Publications | Zander W. Blasingame

2024

NeurIPS
AdjointDEIS: Efficient Gradients for Diffusion Models

Zander W. Blasingame, and Chen Liu

In The Thirty-eighth Annual Conference on Neural Information Processing Systems, 2024

Abs arXiv Bib PDF Code Website

The optimization of the latents and parameters of diffusion models with respect to some differentiable metric defined on the output of the model is a challenging and complex problem. The sampling for diffusion models is done by solving either the probability flow ODE or diffusion SDE wherein a neural network approximates the score function or related quantity, allowing a numerical ODE/SDE solver to be used. However, naïve backpropagation techniques are memory intensive, requiring the storage of all intermediate states, and face additional complexity in handling the injected noise from the diffusion term of the diffusion SDE. We propose a novel method based on the stochastic adjoint sensitivity method to calculate the gradientwith respect to the initial noise, conditional information, and model parameters by solving an additional SDE whose solution is the gradient of the diffusion SDE. We exploit the unique construction of diffusion SDEs to further simplify the formulation of the adjoint diffusion SDE and use a change-of-variables to simplify the solution to an exponentially weighted integral. Using this formulation we derive a custom solver for the adjoint SDE as well as the simpler adjoint ODE. The proposed adjoint diffusion solvers can efficiently compute the gradients for both the probability flow ODE and diffusion SDE for latents and parameters of the model. Lastly, we demonstrate the effectiveness of the adjoint diffusion solvers onthe face morphing problem.
@inproceedings{anonymous2024adjointdeis, title = {Adjoint{DEIS}: Efficient Gradients for Diffusion Models}, author = {Blasingame, Zander W. and Liu, Chen}, booktitle = {The Thirty-eighth Annual Conference on Neural Information Processing Systems}, year = {2024}, url = {https://openreview.net/forum?id=fAlcxvrOEX}, }
IJCB Spotlight
Greedy-DiM: Greedy Algorithms for Unreasonably Effective Face Morphs

Zander W. Blasingame, and Chen Liu

In 2024 IEEE International Joint Conference on Biometrics (IJCB), Sep 2024

Abs arXiv Bib PDF Code Poster Website

Spotlight

Morphing attacks are an emerging threat to state-of-the-art Face Recognition (FR) systems, which aim to create a single image that contains the biometric information of multiple identities. Diffusion Morphs (DiM) are a recently proposed morphing attack that has achieved state-of-the-art performance for representation-based morphing attacks. However, none of the existing research on DiMs have leveraged the iterative nature of DiMs and left the DiM model as a black box, treating it no differently than one would a Generative Adversarial Network (GAN) or Variational AutoEncoder (VAE). We propose a greedy strategy on the iterative sampling process of DiM models which searches for an optimal step guided by an identity-based heuristic function. We compare our proposed algorithm against ten other state-of-the-art morphing algorithms using the open-source SYN-MAD 2022 competition dataset. We find that our proposed algorithm is unreasonably effective, fooling all of the tested FR systems with an MMPMR of 100%, outperforming all other morphing algorithms compared.
@inproceedings{blasingame_greedydim, author = {Blasingame, Zander W. and Liu, Chen}, title = {Greedy-DiM: Greedy Algorithms for Unreasonably Effective Face Morphs}, year = {2024}, month = sep, booktitle = {2024 IEEE International Joint Conference on Biometrics (IJCB)}, pages = {1-10}, }
IEEE TBIOM Oral @ IJCB
Leveraging Diffusion for Strong and High Quality Face Morphing Attacks

