A School of Computer Science team won the Institute for Information Security and Privacy’s (IISP) Demo Day Finale for their work on making machine learning (ML) models more secure.

The winning project, MLsploit, is a framework for developers to test their ML model against a variety of attacks to strengthen its security. It can be used to evaluate video, image, and audio data, and also includes cybersecurity protections against malware and network intrusions. This research is vital as ML’s prominence makes it more at risk to attacks, which could include forcing self-driving cars to run stop signs.

 “We’re not just interested in how accurately we can classify a dataset; we’re interested in how robust the model is and how well it thwarts attacks,” said Evan Downing, the SCS Ph.D. student who presented from the group.

The Demo Day Finale was the culmination of a yearlong annual competition that gives students the opportunity to commercialize their research for up to $125,000 in prizes. Students first presented at IISP’s fall Cybersecurity Summit, where the most promising projects were offered funding and mentorship from industry leaders. The three student-led commercialization projects showcased the future of cybersecurity research, including biometric authentication, preventing power grid attacks, and ML security.

At the April 16 finale, a student from each team gave a TED-style talk on their work and answered questions from three business leaders – Tech Square Ventures Managing Partner Blake Patton, IBM Security Director of Business and Corporate Development Richard Telljohann, and TDF Ventures Venture Partner John Schanz – who were looking for research that showed novelty and innovation in the market. They chose MLsploit for its practical applications.

With the encouraging nod from the judges, and $7,000 from IISP in funding, Downing and his team plan to continue improving MLsploit’s capabilities and release it as an open source tool.

MLsploit is the work of SCS Ph.D. students Downing, Jinho Jung, and Carter Yagemann; School of Computational Science and Engineering (CSE) Ph.D. students Shang-Tse Chen and Nilaksh Das; CSE Associate Professors Polo Chau and Le Song; and SCS Associate Professor Taesoo Kim, with Professor Wenke Lee acting as advisor.

“It can be difficult to apply academic research to the needs of industry, so it's encouraging to hear interest from companies in our tool,” Downing said. “It motivates me to work even harder to provide them a product they can use in the real world that also has impact in research.”