Advanced search options

Advanced Search Options 🞨

Browse by author name (“Author name starts with…”).

Find ETDs with:

in
/  
in
/  
in
/  
in

Written in Published in Earliest date Latest date

Sorted by

Results per page:

Sorted by: relevance · author · university · dateNew search

You searched for +publisher:"University of Illinois – Urbana-Champaign" +contributor:("Fletcher, Christopher W."). Showing records 1 – 2 of 2 total matches.

Search Limiters

Last 2 Years | English Only

No search limiters apply to these results.

▼ Search Limiters

1. Sanchez Vicarte, Jose Rodrigo. Game of threads: Enabling asynchronous poisoning attacks.

Degree: MS, Electrical & Computer Engr, 2019, University of Illinois – Urbana-Champaign

As data sizes continue to grow at an unprecedented rate, machine learning training is being forced to adopt asynchronous training algorithms to maintain performance and scalability. In asynchronous training, many threads share and update the model in a racy fashion to avoid inter-thread synchronization. This work studies the security implications of these codes by introducing asynchronous poisoning attacks. Our attack influences training outcome – e.g., degrades accuracy or biases the model towards an adversary-specified label – purely by scheduling asynchronous training threads in a malicious fashion. Since thread scheduling is outside the protections of modern trusted execution environments (TEEs), e.g., Intel SGX, our attack bypasses these protections even when the training set can be verified as correct. To the best of our knowledge, this represents the first example where a class of applications loses integrity guarantees, despite being protected by enclave-based TEEs such as Intel SGX. We demonstrate both accuracy degradation and model biasing attacks on the CIFAR-10 image recognition task using ResNet-style DNNs, attacking an asynchronous training implementation published by PyTorch. We perform a deeper analysis on a LeNet-style DNN. We also perform proof-of-concept experiments to validate our assumptions on an SGX-enabled machine. Our most powerful accuracy degradation attack makes no assumptions about the underlying training algorithm aside from the algorithm supporting racy updates, yet is capable of returning a fully trained network back to the accuracy of an untrained network, or to some accuracy in between based on attacker-controlled parameters. Our model biasing attack is capable of biasing the model towards an attacker-chosen label by up to ∼2 ×  the label's normal prediction rate. Advisors/Committee Members: Fletcher, Christopher W (advisor).

Subjects/Keywords: adversarial machine learning trusted execution environment SGX operating systems multi-processing asynchronous stochastic gradient descent poisoning attacks machine learning

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

Sanchez Vicarte, J. R. (2019). Game of threads: Enabling asynchronous poisoning attacks. (Thesis). University of Illinois – Urbana-Champaign. Retrieved from http://hdl.handle.net/2142/106293

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16th Edition):

Sanchez Vicarte, Jose Rodrigo. “Game of threads: Enabling asynchronous poisoning attacks.” 2019. Thesis, University of Illinois – Urbana-Champaign. Accessed February 27, 2021. http://hdl.handle.net/2142/106293.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7th Edition):

Sanchez Vicarte, Jose Rodrigo. “Game of threads: Enabling asynchronous poisoning attacks.” 2019. Web. 27 Feb 2021.

Vancouver:

Sanchez Vicarte JR. Game of threads: Enabling asynchronous poisoning attacks. [Internet] [Thesis]. University of Illinois – Urbana-Champaign; 2019. [cited 2021 Feb 27]. Available from: http://hdl.handle.net/2142/106293.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Sanchez Vicarte JR. Game of threads: Enabling asynchronous poisoning attacks. [Thesis]. University of Illinois – Urbana-Champaign; 2019. Available from: http://hdl.handle.net/2142/106293

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

2. Yan, Mengjia. Cache-based side channels: Modern attacks and defenses.

Degree: PhD, Computer Science, 2019, University of Illinois – Urbana-Champaign

Security and trustworthiness are key considerations in designing modern processor hardware. It has been shown that, among various data leakage attacks, side channel attacks are one of the most effective and stealthy ones. In a side channel attack, an attacker can steal encryption keys, monitor keystrokes or reveal a user's personal information by leveraging the information derived from the side effects of a program's execution. These side effects include timing information, micro-architecture states, power consumption, electromagnetic leaks and even sound. This thesis studies the important type of micro-architecture side channel attacks that exploit the shared cache hierarchies. Recently, we have witnessed ever more effective cache-based side attack techniques and the serious security threats posed by these attacks. It is urgent for computer architects to redesign processors and fix these vulnerabilities promptly and effectively. We address the cache-based side channel security problems in two ways. First, as modern caches are temporally and spatially shared across different security domains, the shared cache hierarchy offers a broad attack surface. It provides attackers a number of ways to interfere with a victim's execution and cache behavior, which, in turn, significantly increases side channel vulnerabilities. We study the role of cache interference in different cache attacks and propose effective solutions to mitigate shared cache attacks by limiting malicious interference. According to our analysis, in a multi-level cache hierarchy, creating "inclusion victims" is the key in a successful attack, since they give an attacker visibility into a victim's private cache and glean useful information. Based on this important observation, we present a secure hierarchy-aware cache replacement policy (SHARP) to defeat cache attacks on inclusive cache hierarchies by eliminating inclusion victims. In addition, we show that inclusion victims also exist in non-inclusive cache hierarchies and that the non-inclusive property is insufficient to stave off cache-based side channel attacks. We design the first two conflict-based cache attacks targeting the directory structure in a non-inclusive cache hierarchy, and prove that the directory structure is actually the unified attack surface for all types of cache hierarchies, including inclusive, non-inclusive and exclusive ones. To address this problem, we present the first scalable secure directory (SecDir) design to eliminate inclusion victims by restructuring the directory organization. Second, cache-based side channel attacks play an important role in transient execution attacks, leading to arbitrary information leakage and the violation of memory isolation policy. Specifically, in transient execution attacks, speculative execution causes the execution of instructions on incorrect paths. Such instructions potentially access secret, leaving side effects on the cache hierarchies before being squashed. We study how to effectively defend against transient execution attacks on… Advisors/Committee Members: Torrellas, Josep (advisor), Torrellas, Josep (Committee Chair), Fletcher, Christopher W. (committee member), Marinov, Darko (committee member), Emer, Joel (committee member), Lee, Ruby B. (committee member), Morrison, Adam (committee member).

Subjects/Keywords: side channel; cache; security; attacks and defenses; micro-architecture

Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

Yan, M. (2019). Cache-based side channels: Modern attacks and defenses. (Doctoral Dissertation). University of Illinois – Urbana-Champaign. Retrieved from http://hdl.handle.net/2142/106167

Chicago Manual of Style (16th Edition):

Yan, Mengjia. “Cache-based side channels: Modern attacks and defenses.” 2019. Doctoral Dissertation, University of Illinois – Urbana-Champaign. Accessed February 27, 2021. http://hdl.handle.net/2142/106167.

MLA Handbook (7th Edition):

Yan, Mengjia. “Cache-based side channels: Modern attacks and defenses.” 2019. Web. 27 Feb 2021.

Vancouver:

Yan M. Cache-based side channels: Modern attacks and defenses. [Internet] [Doctoral dissertation]. University of Illinois – Urbana-Champaign; 2019. [cited 2021 Feb 27]. Available from: http://hdl.handle.net/2142/106167.

Council of Science Editors:

Yan M. Cache-based side channels: Modern attacks and defenses. [Doctoral Dissertation]. University of Illinois – Urbana-Champaign; 2019. Available from: http://hdl.handle.net/2142/106167

.