuley
In this work, we propose a controllable voice cloning method that allows fine-grained control over various style aspects of the synthesized speech for an unseen speaker.
no code implementations • ICCV 2021 • Huili Chen, Cheng Fu, Jishen Zhao, Farinaz Koushanfar
In this work, we present ProFlip, the first targeted Trojan attack framework that can divert the prediction of the DNN to the target class by progressively identifying and flipping a small set of bits in model parameters.
no code implementations • 7 Dec 2020 • Malhar Jere, Maghav Kumar, Farinaz Koushanfar
Convolutional Neural Networks (CNNs) have made significant progress on several computer vision benchmarks, but are fraught with numerous non-human biases such as vulnerability to adversarial samples.
no code implementations • 4 Sep 2020 • Mojan Javaheripi, Mohammad Samragh, Gregory Fields, Tara Javidi, Farinaz Koushanfar
We propose CLEANN, the first end-to-end framework that enables online mitigation of Trojans for embedded Deep Neural Network (DNN) applications.
no code implementations • 10 Aug 2020 • Rosario Cammarota, Matthias Schunter, Anand Rajan, Fabian Boemer, Ágnes Kiss, Amos Treiber, Christian Weinert, Thomas Schneider, Emmanuel Stapf, Ahmad-Reza Sadeghi, Daniel Demmler, Joshua Stock, Huili Chen, Siam Umar Hussain, Sadegh Riazi, Farinaz Koushanfar, Saransh Gupta, Tajan Simunic Rosing, Kamalika Chaudhuri, Hamid Nejatollahi, Nikil Dutt, Mohsen Imani, Kim Laine, Anuj Dubey, Aydin Aysu, Fateme Sadat Hosseini, Chengmo Yang, Eric Wallace, Pamela Norton
Additionally, such systems should also use Privacy-Enhancing Technologies (PETs) to protect customers' data at any time.
no code implementations • 8 Apr 2020 • Mojan Javaheripi, Mohammad Samragh, Tara Javidi, Farinaz Koushanfar
In the contemporary big data realm, Deep Neural Networks (DNNs) are evolving towards more complex architectures to achieve higher inference accuracy.
1 code implementation • 16 Feb 2020 • M. Sadegh Riazi, Seyed M. Chavoshian, Farinaz Koushanfar
Authentication and identification methods based on human fingerprints are ubiquitous in several systems ranging from government organizations to consumer products.
1 code implementation • 9 Feb 2020 • Shehzeen Hussain, Paarth Neekhara, Malhar Jere, Farinaz Koushanfar, Julian McAuley
Recent advances in video manipulation techniques have made the generation of fake videos more accessible than ever before.
no code implementations • 9 Feb 2020 • Shehzeen Hussain, Mojan Javaheripi, Paarth Neekhara, Ryan Kastner, Farinaz Koushanfar
While WaveNet produces state-of-the art audio generation results, the naive inference implementation is quite slow; it takes a few minutes to generate just one second of audio on a high-end GPU.
9 code implementations • 10 Dec 2019 • Peter Kairouz, H. Brendan McMahan, Brendan Avent, Aurélien Bellet, Mehdi Bennis, Arjun Nitin Bhagoji, Kallista Bonawitz, Zachary Charles, Graham Cormode, Rachel Cummings, Rafael G. L. D'Oliveira, Hubert Eichner, Salim El Rouayheb, David Evans, Josh Gardner, Zachary Garrett, Adrià Gascón, Badih Ghazi, Phillip B. Gibbons, Marco Gruteser, Zaid Harchaoui, Chaoyang He, Lie He, Zhouyuan Huo, Ben Hutchinson, Justin Hsu, Martin Jaggi, Tara Javidi, Gauri Joshi, Mikhail Khodak, Jakub Konečný, Aleksandra Korolova, Farinaz Koushanfar, Sanmi Koyejo, Tancrède Lepoint, Yang Liu, Prateek Mittal, Mehryar Mohri, Richard Nock, Ayfer Özgür, Rasmus Pagh, Mariana Raykova, Hang Qi, Daniel Ramage, Ramesh Raskar, Dawn Song, Weikang Song, Sebastian U. Stich, Ziteng Sun, Ananda Theertha Suresh, Florian Tramèr, Praneeth Vepakomma, Jianyu Wang, Li Xiong, Zheng Xu, Qiang Yang, Felix X. Yu, Han Yu, Sen Zhao
FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs resulting from traditional, centralized machine learning and data science approaches.
no code implementations • 7 Dec 2019 • Malhar Jere, Sandro Herbig, Christine Lind, Farinaz Koushanfar
Deep Neural Networks for image classification have been found to be vulnerable to adversarial samples, which consist of sub-perceptual noise added to a benign image that can easily fool trained neural networks, posing a significant risk to their commercial deployment.
1 code implementation • 5 Dec 2019 • Malhar Jere, Loris Rossi, Briland Hitaj, Gabriela Ciocarlie, Giacomo Boracchi, Farinaz Koushanfar
We study black-box adversarial attacks for image classifiers in a constrained threat model, where adversaries can only modify a small fraction of pixels in the form of scratches on an image.
no code implementations • NeurIPS 2019 • Cheng Fu, Huili Chen, Haolan Liu, Xinyun Chen, Yuandong Tian, Farinaz Koushanfar, Jishen Zhao
Furthermore, Coda outperforms the sequence-to-sequence model with attention by a margin of 70% program accuracy.
no code implementations • 15 Nov 2019 • Mojan Javaheripi, Mohammad Samragh, Tara Javidi, Farinaz Koushanfar
This paper introduces ASCAI, a novel adaptive sampling methodology that can learn how to effectively compress Deep Neural Networks (DNNs) for accelerated inference on resource-constrained platforms.
