Searched for: author%3A%22Picek%2C+S.%22
(1 - 20 of 64)

Pages

document
Perin, G. (author), Wu, L. (author), Picek, S. (author)
The adoption of deep neural networks for profiling side-channel attacks opened new perspectives for leakage detection. Recent publications showed that cryptographic implementations featuring different countermeasures could be broken without feature selection or trace preprocessing. This success comes with a high price: an extensive...
journal article 2023
document
Mariot, L. (author), Picek, S. (author), R Yorgova, R.A. (author)
One of the Round 3 Finalists in the NIST post-quantum cryptography call is the Classic McEliece cryptosystem. Although it is one of the most secure cryptosystems, the large size of its public key remains a practical limitation. In this work, we propose a McEliece-type cryptosystem using large minimum distance error-correcting codes derived from...
journal article 2023
document
Mercier, Arthur (author), Smolin, Nikita (author), Sihlovec, Oliver (author), Koffas, S. (author), Picek, S. (author)
Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still,...
journal article 2023
document
Picek, S. (author), Perin, G. (author), Mariot, L. (author), Wu, L. (author), Batina, Lejla (author)
Side-channel attacks represent a realistic and serious threat to the security of embedded devices for already almost three decades. A variety of attacks and targets they can be applied to have been introduced, and while the area of side-channel attacks and their mitigation is very well-researched, it is yet to be consolidated. Deep learning...
journal article 2023
document
Koffas, S. (author), Pajola, Luca (author), Picek, S. (author), Conti, M. (author)
This work explores stylistic triggers for backdoor attacks in the audio domain: dynamic transformations of malicious samples through guitar effects. We first formalize stylistic triggers – currently missing in the literature. Second, we explore how to develop stylistic triggers in the audio domain by proposing JingleBack. Our experiments confirm...
conference paper 2023
document
Li, H. (author), Rieger, Phillip (author), Zeitouni, Shaza (author), Picek, S. (author), Sadeghi, Ahmad Reza (author)
Federated Learning (FL) has become very popular since it enables clients to train a joint model collaboratively without sharing their private data. However, FL has been shown to be susceptible to backdoor and inference attacks. While in the former, the adversary injects manipulated updates into the aggregation process; the latter leverages...
conference paper 2023
document
Kerkhof, Maikel (author), Wu, L. (author), Perin, G. (author), Picek, S. (author)
Deep learning is a powerful direction for profiling side-channel analysis as it can break targets protected with countermeasures even with a relatively small number of attack traces. Still, it is necessary to conduct hyperparameter tuning to reach strong attack performance, which can be far from trivial. Besides many options stemming from the...
journal article 2023
document
Wu, L. (author), Weissbart, L.J.A. (author), Krcek, M. (author), Li, H. (author), Perin, G. (author), Batina, Lejla (author), Picek, S. (author)
The efficiency of the profiling side-channel analysis can be significantly improved with machine learning techniques. Although powerful, a fundamental machine learning limitation of being data-hungry received little attention in the side-channel community. In practice, the maximum number of leakage traces that evaluators/attackers can obtain is...
journal article 2023
document
Li, H. (author), Mentens, Nele (author), Picek, S. (author)
SHA-3 is considered to be one of the most secure standardized hash functions. It relies on the Keccak-f[1 600] permutation, which operates on an internal state of 1 600 bits, mostly represented as a 5 x 5 x 64-bit matrix. While existing implementations process the state sequentially in chunks of typically 32 or 64 bits, the Keccak-f[1 600]...
conference paper 2023
document
Xu, J. (author), Koffas, S. (author), Ersoy, Oǧuzhan (author), Picek, S. (author)
Graph Neural Networks (GNNs) have achieved promising performance in various real-world applications. Building a powerful GNN model is not a trivial task, as it requires a large amount of training data, powerful computing resources, and human expertise. Moreover, with the development of adversarial attacks, e.g., model stealing attacks, GNNs...
