publications

2024

1. ACM KDD

   Studying the Impact of Stochasticity on the Evaluation of Deep Neural Networks for Forest-Fire Prediction

   H. Kumar, B. Chakraborty, B. Kang, and 1 more author

   ACM KDD (under review), 2024

   Abs HTML

   This paper presents the first systematic study of Deep Neural Network (DNN) evaluation under stochastic assumptions, focusing on wildfire prediction. We note that current evaluation strategies emphasize a DNN’s replication of observed ground truths rather than its ability to learn the underlying stochastic processes, crucial for capturing wildfire evolution’s complexity. To bridge this gap, we propose a novel evaluation criterion: Has the DNN learned the stochastic process? Using a synthetic dataset, we introduce a framework to characterize the stochastic process (generated by randomness in fire evolution rules). Through this framework, we assess an evaluation metric’s capability to test if the DNN has learned the stochastic process. Our findings show that conventional metrics, including classification-based metrics and proper scoring rules, are inadequate. We identify the Expected Calibration Error (ECE) as a robust metric that tests the proposed evaluation criteria, offering asymptotic guarantees of proper scoring rules and improved interpretability through calibration curves. We extend our analysis to real-world wildfire data, highlighting the limitations of traditional evaluation methods and demonstrating the utility of ECE as a stochasticity-compatible metric alongside existing ones.

2. ACM/IEEE ISLPED

   RT-HMD: A Novel Statistical Approach for Robust Real-Time Hardware-based Malware Detection under Weak Supervision Formulation

   H. Kumar, S. Sharma, B. Chakraborty, and 1 more author

   ACM/IEEE ISLPED (under review), 2024

   Abs HTML

   This study introduces RT-HMD, a Hardware-based Malware Detector (HMD) for mobile devices, that refines malware representation in segmented time-series through a Multiple Instance Learning (MIL) approach. We address the mislabeling issue in real-time HMDs, where benign segments in malware time-series incorrectly inherit malware labels, leading to increased false positives. Utilizing the proposed Malicious Discriminative Score within the MIL framework, RT-HMD effectively identifies localized malware behaviors, thereby improving the predictive accuracy. Empirical analysis, using a hardware telemetry dataset collected from a mobile platform across 723 benign and 1033 malware samples, shows a 5% precision boost while maintaining recall, outperforming baselines affected by mislabeled benign segments.

3. UAI

   Tackling Oversmoothing in Large Dense Graphs Using Hebbian-based Attention

   B. Chakraborty, H. Kumar, and S. Mukhopadhyay

   Conference on Uncertainty in Artificial Intelligence (under review), 2024

   Abs

   Graph Neural Networks (GNNs) have emerged as powerful tools for analyzing graph-structured data across various domains, including social networks and molecular biology. Despite their success, GNNs struggle with the oversmoothing problem in dense graphs, where node features converge and become indistinguishable after multiple layers of processing. This issue is particularly detrimental in combinatorial optimization tasks such as the Maximum Independent Set (MIS) problem, where discerning unique long-range node characteristics is crucial for performance. To address this challenge, we introduce a novel graph attention model, HebGAT, which leverages Hebbian learning principles to dynamically adjust attention mechanisms, thereby preserving node feature diversity in deep layers of dense graphs. Our empirical studies show that HebGAT surpasses existing attention-based GNNs in maintaining distinct node representations and achieves superior computational efficiency, particularly in large, dense graph scenarios. These findings not only demonstrate HebGAT’s effectiveness in tackling complex combinatorial optimization problems but also signal its potential to advance graph representation learning by overcoming the limitations of current graph attention models in handling dense graph structures.

4. L4DC

   Learning Locally Interacting Discrete Dynamical Systems: Towards Data-Efficient and Scalable Prediction

   B. Kang, H. Kumar, M. Lee, and 2 more authors

   Learning for Dynamics and Control Conference, 2024

   Abs HTML

   Locally interacting dynamical systems, such as epidemic spread, rumor propagation through crowd, and forest fire, exhibit complex global dynamics originated from local, relatively simple, and often stochastic interactions between dynamic elements. Their temporal evolution is often driven by transitions between a finite number of discrete states. Despite significant advancements in predictive modeling through deep learning, such interactions among many elements have rarely explored as a specific domain for predictive modeling. We present Attentive Recurrent Neural Cellular Automata (AR-NCA), to effectively discover unknown local state transition rules by associating the temporal information between neighboring cells in a permutation-invariant manner. AR-NCA exhibits the superior generalizability across various system configurations (i.e., spatial distribution of states), data efficiency and robustness in extremely data-limited scenarios even in the presence of stochastic interactions, and scalability through spatial dimension-independent prediction.

