Showing 1–2 of 2 results for author: Bagmar, A

Membership Inference Attacks on Lottery Ticket Networks

Authors: Aadesh Bagmar, Shishira R Maiya, Shruti Bidwalka, Amol Deshpande

Abstract: The vulnerability of the Lottery Ticket Hypothesis has not been studied from the purview of Membership Inference Attacks. Through this work, we are the first to empirically show that the lottery ticket networks are equally vulnerable to membership inference attacks. A Membership Inference Attack (MIA) is the process of determining whether a data sample belongs to a training set of a trained model… ▽ More The vulnerability of the Lottery Ticket Hypothesis has not been studied from the purview of Membership Inference Attacks. Through this work, we are the first to empirically show that the lottery ticket networks are equally vulnerable to membership inference attacks. A Membership Inference Attack (MIA) is the process of determining whether a data sample belongs to a training set of a trained model or not. Membership Inference Attacks could leak critical information about the training data that can be used for targeted attacks. Recent deep learning models often have very large memory footprints and a high computational cost associated with training and drawing inferences. Lottery Ticket Hypothesis is used to prune the networks to find smaller sub-networks that at least match the performance of the original model in terms of test accuracy in a similar number of iterations. We used CIFAR-10, CIFAR-100, and ImageNet datasets to perform image classification tasks and observe that the attack accuracies are similar. We also see that the attack accuracy varies directly according to the number of classes in the dataset and the sparsity of the network. We demonstrate that these attacks are transferable across models with high accuracy. △ Less

Submitted 7 August, 2021; originally announced August 2021.

Journal ref: ICML 2021 workshop on A Blessing in Disguise:The Prospects and Perils of Adversarial Machine Learning

I Know What You Imported Last Summer: A study of security threats in thePython ecosystem

Authors: Aadesh Bagmar, Josiah Wedgwood, Dave Levin, Jim Purtilo

Abstract: The popularity of Python has risen rapidly over the past 15 years. It is a major language in some of the most exciting technologies today. This popularity has led to a large ecosystem of third-party packages available via the pip package registry which hosts more than 200,000 packages. These third-party packages can be reused by simply importing the package after installing using package managers… ▽ More The popularity of Python has risen rapidly over the past 15 years. It is a major language in some of the most exciting technologies today. This popularity has led to a large ecosystem of third-party packages available via the pip package registry which hosts more than 200,000 packages. These third-party packages can be reused by simply importing the package after installing using package managers like pip. The ease of reuse of third-party software comes with security risks putting millions of users in danger. In this project, we study the ecosystem to analyze this threat. The mature ecosystem of Python has multiple weak spots that we highlight in our project. First, we demonstrate how trivial it is to exploit the Python ecosystem. Then, we systematically analyze dependencies amongst packages, maintainers, and publicly reported security issues. Most attacks are possible only if users install malicious packages. We thus try to analyze and evaluate different methods used by attackers to force incorrect downloads. We quantify your ideas by estimating the potential threat that can be caused by exploiting a popular Python package. We also discuss methods used in the industry to defend against such attacks △ Less

Submitted 11 February, 2021; originally announced February 2021.