Zander W. Blasingame, and Chen Liu

IEEE Transactions on Biometrics, Behavior, and Identity Science, Jan 2024

Abs arXiv Bib PDF Code Poster Slides Website

Oral @ IJCB

Face morphing attacks seek to deceive a Face Recognition (FR) system by presenting a morphed image consisting of the biometric qualities from two different identities with the aim of triggering a false acceptance with one of the two identities, thereby presenting a significant threat to biometric systems. The success of a morphing attack is dependent on the ability of the morphed image to represent the biometric characteristics of both identities that were used to create the image. We present a novel morphing attack that uses a Diffusion-based architecture to improve the visual fidelity of the image and the ability of the morphing attack to represent characteristics from both identities. We demonstrate the effectiveness of the proposed attack by evaluating its visual fidelity via Fréchet Inception Distance (FID). Also, extensive experiments are conducted to measure the vulnerability of FR systems to the proposed attack. The ability of a morphing attack detector to detect the proposed attack is measured and compared against two state-of-the-art GAN-based morphing attacks along with two Landmark-based attacks. Additionally, a novel metric to measure the relative strength between different morphing attacks is introduced and evaluated.
@article{blasingame_dim, author = {Blasingame, Zander W. and Liu, Chen}, journal = {IEEE Transactions on Biometrics, Behavior, and Identity Science}, title = {Leveraging Diffusion for Strong and High Quality Face Morphing Attacks}, year = {2024}, month = jan, volume = {6}, number = {1}, pages = {118-131}, keywords = {Faces;Visualization;Generative adversarial networks;Face recognition;Codes;Generators;Semantics;Morphing attack;GAN;vulnerability analysis;face recognition;diffusion models}, doi = {10.1109/TBIOM.2024.3349857}, }
IEEE S&P
Fast-DiM: Towards Fast Diffusion Morphs

Zander W. Blasingame, and Chen Liu

IEEE Security & Privacy, Jun 2024

Abs arXiv Bib PDF Code Website

Diffusion Morphs (DiM) are a recent state-of-the-art method for creating high quality face morphs; however, they require a high number of network function evaluations (NFE) to create the morphs. We propose a new DiM pipeline, Fast-DiM, which can create morphs of a similar quality but with fewer NFE. We investigate the ODE solvers used to solve the Probability Flow ODE and the impact they have on the the creation of face morphs. Additionally, we employ an alternative method for encoding images into the latent space of the Diffusion model by solving the Probability Flow ODE as time runs forwards. Our experiments show that we can reduce the NFE by upwards of 85% in the encoding process while experiencing only 1.6% reduction in Mated Morph Presentation Match Rate (MMPMR). Likewise, we showed we could cut NFE, in the sampling process, in half with only a maximal reduction of 0.23% in MMPMR.
@article{fast_dim, author = {Blasingame, Zander W. and Liu, Chen}, journal = {IEEE Security & Privacy}, title = {Fast-DiM: Towards Fast Diffusion Morphs}, year = {2024}, month = jun, volume = {22}, number = {4}, pages = {103-114}, keywords = {Stochastic processes;Generators;Encoding;Mathematical models;Face recognition;Codes;Diffusion processes}, doi = {10.1109/MSEC.2024.3410112}, }

The Impact of Print-and-Scan in Heterogeneous Morph Evaluation Scenarios

Richard E. Neddo, Zander W. Blasingame, and Chen Liu

arXiv e-prints, Apr 2024

@article{2024arXiv240406559N,
  author = {{Neddo}, Richard E. and {Blasingame}, Zander W. and {Liu}, Chen},
  title = {{The Impact of Print-and-Scan in Heterogeneous Morph Evaluation Scenarios}},
  journal = {arXiv e-prints},
  keywords = {Computer Science - Computer Vision and Pattern Recognition},
  year = {2024},
  month = apr,
  eid = {arXiv:2404.06559},
  pages = {arXiv:2404.06559},
  doi = {10.48550/arXiv.2404.06559},
  archiveprefix = {arXiv},
  eprint = {2404.06559},
  primaryclass = {cs.CV},
}

2023

IEEE TOCS

HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware

Chutitep Woralert, Chen Liu, and Zander Blasingame

IEEE Transactions on Circuits and Systems I: Regular Papers, Dec 2023

Bib

@article{10208245,
  author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander},
  journal = {IEEE Transactions on Circuits and Systems I: Regular Papers},
  title = {HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware},
  year = {2023},
  month = dec,
  volume = {70},
  number = {12},
  pages = {5036-5047},
  keywords = {Ransomware;Monitoring;Behavioral sciences;Hardware;Servers;Registers;Operating systems;Performance evaluation;Semisupervised learning;Anomaly detection;Performance monitoring counters;semi-supervised learning;ransomware;anomaly detection;malware analysis},
  doi = {10.1109/TCSI.2023.3299532}
}

AsianHOST Oral

A Comparison of One-class and Two-class Models for Ransomware Detection via Low-level Hardware Information

Chutitep Woralert, Chen Liu, Zander Blasingame, and 1 more author

In 2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Dec 2023

Bib

Oral

@inproceedings{10409333,
  author = {Woralert, Chutitep and Liu, Chen and Blasingame, Zander and Yang, Zhiliu},
  booktitle = {2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)},
  title = {A Comparison of One-class and Two-class Models for Ransomware Detection via Low-level Hardware Information},
  year = {2023},
  month = dec,
  volume = {},
  number = {},
  pages = {1-6},
  keywords = {Handwriting recognition;Supervised learning;Semisupervised learning;Hardware;Behavioral sciences;Ransomware;Anomaly detection;Performance Monitoring Counters;Semi-supervised Learning;Supervised Learning;Ransomware;Anomaly Detection},
  doi = {10.1109/AsianHOST59942.2023.10409333}
}

