Decoding HDF5: Machine Learning File Forensics and Data Injection

Clinton Walker; Ibrahim Baggili; Hao Wang

doi:10.1007/978-3-031-56580-9_12

Decoding HDF5: Machine Learning File Forensics and Data Injection

Clinton Walker, Ibrahim Baggili, Hao Wang

Department of Electrical and Computer Engineering

Louisiana State University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The prevalence of ML in computing is rapidly expanding and Machine Learning (ML) systems are continuously applied to novel challenges. As the adoption of these systems grows, their security becomes increasingly important. Any security vulnerabilities within an ML system can jeopardize the integrity of dependent and related systems. Modern ML systems commonly encapsulate trained models in a compact format for storage and distribution, including TensorFlow 2 (TF2) and its utilization of the Hierarchical Data Format 5 (HDF5) file format. This work explores into the security implications of TF2 ’s use of the HDF5 format to save trained models, aiming to uncover potential weaknesses via forensic analysis. Specifically, we investigate the injection and detection of foreign data in these packaged files using a custom tool external to TF2, leading to the development of a dedicated forensic analysis tool for TF2 ’s HDF5 model files.

Original language	English
Title of host publication	Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings
Editors	Sanjay Goel, Paulo Roberto Nunes de Souza
Pages	193-211
Number of pages	19
DOIs	https://doi.org/10.1007/978-3-031-56580-9_12
State	Published - 2024
Event	14th EAI International Conference on Digital Forensics and Cyber Crime, ICDF2C 2023 - New York, United States Duration: 30 Nov 2023 → 30 Nov 2023

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume	570 LNICST
ISSN (Print)	1867-8211
ISSN (Electronic)	1867-822X

Conference

Conference	14th EAI International Conference on Digital Forensics and Cyber Crime, ICDF2C 2023
Country/Territory	United States
City	New York
Period	30/11/23 → 30/11/23

Keywords

File Forensics
HDF5
Machine Learning
TensorFlow 2

Access to Document

10.1007/978-3-031-56580-9_12

Cite this

Walker, C., Baggili, I., & Wang, H. (2024). Decoding HDF5: Machine Learning File Forensics and Data Injection. In S. Goel, & P. R. Nunes de Souza (Eds.), Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings (pp. 193-211). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 570 LNICST). https://doi.org/10.1007/978-3-031-56580-9_12

Walker, Clinton ; Baggili, Ibrahim ; Wang, Hao. / Decoding HDF5 : Machine Learning File Forensics and Data Injection. Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings. editor / Sanjay Goel ; Paulo Roberto Nunes de Souza. 2024. pp. 193-211 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST).

@inproceedings{a4ce42e20e4645f78e1864502754eaa8,

title = "Decoding HDF5: Machine Learning File Forensics and Data Injection",

abstract = "The prevalence of ML in computing is rapidly expanding and Machine Learning (ML) systems are continuously applied to novel challenges. As the adoption of these systems grows, their security becomes increasingly important. Any security vulnerabilities within an ML system can jeopardize the integrity of dependent and related systems. Modern ML systems commonly encapsulate trained models in a compact format for storage and distribution, including TensorFlow 2 (TF2) and its utilization of the Hierarchical Data Format 5 (HDF5) file format. This work explores into the security implications of TF2 {\textquoteright}s use of the HDF5 format to save trained models, aiming to uncover potential weaknesses via forensic analysis. Specifically, we investigate the injection and detection of foreign data in these packaged files using a custom tool external to TF2, leading to the development of a dedicated forensic analysis tool for TF2 {\textquoteright}s HDF5 model files.",

keywords = "File Forensics, HDF5, Machine Learning, TensorFlow 2",

author = "Clinton Walker and Ibrahim Baggili and Hao Wang",

note = "Publisher Copyright: {\textcopyright} ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2024.; 14th EAI International Conference on Digital Forensics and Cyber Crime, ICDF2C 2023 ; Conference date: 30-11-2023 Through 30-11-2023",

year = "2024",

doi = "10.1007/978-3-031-56580-9_12",

language = "English",

isbn = "9783031565793",

series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",

pages = "193--211",

editor = "Sanjay Goel and {Nunes de Souza}, {Paulo Roberto}",

booktitle = "Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings",

}

Walker, C, Baggili, I & Wang, H 2024, Decoding HDF5: Machine Learning File Forensics and Data Injection. in S Goel & PR Nunes de Souza (eds), Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, vol. 570 LNICST, pp. 193-211, 14th EAI International Conference on Digital Forensics and Cyber Crime, ICDF2C 2023, New York, United States, 30/11/23. https://doi.org/10.1007/978-3-031-56580-9_12

Decoding HDF5: Machine Learning File Forensics and Data Injection. / Walker, Clinton; Baggili, Ibrahim; Wang, Hao.
Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings. ed. / Sanjay Goel; Paulo Roberto Nunes de Souza. 2024. p. 193-211 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 570 LNICST).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Decoding HDF5

T2 - 14th EAI International Conference on Digital Forensics and Cyber Crime, ICDF2C 2023

AU - Walker, Clinton

AU - Baggili, Ibrahim

AU - Wang, Hao

N1 - Publisher Copyright: © ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2024.

PY - 2024

Y1 - 2024

N2 - The prevalence of ML in computing is rapidly expanding and Machine Learning (ML) systems are continuously applied to novel challenges. As the adoption of these systems grows, their security becomes increasingly important. Any security vulnerabilities within an ML system can jeopardize the integrity of dependent and related systems. Modern ML systems commonly encapsulate trained models in a compact format for storage and distribution, including TensorFlow 2 (TF2) and its utilization of the Hierarchical Data Format 5 (HDF5) file format. This work explores into the security implications of TF2 ’s use of the HDF5 format to save trained models, aiming to uncover potential weaknesses via forensic analysis. Specifically, we investigate the injection and detection of foreign data in these packaged files using a custom tool external to TF2, leading to the development of a dedicated forensic analysis tool for TF2 ’s HDF5 model files.

AB - The prevalence of ML in computing is rapidly expanding and Machine Learning (ML) systems are continuously applied to novel challenges. As the adoption of these systems grows, their security becomes increasingly important. Any security vulnerabilities within an ML system can jeopardize the integrity of dependent and related systems. Modern ML systems commonly encapsulate trained models in a compact format for storage and distribution, including TensorFlow 2 (TF2) and its utilization of the Hierarchical Data Format 5 (HDF5) file format. This work explores into the security implications of TF2 ’s use of the HDF5 format to save trained models, aiming to uncover potential weaknesses via forensic analysis. Specifically, we investigate the injection and detection of foreign data in these packaged files using a custom tool external to TF2, leading to the development of a dedicated forensic analysis tool for TF2 ’s HDF5 model files.

KW - File Forensics

KW - HDF5

KW - Machine Learning

KW - TensorFlow 2

UR - http://www.scopus.com/inward/record.url?scp=85190427582&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85190427582&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-56580-9_12

DO - 10.1007/978-3-031-56580-9_12

M3 - Conference contribution

AN - SCOPUS:85190427582

SN - 9783031565793

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

SP - 193

EP - 211

BT - Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings

A2 - Goel, Sanjay

A2 - Nunes de Souza, Paulo Roberto

Y2 - 30 November 2023 through 30 November 2023

ER -

Walker C, Baggili I, Wang H. Decoding HDF5: Machine Learning File Forensics and Data Injection. In Goel S, Nunes de Souza PR, editors, Digital Forensics and Cyber Crime - 14th EAI International Conference, ICDF2C 2023, Proceedings. 2024. p. 193-211. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST). doi: 10.1007/978-3-031-56580-9_12