Publications
2025
Pre-prints
- Rex: Reversible Solvers for Diffusion ModelsZander W. Blasingame, and Chen LiuOct 2025
Diffusion models have quickly become the state-of-the-art for numerous generation tasks across many different applications. Encoding samples from the data distribution back into the models underlying prior distribution is an important task that arises in many downstream applications. This task is often called the inversion of diffusion models. Prior approaches for solving this task, however, are often simple heuristic solvers that come with several drawbacks in practice. In this work, we propose a new family of solvers for diffusion models by exploiting the connection between this task and the broader study of algebraically reversible solvers for differential equations. In particular, we construct a family of reversible solvers using an application of Lawson methods to construct exponential Runge-Kutta methods for the diffusion models. We call this family of reversible exponential solvers Rex. In addition to a rigorous theoretical analysis of the proposed solvers we also demonstrate the utility of the methods through a variety of empirical illustrations.
@misc{blasingame2025rex, title = {Rex: Reversible Solvers for Diffusion Models}, author = {Blasingame, Zander W. and Liu, Chen}, year = {2025}, month = oct, } - LoRA as a Flexible Framework for Securing Large Vision SystemsZander W. Blasingame*, Richard E. Neddo*, and Chen LiuJul 2025
Adversarial attacks have emerged as a critical threat to autonomous driving systems. These attacks exploit the underlying neural network, allowing small – nearly invisible – perturbations to completely alter the behavior of such systems in potentially malicious ways. E.g., causing a traffic sign classification network to misclassify a stop sign as a speed limit sign. Prior working in hardening such systems to adversarial attacks have looked at robust training of the system or adding additional pre-processing steps to the input pipeline. Such solutions either have a hard time generalizing, require knowledge of the adversarial attacks during training, or are computationally undesirable. Instead, we propose to take insights for parameter efficient fine-tuning and use low-rank adaptation (LoRA) to train a lightweight security patch – enabling us to dynamically patch a large preexisting vision system as new vulnerabilities are discovered. We demonstrate that our framework can patch a pre-trained model to improve classification accuracy by up to 78.01% in the presence of adversarial examples.
@misc{blasingame2025loraflexibleframeworksecuring, title = {LoRA as a Flexible Framework for Securing Large Vision Systems}, author = {Blasingame, Zander W. and Neddo, Richard E. and Liu, Chen}, year = {2025}, month = jul, eprint = {2506.00661}, archiveprefix = {arXiv}, primaryclass = {cs.CV}, url = {https://arxiv.org/abs/2506.00661}, }
Conferences
- Greed is Good: A Unifying Perspective on Guided GenerationZander W. Blasingame, and Chen LiuIn The Thirty-ninth Annual Conference on Neural Information Processing Systems, Dec 2025
Training-free guided generation is a widely used and powerful technique that allows the end user to exert further control over the generative process of flow/diffusion models. Generally speaking, two families of techniques have emerged for solving this problem for gradient-based guidance: namely, posterior guidance (i.e., guidance via projecting the current sample to the target distribution via the target prediction model) and end-to-end guidance (i.e., guidance by performing backpropagation throughout the entire ODE solve). In this work, we show that these two seemingly separate families can actually be unified by looking at posterior guidance as a greedy strategy of end-to-end guidance. We explore the theoretical connections between these two families and provide an in-depth theoretical of these two techniques relative to the continuous ideal gradients. Motivated by this analysis we then show a method for interpolating between these two families enabling a trade-off between compute and accuracy of the guidance gradients. We then validate this work on several inverse image problems and property-guided molecular generation.