5. ICLR

   Sparse Spiking Neural Network: Exploiting Heterogeneity in Timescales for Pruning Recurrent SNN

   B. Chakraborty, B. Kang, H. Kumar, and 1 more author

   International Conference on Learning Representations, 2024

   Abs HTML

   Recurrent Spiking Neural Networks (RSNNs) have emerged as a computationally efficient and brain-inspired machine learning model. The design of sparse RSNNs with fewer neurons and synapses helps reduce the computational complexity of RSNNs. Traditionally, sparse SNNs are obtained by first training a dense and complex SNN for a target task and, next, eliminating neurons with low activity (activity-based pruning) while maintaining task performance. In contrast, this paper presents a task-agnostic methodology for designing sparse RSNNs by pruning an untrained (arbitrarily initialized) large model. We introduce a novel Lyapunov Noise Pruning (LNP) algorithm that uses graph sparsification methods and utilizes Lyapunov exponents to design a stable sparse RSNN from an untrained RSNN. We show that the LNP can leverage diversity in neuronal timescales to design a sparse Heterogeneous RSNN (HRSNN). Further, we show that the same sparse HRSNN model can be trained for different tasks, such as image classification and time-series prediction. The experimental results show that, in spite of being task-agnostic, LNP increases computational efficiency (fewer neurons and synapses) and prediction performance of RSNNs compared to traditional activity-based pruning of trained dense models.

2023

1. IEEE TIFS

   XMD: An expansive Hardware-telemetry based Mobile Malware Detector for Endpoint Detection

   H. Kumar, B. Chakraborty, S. Sharma, and 1 more author

   IEEE Transactions on Information Forensics and Security, 2023

   Abs HTML

   Hardware-based Malware Detectors (HMDs) have shown promise in detecting malicious workloads. However, the current HMDs focus solely on the CPU core of a System-on-Chip (SoC) and, therefore, do not exploit the full potential of the hardware telemetry. In this paper, we propose XMD, an HMD that uses an expansive set of telemetry channels extracted from the different subsystems of SoC. XMD exploits the thread-level profiling power of the CPU-core telemetry, and the global profiling power of non-core telemetry channels, to achieve significantly better detection performance than currently used Hardware Performance Counter (HPC) based detectors. We leverage the concept of manifold hypothesis to analytically prove that adding non-core telemetry channels improves the separability of the benign and malware classes, resulting in performance gains. We train and evaluate XMD using hardware telemetries collected from 723 benign applications and 1033 malware samples on a commodity Android Operating System (OS)-based mobile device. XMD improves over currently used HPC-based detectors by 32.91% for the in-distribution test data. XMD achieves the best detection performance of 86.54% with a false positive rate of 2.9%, compared to the detection rate of 80%, offered by the best performing signature-based Anti-Virus(AV) on VirusTotal, on the same set of malware samples.

2022

1. IJCNN

   Unsupervised hebbian learning on point sets in starcraft ii

   B. Kang, H. Kumar, S. Dash, and 1 more author

   International Joint Conference on Neural Networks, 2022

   Abs HTML

   Learning the evolution of real-time strategy (RTS) game is a challenging problem in artificial intelligent (AI) system. In this paper, we present a novel Hebbian learning method to extract the global feature of a point set in StarCraft II game units, and its application to predict the movement of the points. Our model includes encoder, LSTM, and decoder, and we train the encoder with the unsupervised learning method. We introduce the concept of neuron activity aware learning combined with k-Winner-Takes-All. The optimal value of neuron activity is mathematically derived, and experiments support the effectiveness of the concept over the downstream task. Our Hebbian learning rule benefits the prediction with lower loss compared to self-supervised learning. Also, our model significantly saves the computational cost such as activations and FLOPs compared to a frame-based approach.

