Toward Secure AI Systems

Speaker: Dr. Yuanyuan YUAN
PostDoc Researcher, ETH Zürich
and
CSE Best PhD Dissertation Award (2023-24) Recipient
Hong Kong University of Science and Technology

Title: Toward Secure AI Systems

Date: Monday, 14 April 2025

Time: 4:00pm - 5:00pm

Venue: Lecture Theater F
(Leung Yat Sing Lecture Theater), near lift 25/26, HKUST

Abstract:

As the era of Artificial General Intelligence (AGI) approaches, AI security has become a critical concern. My research aims to secure AI by holistically considering the entire system, including the AI model, software, hardware, and external physical environment. In this talk, I will focus on my thesis research—data leakage in AI system infrastructures—to demonstrate my research on AI system security. First, I will show how hardware activities can be exploited to break algorithmic and software-level security guarantees in AI systems, creating new data leakage opportunities. I will then illustrate how intrinsic AI characteristics (e.g., non-linearity) can further amplify these leakages. Together, their joint effect enables a malicious user to infer other users' data (e.g., images, text, or audio) and allows untrusted hosts (e.g., AI service providers) to circumvent data protections in Trusted Execution Environments (TEEs). Next, I will introduce how I mitigate these hardware issues at the software level. To conclude, I will discuss how the demonstrated research philosophy has guided my research within a broader discipline of AI system security and outline my future research agenda in this field.

Biography:

Yuanyuan Yuan is a postdoctoral researcher at ETH Zurich. Prior to that, he obtained his Ph.D. from the Hong Kong University of Science and Technology (HKUST) in 2024. Yuanyuan's research focuses on AI system security: he revisits AI security from a holistic, system-wide perspective and studies how AI reshapes the system's security landscape. Yuanyuan's research has been published in tier-one security, software engineering, and AI venues, such as IEEE S&P, USENIX Security, CCS, ICSE, and ICLR. His work has also been presented at Black Hat USA and Black Hat Europe, two world-renowned industrial security conferences. In recognition of his outstanding thesis research, he was the sole recipient of the Best Ph.D. Dissertation Award from the Department of CSE at HKUST in 2024.