IBM at USENIX Security Symposium 2025

  • Seattle, WA, USA
This event has ended.

About

IBM is proud to sponsor the 34th USENIX Security Symposium in Seattle, WA, USA.

The symposium brings together researchers, practitioners, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks.

View our accepted work

Career opportunities

Visit us at the IBM Research table in the exhibitor area to meet with IBM Researchers to speak about our work and future job opportunities.

Keep up with emerging research and scientific developments from IBM Research. Subscribe to the Future Forward Newsletter.

Careers at IBM Research

Agenda

  • Description:

    Data forging attacks provide counterfactual proof that a model was trained on a given dataset, when in fact, it was trained on another. These attacks work by forging (replacing) mini-batches with ones containing distinct training examples that produce nearly identical gradients. Data forging appears to break any potential avenues for data governance, as adversarial model owners may forge their training set from a dataset that is not compliant to one that is. Given these serious implications on data auditing and compliance, we critically analyse data forging from both a practical and theoretical point of view, finding that a key practical limitation of current attack methods makes them easily detectable by a verifier; namely that they cannot produce sufficiently identical gradients. Theoretically, we analyse the question of whether two distinct mini-batches can produce the same gradient. Generally, we find that while there may exist an infinite number of distinct mini-batches with real-valued training examples and labels that produce the same gradient, finding those that are within the allowed domain e.g. pixel values between 0-255 and one hot labels is a non trivial task. Our results call for the reevaluation of the strength of existing attacks, and for additional research into successful data forging, given the serious consequences it may have on machine learning and privacy.

    View full paper
    Authors:
    MS
    Mohamed Suliman
    Trinity College Dublin
    AH
    Anisa Halimi
    IBM Research
    SK
    Swanand Ravindra Kadhe
    IBM Research
    NB
    Nathalie Baracaldo
    Nathalie Baracaldo
    Manager of AI Security and Privacy Solutions - Senior Research Scientist - Master Inventor, Ph.D.
    IBM Research
    DL
    Douglas Leith
    Trinity College Dublin
  • Description:

    Instruction set architectures (ISAs) are complex, with hundreds of registers and instructions that can modify dozens of them during execution, variably on each instance. Prose-style ISA specifications struggle to capture these intricacies of the ISAs, where often the important details about a single register are spread out across hundreds of pages of documentation. Ensuring that all ISA-state is swapped in context switch implementations of privileged software requires meticulous examination of these pages. This manual process is tedious and error-prone. We propose a tool called Sailor that leverages machine-readable ISA specifications written in Sail and Isla symbolic execution engine for Sail to automate this task. Sailor determines the ISA-state that must be swapped during the context switch using the data collected from Isla and a novel algorithm to identify all the ISA-state that must be swapped during context switches. We use Sailor to assess the context switch code of multiple systems: from regular user process context switching code in the RISC-V Linux kernel on the StarFive VisionFive2 board, to the enclave context switching code in confidential computing frameworks, Keystone and Komodo. We identify multiple mishandled security-sensitive ISA-state. This research exposes an often overlooked attack surface that stems from mishandled ISA-state, enabling unprivileged adversaries to exploit system vulnerabilities.

    View full paper
    Authors:
    NK
    Neelu S. Kalani
    EPFL
    TB
    Thomas Bourgeat
    EPFL
    GH
    Guerney D.H. Hunt
    IBM Thomas J. Watson Research Center

Upcoming events

View all events