Publications | Zander W. Blasingame

2026

ICLR
Workshop
LoRA as a Flexible Framework for Securing Large Vision Systems

Richard E. Neddo, Emmanuel A. Atindama, Zander W. Blasingame^*, and Chen Liu^*

Presented at ICLR 2026 Workshop on Trustworthy AI

Abs arXiv Bib OpenReview PDF

Adversarial attacks have emerged as a critical threat to autonomous driving systems. These attacks exploit the underlying neural network, allowing small – nearly invisible – perturbations to completely alter the behavior of such systems in potentially malicious ways. E.g., causing a traffic sign classification network to misclassify a stop sign as a speed limit sign. Prior working in hardening such systems to adversarial attacks have looked at robust training of the system or adding additional pre-processing steps to the input pipeline. Such solutions either have a hard time generalizing, require knowledge of the adversarial attacks during training, or are computationally undesirable. Instead, we propose to take insights for parameter efficient fine-tuning and use low-rank adaptation (LoRA) to train a lightweight security patch – enabling us to dynamically patch a large preexisting vision system as new vulnerabilities are discovered. We demonstrate that our framework can patch a pre-trained model to improve classification accuracy by up to 78.01% in the presence of adversarial examples.
@misc{neddo2026lora, title = {Lo{RA} as a Flexible Framework for Securing Large Vision Systems}, author = {Neddo, Richard E. and Atindama, Emmanuel A. and Blasingame, Zander W. and Liu, Chen}, year = {2026}, url = {https://openreview.net/forum?id=mmM7CVfzVw}, }
ICLR
Workshop
Stochastic Few-step Models

Romeo Passaro, Zander W. Blasingame, Michael M. Bronstein, and Alexander Tong

Presented at ICLR 2026 DeLTa and ReALM-GEN workshops

Abs Bib OpenReview PDF

Reward alignment for flow and diffusion models, via test-time steering or fine-tuning, often relies on sampling from conditional distributions induced by stochastic dynamics. In practice, this creates a computational bottleneck requiring expensive SDE simulation. Meanwhile, recent few-step accelerations for generative flows largely target deterministic dynamics and therefore do not directly address stochastic conditional sampling. We introduce stochastic few-step models, a framework for fast sampling from SDE-defined conditional distributions by mapping the conditional SDE to a deterministic ODE with matching marginals. Building on this formulation, we show that the resulting conditional ODEs can be effectively distilled into a single few-step model, enabling efficient conditional rollouts. Experiments on Gaussian-mixture and MNIST steering show that the resulting sampler provides accurate conditional samples to improve reward steering outperforming standard denoiser heuristics.
@misc{passaro2026stochastic, title = {Stochastic Few-step Models}, author = {Passaro, Romeo and Blasingame, Zander W. and Bronstein, Michael M. and Tong, Alexander}, year = {2026}, url = {https://openreview.net/forum?id=i31AUZF8kO}, }
ICLR
Workshop
Rex: A Family of Reversible Exponential (Stochastic) Runge-Kutta Solvers

Zander W. Blasingame, and Chen Liu

Presented at ICLR 2026 DeLTa and ReALM-GEN workshops

Abs arXiv Bib OpenReview PDF

Diffusion models have quickly become the state-of-the-art for numerous generation tasks across many different applications. Encoding samples from the data distribution back into the models underlying prior distribution is an important task that arises in many downstream applications. This task is often called the inversion of diffusion models. Prior approaches for solving this task, however, are often simple heuristic solvers that come with several drawbacks in practice. In this work, we propose a new family of solvers for diffusion models by exploiting the connection between this task and the broader study of algebraically reversible solvers for differential equations. In particular, we construct a family of reversible solvers using an application of Lawson methods to construct exponential Runge-Kutta methods for the diffusion models. We call this family of reversible exponential solvers Rex. In addition to a rigorous theoretical analysis of the proposed solvers we also demonstrate the utility of the methods through a variety of empirical illustrations.
@misc{blasingame2026rex, title = {Rex: A Family of Reversible Exponential (Stochastic) Runge-Kutta Solvers}, author = {Blasingame, Zander W. and Liu, Chen}, year = {2026}, url = {https://openreview.net/forum?id=rHIUKCqPBZ}, }

