8 results on '"Islam, Saad"'
Number of results to display per page
Search Results
2. Green Nanoparticles in Sustainable Therapeutics and Future Sustainability: Green Nanoparticles in Sustainable Therapeutics
- Author
-
Kamran, Tasmiya, Rehman, Arsheen, Malik, Aaroj, Siddiqui, Mahrukh, Ahmad, Rehan, Muhammad Islam, Saad, Hurera, Abu, Rehman, Huda, Walait, Manam, Walayt, Salman, Kamran, Tasmiya, Rehman, Arsheen, Malik, Aaroj, Siddiqui, Mahrukh, Ahmad, Rehan, Muhammad Islam, Saad, Hurera, Abu, Rehman, Huda, Walait, Manam, and Walayt, Salman
- Abstract
Green nanoparticles (GNPs) are being produced from microbial and plant sources and have numerous applications in various fields. The article focuses on the NPs that provide various focal points in the many scientific and technological fields for the cutting-edge uses of nanoparticles. Due to their toxicity, cost-effectiveness, ease of use, and environmental friendliness, green NPs are extremely important. It is closely observed how important green NPs are to the development of science and technology in the context of sustainable therapeutics. The only issue with green nanoparticles is occasionally how toxic they can be. A sustainable future, which the entire world looks forward to, is directly related to green nanoparticles and their role in numerous applications.
- Published
- 2023
3. Tackling Hallucinations in Neural Chart Summarization
- Author
-
Islam, Saad Obaid ul, Škrjanec, Iza, Dušek, Ondřej, Demberg, Vera, Islam, Saad Obaid ul, Škrjanec, Iza, Dušek, Ondřej, and Demberg, Vera
- Abstract
Hallucinations in text generation occur when the system produces text that is not grounded in the input. In this work, we tackle the problem of hallucinations in neural chart summarization. Our analysis shows that the target side of chart summarization training datasets often contains additional information, leading to hallucinations. We propose a natural language inference (NLI) based method to preprocess the training data and show through human evaluation that our method significantly reduces hallucinations. We also found that shortening long-distance dependencies in the input sequence and adding chart-related information like title and legends improves the overall performance., Comment: To be presented in INLG 2023
- Published
- 2023
4. An End-to-End Analysis of EMFI on Bit-sliced Post-Quantum Implementations
- Author
-
Singh, Richa, Islam, Saad, Sunar, Berk, Schaumont, Patrick, Singh, Richa, Islam, Saad, Sunar, Berk, and Schaumont, Patrick
- Abstract
Bit-slicing is a software implementation technique that treats an N-bit processor datapath as N parallel single-bit datapaths. The natural spatial redundancy of bit-sliced software can be used to build countermeasures against implementation attacks. While the merits of bit-slicing for side-channel countermeasures have been studied before, their application for protection of post-quantum algorithms against fault injection is still unexplored. We present an end-to-end analysis of the efficacy of bit-slicing to detect and thwart electromagnetic fault injection (EMFI) attacks on post-quantum cryptography (PQC). We study Dilithium, a digital signature finalist of the NIST PQC competition. We present a bit-slice-redundant design for the Number-Theoretic Transform (NTT), the most complex and compute-intensive component in Dilithium. We show a data-redundant countermeasure for NTT which offers two concurrent bits for every single bit in the original implementation. We then implement a full Dilithium signature sequence on a 667 MHz ARM Cortex-A9 processor integrated in a Xilinx Zynq SoC. We perform a detailed EM fault-injection parameter search to optimize the location, intensity and timing of injected EM pulses. We demonstrate that, under optimized fault injection parameters, about 10% of the injected faults become potentially exploitable. However, the bit-sliced NTT design is able to catch the majority of these potentially exploitable faults, even when the remainder of the Dilithium algorithm as well as the control flow is left unprotected. To our knowledge, this is the first demonstration of a bitslice-redundant design of Dilithium that offers distributed fault detection throughout the execution of the algorithm.
- Published
- 2022
5. Signature Correction Attack on Dilithium Signature Scheme
- Author
-
Islam, Saad, Mus, Koksal, Singh, Richa, Schaumont, Patrick, Sunar, Berk, Islam, Saad, Mus, Koksal, Singh, Richa, Schaumont, Patrick, and Sunar, Berk
- Abstract
Motivated by the rise of quantum computers, existing public-key cryptosystems are expected to be replaced by post-quantum schemes in the next decade in billions of devices. To facilitate the transition, NIST is running a standardization process which is currently in its final Round. Only three digital signature schemes are left in the competition, among which Dilithium and Falcon are the ones based on lattices. Classical fault attacks on signature schemes make use of pairs of faulty and correct signatures to recover the secret key which only works on deterministic schemes. To counter such attacks, Dilithium offers a randomized version which makes each signature unique, even when signing identical messages. In this work, we introduce a novel Signature Correction Attack which not only applies to the deterministic version but also to the randomized version of Dilithium and is effective even on constant-time implementations using AVX2 instructions. The Signature Correction Attack exploits the mathematical structure of Dilithium to recover the secret key bits by using faulty signatures and the public-key. It can work for any fault mechanism which can induce single bit-flips. For demonstration, we are using Rowhammer induced faults. Thus, our attack does not require any physical access or special privileges, and hence could be also implemented on shared cloud servers. We perform a thorough classical and quantum security analysis of Dilithium and successfully recover 1,851 bits out of 3,072 bits of secret key $s_1$ for security level 2. The lattice strength against quantum attackers is reduced from $2^{128}$ to $2^{81}$ while the strength against classical attackers is reduced from $2^{141}$ to $2^{89}$. Hence, the Signature Correction Attack may be employed to achieve a practical attack on Dilithium (security level 2) as proposed in Round 3 of the NIST post-quantum standardization process.
