December 11, 2023

Security Analysis of the Dominion ImageCast X

Today, the Federal District Court for the Northern District of Georgia permitted the public release of Security Analysis of Georgia’s ImageCast X Ballot Marking Devices, a 96-page report that describes numerous security problems affecting Dominion voting equipment used in Georgia and other states.

Cross-Layer Security: A Holistic View of Internet Security 

By Henry Birge-Lee, Liang Wang, Grace Cimaszewski, Jennifer Rexford and Prateek Mittal On February 3, 2022, attackers launched a highly effective attack against the Korean cryptocurrency exchange KLAYswap. We discussed the details of this attack in our earlier blog post “Attackers exploit fundamental flaw in the web’s security to steal $2 million in cryptocurrency.” However, […]

The anomaly of cheap complexity

Why are our computer systems so complex and so insecure?  For years I’ve been trying to explain my understanding of this question. Here’s one explanation–which happens to be in the context of voting computers, but it’s a general phenomenon about all our computers: There are many layers between the application software that implements an electoral […]

Toward Trustworthy Machine Learning: An Example in Defending against Adversarial Patch Attacks (2)

By Chong Xiang and Prateek Mittal In our previous post, we discussed adversarial patch attacks and presented our first defense algorithm PatchGuard. The PatchGuard framework (small receptive field + secure aggregation) has become the most popular defense strategy over the past year, subsuming a long list of defense instances (Clipped BagNet, De-randomized Smoothing, BagCert, Randomized […]

Toward Trustworthy Machine Learning: An Example in Defending against Adversarial Patch Attacks

By Chong Xiang and Prateek Mittal Thanks to the stunning advancement of Machine Learning (ML) technologies, ML models are increasingly being used in critical societal contexts — such as in the courtroom, where judges look to ML models to determine whether a defendant is a flight risk, and in autonomous driving,  where driverless vehicles are […]