2025

NeurIPS ICML
Workshop ICLR
Workshop
Greed is Good: A Unifying Perspective on Guided Generation

Zander W. Blasingame, and Chen Liu

Published at NeurIPS (2025)

Presented at ICML 2025 EXAIT workshop and ICLR 2025 FPI workshop

Abs arXiv Bib OpenReview PDF Poster Slides

Training-free guided generation is a widely used and powerful technique that allows the end user to exert further control over the generative process of flow/diffusion models. Generally speaking, two families of techniques have emerged for solving this problem for gradient-based guidance: namely, posterior guidance (i.e., guidance via projecting the current sample to the target distribution via the target prediction model) and end-to-end guidance (i.e., guidance by performing backpropagation throughout the entire ODE solve). In this work, we show that these two seemingly separate families can actually be unified by looking at posterior guidance as a greedy strategy of end-to-end guidance. We explore the theoretical connections between these two families and provide an in-depth theoretical of these two techniques relative to the continuous ideal gradients. Motivated by this analysis we then show a method for interpolating between these two families enabling a trade-off between compute and accuracy of the guidance gradients. We then validate this work on several inverse image problems and property-guided molecular generation.
@inproceedings{blasingame2025greed, title = {Greed is Good: A Unifying Perspective on Guided Generation}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {NeurIPS}, year = {2025}, url = {https://openreview.net/forum?id=s14pdQgoLb}, month = dec, }
HASP
Feasibility of Scalable Performance Counter Malware Detection Framework Using LightGBM

Chutitep Woralert, Chen Liu, and Zander Blasingame

Published at Proceedings of the 14th International Workshop on Hardware and Architectural Support for Security and Privacy (2025)

Abs Bib

Facing the challenge of increasingly sophisticated malware, it is imperative to develop an effective and adaptable malware detection framework. Hardware-level information has been shown to be very effective in detecting malware in the system through dynamic behavioral analysis at runtime. However, previous approaches suffer from the overhead of complex neural network models, as well as difficulty in scaling toward new attacks. In this work, we introduce a novel approach that leverages the Light Gradient-Boosting Machine (LightGBM) model, known for its efficiency and support for fast transfer learning method, to create a scalable and highly accurate malware detection system. Our framework achieves an exceptional detection accuracy of more than 99.95% for binary classification and 99.92% for multi-class classification on average. Through transfer learning, the model can quickly adapt to new malware data and environments, which we exemplified through ransomware, cryptojacking, and side-channel attacks, significantly reducing the time and resources needed for retraining. Our results highlight the potential of using the LightGBM model to improve the malware detection framework. The work also demonstrates the importance of integrating advanced machine learning techniques with low-level hardware information in order to achieve the robustness and adaptability of dynamic behavioral analysis.
@inproceedings{10.1145/3768725.3768735, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, title = {Feasibility of Scalable Performance Counter Malware Detection Framework Using LightGBM}, year = {2025}, month = oct, isbn = {9798400721984}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3768725.3768735}, doi = {10.1145/3768725.3768735}, booktitle = {Proceedings of the 14th International Workshop on Hardware and Architectural Support for Security and Privacy}, pages = {55–63}, numpages = {9}, keywords = {Performance Monitoring Counters, Supervised Learning, Ransomware}, series = {HASP '25}, }
ASAP
Scalable Malware Detection Framework Using Performance Counters and Gradient Boosting

Chutitep Woralert, Chen Liu, and Zander Blasingame

Published at 2025 IEEE 36th International Conference on Application-specific Systems, Architectures and Processors (ASAP) (2025)