- Published
- 2022
6. Don't Knock! Rowhammer at the Backdoor of DNN Models
- Author
-
Tol, M. Caner, Islam, Saad, Adiletta, Andrew J., Sunar, Berk, Zhang, Ziming, Tol, M. Caner, Islam, Saad, Adiletta, Andrew J., Sunar, Berk, and Zhang, Ziming
- Abstract
State-of-the-art deep neural networks (DNNs) have been proven to be vulnerable to adversarial manipulation and backdoor attacks. Backdoored models deviate from expected behavior on inputs with predefined triggers while retaining performance on clean data. Recent works focus on software simulation of backdoor injection during the inference phase by modifying network weights, which we find often unrealistic in practice due to restrictions in hardware. In contrast, in this work for the first time, we present an end-to-end backdoor injection attack realized on actual hardware on a classifier model using Rowhammer as the fault injection method. To this end, we first investigate the viability of backdoor injection attacks in real-life deployments of DNNs on hardware and address such practical issues in hardware implementation from a novel optimization perspective. We are motivated by the fact that vulnerable memory locations are very rare, device-specific, and sparsely distributed. Consequently, we propose a novel network training algorithm based on constrained optimization to achieve a realistic backdoor injection attack in hardware. By modifying parameters uniformly across the convolutional and fully-connected layers as well as optimizing the trigger pattern together, we achieve state-of-the-art attack performance with fewer bit flips. For instance, our method on a hardware-deployed ResNet-20 model trained on CIFAR-10 achieves over 89% test accuracy and 92% attack success rate by flipping only 10 out of 2.2 million bits., Comment: 2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
- Published
- 2021
7. SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks
- Author
-
Islam, Saad, Moghimi, Ahmad, Bruhns, Ida, Krebbel, Moritz, Gulmezoglu, Berk, Eisenbarth, Thomas, Sunar, Berk, Islam, Saad, Moghimi, Ahmad, Bruhns, Ida, Krebbel, Moritz, Gulmezoglu, Berk, Eisenbarth, Thomas, and Sunar, Berk
- Abstract
Modern microarchitectures incorporate optimization techniques such as speculative loads and store forwarding to improve the memory bottleneck. The processor executes the load speculatively before the stores, and forwards the data of a preceding store to the load if there is a potential dependency. This enhances performance since the load does not have to wait for preceding stores to complete. However, the dependency prediction relies on partial address information, which may lead to false dependencies and stall hazards. In this work, we are the first to show that the dependency resolution logic that serves the speculative load can be exploited to gain information about the physical page mappings. Microarchitectural side-channel attacks such as Rowhammer and cache attacks like Prime+Probe rely on the reverse engineering of the virtual-to-physical address mapping. We propose the SPOILER attack which exploits this leakage to speed up this reverse engineering by a factor of 256. Then, we show how this can improve the Prime+Probe attack by a 4096 factor speed up of the eviction set search, even from sandboxed environments like JavaScript. Finally, we improve the Rowhammer attack by showing how SPOILER helps to conduct DRAM row conflicts deterministically with up to 100% chance, and by demonstrating a double-sided Rowhammer attack with normal user's privilege. The later is due to the possibility of detecting contiguous memory pages using the SPOILER leakage., Comment: The 28th USENIX Security Symposium (USENIX Security '19)
- Published
- 2019
8. Undermining User Privacy on Mobile Devices Using AI
- Author
-
Gulmezoglu, Berk, Zankl, Andreas, Tol, M. Caner, Islam, Saad, Eisenbarth, Thomas, Sunar, Berk, Gulmezoglu, Berk, Zankl, Andreas, Tol, M. Caner, Islam, Saad, Eisenbarth, Thomas, and Sunar, Berk
- Abstract
Over the past years, literature has shown that attacks exploiting the microarchitecture of modern processors pose a serious threat to the privacy of mobile phone users. This is because applications leave distinct footprints in the processor, which can be used by malware to infer user activities. In this work, we show that these inference attacks are considerably more practical when combined with advanced AI techniques. In particular, we focus on profiling the activity in the last-level cache (LLC) of ARM processors. We employ a simple Prime+Probe based monitoring technique to obtain cache traces, which we classify with Deep Learning methods including Convolutional Neural Networks. We demonstrate our approach on an off-the-shelf Android phone by launching a successful attack from an unprivileged, zeropermission App in well under a minute. The App thereby detects running applications with an accuracy of 98% and reveals opened websites and streaming videos by monitoring the LLC for at most 6 seconds. This is possible, since Deep Learning compensates measurement disturbances stemming from the inherently noisy LLC monitoring and unfavorable cache characteristics such as random line replacement policies. In summary, our results show that thanks to advanced AI techniques, inference attacks are becoming alarmingly easy to implement and execute in practice. This once more calls for countermeasures that confine microarchitectural leakage and protect mobile phone applications, especially those valuing the privacy of their users.
- Published
- 2018
Catalog
Books, media, physical & digital resources
Discovery Service for Jio Institute Digital Library
For full access to our library's resources, please sign in.