@inproceedings{blasingame2025greedc, title = {Greed is Good: A Unifying Perspective on Guided Generation}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {The Thirty-ninth Annual Conference on Neural Information Processing Systems}, year = {2025}, url = {https://openreview.net/forum?id=s14pdQgoLb}, month = dec, } - Feasibility of Scalable Performance Counter Malware Detection Framework Using LightGBMChutitep Woralert, Chen Liu, and Zander BlasingameIn Proceedings of the 14th International Workshop on Hardware and Architectural Support for Security and Privacy, Oct 2025
Facing the challenge of increasingly sophisticated malware, it is imperative to develop an effective and adaptable malware detection framework. Hardware-level information has been shown to be very effective in detecting malware in the system through dynamic behavioral analysis at runtime. However, previous approaches suffer from the overhead of complex neural network models, as well as difficulty in scaling toward new attacks. In this work, we introduce a novel approach that leverages the Light Gradient-Boosting Machine (LightGBM) model, known for its efficiency and support for fast transfer learning method, to create a scalable and highly accurate malware detection system. Our framework achieves an exceptional detection accuracy of more than 99.95% for binary classification and 99.92% for multi-class classification on average. Through transfer learning, the model can quickly adapt to new malware data and environments, which we exemplified through ransomware, cryptojacking, and side-channel attacks, significantly reducing the time and resources needed for retraining. Our results highlight the potential of using the LightGBM model to improve the malware detection framework. The work also demonstrates the importance of integrating advanced machine learning techniques with low-level hardware information in order to achieve the robustness and adaptability of dynamic behavioral analysis.
@inproceedings{10.1145/3768725.3768735, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, title = {Feasibility of Scalable Performance Counter Malware Detection Framework Using LightGBM}, year = {2025}, month = oct, isbn = {9798400721984}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3768725.3768735}, doi = {10.1145/3768725.3768735}, booktitle = {Proceedings of the 14th International Workshop on Hardware and Architectural Support for Security and Privacy}, pages = {55–63}, numpages = {9}, keywords = {Performance Monitoring Counters, Supervised Learning, Ransomware}, series = {HASP '25}, } - ASAPScalable Malware Detection Framework Using Performance Counters and Gradient BoostingChutitep Woralert, Chen Liu, and Zander BlasingameIn 2025 IEEE 36th International Conference on Application-specific Systems, Architectures and Processors (ASAP), Jul 2025
Facing the challenge of increasingly sophisticated malware, it is imperative to develop an effective and adaptable malware detection framework. Hardware-level information has been shown to be very effective in detecting malware in the system through dynamic behavioral analysis at runtime. However, previous approaches suffer from the overhead of complex neural network models, as well as difficulty in scaling toward new attacks. In this work, we introduce a novel approach that leverages the Light Gradient-Boosting Machine (LightGBM) model, known for its efficiency and support for fast transfer learning method, to create a scalable and highly accurate malware detection system. Our framework achieves an exceptional detection accuracy of more than 99.90% for multiclass classification. Through transfer learning, the model can quickly adapt to new malware data and environments, significantly reducing the time and resources needed for retraining. Our results highlight the potential of using the LightGBM model to improve the malware detection framework.
@inproceedings{11113639, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, booktitle = {2025 IEEE 36th International Conference on Application-specific Systems, Architectures and Processors (ASAP)}, title = {Scalable Malware Detection Framework Using Performance Counters and Gradient Boosting}, year = {2025}, volume = {}, number = {}, pages = {180-181}, keywords = {Adaptation models;Accuracy;Runtime;Program processors;Transfer learning;Systems architecture;Side-channel attacks;Malware;Data models;Ransomware;Hardware-level information;Supervised Learning;LightGBM;Cryptojacking;Ransomware;Side-channel attack}, doi = {10.1109/ASAP65064.2025.00041}, month = jul, } - IEEE MOSTPoster: Adapting Pretrained Vision Transformers with LoRA Against Attack VectorsRichard E. Neddo, Sean Willis, Zander W. Blasingame, and Chen LiuIn 2025 IEEE International Conference on Mobility, Operations, Services, and Technologies (MOST), May 2025
@inproceedings{neddo2025vit, title = {Poster: Adapting Pretrained Vision Transformers with {LoRA} Against Attack Vectors}, author = {Neddo, Richard E. and Willis, Sean and Blasingame, Zander W. and Liu, Chen}, booktitle = {2025 IEEE International Conference on Mobility, Operations, Services, and Technologies (MOST)}, year = {2025}, month = may, }
Workshops
- Greed is Good: A Unifying Perspective on Guided GenerationZander W. Blasingame, and Chen LiuIn The Exploration in AI Today Workshop at ICML 2025, Jul 2025
Training-free guided generation is a widely used and powerful technique that allows the end user to exert further control over the generative process of flow/diffusion models. Generally speaking, two families of techniques have emerged for solving this problem for gradient-based guidance: namely, posterior guidance (i.e., guidance via projecting the current sample to the target distribution via the target prediction model) and end-to-end guidance (i.e., guidance by performing backpropagation throughout the entire ODE solve). In this work, we show that these two seemingly separate families can actually be unified by looking at posterior guidance as a greedy strategy of end-to-end guidance. We explore the theoretical connections between these two families and provide an in-depth theoretical of these two techniques relative to the continuous ideal gradients. Motivated by this analysis we then show a method for interpolating between these two families enabling a trade-off between compute and accuracy of the guidance gradients. We then validate this work on several inverse image problems and property-guided molecular generation.