Abs Bib

Facing the challenge of increasingly sophisticated malware, it is imperative to develop an effective and adaptable malware detection framework. Hardware-level information has been shown to be very effective in detecting malware in the system through dynamic behavioral analysis at runtime. However, previous approaches suffer from the overhead of complex neural network models, as well as difficulty in scaling toward new attacks. In this work, we introduce a novel approach that leverages the Light Gradient-Boosting Machine (LightGBM) model, known for its efficiency and support for fast transfer learning method, to create a scalable and highly accurate malware detection system. Our framework achieves an exceptional detection accuracy of more than 99.90% for multiclass classification. Through transfer learning, the model can quickly adapt to new malware data and environments, significantly reducing the time and resources needed for retraining. Our results highlight the potential of using the LightGBM model to improve the malware detection framework.
@inproceedings{11113639, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, booktitle = {2025 IEEE 36th International Conference on Application-specific Systems, Architectures and Processors (ASAP)}, title = {Scalable Malware Detection Framework Using Performance Counters and Gradient Boosting}, year = {2025}, volume = {}, number = {}, pages = {180-181}, keywords = {Adaptation models;Accuracy;Runtime;Program processors;Transfer learning;Systems architecture;Side-channel attacks;Malware;Data models;Ransomware;Hardware-level information;Supervised Learning;LightGBM;Cryptojacking;Ransomware;Side-channel attack}, doi = {10.1109/ASAP65064.2025.00041}, month = jul, }
ICLR
Workshop
A Reversible Solver for Diffusion SDEs

Zander W. Blasingame, and Chen Liu

Published at ICLR 2025 Workshop on Deep Generative Model in Machine Learning: Theory, Principle and Efficacy (2025)

Abs arXiv Bib OpenReview PDF Poster

Diffusion models have quickly become the state-of-the-art for generation tasks across many different data modalities. An important ability of diffusion models is the ability to encode samples from the data distribution back into the sampling prior distribution. This is useful for performing alterations to real data samples along with guided generation via the continuous adjoint equations. We propose an algebraically reversible solver for diffusion SDEs that can exactly invert real data samples into the prior distribution.
@misc{blasingame2025reversible, title = {A Reversible Solver for Diffusion {SDE}s}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {ICLR 2025 Workshop on Deep Generative Model in Machine Learning: Theory, Principle and Efficacy}, month = apr, year = {2025}, url = {https://openreview.net/forum?id=0gEFLVUL6n}, }
Ph.D. Thesis
On Guided and Reversible Solvers for Neural Differential Equations

Zander W. Blasingame

Clarkson University (2025)

Abs Bib Slides

Neural differential equations have quickly become the backbone behind many powerful generative models such as flow models and diffusion models. These models have quickly become the state-of-the-art for modeling high-dimensional distributions, thereby enabling high fidelity sampling of such complicated real-world data distributions, e.g., images, audio, video, proteins, &c. Within the context of generative modeling, neural differential equations provide the mechanisms for describing a transport map from some nice tractable distribution to our desired data distribution. Then by solving this neural differential equation we can map samples from the nice distribution (e.g., Gaussian samples) to our desired data distribution. We explore strategies for guiding the model to enable greater creative control of these powerful deep generative models. Additionally, we explore reversible solvers for enabling the ability to encode real data samples into the noise space whilst preserving two important properties: exact inversion and low distortion to edits (i.e., stability). Topics include: continuous adjoint equations for flow/diffusion models (e.g., how to backpropagate through flow/diffusion models), greedy guidance for efficient guidance strategies (e.g., how strategies which avoid backpropagating through the entire flow model), and reversible solvers for neural SDEs (e.g., numerical solvers for SDEs which enables exact reconstruction). We anticipate that this thesis will be of interest to anyone working on guided generation with flow/diffusion models or working latent editing of real data samples with such models. We hope this thesis provides a useful reference of the current state-of-the-art.
@phdthesis{blasingame2025thesis, title = {On Guided and Reversible Solvers for Neural Differential Equations}, author = {Blasingame, Zander W.}, school = {Clarkson University}, year = {2025}, month = apr, }

IEEE MOST

Poster: Adapting Pretrained Vision Transformers with LoRA Against Attack Vectors

Richard E. Neddo, Sean Willis, Zander W. Blasingame, and Chen Liu

Published at 2025 IEEE International Conference on Mobility, Operations, Services, and Technologies (MOST) (2025)

Bib

@inproceedings{neddo2025vit,
  title = {Poster: Adapting Pretrained Vision Transformers with {LoRA} Against Attack Vectors},
  author = {Neddo, Richard E. and Willis, Sean and Blasingame, Zander W. and Liu, Chen},
  booktitle = {2025 IEEE International Conference on Mobility, Operations, Services, and Technologies (MOST)},
  year = {2025},
  month = may,
}

