About Me
Hi! My name is Suha Sabi Hussain. I'm an AI/ML security engineer.
You can contact me at suhashussain1 ‘at’ gmail ‘dot’ com or @suhackerr on Twitter.
Select Works
Trail of Bits
Weaponizing Image Scaling Against Production AI Systems
Hijacking Multi-agent Systems in Your PajaMAS
Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs
Lightweight Design Review of the 6079 Proof-of-Inference Protocol (Public Report)
Meta WhatsApp Private Processing Security Assessment (Public Report)
Sleepy Pickle: Hybrid ML Exploit Chaining Pickle Insecurity and Model Backdoors
- Note: Contributor to the initial Sleepy Pickle PoC
- Blog post
Relishing New Fickling Features for Securing ML Systems
ML File Formats Collection (GitHub Repository)
MLFiles - Using Input-Handling Bugs to Inject Backdoors Into Machine Learning Pipelines
Assessing the Security Posture of a Widely Used Vision Model: YOLOv7
Secure Your Machine Learning with Semgrep
DEF CON 30 AI Village: Panel: The Use of AI/ML in Offensive Security Operations.
Never a Dill Moment: Exploiting Machine Learning Pickle Files
PrivacyRaven: Comprehensive Privacy Testing for Deep Learning
NYU CCS
COPPTCHA: COPPA Tracking by Checking Hardware-Level Activity
- IEEE Transactions on Information Forensics and Security (Paper)
- Invited Talk for the NSA Board of Directors
A New Method for the Exploitation of Speech Recognition Systems
- Invited Talk for the NSA Research Directorate
- Computational Cybersecurity for Compromised Environments Workshop