@inproceedings{blasingame2025greedb, title = {Greed is Good: A Unifying Perspective on Guided Generation}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {The Exploration in AI Today Workshop at ICML 2025}, year = {2025}, url = {https://openreview.net/forum?id=cSU2jEzanw}, month = jul, } - Greed is Good: Guided Generation from a Greedy PerspectiveZander W. Blasingame, and Chen LiuIn Frontiers in Probabilistic Inference: Learning meets Sampling, Apr 2025
Training-free guided generation is a widely used and powerful technique that allows the end user to exert further control over the generative process of diffusion models. In this work, we explore the guided generation from the perspective of optimizing the solution trajectory of a neural differential equation in a greedy manner. We present such a strategy as a unifying view on training-free guidance by showing that the greedy strategy is a first-order discretization of end-to-end optimization techniques. We show that a greedy guidance strategy makes good decisions and compare it to a guidance strategy using the ideal gradients found via the continuous adjoint equations. We then show how other popular training-free guidance strategies can be viewed in a unified manner from this perspective.
@inproceedings{blasingame2025greeda, title = {Greed is Good: Guided Generation from a Greedy Perspective}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {Frontiers in Probabilistic Inference: Learning meets Sampling}, year = {2025}, month = apr, url = {https://openreview.net/forum?id=o4yQzZ5qCW}, } - A Reversible Solver for Diffusion SDEsZander W. Blasingame, and Chen LiuIn ICLR 2025 Workshop on Deep Generative Model in Machine Learning: Theory, Principle and Efficacy, Apr 2025
Diffusion models have quickly become the state-of-the-art for generation tasks across many different data modalities. An important ability of diffusion models is the ability to encode samples from the data distribution back into the sampling prior distribution. This is useful for performing alterations to real data samples along with guided generation via the continuous adjoint equations. We propose an algebraically reversible solver for diffusion SDEs that can exactly invert real data samples into the prior distribution.
@inproceedings{blasingame2025reversible, title = {A Reversible Solver for Diffusion {SDE}s}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {ICLR 2025 Workshop on Deep Generative Model in Machine Learning: Theory, Principle and Efficacy}, month = apr, year = {2025}, url = {https://openreview.net/forum?id=0gEFLVUL6n}, }
Theses
- Ph.D. ThesisOn Guided and Reversible Solvers for Neural Differential EquationsZander W. BlasingameClarkson University, Apr 2025
Neural differential equations have quickly become the backbone behind many powerful generative models such as flow models and diffusion models. These models have quickly become the state-of-the-art for modeling high-dimensional distributions, thereby enabling high fidelity sampling of such complicated real-world data distributions, e.g., images, audio, video, proteins, &c. Within the context of generative modeling, neural differential equations provide the mechanisms for describing a transport map from some nice tractable distribution to our desired data distribution. Then by solving this neural differential equation we can map samples from the nice distribution (e.g., Gaussian samples) to our desired data distribution. We explore strategies for guiding the model to enable greater creative control of these powerful deep generative models. Additionally, we explore reversible solvers for enabling the ability to encode real data samples into the noise space whilst preserving two important properties: exact inversion and low distortion to edits (i.e., stability). Topics include: continuous adjoint equations for flow/diffusion models (e.g., how to backpropagate through flow/diffusion models), greedy guidance for efficient guidance strategies (e.g., how strategies which avoid backpropagating through the entire flow model), and reversible solvers for neural SDEs (e.g., numerical solvers for SDEs which enables exact reconstruction). We anticipate that this thesis will be of interest to anyone working on guided generation with flow/diffusion models or working latent editing of real data samples with such models. We hope this thesis provides a useful reference of the current state-of-the-art.