2024

NeurIPS NeurIPS
Workshop
AdjointDEIS: Efficient Gradients for Diffusion Models

Zander W. Blasingame, and Chen Liu

Published at NeurIPS (2024)

Presented at NeurIPS - New Frontiers in Adversarial Machine Learning

Abs arXiv Bib OpenReview PDF Blog Code Poster Slides Website

The optimization of the latents and parameters of diffusion models with respect to some differentiable metric defined on the output of the model is a challenging and complex problem. The sampling for diffusion models is done by solving either the probability flow ODE or diffusion SDE wherein a neural network approximates the score function or related quantity, allowing a numerical ODE/SDE solver to be used. However, naïve backpropagation techniques are memory intensive, requiring the storage of all intermediate states, and face additional complexity in handling the injected noise from the diffusion term of the diffusion SDE. We propose a novel method based on the stochastic adjoint sensitivity method to calculate the gradientwith respect to the initial noise, conditional information, and model parameters by solving an additional SDE whose solution is the gradient of the diffusion SDE. We exploit the unique construction of diffusion SDEs to further simplify the formulation of the adjoint diffusion SDE and use a change-of-variables to simplify the solution to an exponentially weighted integral. Using this formulation we derive a custom solver for the adjoint SDE as well as the simpler adjoint ODE. The proposed adjoint diffusion solvers can efficiently compute the gradients for both the probability flow ODE and diffusion SDE for latents and parameters of the model. Lastly, we demonstrate the effectiveness of the adjoint diffusion solvers onthe face morphing problem.
@inproceedings{blasingame2024adjointdeis, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {NeurIPS}, editor = {Globerson, A. and Mackey, L. and Belgrave, D. and Fan, A. and Paquet, U. and Tomczak, J. and Zhang, C.}, pages = {2449--2483}, publisher = {Curran Associates, Inc.}, title = {Adjoint{DEIS}: Efficient Gradients for Diffusion Models}, url = {https://proceedings.neurips.cc/paper_files/paper/2024/file/04badd3b048315c8c3a0ca17eff723d7-Paper-Conference.pdf}, openreview = {https://openreview.net/forum?id=fAlcxvrOEX}, volume = {37}, year = {2024}, month = dec, }
IJCB
Greedy-DiM: Greedy Algorithms for Unreasonably Effective Face Morphs

Zander W. Blasingame, and Chen Liu

Published at 2024 IEEE International Joint Conference on Biometrics (IJCB) (2024)

Spotlight

Abs arXiv Bib PDF Blog Code Poster Website

Spotlight

Morphing attacks are an emerging threat to state-of-the-art Face Recognition (FR) systems, which aim to create a single image that contains the biometric information of multiple identities. Diffusion Morphs (DiM) are a recently proposed morphing attack that has achieved state-of-the-art performance for representation-based morphing attacks. However, none of the existing research on DiMs have leveraged the iterative nature of DiMs and left the DiM model as a black box, treating it no differently than one would a Generative Adversarial Network (GAN) or Variational AutoEncoder (VAE). We propose a greedy strategy on the iterative sampling process of DiM models which searches for an optimal step guided by an identity-based heuristic function. We compare our proposed algorithm against ten other state-of-the-art morphing algorithms using the open-source SYN-MAD 2022 competition dataset. We find that our proposed algorithm is unreasonably effective, fooling all of the tested FR systems with an MMPMR of 100%, outperforming all other morphing algorithms compared.
@inproceedings{blasingame_greedydim, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {2024 IEEE International Joint Conference on Biometrics (IJCB)}, title = {Greedy-DiM: Greedy Algorithms for Unreasonably Effective Face Morphs}, year = {2024}, volume = {}, number = {}, pages = {1-11}, keywords = {Greedy algorithms;Schedules;Face recognition;Biological system modeling;Closed box;Generative adversarial networks;Diffusion models;Iterative methods;Optimization}, doi = {10.1109/IJCB62174.2024.10744517}, month = sep, }
IEEE TBIOM
Leveraging Diffusion for Strong and High Quality Face Morphing Attacks

