changed 2 years ago
Published Linked with GitHub

About me

https://rewanthtammana.com/

Rewanth Tammana is a security ninja, open-source contributor, independent consultant & SME at Uptycs. Previously, Senior Security Architect at Emirates NBD. Passionate about DevSecOps, Application, and Container Security. Added 17,000+ lines of code to Nmap. Holds industry certifications like CKS, CKA, etc.

About me

https://twitter.com/rewanthtammana

Speaker & trainer at international security conferences worldwide including Black Hat, Defcon, Hack In The Box (Dubai and Amsterdam), CRESTCon UK, PHDays, Nullcon, Bsides, CISO Platform, null chapters and multiple others.

About me

https://linkedin.com/in/rewanthtammana

One of the MVP researchers on Bugcrowd (2018) and identified vulnerabilities in several organizations. Published an IEEE research paper on an offensive attack in Machine Learning and Security. Also, part of the renowned Google Summer of Code program.

Importance of Data Security in AI

  • AI models require vast amounts of data
  • Risks of data breaches and misuse
  • The need for a paradigm shift: Local AI execution

Why

Reference - codeandhack.com

Why

Reference - theverge.com

Why

Reference - axios.com

Why

Reference - reuters

Why

Reference - washingtonpost.com

Why

Reference - tenable.com

How to prevent

  • Data Anonymization
  • Limit Data Access
  • Local Execution
  • Training and Awareness

How to prevent

  • Data Anonymization
  • Limit Data Access
  • Local Execution
  • Training and Awareness

What is Local AI Model Execution?

  • Running AI models directly on user devices
  • No data sent to external servers

Benefits

  • Enhanced privacy
  • Reduced latency
  • Offline capabilities

Introducing Hugging Face

  • Repository of pre-trained models
  • Facilitates local AI execution

Hugging face models count

Stable Diffusion research paper

Hugging face filter options

Pre-compiled models

Hands-on: Setting up Hugging Face

  • Installing the Hugging Face library
  • Loading pre-compiled models
  • Demo - Quick setup and model loading

Hands-on: Text Generation

  • Using Hugging Face for generating text

Demo - Create a short story using a pre-trained model

Hands-on: Text Generation

from transformers import AutoTokenizer, AutoModelForCausalLM, pipeline

model_name = "distilgpt2"

tokenizer = AutoTokenizer.from_pretrained(model_name)
model = AutoModelForCausalLM.from_pretrained(model_name)

story_generator = pipeline("text-generation", model=model, tokenizer=tokenizer)

prompt = "On a sunny day in Paris,"

result = story_generator(prompt, max_length=300, do_sample=True, top_k=50, top_p=0.95, num_return_sequences=1)

print(result[0]['generated_text'])

Hands-on: Text Generation

Hands-on: Creating Pictures from Text

The power of advanced models in Hugging Face.
Demo - Generating an image from a text description.

Hands-on: Creating Pictures from Text

from diffusers import DiffusionPipeline

pipeline = DiffusionPipeline.from_pretrained("runwayml/stable-diffusion-v1-5")
pipeline = pipeline.to("mps") # cpu, cuda, mkldnn, opengl, opencl, ideep, hip, ve, fpga, ort, xla, lazy, vulkan, mps, meta, hpu, mtia, privateuseone

# Recommended if you have 8/16 GB RAM
pipeline.enable_attention_slicing()

prompt = "a photo of an astronaut riding a horse on mars"

_ = pipeline(prompt,num_inference_steps=1)

images = pipeline(prompt).images
for index, image in enumerate(images):
    image.save("image{0}.jpg".format(index))

Hands-on: Creating Pictures from Text

Creating Pictures from Text

Stable Diffusion Web UI

https://github.com/AUTOMATIC1111/stable-diffusion-webui

Spin up Web UI

Spin up Web UI

Creating Picture from Text

Reverse engineer a picture

Look at picture from your ML model POV

Change a feature of ML interpretation

Change a feature of ML interpretation

Hands-on: Code Writing with AI

  • AI's capability to assist in coding

Demo - Writing a simple Python function with the help of Hugging Face.

Hands-on: Code Writing with AI

from transformers import AutoModelForCausalLM, AutoTokenizer

checkpoint = "bigcode/santacoder"
device = "cuda" # for GPU usage or "cpu" for CPU usage

tokenizer = AutoTokenizer.from_pretrained(checkpoint)
model = AutoModelForCausalLM.from_pretrained(checkpoint, trust_remote_code=True).to(device)

inputs = tokenizer.encode("def print_hello_world():", return_tensors="pt").to(device)
outputs = model.generate(inputs)
print(tokenizer.decode(outputs[0]))

Hands-on: Code Writing with AI

Train for your scope of work

  • Dataset
  • Model

Datasets

  • The accuracy of the models depends on the dataset
  • It's important to have fine tuned dataset

Datasets

Hugging Face

Datasets

Kaggle

Datasets

  • Downloading random files can be dangerous
    • System compromise
    • Malwares

Datasets

BE CAREFUL!!

Zip file security attacks

Case Study 1

Reference - helpnetsecurity.com

Reference - helpnetsecurity.com

Case Study 2

Reference - kroll.com

Case Study 2

Reference - kroll.com

Case Study 2

Reference - kroll.com

Case Study 3

Reference - unit42

Case Study 3

Reference - unit42

BE CAREFUL!!

Advantages of Local AI Execution

  • Enhanced data security
  • Reduced dependency on internet connectivity
  • Faster response times

The Future of Safe AI

  • The rise of edge computing in AI
  • More tools and platforms supporting local AI execution
  • The potential for more personalized and responsive AI applications

Recap

  • Data privacy conerns & leaks
  • Importance of data security
  • How to prevent
  • Local AI Model Execution
  • Hugging Face
  • Hands On: Text generation, Pictures from Text, Stable Diffusion, Code Writing with AI
  • Datasets
  • Specialized data training for custom use case
  • Zip file security attacks
  • Case Studies

Thank You!

Write to me on:

Google: Rewanth Tammana
Website: rewanthtammana.com
Twitter: @rewanthtammana
LinkedIn: /in/rewanthtammana

Select a repo