Patrick McDaniel
YOU?
Author Swipe
View article: Technical Report: The Need for a (Research) Sandstorm through the Privacy Sandbox
Technical Report: The Need for a (Research) Sandstorm through the Privacy Sandbox Open
The Privacy Sandbox, launched in 2019, is a series of proposals from Google to reduce ``cross-site and cross-app tracking while helping to keep online content and services free for all''. Over the years, Google implemented, experimented, a…
View article: It's a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications
It's a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications Open
Replay and rollback attacks threaten cloud application integrity by reintroducing authentic yet stale data through an untrusted storage interface to compromise application decision-making. Prior security frameworks mitigate these attacks b…
View article: Synthetic Texture Datasets: Challenges, Creation, and Curation
Synthetic Texture Datasets: Challenges, Creation, and Curation Open
Texture data serves as a valuable tool for interpreting the high-level features models learn, uncovering biases, and identifying security vulnerabilities. However, works in this space have been limited by small texture datasets and synthes…
View article: LibIHT: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis
LibIHT: A Hardware-Based Approach to Efficient and Evasion-Resistant Dynamic Binary Analysis Open
Dynamic program analysis is invaluable for malware detection, debugging, and performance profiling. However, software-based instrumentation incurs high overhead and can be evaded by anti-analysis techniques. In this paper, we propose LibIH…
View article: A Practical Guideline and Taxonomy to LLVM's Control Flow Integrity
A Practical Guideline and Taxonomy to LLVM's Control Flow Integrity Open
Memory corruption vulnerabilities remain one of the most severe threats to software security. They often allow attackers to achieve arbitrary code execution by redirecting a vulnerable program's control flow. While Control Flow Integrity (…
View article: Efficient Storage Integrity in Adversarial Settings
Efficient Storage Integrity in Adversarial Settings Open
Storage integrity is essential to systems and applications that use untrusted storage (e.g., public clouds, end-user devices). However, known methods for achieving storage integrity either suffer from high (and often prohibitive) overheads…
View article: On the Robustness Tradeoff in Fine-Tuning
On the Robustness Tradeoff in Fine-Tuning Open
Fine-tuning has become the standard practice for adapting pre-trained models to downstream tasks. However, the impact on model robustness is not well understood. In this work, we characterize the robustness-accuracy trade-off in fine-tunin…
View article: Adversarial Agents: Black-Box Evasion Attacks with Reinforcement Learning
Adversarial Agents: Black-Box Evasion Attacks with Reinforcement Learning Open
Attacks on machine learning models have been extensively studied through stateless optimization. In this paper, we demonstrate how a reinforcement learning (RL) agent can learn a new class of attack algorithms that generate adversarial sam…
View article: Alignment and Adversarial Robustness: Are More Human-Like Models More Secure?
Alignment and Adversarial Robustness: Are More Human-Like Models More Secure? Open
A small but growing body of work has shown that machine learning models which better align with human vision have also exhibited higher robustness to adversarial examples, raising the question: can human-like perception make models more se…
View article: Deserialization Gadget Chains are not a Pathological Problem in Android:an In-Depth Study of Java Gadget Chains in AOSP
Deserialization Gadget Chains are not a Pathological Problem in Android:an In-Depth Study of Java Gadget Chains in AOSP Open
Inter-app communication is a mandatory and security-critical functionality of operating systems, such as Android. On the application level, Android implements this facility through Intents, which can also transfer non-primitive objects usi…
View article: Targeting Alignment: Extracting Safety Classifiers of Aligned LLMs
Targeting Alignment: Extracting Safety Classifiers of Aligned LLMs Open
Alignment in large language models (LLMs) is used to enforce guidelines such as safety. Yet, alignment fails in the face of jailbreak attacks that modify inputs to induce unsafe outputs. In this paper, we introduce and evaluate a new techn…
View article: Err on the Side of Texture: Texture Bias on Real Data
Err on the Side of Texture: Texture Bias on Real Data Open
Bias significantly undermines both the accuracy and trustworthiness of machine learning models. To date, one of the strongest biases observed in image classification models is texture bias-where models overly rely on texture information ra…
View article: Prompted Textures Dataset (PTD)
Prompted Textures Dataset (PTD) Open
The Prompted Textures Dataset (PTD) is a synthetic texture image dataset consisting of 246,285 images across 56 different texture classes from the work On Synthetic Texture Datasets: Challenges, Creation, and Curation. If you find this dat…
View article: ParTEETor: A System for Partial Deployments of TEEs within Tor
ParTEETor: A System for Partial Deployments of TEEs within Tor Open