@phdthesis{blasingame2025thesis, title = {On Guided and Reversible Solvers for Neural Differential Equations}, author = {Blasingame, Zander W.}, school = {Clarkson University}, year = {2025}, month = apr, }
2024
Conferences
- AdjointDEIS: Efficient Gradients for Diffusion ModelsZander W. Blasingame, and Chen LiuIn Advances in Neural Information Processing Systems, Dec 2024
The optimization of the latents and parameters of diffusion models with respect to some differentiable metric defined on the output of the model is a challenging and complex problem. The sampling for diffusion models is done by solving either the probability flow ODE or diffusion SDE wherein a neural network approximates the score function or related quantity, allowing a numerical ODE/SDE solver to be used. However, naïve backpropagation techniques are memory intensive, requiring the storage of all intermediate states, and face additional complexity in handling the injected noise from the diffusion term of the diffusion SDE. We propose a novel method based on the stochastic adjoint sensitivity method to calculate the gradientwith respect to the initial noise, conditional information, and model parameters by solving an additional SDE whose solution is the gradient of the diffusion SDE. We exploit the unique construction of diffusion SDEs to further simplify the formulation of the adjoint diffusion SDE and use a change-of-variables to simplify the solution to an exponentially weighted integral. Using this formulation we derive a custom solver for the adjoint SDE as well as the simpler adjoint ODE. The proposed adjoint diffusion solvers can efficiently compute the gradients for both the probability flow ODE and diffusion SDE for latents and parameters of the model. Lastly, we demonstrate the effectiveness of the adjoint diffusion solvers onthe face morphing problem.
@inproceedings{blasingame2024adjointdeit, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {Advances in Neural Information Processing Systems}, editor = {Globerson, A. and Mackey, L. and Belgrave, D. and Fan, A. and Paquet, U. and Tomczak, J. and Zhang, C.}, pages = {2449--2483}, publisher = {Curran Associates, Inc.}, title = {Adjoint{DEIS}: Efficient Gradients for Diffusion Models}, url = {https://proceedings.neurips.cc/paper_files/paper/2024/file/04badd3b048315c8c3a0ca17eff723d7-Paper-Conference.pdf}, openreview = {https://openreview.net/forum?id=fAlcxvrOEX}, volume = {37}, year = {2024}, month = dec, } - IJCB SpotlightGreedy-DiM: Greedy Algorithms for Unreasonably Effective Face MorphsZander W. Blasingame, and Chen LiuIn 2024 IEEE International Joint Conference on Biometrics (IJCB), Sep 2024
Spotlight
Morphing attacks are an emerging threat to state-of-the-art Face Recognition (FR) systems, which aim to create a single image that contains the biometric information of multiple identities. Diffusion Morphs (DiM) are a recently proposed morphing attack that has achieved state-of-the-art performance for representation-based morphing attacks. However, none of the existing research on DiMs have leveraged the iterative nature of DiMs and left the DiM model as a black box, treating it no differently than one would a Generative Adversarial Network (GAN) or Variational AutoEncoder (VAE). We propose a greedy strategy on the iterative sampling process of DiM models which searches for an optimal step guided by an identity-based heuristic function. We compare our proposed algorithm against ten other state-of-the-art morphing algorithms using the open-source SYN-MAD 2022 competition dataset. We find that our proposed algorithm is unreasonably effective, fooling all of the tested FR systems with an MMPMR of 100%, outperforming all other morphing algorithms compared.
