Suha Sabi Hussain

I'm an engineer based in Brooklyn. I work on AI/ML product security and research at Harvey.

You can contact me at suhashussain1 ‘at’ gmail ‘dot’ com or @suhackerr on Twitter.

---

Select Works

Trail of Bits

Weaponizing Image Scaling Against Production AI Systems

• Blog Post
• GitHub Repository  
• Covered by The Register, Risky Business, HackRead, BGR, etc.
• Black Hat Europe, BSides Berlin, Best Multimodal Build at AI Tinkerers NYC Demopalooza, Insecure Agents (Presented by Kikimora Morozova)

Hijacking Multi-agent Systems in Your PajaMAS

• Blog Post
• GitHub Repository  

Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs

• HOPE XV
• BSides Las Vegas
• DEFCON 32 (Slides)
• Invited Talk for the NVIDIA Security Team

Lightweight Design Review of the 6079 Proof-of-Inference Protocol (Public Report)

Meta WhatsApp Private Processing Security Assessment (Public Report)

EZKL Security Assessment (Public Report)

Sleepy Pickle: Hybrid ML Exploit Chaining Pickle Insecurity and Model Backdoors

• Note: Contributor to the initial Sleepy Pickle PoC
• Blog post

Relishing New Fickling Features for Securing ML Systems 

• Blog Post
• GitHub Repository

ML File Formats Collection (GitHub Repository)

MLFiles - Using Input-Handling Bugs to Inject Backdoors Into Machine Learning Pipelines 

• UCSC LSD Seminar Talk
• Undergraduate Thesis

Assessing the Security Posture of a Widely Used Vision Model: YOLOv7 

• Blog Post
• Public Report  

Safetensors Security Assessment 

• Public Report
• Context  

Secure Your Machine Learning with Semgrep 

• Blog Post
• GitHub Repository  

DEF CON 30 AI Village: Panel: The Use of AI/ML in Offensive Security Operations. 

ToB Podcast Episode: W/Internships

ZCoin Lelantus Security Assessment (Public Report)

Never a Dill Moment: Exploiting Machine Learning Pickle Files 

• DEFCON 29 AI Village Talk
• Blog Post
• GitHub Repository

PrivacyRaven: Comprehensive Privacy Testing for Deep Learning 

• OpenMined Privacy Conference Talk
• Empire Hacking Talk
• Blog Post
• GitHub Repository

RoboJackets

Multiclass Semantic Segmentation for Autonomous Vehicle Perception

NYU CCS

COPPTCHA: COPPA Tracking by Checking Hardware-Level Activity 

• IEEE Transactions on Information Forensics and Security (Paper)
• Invited Talk for the NSA Board of Directors

A New Method for the Exploitation of Speech Recognition Systems 

• Invited Talk for the NSA Research Directorate
• Computational Cybersecurity for Compromised Environments Workshop