The Tor anonymity network allows users such as political activists and those under repressive governments to protect their privacy when communicating over the internet. At the same time, Tor has been demonstrated to be vulnerable to severa…
View article: On Scalable Integrity Checking for Secure Cloud Disks
On Scalable Integrity Checking for Secure Cloud Disks Open
Merkle hash trees are the standard method to protect the integrity and freshness of stored data. However, hash trees introduce additional compute and I/O costs on the I/O critical path, and prior efforts have not fully characterized these …
View article: A Public and Reproducible Assessment of the Topics API on Real Data
A Public and Reproducible Assessment of the Topics API on Real Data Open
The Topics API for the web is Google's privacy-enhancing alternative to replace third-party cookies. Results of prior work have led to an ongoing discussion between Google and research communities about the capability of Topics to trade of…
View article: Explorations in Texture Learning
Explorations in Texture Learning Open
In this work, we investigate \textit{texture learning}: the identification of textures learned by object classification models, and the extent to which they rely on these textures. We build texture-object associations that uncover new insi…
View article: A New Era in LLM Security: Exploring Security Concerns in Real-World LLM-based Systems
A New Era in LLM Security: Exploring Security Concerns in Real-World LLM-based Systems Open
Large Language Model (LLM) systems are inherently compositional, with individual LLM serving as the core foundation with additional layers of objects such as plugins, sandbox, and so on. Along with the great potential, there are also incre…
View article: ParTEETor: A System for Partial Deployments of TEEs within Tor
ParTEETor: A System for Partial Deployments of TEEs within Tor Open
View article: Characterizing the Modification Space of Signature IDS Rules
Characterizing the Modification Space of Signature IDS Rules Open
Signature-based Intrusion Detection Systems (SIDSs) are traditionally used to\ndetect malicious activity in networks. A notable example of such a system is\nSnort, which compares network traffic against a series of rules that match\nknown …
View article: Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving)
Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving) Open
Today, targeted online advertising relies on unique identifiers assigned to users through third-party cookies--a practice at odds with user privacy. While the web and advertising communities have proposed solutions that we refer to as inte…
View article: The Efficacy of Transformer-based Adversarial Attacks in Security Domains
The Efficacy of Transformer-based Adversarial Attacks in Security Domains Open
Today, the security of many domains rely on the use of Machine Learning to detect threats, identify vulnerabilities, and safeguard systems from attacks. Recently, transformer architectures have improved the state-of-the-art performance on …
View article: Systematic Evaluation of Geolocation Privacy Mechanisms
Systematic Evaluation of Geolocation Privacy Mechanisms Open
Location data privacy has become a serious concern for users as Location Based Services (LBSs) have become an important part of their life. It is possible for malicious parties having access to geolocation data to learn sensitive informati…
View article: Secure and Trustworthy Computing 2.0 Vision Statement
Secure and Trustworthy Computing 2.0 Vision Statement Open
The Secure and Trustworthy Computing (SaTC) program within the National Science Foundation (NSF) program serves as the primary instrument for creating novel fundamental science in security and privacy in the United States with broad impact…
View article: Verifiable Sustainability in Data Centers
Verifiable Sustainability in Data Centers Open
Data centers have significant energy needs, both embodied and operational, affecting sustainability adversely. The current techniques and tools for collecting, aggregating, and reporting verifiable sustainability data are vulnerable to cyb…
View article: Euro S&P 2023 Steering Committee
Euro S&P 2023 Steering Committee Open
View article: Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving)
Interest-disclosing Mechanisms for Advertising are Privacy-Exposing (not Preserving) Open
Today, targeted online advertising relies on unique identifiers assigned to users through third-party cookies--a practice at odds with user privacy. While the web and advertising communities have proposed solutions that we refer to as inte…
View article: Securing Cloud File Systems with Trusted Execution
Securing Cloud File Systems with Trusted Execution Open
Cloud file systems offer organizations a scalable and reliable file storage solution. However, cloud file systems have become prime targets for adversaries, and traditional designs are not equipped to protect organizations against the myri…
View article: Organizing Committee: SaTML 2023
Organizing Committee: SaTML 2023 Open
View article: Understanding the Ethical Frameworks of Internet Measurement Studies
Understanding the Ethical Frameworks of Internet Measurement Studies Open
Measurement of network data received from or transmitted over the public Internet has yielded a myriad of insights towards improving the security and privacy of deployed services.Yet, the collection and analysis of this data necessarily in…