@inproceedings{blasingame_greedydim, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {2024 IEEE International Joint Conference on Biometrics (IJCB)}, title = {Greedy-DiM: Greedy Algorithms for Unreasonably Effective Face Morphs}, year = {2024}, volume = {}, number = {}, pages = {1-11}, keywords = {Greedy algorithms;Schedules;Face recognition;Biological system modeling;Closed box;Generative adversarial networks;Diffusion models;Iterative methods;Optimization}, doi = {10.1109/IJCB62174.2024.10744517}, month = sep, } - The Impact of Print-Scanning in Heterogeneous Morph Evaluation ScenariosRichard E. Neddo, Zander W. Blasingame, and Chen LiuIn 2024 IEEE International Joint Conference on Biometrics (IJCB), Sep 2024
@inproceedings{10744441, author = {Neddo, Richard E. and Blasingame, Zander W. and Liu, Chen}, booktitle = {2024 IEEE International Joint Conference on Biometrics (IJCB)}, title = {The Impact of Print-Scanning in Heterogeneous Morph Evaluation Scenarios}, year = {2024}, volume = {}, number = {}, pages = {1-10}, keywords = {Training;Printing;Measurement;Uncertainty;Image color analysis;Error analysis;Face recognition;Pipelines;Ink;Classification algorithms}, doi = {10.1109/IJCB62174.2024.10744441}, } - Towards Effective Machine Learning Models for Ransomware Detection via Low-Level Hardware InformationChutitep Woralert, Chen Liu, and Zander BlasingameIn Proceedings of the 13th International Workshop on Hardware and Architectural Support for Security and Privacy, , Sep 2024
In recent years, ransomware attacks have grown dramatically. New variants continually emerging make tracking and mitigating these threats increasingly difficult using traditional detection methods. As the landscape of ransomware evolves, there is a growing need for more advanced detection techniques. Neural networks have gained popularity as a method to enhance detection accuracy, by leveraging low-level hardware information such as hardware events as features for identifying ransomware attacks. In this paper, we investigated several state-of-the-art supervised learning models, including XGBoost, LightGBM, MLP, and CNN, which are specifically designed to handle time series data or image-based data for ransomware detection. We compared their detection accuracy, computational efficiency, and resource requirements for classification. Our findings indicate that particularly LightGBM, offer a strong balance of high detection accuracy, fast processing speed, and low memory usage, making them highly effective for ransomware detection tasks.
@inproceedings{10.1145/3696843.3696847, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, title = {Towards Effective Machine Learning Models for Ransomware Detection via Low-Level Hardware Information}, year = {2024}, isbn = {9798400712210}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3696843.3696847}, doi = {10.1145/3696843.3696847}, booktitle = {Proceedings of the 13th International Workshop on Hardware and Architectural Support for Security and Privacy}, pages = {10–18}, numpages = {9}, keywords = {Performance Monitoring Counters, Supervised Learning, Ransomware}, location = { }, series = {HASP '24}, }
Journals
- IEEE TBIOM Oral @ IJCBLeveraging Diffusion for Strong and High Quality Face Morphing AttacksZander W. Blasingame, and Chen LiuIEEE Transactions on Biometrics, Behavior, and Identity Science, Jan 2024
Oral @ IJCB
Face morphing attacks seek to deceive a Face Recognition (FR) system by presenting a morphed image consisting of the biometric qualities from two different identities with the aim of triggering a false acceptance with one of the two identities, thereby presenting a significant threat to biometric systems. The success of a morphing attack is dependent on the ability of the morphed image to represent the biometric characteristics of both identities that were used to create the image. We present a novel morphing attack that uses a Diffusion-based architecture to improve the visual fidelity of the image and the ability of the morphing attack to represent characteristics from both identities. We demonstrate the effectiveness of the proposed attack by evaluating its visual fidelity via Fréchet Inception Distance (FID). Also, extensive experiments are conducted to measure the vulnerability of FR systems to the proposed attack. The ability of a morphing attack detector to detect the proposed attack is measured and compared against two state-of-the-art GAN-based morphing attacks along with two Landmark-based attacks. Additionally, a novel metric to measure the relative strength between different morphing attacks is introduced and evaluated.
