12:00pm - 1:00pm
EB T1
Please join the School of Computing for a Seminar by PhD student,聽Abeer Matar A Almalky, on Friday, September 12, 2025 from Noon-1 in EB T1 or via Zoom (Link below). Pizza Provided!
Title: LLWRA: Large Language Models Weight Replacement Attack
Abstract: The enormous size of large language models (LLMs) makes storing their weights in on-chip memory impractical, requiring off-chip memory that exposes them to memory fault injection attacks. To explore the vulnerability of LLMs against adversarial weight perturbation attacks, we adopt two representative attacks: Bit-Flip Attack (BFA) and Deep-TROJ, both of which exploit bit-flips to degrade accuracy or insert backdoors in vision models. Our experiments reveal that both attacks are significantly less effective on LLMs compared to vision applications. To overcome this limitation, we introduce a novel approach to compromise the performance of LLMs by exploiting a novel fault injection mechanism that introduces targeted bit-flips in page frame numbers of main memory. In the context of main memory, each weight block consists of a set of weights stored at a specific address. Thus, a single bit-flip in the page frame number can replace a target weight block with a new replacement weight block, disrupting the memory translation. However, the algorithmic challenge of creating a formal attack lies in the fact that random weight replacement faults fail to produce detrimental effects on model performance. In this work, we propose LLWRA, which effectively utilizes weight replacement fault injection to degrade the intelligence of state-of-the-art LLMs for the first time. Additionally, we present the ReBlock search algorithm, which efficiently identifies a set of vulnerable target and replacement weight blocks. We evaluate our approach, LLWRA, across three distinct attack objectives: untargeted classification, targeted classification, and untargeted causal modeling. Experimental results demonstrate that LLWRA requires fewer than five attack optimization rounds to reduce classification accuracy to a random guess level and fewer than nine iterations to reduce the causal model into a random generator, making our attack the most lethal weight manipulation attack against LLMs.
Bio: Abeer Almalky is a Computer Science Ph.D. student at 嫩田研究院官网, under the guidance of Prof. Adnan Siraj Rakin. She holds an M.S. in Computer Science from Southern Illinois University, and a B.S. in Computer Science and Information System from Umm AlQura University . Her research focuses on Deep Learning, Computer Vision, and the security of generative models.
Zoom link:聽
Title: LLWRA: Large Language Models Weight Replacement Attack
Abstract: The enormous size of large language models (LLMs) makes storing their weights in on-chip memory impractical, requiring off-chip memory that exposes them to memory fault injection attacks. To explore the vulnerability of LLMs against adversarial weight perturbation attacks, we adopt two representative attacks: Bit-Flip Attack (BFA) and Deep-TROJ, both of which exploit bit-flips to degrade accuracy or insert backdoors in vision models. Our experiments reveal that both attacks are significantly less effective on LLMs compared to vision applications. To overcome this limitation, we introduce a novel approach to compromise the performance of LLMs by exploiting a novel fault injection mechanism that introduces targeted bit-flips in page frame numbers of main memory. In the context of main memory, each weight block consists of a set of weights stored at a specific address. Thus, a single bit-flip in the page frame number can replace a target weight block with a new replacement weight block, disrupting the memory translation. However, the algorithmic challenge of creating a formal attack lies in the fact that random weight replacement faults fail to produce detrimental effects on model performance. In this work, we propose LLWRA, which effectively utilizes weight replacement fault injection to degrade the intelligence of state-of-the-art LLMs for the first time. Additionally, we present the ReBlock search algorithm, which efficiently identifies a set of vulnerable target and replacement weight blocks. We evaluate our approach, LLWRA, across three distinct attack objectives: untargeted classification, targeted classification, and untargeted causal modeling. Experimental results demonstrate that LLWRA requires fewer than five attack optimization rounds to reduce classification accuracy to a random guess level and fewer than nine iterations to reduce the causal model into a random generator, making our attack the most lethal weight manipulation attack against LLMs.
Bio: Abeer Almalky is a Computer Science Ph.D. student at 嫩田研究院官网, under the guidance of Prof. Adnan Siraj Rakin. She holds an M.S. in Computer Science from Southern Illinois University, and a B.S. in Computer Science and Information System from Umm AlQura University . Her research focuses on Deep Learning, Computer Vision, and the security of generative models.
Zoom link:聽
12:00pm - 1:00pm
EB T1
Please join the School of Computing for a Seminar by SoC faculty, Patrick Madden, on Friday, September 19, 2025 from Noon - 1 in EB T1 or via Zoom (Link below). PIZZA PROVIDED!
