Cotaie Andrei

Senior Security Engineer at Adobe

Andrei Cotaie is a Security Engineer specialized in Incident Response. Currently working for Adobe’s Security Coordination Center, Andrei made the transition from the public to the private sector almost 5 years ago. A big fan of automation and machine learning enthusiast, Andrei spends most of his time involved in monitoring and threat hunting projects, always trying to identify the latest unconventional attacks.

Weaponizing Neural Networks. In your browser!

Neural Networks have received an increasing interest from both the academia and the industry segments. The unreasonable effectiveness of recurrent neural networks makes them ideal candidates for tasks where the inner patterns inside the data are hard to spot and exploit using classical approaches. This includes Natural Language Processing, Speech Recognition, Image Captioning, Machine Translation, Speech Synthesis, Anomaly Detection and the list can continue.
Generative models are currently used to produce handwriting, signatures, speech and images that are indistinguishable from human-level quality. Supporting programming languages and machine learning frameworks, make it easy to deploy and run neural networks on virtually any hardware or software, for that matter.
Our work explores the availability of ML frameworks that work in JavaScript environments and the fact that generative models can be used for encoding, storing and reconstructing any coherent data sequence. We state that by conditioning the model to output data based on a key (seed), the reconstruction and analysis of the learned sequence is virtually impossible by means of static analysis of the weights of the model.
Our Proof-of-Concept (POC) proves that neural networks can be used for irreversibly hiding malicious code, thus making any static code-scanner blind to the data that is being delivered through the browser. Also, dynamic analysis of code can be misled by making the network respond to different seeds in different ways (i.e. generate music for one seed and malicious code for another).
And all of this, in the client’s browser!

This talk will be co-presented with Tiberiu Boros, Software Developer / Computer Scientist at Adobe

Presentation @DefCamp 2018