Ph.D. Electrical and Computer Engineering, 2017 - Present
University of Wisconsin-Madison
M.S. Electrical and Computer Engineering, 2017
Ain Shams University, Cairo, Egypt
I am a Ph.D. student at the University of Wisconsin-Madison, Electrical and Computer Engineering Department, under the supervision of Prof.Kassem Fawaz. My research interests lie at the intersection of Privacy, Security, Fairness, Machine Learning, and Systems.
Previously, I obtained my B.Sc. and M.Sc. degree from Ain Shams University, Cairo, Egypt. My background spans different topics including wireless communications, signal processing, and Analog and RF IC design. You can visit my personal website here
Sept 2023: I have been selected for EECS Rising Stars, Georgia Tech.
Sept 2023: News coverage of our paper Tubes Among US: Analog Attack on Automatic Speaker Identification on Newspaper, Online platforms, NPR Radio, Podcast, News 3 Now TV (CBS affiliate), UW–Madison Campus News, UW–Madison social media
Aug 2023: Presented our work Tubes Among Us at USENIX Security'23
May 2023: I will be teaching ECE697: Capstone Project in Machine Learning and Signal Processing for the Professional Master program at UW–Madison.
Feb 2023: Notable Reviewer recognition at 1st IEEE Conference on Secure and Trustworthy Machine Learning (SatML)
Sept 2022: Presented at the DARPA GARD (Guaranteeing AI Robustness Against Deception) program
Oct 2021: Our work on the robustness of keyword spotting for voice assistants will be appearing at USENIX Security, 2022.
June 2021: I will be interning at Microsoft Cognitive AI Services – Speech Team, Redmond under Jian Wu and Anthony Stark. I will work on the robustness of the keyword spotting systems.
Text-to-image diffusion models have achieved widespread popularity due to their unprecedented image generation capability. Their ability to synthesize and modify human faces has spurred research into using generated images in face recognition pipelines for robustness and bias mitigation. In this work, we identify their limitations and disparities in terms of image quality using a combination of qualitative and quantitative methods. Methodology and insights apply beyond face generation: similar analysis is applicable to other vision tasks, large language models, and audio generators.
Harrison Rosenberg*, Shimaa Ahmed*, Guruprasad V Ramesh*, Ramya Korlakai Vinayak, and Kassem Fawaz. Unbiased Face Synthesis With Diffusion Models: Are We There Yet?. under submission [pdf]
Voice Recognition technology has been used across a plethora of systems for authentication and personalization such as phone banking and smart devices. The security of this technology against deepfake attacks relies on one assumption: its ability to tell human and machine-generated voices apart. In this work, we challenge this assumption by conducting a live human impersonation attack on speaker identification models using simple acoustic structures such as plastic tubes.
Shimaa Ahmed, Yash Wani, Ali Shamsabadi, Mohammad Yaghini, Ilia Shumailov, Nicolas Papernot, and Kassem Fawaz. Tubes Among US: Analog Attack on Automatic Speaker Identification. In 31st USENIX Security Symposium (USENIX Security 23), Aug 2023. [pdf]
In this project, we propose a system to enhance the robustness of keyword spotting systems for voice assistants against accidental and adversarial wrong activations and distribution drifts. We propose EKOS (Ensemble for KeywOrd Spotting) which leverages the stochastic nature of the acoustic channel and the harmonics present in speech signals to enable a collection of independent models. We evaluated the system on public datasets and commodity devices such as smart devices, and also on commercial smart speakers like Amazon Echo.
Our evaluation shows that EKOS increases the cost of adversarial activations while preserving the natural accuracy. We validate the performance of EKOS with over-the-air experiments on commodity devices and commercial voice assistants; we find that EKOS improves the precision of the KWS task in non-adversarial settings.
Shimaa Ahmed, Ilia Shumailov, Nicolas Papernot, and Kassem Fawaz. Towards More Robust Keyword Spotting for Voice Assistants. In 30th USENIX Security Symposium (USENIX Security 22), Aug 2022. [pdf]
Cloud operators offer ML as a Service (MLaaS) in which customers send their data to the cloud and receive the model’s prediction. In speech recognition services, the data can be highly sensitive and private. In this work, we quantified the utility-privacy trade-offs of cloud-based speech transcription models in terms of acoustic and textual data. We implemented an end-to-end system that offers privacy-preserving access to cloud APIs by applying local voice transformations and differential privacy.
We perform a comprehensive evaluation of Pr$\epsilon\epsilon$ch, using diverse real-world datasets, that demonstrates its effectiveness. Pr$\epsilon\epsilon$ch provides transcriptions at a 2% to 32.25% (mean 17.34%) relative improvement in word error rate over Deep Speech, while fully obfuscating the speakers’ voice biometrics and allowing only a differentially private view of the textual content. A demo of Pr$\epsilon\epsilon$ch can be found here.
Shimaa Ahmed, Amrita Roy Chowdhury, Kassem Fawaz, and Parmeswaran Ramanathan. Preech: A system for privacy-preserving speech transcription. In 29th USENIX Security Symposium (USENIX Security 20), pages 2703–2720. USENIX Association, Aug. 2020. [paper]
Unbiased Face Synthesis With Diffusion Models: Are We There Yet? Harrison Rosenberg*, Shimaa Ahmed*, Guruprasad V Ramesh*, Ramya Korlakai Vinayak, Kassem Fawaz.
Tubes Among US: Analog Attack on Automatic Speaker Identification. Shimaa Ahmed, Yash Wani, Ali Shamsabadi, Mohammad Yaghini, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz. USENIX Security, 2023
Towards More Robust Keyword Spotting for Voice Assistants. Shimaa Ahmed, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz. USENIX Security, 2022
Pr$\epsilon\epsilon$ch: A System for Privacy-Preserving Speech Transcription.
Shimaa Ahmed, Amrita Roy Chowdhury, Kassem Fawaz, Parmesh Ramanathan. USENIX Security, 2020
ahmed27_AT_wisc.edu