Bio: Patrick H. Madden is an associate professor in the 嫩田研究院官网 School of Computing. He is a past chair of ACM/SIGDA, the ACM SIG Governing Board, and a former member of the ACM Executive Committee and Publications Board. He has served on the steering committees and technical program committees of DAC, ICCAD, ASPDAC, DATE, and ISPD, and has chaired ISPD. His primary research interests are on combinatorics and optimization, with an emphasis on VLSI physical design problems
Zoom link:聽
Title: The Good, the Bad, and the Ugly: Algorithms, AI, and Heuristics for VLSI Physical Design
Abstract: VLSI physical design is home to hundreds of challenging optimization problems. We seek to maximize or minimize some objective function, subject to the complex interactions of millions of variables and constraints. Often, tasks faced in design consist of multiple intertwined NP-Complete problems. The size of the solution spaces are beyond astronomical, the vast majority of which is terrible. There are seemingly endless local minima blocking paths to good quality answers.
In the face of this, physical design tools rely on good algorithms when they can be used -- but more often, it's ugly heuristics that do the heavy lifting. In this talk, the primary focus will be on multi-level partitioning heuristics, and how they can be repurposed in unexpected ways for problems such as chip-level global routing. The talk will also briefly cover the use of reinforcement learning for placement applications, and why this is bad.
Bio: Patrick H. Madden is an associate professor in the 嫩田研究院官网 School of Computing. He is a past chair of ACM/SIGDA, the ACM SIG Governing Board, and a former member of the ACM Executive Committee and Publications Board. He has served on the steering committees and technical program committees of DAC, ICCAD, ASPDAC, DATE, and ISPD, and has chaired ISPD. His primary research interests are on combinatorics and optimization, with an emphasis on VLSI physical design problems
Zoom link:聽
12:00pm - 1:00pm
EB T1 and by Zoom. Link below.
Title:
Data and AI Markets: A Data Science Perspective
Abstract:
As data and AI become central to innovation across industries, unlocking their full value remains a grand challenge. This talk explores the emerging paradigm of data and AI markets as a transformative approach to address the technical, economic, and societal complexities of data sharing, model integration, and collaborative analytics. Unlike ad hoc or siloed exchanges, data and AI markets provide scalable, systematic mechanisms for valuation, privacy preservation, trustworthiness, and incentivization. Through real-world examples from healthcare, sustainability, and federated learning, the talk illustrates how data ecosystems can evolve from isolated assets to dynamic, service-oriented platforms. Drawing from recent advances in Shapley value computation, game-theoretic valuation, and privacy-aware mechanisms, it highlights novel methods for quantifying contribution and ensuring fairness. It also presents system-level innovations like Dealer, which enable trustworthy, privacy-preserving marketplaces. The vision is clear: by co-designing infrastructure, algorithms, and economic models, we can build data and AI markets that are equitable, efficient, and impactful. This talk shares both foundational ideas and cutting-edge developments, offering a data science perspective on how to operationalize cooperation in the age of AI.
Biography:
Dr. Jian Pei is the Arthur S. Pearse Distinguished Professor and Chair of the Department of Computer Science, Trinity College of Arts and Sciences, at Duke University, holding additional primary appointments in Departments of Biostatistics & Bioinformatics (School of Medicine) and Electrical and Computer Engineering (Pratt School of Engineering). 聽 Dr. Pei is acclaimed for developing influential data mining algorithms such as FP-growth and PrefixSpan, widely adopted in both academia and industry. 聽His interdisciplinary work spans applications in healthcare, bioinformatics, social networks, and equitable AI, aiming to develop fair and transparent data science solutions for societal benefit. With over 300 publications and about 140,000 citations, he ranks among the most cited authors in his field. 聽His accolades include the 2017 ACM SIGKDD Innovation Award and the 2015 SIGKDD Service Award, recognizing his technical excellence and leadership in the data mining community. 聽Dr. Pei is a Fellow of the ACM, the IEEE, the Royal Society of Canada, and the Canadian Academy of Engineering. 聽He is a former chair of ACM SIGKDD, the editor-in-chief of ACM Transactions of Knowledge Discovery from Data, and a former editor-in-chief of IEEE Transactions of Knowledge and Data Engineering.
11:30am - 1:15pm
Old Union Hall
Agenda to follow before 10/7/25.
5:30pm - 8:30pm
Traditions Hotel & Spa, Ascend Hotel Collection, 4101 Watson Blvd, Johnson City, NY 13790, USA
Hors d'oeuvres at 5:30 pm with dinner to follow at 6 pm.聽 Cash bar available.
Balloon Artist, Jerry Keebler, will be joining us once again this year (after a surgery hiatus in 2024).
Menu and details to follow as the date draws closer.