Khaled N. Khasawneh
TITLE:  Trustworthy ML: A Computer Architecture Perspective

Machine learning's rise as an important computational workload has reshaped the landscape of computer systems, particularly from an architectural standpoint, in two significant ways: (1) The evolution of specialized accelerators and systems tailored for large-scale training and inference of ML models, and (2) The integration of ML-driven architectural decisions that optimize the system performance, reliability, and security. In this talk, I'll navigate the crossroads of Security, ML, and Architecture, shedding light on the inherent security challenges and the potential opportunities. Specifically, machine learning systems face emerging threats such as adversarial attacks, designed to deceive classifiers into misclassifying the input, and membership inference attacks that aim to breach the privacy of training datasets. From the architecture perspective, while being a potential target when incorporating ML, it can offer innovative defenses against these attacks. Drawing from our recent research, I will present three illustrative examples: First, the vulnerability of ML-based hardware malware detectors against adversarial perturbations to malware and our strategies to fortify them. Second, I will discuss how architecture can secure ML models against adversarial attacks using approximate computing, Finally, I will also show how architecture can preserve the privacy of ML models against membership inference attacks using approximate computing.