2021

1. ACM/IEEE DAC

   Towards Improving the Trustworthiness of Hardware based Malware Detector using Online Uncertainty Estimation

   H. Kumar, N. Chawla, and S. Mukhopadhyay

   Design Automation Conference, 2021

   Abs HTML

   Hardware-based Malware Detectors (HMDs) using Machine Learning (ML) models have shown promise in detecting malicious workloads. However, the conventional black-box based machine learning (ML) approach used in these HMDs fail to address the uncertain predictions, including those made on zero-day malware. The ML models used in HMDs are agnostic to the uncertainty that determines whether the model “knows what it knows,” severely undermining its trustworthiness. We propose an ensemble-based approach that quantifies uncertainty in predictions made by ML models of an HMD, when it encounters an unknown workload than the ones it was trained on. We test our approach on two different HMDs that have been proposed in the literature. We show that the proposed uncertainty estimator can detect > 90% of unknown workloads for the Power-management based HMD, and conclude that the overlapping benign and malware classes undermine the trustworthiness of the Performance Counter-based HMD.

2. IEEE TIFS

   Machine learning in wavelet domain for electromagnetic emission based malware analysis

   N. Chawla, H. Kumar, and S. Mukhopadhyay

   IEEE Transactions on Information Forensics and Security, 2021

   Abs HTML

   This paper presents a signal processing and machine learning (ML) based methodology to leverage Electromagnetic (EM) emissions from an embedded device to remotely detect a malicious application running on the device and classify the application into a malware family. We develop Fast Fourier Transform (FFT) based feature extraction followed by Support Vector Machine (SVM) and Random Forest (RF) based ML models to detect a malware. We further propose methods to learn characteristic behavior of different malwares from EM traces to reveal similarities to known malware families and improve efficiency of malware analysis. We propose to use Discrete Wavelet Transform (DWT) based feature extraction from spectrograms of EM side-channel traces and perform ML on the extracted features to learn fine-grained patterns of malware families. The experimental demonstration on Open-Q 820 development platform demonstrate 0.99 F 1 score in detecting malware and 0.88 F 1 score in uniquely classifying malwares among 8 malware family evaluated using Support Vector Machines (SVM) and Random Forest (RF) Machine Learning(ML) models. We also demonstrate capability of proposed framework in identifying new unknown applications with 0.99 recall and unknown malware family with 0.87 recall.

2020

1. ACM/IEEE ISLPED

   BiasP: a DVFS based Exploit to Undermine Resource Allocation Fairness in Linux Platforms

   H. Kumar, N. Chawla, and S. Mukhopadhyay

   International Symposium on Low Power Electronics and Design, 2020

   Abs HTML

   Dynamic Voltage and Frequency Scaling (DVFS) plays an integral role in reducing the energy consumption of mobile devices, meeting the targeted performance requirements at the same time. We examine the security obliviousness of CPUFreq, the DVFS framework in Linux-kernel based systems. Since Linux-kernel based operating systems are present in a wide array of applications, the high-level CPUFreq policies are designed to be platform-independent. Using these policies, we present BiasP exploit, which restricts the allocation of CPU resources to a set of targeted applications, thereby degrading their performance. The exploit involves detecting the execution of instructions on the CPU core pertinent to the targeted applications, thereafter using CPUFreq policies to limit the available CPU resources available to those instructions. We demonstrate the practicality of the exploit by operating it on a commercial smartphone, running Android OS based on Linux-kernel. We can successfully degrade the User Interface (UI) performance of the targeted applications by increasing the frame processing time and the number of dropped frames by up to 200% and 947% for the animations belonging to the targeted-applications. We see a reduction of up to 66% in the number of retired instructions of the targeted-applications. Furthermore, we propose a robust detector which is capable of detecting exploits aimed at undermining resource allocation fairness through malicious use of the DVFS framework.