@article{blasingame_dim, author = {Blasingame, Zander W. and Liu, Chen}, journal = {IEEE Transactions on Biometrics, Behavior, and Identity Science}, title = {Leveraging Diffusion for Strong and High Quality Face Morphing Attacks}, year = {2024}, month = jan, volume = {6}, number = {1}, pages = {118-131}, keywords = {Faces;Visualization;Generative adversarial networks;Face recognition;Codes;Generators;Semantics;Morphing attack;GAN;vulnerability analysis;face recognition;diffusion models}, doi = {10.1109/TBIOM.2024.3349857}, } - Fast-DiM: Towards Fast Diffusion MorphsZander W. Blasingame, and Chen LiuIEEE Security & Privacy, Jun 2024
Diffusion Morphs (DiM) are a recent state-of-the-art method for creating high quality face morphs; however, they require a high number of network function evaluations (NFE) to create the morphs. We propose a new DiM pipeline, Fast-DiM, which can create morphs of a similar quality but with fewer NFE. We investigate the ODE solvers used to solve the Probability Flow ODE and the impact they have on the the creation of face morphs. Additionally, we employ an alternative method for encoding images into the latent space of the Diffusion model by solving the Probability Flow ODE as time runs forwards. Our experiments show that we can reduce the NFE by upwards of 85% in the encoding process while experiencing only 1.6% reduction in Mated Morph Presentation Match Rate (MMPMR). Likewise, we showed we could cut NFE, in the sampling process, in half with only a maximal reduction of 0.23% in MMPMR.
@article{fast_dim, author = {Blasingame, Zander W. and Liu, Chen}, journal = {IEEE Security & Privacy}, title = {Fast-DiM: Towards Fast Diffusion Morphs}, year = {2024}, month = jun, volume = {22}, number = {4}, pages = {103-114}, keywords = {Stochastic processes;Generators;Encoding;Mathematical models;Face recognition;Codes;Diffusion processes}, doi = {10.1109/MSEC.2024.3410112}, }
Workshops
- AdjointDEIS: Efficient Gradients for Diffusion ModelsZander W. Blasingame, and Chen LiuIn The Third Workshop on New Frontiers in Adversarial Machine Learning, Dec 2024
@inproceedings{blasingame2024adjointdeis, author = {Blasingame, Zander W. and Liu, Chen}, title = {AdjointDEIS: Efficient Gradients for Diffusion Models}, booktitle = {The Third Workshop on New Frontiers in Adversarial Machine Learning}, url = {https://openreview.net/forum?id=4Bggd6HRes}, year = {2024}, month = dec, }
2023
Conferences
- AsianHOST OralA Comparison of One-class and Two-class Models for Ransomware Detection via Low-level Hardware InformationChutitep Woralert, Chen Liu, Zander Blasingame, and Zhiliu YangIn 2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Dec 2023
Oral
@inproceedings{10409333, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander and Yang, Zhiliu}, booktitle = {2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)}, title = {A Comparison of One-class and Two-class Models for Ransomware Detection via Low-level Hardware Information}, year = {2023}, month = dec, volume = {}, number = {}, pages = {1-6}, keywords = {Handwriting recognition;Supervised learning;Semisupervised learning;Hardware;Behavioral sciences;Ransomware;Anomaly detection;Performance Monitoring Counters;Semi-supervised Learning;Supervised Learning;Ransomware;Anomaly Detection}, doi = {10.1109/AsianHOST59942.2023.10409333} }
Journals
- HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting RansomwareChutitep Woralert, Chen Liu, and Zander BlasingameIEEE Transactions on Circuits and Systems I: Regular Papers, Dec 2023
@article{10208245, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, journal = {IEEE Transactions on Circuits and Systems I: Regular Papers}, title = {HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware}, year = {2023}, month = dec, volume = {70}, number = {12}, pages = {5036-5047}, keywords = {Ransomware;Monitoring;Behavioral sciences;Hardware;Servers;Registers;Operating systems;Performance evaluation;Semisupervised learning;Anomaly detection;Performance monitoring counters;semi-supervised learning;ransomware;anomaly detection;malware analysis}, doi = {10.1109/TCSI.2023.3299532} }
2022
Conferences