2022

AsianHOST Best Paper Nominee

HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware

Chutitep Woralert, Zander Blasingame, and Chen Liu

2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Dec 2022

Bib

Best Paper Nominee

@article{Woralert2022,
  title = {HARD-Lite: A Lightweight Hardware Anomaly Realtime Detection Framework Targeting Ransomware},
  author = {Woralert, Chutitep and Blasingame, Zander and Liu, Chen},
  journal = {2022 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)},
  year = {2022},
  month = dec
}

2021

IJCB Oral
Leveraging Adversarial Learning for the Detection of Morphing Attacks

Zander Blasingame, and Chen Liu

In 2021 IEEE International Joint Conference on Biometrics (IJCB), Aug 2021

Abs Bib Slides

Oral

An emerging threat towards face recognition systems (FRS) is face morphing attack, which involves the combination of two faces from two different identities into a singular image that would trigger an acceptance for either identity within the FRS. Many of the existing morphing attack detection (MAD) approaches have been trained and evaluated on datasets with limited variation of image characteristics, which can make the approach prone to overfitting. Additionally, there has been difficulty in developing MAD algorithms which can generalize beyond the morphing attack they were trained on, as shown by the most recent NIST FRVT MORPH report. Furthermore, the Single image based MAD (S-MAD) problem has had poor performance, especially when compared to its counterpart, Differential based MAD (D-MAD). In this work, we propose a novel architecture for training deep learning based S-MAD algorithms that leverages adversarial learning to train a more robust detector. The performance of the proposed S-MAD method is benchmarked against the state-of-the-art VGG19 based S-MAD algorithm over 36 experiments using the ISO-IEC 30107-3 evaluation metrics. The proposed method has demonstrated superior and robust detection performance of less than 5% D-EER when evaluated against different morphing attacks.
@inproceedings{Blasingame2021LeveragingAL, title = {Leveraging Adversarial Learning for the Detection of Morphing Attacks}, author = {Blasingame, Zander and Liu, Chen}, booktitle = {2021 IEEE International Joint Conference on Biometrics (IJCB)}, year = {2021}, pages = {1-8}, month = aug, doi = {10.1109/IJCB52358.2021.9484383}, keywords = {Training;Deep learning;Measurement;Databases;Face recognition;Conferences;Detectors}, }
ICANN Oral
Feature Creation Towards the Detection of Non-control-Flow Hijacking Attacks

Zander Blasingame, Chen Liu, and Xin Yao

In Artificial Neural Networks and Machine Learning – ICANN 2021, Sep 2021

Abs Bib Slides

Oral

With malware attacks on the rise, approaches using low-level hardware information to detect these attacks have been gaining popularity recently. This is achieved by using hardware event counts as features to describe the behavior of the software program. Then a classifier, such as support vector machine (SVM) or neural network, can be used to detect the anomalous behavior caused by malware attacks. The collected datasets to describe the program behavior, however, are normally imbalanced, as it is much easier to gather regular program behavior than abnormal ones, which can lead to high false negative rates (FNR). In an effort to provide a remedy to this situation, we propose the usage of Genetic Programming (GP) to create new features to augment the original features in conjunction with the classifier. One key component that will affect the classifier performance is to construct the Hellinger distance as the fitness function. As a result, we perform design space exploration in estimating the Hellinger distance. The performance of different approaches is evaluated using seven real-world attacks that target three vulnerabilities in the OpenSSL library and two vulnerabilities in modern web-servers. Our experimental results show, by using the new features evolved with GP, we are able to reduce the FNR and improve the performance characteristics of the classifier.
@inproceedings{10.1007/978-3-030-86362-3_13, author = {Blasingame, Zander and Liu, Chen and Yao, Xin}, editor = {Farka{\v{s}}, Igor and Masulli, Paolo and Otte, Sebastian and Wermter, Stefan}, title = {Feature Creation Towards the Detection of Non-control-Flow Hijacking Attacks}, booktitle = {Artificial Neural Networks and Machine Learning -- ICANN 2021}, year = {2021}, month = sep, publisher = {Springer International Publishing}, address = {Cham}, pages = {153--164}, isbn = {978-3-030-86362-3}, }