Zander W. Blasingame, and Chen Liu

Published in IEEE Transactions on Biometrics, Behavior, and Identity Science (2024)

Presented at IJCB (Oral)

Oral @ IJCB

Abs arXiv Bib PDF Blog Code Poster Slides Website

Oral @ IJCB

Face morphing attacks seek to deceive a Face Recognition (FR) system by presenting a morphed image consisting of the biometric qualities from two different identities with the aim of triggering a false acceptance with one of the two identities, thereby presenting a significant threat to biometric systems. The success of a morphing attack is dependent on the ability of the morphed image to represent the biometric characteristics of both identities that were used to create the image. We present a novel morphing attack that uses a Diffusion-based architecture to improve the visual fidelity of the image and the ability of the morphing attack to represent characteristics from both identities. We demonstrate the effectiveness of the proposed attack by evaluating its visual fidelity via Fréchet Inception Distance (FID). Also, extensive experiments are conducted to measure the vulnerability of FR systems to the proposed attack. The ability of a morphing attack detector to detect the proposed attack is measured and compared against two state-of-the-art GAN-based morphing attacks along with two Landmark-based attacks. Additionally, a novel metric to measure the relative strength between different morphing attacks is introduced and evaluated.
@article{blasingame_dim, author = {Blasingame, Zander W. and Liu, Chen}, journal = {IEEE Transactions on Biometrics, Behavior, and Identity Science}, title = {Leveraging Diffusion for Strong and High Quality Face Morphing Attacks}, year = {2024}, month = jan, volume = {6}, number = {1}, pages = {118-131}, keywords = {Faces;Visualization;Generative adversarial networks;Face recognition;Codes;Generators;Semantics;Morphing attack;GAN;vulnerability analysis;face recognition;diffusion models}, doi = {10.1109/TBIOM.2024.3349857}, }
IEEE S&P
Fast-DiM: Towards Fast Diffusion Morphs

Zander W. Blasingame, and Chen Liu

Published in IEEE Security & Privacy (2024)

Abs arXiv Bib PDF Code Website

Diffusion Morphs (DiM) are a recent state-of-the-art method for creating high quality face morphs; however, they require a high number of network function evaluations (NFE) to create the morphs. We propose a new DiM pipeline, Fast-DiM, which can create morphs of a similar quality but with fewer NFE. We investigate the ODE solvers used to solve the Probability Flow ODE and the impact they have on the the creation of face morphs. Additionally, we employ an alternative method for encoding images into the latent space of the Diffusion model by solving the Probability Flow ODE as time runs forwards. Our experiments show that we can reduce the NFE by upwards of 85% in the encoding process while experiencing only 1.6% reduction in Mated Morph Presentation Match Rate (MMPMR). Likewise, we showed we could cut NFE, in the sampling process, in half with only a maximal reduction of 0.23% in MMPMR.
@article{fast_dim, author = {Blasingame, Zander W. and Liu, Chen}, journal = {IEEE Security & Privacy}, title = {Fast-DiM: Towards Fast Diffusion Morphs}, year = {2024}, month = jun, volume = {22}, number = {4}, pages = {103-114}, keywords = {Stochastic processes;Generators;Encoding;Mathematical models;Face recognition;Codes;Diffusion processes}, doi = {10.1109/MSEC.2024.3410112}, }

IJCB

The Impact of Print-Scanning in Heterogeneous Morph Evaluation Scenarios

Richard E. Neddo, Zander W. Blasingame, and Chen Liu

Published at 2024 IEEE International Joint Conference on Biometrics (IJCB) (2024)

arXiv Bib PDF Poster

@inproceedings{10744441,
  author = {Neddo, Richard E. and Blasingame, Zander W. and Liu, Chen},
  booktitle = {2024 IEEE International Joint Conference on Biometrics (IJCB)},
  title = {The Impact of Print-Scanning in Heterogeneous Morph Evaluation Scenarios},
  year = {2024},
  volume = {},
  number = {},
  pages = {1-10},
  keywords = {Training;Printing;Measurement;Uncertainty;Image color analysis;Error analysis;Face recognition;Pipelines;Ink;Classification algorithms},
  doi = {10.1109/IJCB62174.2024.10744441},
}