- AsianHOST Best Paper NomineeHARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting RansomwareChutitep Woralert, Chen Liu, and Zander BlasingameIn 2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Dec 2022
Best Paper Nominee
@inproceedings{10022111, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, booktitle = {2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)}, title = {HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware}, year = {2022}, volume = {}, number = {}, pages = {1-6}, keywords = {Time series analysis;Surge protection;Hardware;Behavioral sciences;Ransomware;Servers;Security;Performance Monitoring Counters;Semi-supervised Learning;Ransomware;Anomaly Detection}, doi = {10.1109/AsianHOST56390.2022.10022111}, month = dec }
2021
Conferences
- IJCB OralLeveraging Adversarial Learning for the Detection of Morphing AttacksZander Blasingame, and Chen LiuIn 2021 IEEE International Joint Conference on Biometrics (IJCB), Aug 2021
Oral
An emerging threat towards face recognition systems (FRS) is face morphing attack, which involves the combination of two faces from two different identities into a singular image that would trigger an acceptance for either identity within the FRS. Many of the existing morphing attack detection (MAD) approaches have been trained and evaluated on datasets with limited variation of image characteristics, which can make the approach prone to overfitting. Additionally, there has been difficulty in developing MAD algorithms which can generalize beyond the morphing attack they were trained on, as shown by the most recent NIST FRVT MORPH report. Furthermore, the Single image based MAD (S-MAD) problem has had poor performance, especially when compared to its counterpart, Differential based MAD (D-MAD). In this work, we propose a novel architecture for training deep learning based S-MAD algorithms that leverages adversarial learning to train a more robust detector. The performance of the proposed S-MAD method is benchmarked against the state-of-the-art VGG19 based S-MAD algorithm over 36 experiments using the ISO-IEC 30107-3 evaluation metrics. The proposed method has demonstrated superior and robust detection performance of less than 5% D-EER when evaluated against different morphing attacks.
@inproceedings{Blasingame2021LeveragingAL, title = {Leveraging Adversarial Learning for the Detection of Morphing Attacks}, author = {Blasingame, Zander and Liu, Chen}, booktitle = {2021 IEEE International Joint Conference on Biometrics (IJCB)}, year = {2021}, pages = {1-8}, month = aug, doi = {10.1109/IJCB52358.2021.9484383}, keywords = {Training;Deep learning;Measurement;Databases;Face recognition;Conferences;Detectors}, } - ICANN OralFeature Creation Towards the Detection of Non-control-Flow Hijacking AttacksZander Blasingame, Chen Liu, and Xin YaoIn Artificial Neural Networks and Machine Learning – ICANN 2021, Sep 2021
Oral
With malware attacks on the rise, approaches using low-level hardware information to detect these attacks have been gaining popularity recently. This is achieved by using hardware event counts as features to describe the behavior of the software program. Then a classifier, such as support vector machine (SVM) or neural network, can be used to detect the anomalous behavior caused by malware attacks. The collected datasets to describe the program behavior, however, are normally imbalanced, as it is much easier to gather regular program behavior than abnormal ones, which can lead to high false negative rates (FNR). In an effort to provide a remedy to this situation, we propose the usage of Genetic Programming (GP) to create new features to augment the original features in conjunction with the classifier. One key component that will affect the classifier performance is to construct the Hellinger distance as the fitness function. As a result, we perform design space exploration in estimating the Hellinger distance. The performance of different approaches is evaluated using seven real-world attacks that target three vulnerabilities in the OpenSSL library and two vulnerabilities in modern web-servers. Our experimental results show, by using the new features evolved with GP, we are able to reduce the FNR and improve the performance characteristics of the classifier.