no code implementations • 28 Jun 2019 • Cheng Fu, Huili Chen, Haolan Liu, Xinyun Chen, Yuandong Tian, Farinaz Koushanfar, Jishen Zhao
Reverse engineering of binary executables is a critical problem in the computer security domain.
no code implementations • 24 May 2019 • Anusha Lalitha, Xinghan Wang, Osman Kilinc, Yongxi Lu, Tara Javidi, Farinaz Koushanfar
The proposed algorithm can be viewed as a Bayesian and peer-to-peer variant of federated learning in which each agent keeps a "posterior probability distribution" over a global model parameters.
no code implementations • 9 May 2019 • Paarth Neekhara, Shehzeen Hussain, Prakhar Pandey, Shlomo Dubnov, Julian McAuley, Farinaz Koushanfar
In this work, we demonstrate the existence of universal adversarial audio perturbations that cause mis-transcription of audio signals by automatic speech recognition (ASR) systems.
Automatic Speech Recognition Automatic Speech Recognition (ASR) +1
no code implementations • ICLR 2019 • Huili Chen, Bita Darvish Rouhani, Farinaz Koushanfar
To extract the WM, BlackMarks queries the model with the WM key images and decodes the owner’s signature from the corresponding predictions using the designed encoding scheme.
no code implementations • 9 Apr 2019 • Mojan Javaheripi, Bita Darvish Rouhani, Farinaz Koushanfar
This transformation leverages our important observation that for a set level of accuracy, convergence is fastest when network topology reaches the boundary of a Small-World Network.
no code implementations • 31 Jan 2019 • Anusha Lalitha, Osman Cihan Kilinc, Tara Javidi, Farinaz Koushanfar
We consider the problem of training a machine learning model over a network of nodes in a fully decentralized framework.
no code implementations • 17 Jan 2019 • Mohammad Samragh, Mojan Javaheripi, Farinaz Koushanfar
CodeX incorporates nonlinear encoding to the computation flow of neural networks to save memory.
1 code implementation • IJCNLP 2019 • Paarth Neekhara, Shehzeen Hussain, Shlomo Dubnov, Farinaz Koushanfar
Adversarial Reprogramming has demonstrated success in utilizing pre-trained neural network classifiers for alternative classification tasks without modification to the original network.
no code implementations • 15 Jun 2018 • Mohsen Imani, Mohammad Samragh, Yeseong Kim, Saransh Gupta, Farinaz Koushanfar, Tajana Rosing
To enable in-memory processing, RAPIDNN reinterprets a DNN model and maps it into a specialized accelerator, which is designed using non-volatile memory blocks that model four fundamental DNN operations, i. e., multiplication, addition, activation functions, and pooling.
no code implementations • 21 May 2018 • Mohammad Ghasemzadeh, Fang Lin, Bita Darvish Rouhani, Farinaz Koushanfar, Ke Huang
The success of deep learning models is heavily tied to the use of massive amount of labeled data and excessively long training time.
2 code implementations • 2 Apr 2018 • Bita Darvish Rouhani, Huili Chen, Farinaz Koushanfar
The resulting models are therefore considered to be the IP of the model builder and need to be protected to preserve the owner's competitive advantage.
Cryptography and Security
no code implementations • 10 Jan 2018 • M. Sadegh Riazi, Christian Weinert, Oleksandr Tkachenko, Ebrahim. M. Songhori, Thomas Schneider, Farinaz Koushanfar
Chameleon departs from the common assumption of additive or linear secret sharing models where three or more parties need to communicate in the online phase: the framework allows two parties with private inputs to communicate in the online phase under the assumption of a third node generating correlated randomness in an offline phase.
no code implementations • ICLR 2018 • Bita Darvish Rouhani, Mohammad Samragh, Tara Javidi, Farinaz Koushanfar
We introduce a novel automated countermeasure called Parallel Checkpointing Learners (PCL) to thwart the potential adversarial attacks and significantly improve the reliability (safety) of a victim DL model.
no code implementations • ICLR 2018 • Mohammad Ghasemzadeh, Mohammad Samragh, Farinaz Koushanfar
Recent efforts on training light-weight binary neural networks offer promising execution/memory efficiency.
1 code implementation • 3 Nov 2017 • Mohammad Ghasemzadeh, Mohammad Samragh, Farinaz Koushanfar
We show that the state-of-the-art methods for optimizing binary networks accuracy, significantly increase the implementation cost and complexity.
no code implementations • 8 Sep 2017 • Bita Darvish Rouhani, Mohammad Samragh, Mojan Javaheripi, Tara Javidi, Farinaz Koushanfar
Recent advances in adversarial Deep Learning (DL) have opened up a largely unexplored surface for malicious attacks jeopardizing the integrity of autonomous DL systems.
no code implementations • 24 May 2017 • Bita Darvish Rouhani, M. Sadegh Riazi, Farinaz Koushanfar
This paper proposes DeepSecure, a novel framework that enables scalable execution of the state-of-the-art Deep Learning (DL) models in a privacy-preserving setting.
Cryptography and Security
no code implementations • 6 Dec 2016 • M. Sadegh Riazi, Beidi Chen, Anshumali Shrivastava, Dan Wallach, Farinaz Koushanfar
In Near-Neighbor Search (NNS), a new client queries a database (held by a server) for the most similar data (near-neighbors) given a certain similarity metric.
1 code implementation • 27 Mar 2015 • Azalia Mirhoseini, Eva L. Dyer, Ebrahim. M. Songhori, Richard G. Baraniuk, Farinaz Koushanfar
This paper introduces RankMap, a platform-aware end-to-end framework for efficient execution of a broad class of iterative learning algorithms for massive and dense datasets.