HASP
Towards Effective Machine Learning Models for Ransomware Detection via Low-Level Hardware Information

Chutitep Woralert, Chen Liu, and Zander Blasingame

Published at Proceedings of the 13th International Workshop on Hardware and Architectural Support for Security and Privacy, (2024)

Abs Bib

In recent years, ransomware attacks have grown dramatically. New variants continually emerging make tracking and mitigating these threats increasingly difficult using traditional detection methods. As the landscape of ransomware evolves, there is a growing need for more advanced detection techniques. Neural networks have gained popularity as a method to enhance detection accuracy, by leveraging low-level hardware information such as hardware events as features for identifying ransomware attacks. In this paper, we investigated several state-of-the-art supervised learning models, including XGBoost, LightGBM, MLP, and CNN, which are specifically designed to handle time series data or image-based data for ransomware detection. We compared their detection accuracy, computational efficiency, and resource requirements for classification. Our findings indicate that particularly LightGBM, offer a strong balance of high detection accuracy, fast processing speed, and low memory usage, making them highly effective for ransomware detection tasks.
@inproceedings{10.1145/3696843.3696847, author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander}, title = {Towards Effective Machine Learning Models for Ransomware Detection via Low-Level Hardware Information}, year = {2024}, isbn = {9798400712210}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3696843.3696847}, doi = {10.1145/3696843.3696847}, booktitle = {Proceedings of the 13th International Workshop on Hardware and Architectural Support for Security and Privacy}, pages = {10–18}, numpages = {9}, keywords = {Performance Monitoring Counters, Supervised Learning, Ransomware}, location = { }, series = {HASP '24}, }

2023

IEEE TOCS

HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware

Chutitep Woralert, Chen Liu, and Zander Blasingame

Published in IEEE Transactions on Circuits and Systems I: Regular Papers (2023)

Bib

@article{10208245,
  author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander},
  journal = {IEEE Transactions on Circuits and Systems I: Regular Papers},
  title = {HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware},
  year = {2023},
  month = dec,
  volume = {70},
  number = {12},
  pages = {5036-5047},
  keywords = {Ransomware;Monitoring;Behavioral sciences;Hardware;Servers;Registers;Operating systems;Performance evaluation;Semisupervised learning;Anomaly detection;Performance monitoring counters;semi-supervised learning;ransomware;anomaly detection;malware analysis},
  doi = {10.1109/TCSI.2023.3299532}
}

AsianHOST

A Comparison of One-class and Two-class Models for Ransomware Detection via Low-level Hardware Information

Chutitep Woralert, Chen Liu, Zander Blasingame, and Zhiliu Yang

Published at 2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST) (2023)

Oral

Bib

Oral

@inproceedings{10409333,
  author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander and Yang, Zhiliu},
  booktitle = {2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)},
  title = {A Comparison of One-class and Two-class Models for Ransomware Detection via Low-level Hardware Information},
  year = {2023},
  month = dec,
  volume = {},
  number = {},
  pages = {1-6},
  keywords = {Handwriting recognition;Supervised learning;Semisupervised learning;Hardware;Behavioral sciences;Ransomware;Anomaly detection;Performance Monitoring Counters;Semi-supervised Learning;Supervised Learning;Ransomware;Anomaly Detection},
  doi = {10.1109/AsianHOST59942.2023.10409333}
}

2022

AsianHOST

HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware

Chutitep Woralert, Chen Liu, and Zander Blasingame

Published at 2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST) (2022)

Best Paper Nominee

Bib

Best Paper Nominee

@inproceedings{10022111,
  author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander},
  booktitle = {2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)},
  title = {HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware},
  year = {2022},
  volume = {},
  number = {},
  pages = {1-6},
  keywords = {Time series analysis;Surge protection;Hardware;Behavioral sciences;Ransomware;Servers;Security;Performance Monitoring Counters;Semi-supervised Learning;Ransomware;Anomaly Detection},
  doi = {10.1109/AsianHOST56390.2022.10022111},
  month = dec
}