@inproceedings{10.1007/978-3-030-86362-3_13, author = {Blasingame, Zander and Liu, Chen and Yao, Xin}, editor = {Farka{\v{s}}, Igor and Masulli, Paolo and Otte, Sebastian and Wermter, Stefan}, title = {Feature Creation Towards the Detection of Non-control-Flow Hijacking Attacks}, booktitle = {Artificial Neural Networks and Machine Learning -- ICANN 2021}, year = {2021}, month = sep, publisher = {Springer International Publishing}, address = {Cham}, pages = {153--164}, isbn = {978-3-030-86362-3}, }
2019
Conferences
- Detecting Non-Control-Flow Hijacking Attacks Using Contextual Execution InformationGildo Torres, Zhiliu Yang, Zander Blasingame, James Bruska, and Chen LiuIn Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy, Phoenix, AZ, USA, Jun 2019
In recent years, we see a rise of non-control-flow hijacking attacks, which manipulate key data elements to corrupt the integrity of a victim application while upholding a valid control-flow during its execution. Consequently, they are more difficult to be detected hence prevented with traditional mitigation techniques that target control-oriented attacks. In this work, we propose a methodology for the detection of non-control-flow hijacking attacks via employing low-level hardware information formatted as time series. Using architectural and micro-architectural hardware event counts, we model the regular execution behavior of the application(s) of interest, in an effort to detect abnormal execution behavior taking place at the vicinity of the vulnerability. We employed three distinct anomaly detection models: a traditional support vector machine (SVM), an echo state network (ESN), and a heavily modified k-nearest neighbors (KNN) model. We evaluated the proposed methodology using seven real-world non-control-flow hijacking exploits that target two vulnerabilities in modern web servers and three vulnerabilities in the OpenSSL library. Because our proposed detection methodology employs the contextual information across the temporal domain, we are able to achieve an average classification accuracy of 99.36%, with a false positive rate (FPR) of 0.79% and false negative rate (FNR) of 0.53%, respectively.
@inproceedings{10.1145/3337167.3337168, author = {Torres, Gildo and Yang, Zhiliu and Blasingame, Zander and Bruska, James and Liu, Chen}, title = {Detecting Non-Control-Flow Hijacking Attacks Using Contextual Execution Information}, year = {2019}, month = jun, isbn = {9781450372268}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3337167.3337168}, doi = {10.1145/3337167.3337168}, booktitle = {Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy}, articleno = {1}, numpages = {8}, keywords = {Machine Learning, Encryption-Downgrade Attacks, Anomaly Detection, Hardware Performance Counters, Data-Only Attacks}, location = {Phoenix, AZ, USA}, series = {HASP '19} }
2018
Conferences
- Detecting Data Exploits Using Low-Level Hardware Information: A Short Time Series ApproachChen Liu, Zhiliu Yang, Zander Blasingame, Gildo Torres, and James BruskaIn Proceedings of the First Workshop on Radical and Experiential Security, Incheon, Republic of Korea, May 2018
In recent years, scale, frequency and complexity of cyber-attacks have been continuously on the rise. As a result, it has significantly impacted our daily lives and society as a whole. Never before have we had such an urgent need to defend against cyber-attacks. Previous studies suggest that it is possible to detect rootkits and control-flow attacks with high accuracy using information collected from hardware level. For data-only exploits, however, where the control-flow of the victim application is strictly conserved while its behavior may only be slightly modified, high accuracy detection is much more difficult to achieve. In this study, we propose the use of low-level hardware information collected as a short time series for the detection of data-only malware attacks. We employed several representative classification algorithms, e.g., linear regression (LR), autoencoder (AE), stacked denoising autoencoder (SDA), and echo state network (ESN). We build one-class classifiers that either use individual samples collected via monitoring hardware-level events or use multiple samples of hardware events collected at different time during execution, but all with only the knowledge from regular behavior. Using several real-life attacks as case studies, we examined their detection accuracy when confronted with malicious behavior. Our experimental results show that our SDA- and ESN-based approaches can achieve an average detection accuracy of 97.75% and 98.36% for the exploits studied, respectively. Our study suggests that when the hardware events are monitored at different time spots during the execution of the vulnerable application, our SDA- and ESN-based approaches have the potential to boost the detection accuracy for data exploits.
@inproceedings{10.1145/3203422.3203433, author = {Liu, Chen and Yang, Zhiliu and Blasingame, Zander and Torres, Gildo and Bruska, James}, title = {Detecting Data Exploits Using Low-Level Hardware Information: A Short Time Series Approach}, year = {2018}, month = may, isbn = {9781450357579}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3203422.3203433}, doi = {10.1145/3203422.3203433}, booktitle = {Proceedings of the First Workshop on Radical and Experiential Security}, pages = {41–47}, numpages = {7}, keywords = {anomaly detection, machine learning, hardware performance counters, data-only exploits}, location = {Incheon, Republic of Korea}, series = {RESEC '18} }
2017
Conferences
- Verification of OpenSSL version via hardware performance countersJames Bruska, Zander Blasingame, and Chen LiuIn Disruptive Technologies in Sensors and Sensor Systems, May 2017