conference paper 2023
document
Carlet, Claude (author), Picek, S. (author)
We derive necessary conditions related to the notions, in additive combinatorics, of Sidon sets and sum-free sets, on those exponents d ∈ Z/(2<sup>n</sup> − 1)Z, which are such that F (x) = x<sup>d</sup> is an APN function over F<sub>2</sub>n (which is an important cryptographic property). We study to what extent these new conditions may...
journal article 2023
document
Xu, J. (author), Abad, Gorka (author), Picek, S. (author)
Backdoor attacks have been demonstrated as a security threat for machine learning models. Traditional backdoor attacks intend to inject backdoor functionality into the model such that the backdoored model will perform abnormally on inputs with predefined backdoor triggers and still retain state-of-the-art performance on the clean inputs. While...
conference paper 2023
document
Coello, Carlos Coello (author), Krcek, M. (author), Durasevic, Marko (author), Mariot, L. (author), Jakobovic, Domagoj (author), Picek, S. (author)
Evolutionary algorithms have been successfully applied to attack Physically Unclonable Functions (PUFs). CMA-ES is recognized as the most powerful option for a type of attack called the reliability attack. In this paper, we take a step back and systematically evaluate several metaheuristics for the challenge-response pair-based attack on...
conference paper 2023
document
Batina, Lejla (author), Bhasin, Shivam (author), Jap, Dirmanto (author), Picek, S. (author)
This paper was selected for Top Picks in Hardware and Embedded Security 2020 and it presents a physical side-channel attack aiming at reverse engineering neural networks implemented on an edge device. The attack does not need access to training data and allows for neural network recovery by feeding known random inputs. We successfully reverse...
journal article 2022
document
Li, H. (author), Mentens, Nele (author), Picek, S. (author)
This paper uses RISC-V vector extensions to speed up lattice-based operations in architectures based on HW/SW co-design. We analyze the structure of the number-theoretic transform (NTT), inverse NTT (INTT), and coefficient-wise multiplication (CWM) in CRYSTALS-Kyber, a lattice-based key encapsulation mechanism. We propose 12 vector extensions...
conference paper 2022
document
Jin, Yier (author), Ho, Tsung Yi (author), Picek, S. (author), Garg, Siddharth (author)
contribution to periodical 2022
document
Conti, M. (author), Li, Jiaxin (author), Picek, S. (author), Xu, J. (author)
Graph Neural Networks (GNNs), inspired by Convolutional Neural Networks (CNNs), aggregate the message of nodes' neighbors and structure information to acquire expressive representations of nodes for node classification, graph classification, and link prediction. Previous studies have indicated that node-level GNNs are vulnerable to Membership...
conference paper 2022
document
Xu, J. (author), Picek, S. (author)
Graph Neural Networks (GNNs) have achieved impressive results in various graph learning tasks. They have found their way into many applications, such as fraud detection, molecular property prediction, or knowledge graph reasoning. However, GNNs have been recently demonstrated to be vulnerable to backdoor attacks. In this work, we explore a...
conference paper 2022
document
Koffas, S. (author), Picek, S. (author), Conti, M. (author)
Outsourced training and machine learning as a service have resulted in novel attack vectors like backdoor attacks. Such attacks embed a secret functionality in a neural network activated when the trigger is added to its input. In most works in the literature, the trigger is static, both in terms of location and pattern. The effectiveness of...
conference paper 2022
document
Koffas, S. (author), Xu, J. (author), Conti, M. (author), Picek, S. (author)
This work explores backdoor attacks for automatic speech recognition systems where we inject inaudible triggers. By doing so, we make the backdoor attack challenging to detect for legitimate users and, consequently, potentially more dangerous. We conduct experiments on two versions of a speech dataset and three neural networks and explore the...
conference paper 2022
Searched for: author%3A%22Picek%2C+S.%22
(1 - 20 of 64)

Pages