2021

IJCB
Leveraging Adversarial Learning for the Detection of Morphing Attacks

Zander Blasingame, and Chen Liu

Published at 2021 IEEE International Joint Conference on Biometrics (IJCB) (2021)

Oral

Abs Bib Slides

Oral

An emerging threat towards face recognition systems (FRS) is face morphing attack, which involves the combination of two faces from two different identities into a singular image that would trigger an acceptance for either identity within the FRS. Many of the existing morphing attack detection (MAD) approaches have been trained and evaluated on datasets with limited variation of image characteristics, which can make the approach prone to overfitting. Additionally, there has been difficulty in developing MAD algorithms which can generalize beyond the morphing attack they were trained on, as shown by the most recent NIST FRVT MORPH report. Furthermore, the Single image based MAD (S-MAD) problem has had poor performance, especially when compared to its counterpart, Differential based MAD (D-MAD). In this work, we propose a novel architecture for training deep learning based S-MAD algorithms that leverages adversarial learning to train a more robust detector. The performance of the proposed S-MAD method is benchmarked against the state-of-the-art VGG19 based S-MAD algorithm over 36 experiments using the ISO-IEC 30107-3 evaluation metrics. The proposed method has demonstrated superior and robust detection performance of less than 5% D-EER when evaluated against different morphing attacks.
@inproceedings{Blasingame2021LeveragingAL, title = {Leveraging Adversarial Learning for the Detection of Morphing Attacks}, author = {Blasingame, Zander and Liu, Chen}, booktitle = {2021 IEEE International Joint Conference on Biometrics (IJCB)}, year = {2021}, pages = {1-8}, month = aug, doi = {10.1109/IJCB52358.2021.9484383}, keywords = {Training;Deep learning;Measurement;Databases;Face recognition;Conferences;Detectors}, }
ICANN
Feature Creation Towards the Detection of Non-control-Flow Hijacking Attacks

Zander Blasingame, Chen Liu, and Xin Yao

Published at Artificial Neural Networks and Machine Learning – ICANN 2021 (2021)

Oral

Abs Bib Slides

Oral

With malware attacks on the rise, approaches using low-level hardware information to detect these attacks have been gaining popularity recently. This is achieved by using hardware event counts as features to describe the behavior of the software program. Then a classifier, such as support vector machine (SVM) or neural network, can be used to detect the anomalous behavior caused by malware attacks. The collected datasets to describe the program behavior, however, are normally imbalanced, as it is much easier to gather regular program behavior than abnormal ones, which can lead to high false negative rates (FNR). In an effort to provide a remedy to this situation, we propose the usage of Genetic Programming (GP) to create new features to augment the original features in conjunction with the classifier. One key component that will affect the classifier performance is to construct the Hellinger distance as the fitness function. As a result, we perform design space exploration in estimating the Hellinger distance. The performance of different approaches is evaluated using seven real-world attacks that target three vulnerabilities in the OpenSSL library and two vulnerabilities in modern web-servers. Our experimental results show, by using the new features evolved with GP, we are able to reduce the FNR and improve the performance characteristics of the classifier.
@inproceedings{10.1007/978-3-030-86362-3_13, author = {Blasingame, Zander and Liu, Chen and Yao, Xin}, editor = {Farka{\v{s}}, Igor and Masulli, Paolo and Otte, Sebastian and Wermter, Stefan}, title = {Feature Creation Towards the Detection of Non-control-Flow Hijacking Attacks}, booktitle = {Artificial Neural Networks and Machine Learning -- ICANN 2021}, year = {2021}, month = sep, publisher = {Springer International Publishing}, address = {Cham}, pages = {153--164}, isbn = {978-3-030-86362-3}, }

2019

HASP
Detecting Non-Control-Flow Hijacking Attacks Using Contextual Execution Information

Gildo Torres, Zhiliu Yang, Zander Blasingame, James Bruska, and Chen Liu

Published at Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy, Phoenix, AZ, USA (2019)