2019

HASP
Detecting Non-Control-Flow Hijacking Attacks Using Contextual Execution Information

Gildo Torres, Zhiliu Yang, Zander Blasingame, and 2 more authors

In Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy, Phoenix, AZ, USA, Jun 2019

Abs Bib

In recent years, we see a rise of non-control-flow hijacking attacks, which manipulate key data elements to corrupt the integrity of a victim application while upholding a valid control-flow during its execution. Consequently, they are more difficult to be detected hence prevented with traditional mitigation techniques that target control-oriented attacks. In this work, we propose a methodology for the detection of non-control-flow hijacking attacks via employing low-level hardware information formatted as time series. Using architectural and micro-architectural hardware event counts, we model the regular execution behavior of the application(s) of interest, in an effort to detect abnormal execution behavior taking place at the vicinity of the vulnerability. We employed three distinct anomaly detection models: a traditional support vector machine (SVM), an echo state network (ESN), and a heavily modified k-nearest neighbors (KNN) model. We evaluated the proposed methodology using seven real-world non-control-flow hijacking exploits that target two vulnerabilities in modern web servers and three vulnerabilities in the OpenSSL library. Because our proposed detection methodology employs the contextual information across the temporal domain, we are able to achieve an average classification accuracy of 99.36%, with a false positive rate (FPR) of 0.79% and false negative rate (FNR) of 0.53%, respectively.
@inproceedings{10.1145/3337167.3337168, author = {Torres, Gildo and Yang, Zhiliu and Blasingame, Zander and Bruska, James and Liu, Chen}, title = {Detecting Non-Control-Flow Hijacking Attacks Using Contextual Execution Information}, year = {2019}, month = jun, isbn = {9781450372268}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3337167.3337168}, doi = {10.1145/3337167.3337168}, booktitle = {Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy}, articleno = {1}, numpages = {8}, keywords = {Machine Learning, Encryption-Downgrade Attacks, Anomaly Detection, Hardware Performance Counters, Data-Only Attacks}, location = {Phoenix, AZ, USA}, series = {HASP '19} }

2018

Detecting Data Exploits Using Low-Level Hardware Information: A Short Time Series Approach

Chen Liu, Zhiliu Yang, Zander Blasingame, and 2 more authors

In Proceedings of the First Workshop on Radical and Experiential Security, Incheon, Republic of Korea, May 2018

Abs Bib

In recent years, scale, frequency and complexity of cyber-attacks have been continuously on the rise. As a result, it has significantly impacted our daily lives and society as a whole. Never before have we had such an urgent need to defend against cyber-attacks. Previous studies suggest that it is possible to detect rootkits and control-flow attacks with high accuracy using information collected from hardware level. For data-only exploits, however, where the control-flow of the victim application is strictly conserved while its behavior may only be slightly modified, high accuracy detection is much more difficult to achieve. In this study, we propose the use of low-level hardware information collected as a short time series for the detection of data-only malware attacks. We employed several representative classification algorithms, e.g., linear regression (LR), autoencoder (AE), stacked denoising autoencoder (SDA), and echo state network (ESN). We build one-class classifiers that either use individual samples collected via monitoring hardware-level events or use multiple samples of hardware events collected at different time during execution, but all with only the knowledge from regular behavior. Using several real-life attacks as case studies, we examined their detection accuracy when confronted with malicious behavior. Our experimental results show that our SDA- and ESN-based approaches can achieve an average detection accuracy of 97.75% and 98.36% for the exploits studied, respectively. Our study suggests that when the hardware events are monitored at different time spots during the execution of the vulnerable application, our SDA- and ESN-based approaches have the potential to boost the detection accuracy for data exploits.
@inproceedings{10.1145/3203422.3203433, author = {Liu, Chen and Yang, Zhiliu and Blasingame, Zander and Torres, Gildo and Bruska, James}, title = {Detecting Data Exploits Using Low-Level Hardware Information: A Short Time Series Approach}, year = {2018}, month = may, isbn = {9781450357579}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3203422.3203433}, doi = {10.1145/3203422.3203433}, booktitle = {Proceedings of the First Workshop on Radical and Experiential Security}, pages = {41–47}, numpages = {7}, keywords = {anomaly detection, machine learning, hardware performance counters, data-only exploits}, location = {Incheon, Republic of Korea}, series = {RESEC '18} }

2017

Verification of OpenSSL version via hardware performance counters

James Bruska, Zander Blasingame, and Chen Liu

In Disruptive Technologies in Sensors and Sensor Systems, May 2017