Sanghyun Hong, assistant professor of computer science at Oregon State University, has been selected as one of six cybersecurity researchers in the U.S. to participate in the 2023 Google Research Scholar Program. Hong will receive up to $60,000 to support his project, “Evaluating and Mitigating Security and Privacy Risks of Publishing Resource-Efficient Models to Edge Devices.”
Hong aims to identify and examine the security and privacy risks of publishing on-device versions of commercial-scale models to edge devices, such as the Google Pixel smartphone. An enhanced understanding of security threats specific to on-device machine learning will help Hong determine how to design effective defense systems.
“Cybersecurity requires out-of-the-box thinking and encourages a security mindset,” Hong said. “In what ways could a hacker compromise a system, and what can I do to prevent that?”
Previously, Hong showed that cyber adversaries could potentially access models deployed to edge devices that they could not access in the cloud. Such vulnerabilities are especially important to consider in light of growing demand for design and implementation of hardware accelerators for on-device models.
“We plan to do a holistic assessment of new vulnerabilities this trend brings, characterize factors attributed to them, and design defenses for the safe, efficient deployment of models on edge,” Hong said.
Since his time as a doctoral student, Hong’s research has also been motivated by the question of how fully we grasp when and why machine learning-based systems, such as ChatGPT, operate differently from our expectations. He also seeks to explore solutions to mitigate this phenomenon.
In addition to advancing the understanding of security and privacy risks associated with efficient deep learning, Hong’s research could have innovative scientific, social, and business impacts. Hong foresees his work spurring greater interest in safer on-device models.
“My research will contribute to publishing models that do not increase security and privacy threats,” Hong said. “I am happy to open-source the framework to research communities to foster more work on improving our cybersecurity.”