Abs Bib

In recent years, we see a rise of non-control-flow hijacking attacks, which manipulate key data elements to corrupt the integrity of a victim application while upholding a valid control-flow during its execution. Consequently, they are more difficult to be detected hence prevented with traditional mitigation techniques that target control-oriented attacks. In this work, we propose a methodology for the detection of non-control-flow hijacking attacks via employing low-level hardware information formatted as time series. Using architectural and micro-architectural hardware event counts, we model the regular execution behavior of the application(s) of interest, in an effort to detect abnormal execution behavior taking place at the vicinity of the vulnerability. We employed three distinct anomaly detection models: a traditional support vector machine (SVM), an echo state network (ESN), and a heavily modified k-nearest neighbors (KNN) model. We evaluated the proposed methodology using seven real-world non-control-flow hijacking exploits that target two vulnerabilities in modern web servers and three vulnerabilities in the OpenSSL library. Because our proposed detection methodology employs the contextual information across the temporal domain, we are able to achieve an average classification accuracy of 99.36%, with a false positive rate (FPR) of 0.79% and false negative rate (FNR) of 0.53%, respectively.
@inproceedings{10.1145/3337167.3337168, author = {Torres, Gildo and Yang, Zhiliu and Blasingame, Zander and Bruska, James and Liu, Chen}, title = {Detecting Non-Control-Flow Hijacking Attacks Using Contextual Execution Information}, year = {2019}, month = jun, isbn = {9781450372268}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3337167.3337168}, doi = {10.1145/3337167.3337168}, booktitle = {Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy}, articleno = {1}, numpages = {8}, keywords = {Machine Learning, Encryption-Downgrade Attacks, Anomaly Detection, Hardware Performance Counters, Data-Only Attacks}, location = {Phoenix, AZ, USA}, series = {HASP '19} }

2018

Detecting Data Exploits Using Low-Level Hardware Information: A Short Time Series Approach

Chen Liu, Zhiliu Yang, Zander Blasingame, Gildo Torres, and James Bruska

Published at Proceedings of the First Workshop on Radical and Experiential Security, Incheon, Republic of Korea (2018)

Abs Bib

In recent years, scale, frequency and complexity of cyber-attacks have been continuously on the rise. As a result, it has significantly impacted our daily lives and society as a whole. Never before have we had such an urgent need to defend against cyber-attacks. Previous studies suggest that it is possible to detect rootkits and control-flow attacks with high accuracy using information collected from hardware level. For data-only exploits, however, where the control-flow of the victim application is strictly conserved while its behavior may only be slightly modified, high accuracy detection is much more difficult to achieve. In this study, we propose the use of low-level hardware information collected as a short time series for the detection of data-only malware attacks. We employed several representative classification algorithms, e.g., linear regression (LR), autoencoder (AE), stacked denoising autoencoder (SDA), and echo state network (ESN). We build one-class classifiers that either use individual samples collected via monitoring hardware-level events or use multiple samples of hardware events collected at different time during execution, but all with only the knowledge from regular behavior. Using several real-life attacks as case studies, we examined their detection accuracy when confronted with malicious behavior. Our experimental results show that our SDA- and ESN-based approaches can achieve an average detection accuracy of 97.75% and 98.36% for the exploits studied, respectively. Our study suggests that when the hardware events are monitored at different time spots during the execution of the vulnerable application, our SDA- and ESN-based approaches have the potential to boost the detection accuracy for data exploits.
@inproceedings{10.1145/3203422.3203433, author = {Liu, Chen and Yang, Zhiliu and Blasingame, Zander and Torres, Gildo and Bruska, James}, title = {Detecting Data Exploits Using Low-Level Hardware Information: A Short Time Series Approach}, year = {2018}, month = may, isbn = {9781450357579}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3203422.3203433}, doi = {10.1145/3203422.3203433}, booktitle = {Proceedings of the First Workshop on Radical and Experiential Security}, pages = {41–47}, numpages = {7}, keywords = {anomaly detection, machine learning, hardware performance counters, data-only exploits}, location = {Incheon, Republic of Korea}, series = {RESEC '18} }

2017

Verification of OpenSSL version via hardware performance counters

James Bruska, Zander Blasingame, and Chen Liu

Published at Disruptive Technologies in Sensors and Sensor Systems (2017)