2. IEEE IOTJ

   Securing iot devices using dynamic power management: Machine learning approach

   N. Chawla, A. Singh, H. Kumar, and 2 more authors

   IEEE Internet of Things Journal, 2020

   Abs HTML

   The shift in paradigm from cloud computing toward edge has resulted in faster response times, a more secure and energy-efficient edge. Internet-of-Things (IoT) devices form a vital part of the edge, but despite legions of benefits it offers, increasing vulnerabilities and escalation in malware generation has rendered them insecure. Software-based approaches are prominent in malware detection, but they fail to meet the requirements for IoT devices. Dynamic power management (DPM) is architecture agnostic and inherently pervasive component existing in all low-power IoT devices. In this article, we demonstrate dynamic voltage and frequency scaling (DVFS) states form a signature pertinent to an application, and its runtime variations comprise of features essential for securing IoT devices against malware attacks. We have demonstrated this proof of concept by performing experimental analysis on a Snapdragon 820 mobile processor, hosting the Android operating system (OS). We developed a supervised machine learning model for application classification and malware identification by extracting features from the DVFS states time series. The experimental results show >0.7 F1 score in classifying different android benchmarks and >0.88 in classifying benign and malware applications when evaluated across different DVFS governors. We also performed power measurements under different governors to evaluate power-security aware governor. We have observed higher detection accuracy and lower power dissipation under settings of the ondemand governor.

2019

1. IEEE TETC

   Efficient key-gate placement and dynamic scan obfuscation towards robust logic encryption

   R. Karmakar, H. Kumar, and S. Chattopadhyay

   IEEE Transactions on Emerging Topics in Computing, 2019

   Abs HTML

   Logic encryption has emerged to be a potential solution to the problem of Intellectual Property (IP)-Piracy and counterfeiting. However, in the recent past, several attacks have been mounted on existing logic encryption strategies to extract the secret key. SAT attack, the most predominant one among them, exploits the unprotected Design-for-Testability (DfT) infrastructure as a backdoor to launch attacks on sequential circuits. Protecting the DfT infrastructure is of paramount importance to ensure the security of an Integrated Chip (IC). In this paper, we propose a new logic encryption scheme which dynamically obfuscates the scan operation for an unauthorized attempt of scan access. A detailed security analysis on the proposed secure DfT infrastructure demonstrates its ability to thwart SAT attack without compromising the testability of the design. A methodical key-gate placement strategy enables the proposed scheme to eliminate the leak- age of key information through weak key-gate locations, offering protection against path sensitization and logic cone based attacks. Unlike other state-of-the-art SAT preventive schemes, our proposed method does not suffer from poor output corruption, which is a fundamental requirement of a logic encryption scheme.

2. IEEE TAS

   Toward Increasing the Difficulty of Reverse Engineering of RSFQ Circuits

   H. Kumar, T. Jabbari, G. Krylov, and 3 more authors

   IEEE Transactions on Applied Superconductivity, 2019

   Abs HTML

   Integrated circuit (IC) camouflaging is a defense to defeat image-based reverse engineering. The security of CMOS ICs has been extensively studied and camouflage techniques have been developed. A camouflaging method is introduced here to protect superconducting electronics, specifically, rapid single flux quantum (RSFQ) technology, from reverse engineering. RSFQ camouflaged units have been developed by applying the structural similarity of RSFQ standard cells. A defense using camouflaged RSFQ cells combined with obfuscating the temporal distribution of inputs to the IC increases the attacker’s effort to decamouflage. The approach establishes the complexity class of RSFQ decamouflaging and a model checker is applied to evaluate the strength of the defenses. These techniques have been evaluated on ISCAS’85 combinational benchmarks and the controllers of the OpenSPARC T1 microprocessor. A dummy Josephson junction fabrication process adds two additional mask steps that increase the cost overhead. Camouflaging 100% of the benchmark circuits results in an area and power overhead of almost 40%. In the case of the OpenSPARC processor, the approach requires near-zero area, power, and performance overhead even when 100% of the sensitive parts of the processor are camouflaged.

2018

1. IEEE ISCAS

   On finding suitable key-gate locations in logic encryption

   R. Karmakar, H. Kumar, and S. Chattopadhyay

   IEEE International Symposium on Circuits and Systems, 2018

   Abs HTML

   Logic encryption is a popular technique to safeguard an IC design from different security vulnerabilities. However, several recently proposed attacks exploit the weakness in key-gate placement schemes to extract the secret keys of an encrypted design. Security of a logic encryption strategy highly depends on the locations of the key-gates in a circuit. Most of the state-of-the-art logic encryption schemes suffer from the fact that the defence strategies against different attacks demand different locations for the placement of the key-gates. Therefore, it becomes incredibly challenging for a single solution to thwart all the state-of-the-art attacks. In this paper, we address this issue and propose a strategy which judiciously selects the locations of the key-gates to prevent different attacks and simultaneously satisfies another fundamental criterion of logic encryption, i.e., high output corruption for wrong keys.