N. Asokan and Mei Nagapan present guest lectures on AI/ML for secure software development
Leading researchers join ESL GCI on May 18
ESL Global Cybersecurity Institute presents two talks from two leading researchers on AI/ML for Secure Software Development!
GOL 1710 (GCI Conference Rooms)
1st Talk: 11.00am -11.30am
Title: False Claims against Model Ownership Resolution
Abstract: Over the last several years, several ML security researchers (including those in my group) have explored ML model stealing attacks and defenses. The rough state-of-the-art consensus is that while model stealing is a realistic concern, all of the proposed detection or prevention mechanisms fall short in terms of security or deployability. Model ownership resolution (MOR), especially in the form of model fingerprinting, appears to hold promise as a viable deterrence mechanism. In this talk, I will outline our ongoing work on exploring the robustness of known MOR techniques.We discover that all existing MOR techniques appear to be vulnerable to false claim attacks. I will describe the attacks and discuss potential countermeasures.
Bio: N. Asokan is a professor and a Cheriton Chair at the University of Waterloo, where he serves as the executive director of Cybersecurity and Privacy Institute. He specializes in systems security research. Previously (2013-2019), he was a professor at Aalto University, where he is still affiliated as an adjunct professor. He also served as a professor at the University of Helsinki (2012-2017). Prior to joining academia, he was with IBM Research and Nokia Research Center. Asokan is an ACM Fellow (2018), and an IEEE Fellow (2017).
2nd Talk 11.30am -12.00pm
Title: Benefits and Drawbacks of using LLMs in Software Development
Abstract: LLMs have made a huge splash in their ability to do a variety of tasks including writing code. However, there is now a substantial body of work that has shown the limitations of LLMs for coding - introducing vulnerabilities to themselves being prone to prompt engineered attacks. But in our recent work we have found that while LLM-based tools like Copilot have their flaws, they have great potential too. In this talk, I will talk about the benefits and drawbacks of using LLMs in Software Development, particularly with respect to the run-time performance of software and software security.
Bio: Mei Nagapan is an Associate Professor and the Ross and Muriel Cheriton Faculty Fellow in the David R. Cheriton School of Computer Science at the University of Waterloo. Previously he was an Assistant Professor at the Software Engineering department of Rochester Institute of Technology. He completed his PhD under Dr. Mladen Vouk in the Computer Science Department of North Carolina State University. His research interests are in 'Big Data' Empirical Software Engineering by mining Ultra Large repositories of software to identify patterns and relationships in large ecosystems.