Related papers: One RNG to Rule Them All: How Randomness Becomes an Attack Vector in Machine Learning

One RNG to Rule Them All: How Randomness Becomes an Attack Vector in Machine Learning

URL: http://arxiv.org/abs/2602.09182v1
Date: Mon, 09 Feb 2026 20:41:05 GMT
Title: One RNG to Rule Them All: How Randomness Becomes an Attack Vector in Machine Learning
Authors: Kotekar Annapoorna Prabhu, Andrew Gan, Zahra Ghodsi,
Abstract summary: We present RNGGuard to help machine learning engineers secure their systems with low effort.<n>RNGGuard enforces secure execution of random functions by replacing insecure function calls with RNGGuard's implementations that meet security specifications.
Score: 1.6473206627428294
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Machine learning relies on randomness as a fundamental component in various steps such as data sampling, data augmentation, weight initialization, and optimization. Most machine learning frameworks use pseudorandom number generators as the source of randomness. However, variations in design choices and implementations across different frameworks, software dependencies, and hardware backends along with the lack of statistical validation can lead to previously unexplored attack vectors on machine learning systems. Such attacks on randomness sources can be extremely covert, and have a history of exploitation in real-world systems. In this work, we examine the role of randomness in the machine learning development pipeline from an adversarial point of view, and analyze the implementations of PRNGs in major machine learning frameworks. We present RNGGuard to help machine learning engineers secure their systems with low effort. RNGGuard statically analyzes a target library's source code and identifies instances of random functions and modules that use them. At runtime, RNGGuard enforces secure execution of random functions by replacing insecure function calls with RNGGuard's implementations that meet security specifications. Our evaluations show that RNGGuard presents a practical approach to close existing gaps in securing randomness sources in machine learning systems.

Related papers

EIM-TRNG: Obfuscating Deep Neural Network Weights with Encoding-in-Memory True Random Number Generator via RowHammer [8.544950313051402]
True Random Number Generators (TRNGs) play a fundamental role in hardware security, cryptographic systems, and data protection.<n>In this work, we propose a novel TRNG called EIM-TRNG that leverages the inherent physical randomness in DRAM cell behavior.<n>We demonstrate how the unpredictable bit-flips generated through carefully controlled RowHammer operations can be harnessed as a reliable entropy source.
arXiv Detail & Related papers (2025-07-03T00:01:33Z)
Statistical Quality and Reproducibility of Pseudorandom Number Generators in Machine Learning technologies [0.0]
We compare the statistical quality of PRNGs used in ML frameworks against their original C implementations.<n>Our findings challenge claims of statistical robustness, revealing that even generators labeled ''crush-resistant'' (e.g., PCG, Philox) may fail certain statistical tests.
arXiv Detail & Related papers (2025-07-02T09:38:00Z)
A Hybrid Framework for Statistical Feature Selection and Image-Based Noise-Defect Detection [55.2480439325792]
This paper presents a hybrid framework that integrates both statistical feature selection and classification techniques to improve defect detection accuracy.<n>We present around 55 distinguished features that are extracted from industrial images, which are then analyzed using statistical methods.<n>By integrating these methods with flexible machine learning applications, the proposed framework improves detection accuracy and reduces false positives and misclassifications.
arXiv Detail & Related papers (2024-12-11T22:12:21Z)
Differentially Private Random Feature Model [47.35176457481132]
We produce a differentially private random feature model for privacy-preserving kernel machines.<n>We show that our method preserves privacy and derive a generalization error bound for the method.
arXiv Detail & Related papers (2024-12-06T05:31:08Z)
To what extent are multiple pendulum systems viable in pseudo-random number generation? [0.0]
This paper explores the development and viability of an alternative pseudorandom number generator (PRNG) Traditional PRNGs, notably the one implemented in the Java.Random class, suffer from predictability which gives rise to exploitability. This study proposes a novel PRNG designed using ordinary differential equations, physics modeling, and chaos theory.
arXiv Detail & Related papers (2024-04-15T00:28:51Z)
RoboGen: Towards Unleashing Infinite Data for Automated Robot Learning via Generative Simulation [68.70755196744533]
RoboGen is a generative robotic agent that automatically learns diverse robotic skills at scale via generative simulation. Our work attempts to extract the extensive and versatile knowledge embedded in large-scale models and transfer them to the field of robotics.
arXiv Detail & Related papers (2023-11-02T17:59:21Z)
Machine Learning needs Better Randomness Standards: Randomised Smoothing and PRNG-based attacks [14.496582479888765]
We consider whether attackers can compromise an machine learning system using only the randomness on which they commonly rely. We demonstrate an entirely novel attack, where an attacker backdoors the supplied randomness to falsely certify either an overestimate or an underestimate of robustness for up to 81 times. We advocate updating the NIST guidelines on random number testing to make them more appropriate for safety-critical and security-critical machine-learning applications.
arXiv Detail & Related papers (2023-06-24T19:50:08Z)
Active Predicting Coding: Brain-Inspired Reinforcement Learning for Sparse Reward Robotic Control Problems [79.07468367923619]
We propose a backpropagation-free approach to robotic control through the neuro-cognitive computational framework of neural generative coding (NGC) We design an agent built completely from powerful predictive coding/processing circuits that facilitate dynamic, online learning from sparse rewards. We show that our proposed ActPC agent performs well in the face of sparse (extrinsic) reward signals and is competitive with or outperforms several powerful backprop-based RL approaches.
arXiv Detail & Related papers (2022-09-19T16:49:32Z)
Learn then Test: Calibrating Predictive Algorithms to Achieve Risk Control [67.52000805944924]
Learn then Test (LTT) is a framework for calibrating machine learning models. Our main insight is to reframe the risk-control problem as multiple hypothesis testing. We use our framework to provide new calibration methods for several core machine learning tasks with detailed worked examples in computer vision.
arXiv Detail & Related papers (2021-10-03T17:42:03Z)
Multi Agent System for Machine Learning Under Uncertainty in Cyber Physical Manufacturing System [78.60415450507706]
Recent advancements in predictive machine learning has led to its application in various use cases in manufacturing. Most research focused on maximising predictive accuracy without addressing the uncertainty associated with it. In this paper, we determine the sources of uncertainty in machine learning and establish the success criteria of a machine learning system to function well under uncertainty.
arXiv Detail & Related papers (2021-07-28T10:28:05Z)
A Note on High-Probability versus In-Expectation Guarantees of Generalization Bounds in Machine Learning [95.48744259567837]
Statistical machine learning theory often tries to give generalization guarantees of machine learning models. Statements made about the performance of machine learning models have to take the sampling process into account. We show how one may transform one statement to another.
arXiv Detail & Related papers (2020-10-06T09:41:35Z)
Machine Learning Cryptanalysis of a Quantum Random Number Generator [3.874286636878538]
Random number generators (RNGs) that are crucial for cryptographic applications have been the subject of adversarial attacks.<n>We develop a predictive machine learning (ML) analysis to investigate the impact of deterministic classical noise in different stages of an optical continuous variable QRNG.
arXiv Detail & Related papers (2019-05-07T03:42:04Z)

This list is automatically generated from the titles and abstracts of the papers in this site.