Tiberiu Boros

Software Developer / Computer Scientist at Adobe

Tiberiu Boros is a Ph.D. in computer science, specifically in the field of Text-to-Speech (TTS) Synthesis. He is currently working for Adobe Systems Romania and is an associate of the Research Institute for Artificial Intelligence of the Romanian Academy. Additionally, he maintains two Machine Learning open source projects (TTS-Cube and NLP-Cube) and is a contributor to the DyNet Machine Learning Framework (developed by Carnegie Mellon University and many others). His research is focused on applied Natural Language and Speech Processing. 

Weaponizing Neural Networks. In your browser!

Neural Networks have received an increasing interest from both the academia and the industry segments. The unreasonable effectiveness of recurrent neural networks makes them ideal candidates for tasks where the inner patterns inside the data are hard to spot and exploit using classical approaches. This includes Natural Language Processing, Speech Recognition, Image Captioning, Machine Translation, Speech Synthesis, Anomaly Detection and the list can continue.
Generative models are currently used to produce handwriting, signatures, speech and images that are indistinguishable from human-level quality. Supporting programming languages and machine learning frameworks, make it easy to deploy and run neural networks on virtually any hardware or software, for that matter.
Our work explores the availability of ML frameworks that work in JavaScript environments and the fact that generative models can be used for encoding, storing and reconstructing any coherent data sequence. We state that by conditioning the model to output data based on a key (seed), the reconstruction and analysis of the learned sequence is virtually impossible by means of static analysis of the weights of the model.
Our Proof-of-Concept (POC) proves that neural networks can be used for irreversibly hiding malicious code, thus making any static code-scanner blind to the data that is being delivered through the browser. Also, dynamic analysis of code can be misled by making the network respond to different seeds in different ways (i.e. generate music for one seed and malicious code for another).
And all of this, in the client’s browser!

This talk will be co-presented with Andrei Cotaie, Senior Security Engineer at Adobe

Presentation @DefCamp 2018