Biblio

Found 373 results

Filters: Keyword is Computational modeling  [Clear All Filters]
2021-02-23
Shah, A., Clachar, S., Minimair, M., Cook, D..  2020.  Building Multiclass Classification Baselines for Anomaly-based Network Intrusion Detection Systems. 2020 IEEE 7th International Conference on Data Science and Advanced Analytics (DSAA). :759—760.
This paper showcases multiclass classification baselines using different machine learning algorithms and neural networks for distinguishing legitimate network traffic from direct and obfuscated network intrusions. This research derives its baselines from Advanced Security Network Metrics & Tunneling Obfuscations dataset. The dataset captured legitimate and obfuscated malicious TCP communications on selected vulnerable network services. The multiclass classification NIDS is able to distinguish obfuscated and direct network intrusion with up to 95% accuracy.
2021-01-22
Mani, G., Pasumarti, V., Bhargava, B., Vora, F. T., MacDonald, J., King, J., Kobes, J..  2020.  DeCrypto Pro: Deep Learning Based Cryptomining Malware Detection Using Performance Counters. 2020 IEEE International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS). :109—118.
Autonomy in cybersystems depends on their ability to be self-aware by understanding the intent of services and applications that are running on those systems. In case of mission-critical cybersystems that are deployed in dynamic and unpredictable environments, the newly integrated unknown applications or services can either be benign and essential for the mission or they can be cyberattacks. In some cases, these cyberattacks are evasive Advanced Persistent Threats (APTs) where the attackers remain undetected for reconnaissance in order to ascertain system features for an attack e.g. Trojan Laziok. In other cases, the attackers can use the system only for computing e.g. cryptomining malware. APTs such as cryptomining malware neither disrupt normal system functionalities nor trigger any warning signs because they simply perform bitwise and cryptographic operations as any other benign compression or encoding application. Thus, it is difficult for defense mechanisms such as antivirus applications to detect these attacks. In this paper, we propose an Operating Context profiling system based on deep neural networks-Long Short-Term Memory (LSTM) networks-using Windows Performance Counters data for detecting these evasive cryptomining applications. In addition, we propose Deep Cryptomining Profiler (DeCrypto Pro), a detection system with a novel model selection framework containing a utility function that can select a classification model for behavior profiling from both the light-weight machine learning models (Random Forest and k-Nearest Neighbors) and a deep learning model (LSTM), depending on available computing resources. Given data from performance counters, we show that individual models perform with high accuracy and can be trained with limited training data. We also show that the DeCrypto Profiler framework reduces the use of computational resources and accurately detects cryptomining applications by selecting an appropriate model, given the constraints such as data sample size and system configuration.
2021-03-29
Moti, Z., Hashemi, S., Jahromi, A. N..  2020.  A Deep Learning-based Malware Hunting Technique to Handle Imbalanced Data. 2020 17th International ISC Conference on Information Security and Cryptology (ISCISC). :48–53.
Nowadays, with the increasing use of computers and the Internet, more people are exposed to cyber-security dangers. According to antivirus companies, malware is one of the most common threats of using the Internet. Therefore, providing a practical solution is critical. Current methods use machine learning approaches to classify malware samples automatically. Despite the success of these approaches, the accuracy and efficiency of these techniques are still inadequate, especially for multiple class classification problems and imbalanced training data sets. To mitigate this problem, we use deep learning-based algorithms for classification and generation of new malware samples. Our model is based on the opcode sequences, which are given to the model without any pre-processing. Besides, we use a novel generative adversarial network to generate new opcode sequences for oversampling minority classes. Also, we propose the model that is a combination of Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) to classify malware samples. CNN is used to consider short-term dependency between features; while, LSTM is used to consider longer-term dependence. The experiment results show our method could classify malware to their corresponding family effectively. Our model achieves 98.99% validation accuracy.
2021-04-09
Ravikumar, G., Singh, A., Babu, J. R., A, A. Moataz, Govindarasu, M..  2020.  D-IDS for Cyber-Physical DER Modbus System - Architecture, Modeling, Testbed-based Evaluation. 2020 Resilience Week (RWS). :153—159.
Increasing penetration of distributed energy resources (DERs) in distribution networks expands the cyberattack surface. Moreover, the widely used standard protocols for communicating DER inverters such as Modbus is more vulnerable to data-integrity attacks and denial of service (DoS) attacks because of its native clear-text packet format. This paper proposes a distributed intrusion detection system (D-IDS) architecture and algorithms for detecting anomalies on the DER Modbus communication. We devised a model-based approach to define physics-based threshold bands for analog data points and transaction-based threshold bands for both the analog and discrete data points. The proposed IDS algorithm uses the model- based approach to develop Modbus-specific IDS rule sets, which can enhance the detection accuracy of the anomalies either by data-integrity attacks or maloperation on cyber-physical DER Modbus devices. Further, the IDS algorithm autogenerates the Modbus-specific IDS rulesets in compliance with various open- source IDS rule syntax formats, such as Snort and Suricata, for seamless integration and mitigation of semantic/syntax errors in the development and production environment. We considered the IEEE 13-bus distribution grid, including DERs, as a case study. We conducted various DoS type attacks and data-integrity attacks on the hardware-in-the-loop (HIL) CPS DER testbed at ISU to evaluate the proposed D-IDS. Consequently, we computed the performance metrics such as IDS detection accuracy, IDS detection rate, and end-to-end latency. The results demonstrated that 100% detection accuracy, 100% detection rate for 60k DoS packets, 99.96% detection rate for 80k DoS packets, and 0.25 ms end-to-end latency between DERs to Control Center.
2021-03-01
Shi, W., Liu, S., Zhang, J., Zhang, R..  2020.  A Location-aware Computation Offloading Policy for MEC-assisted Wireless Mesh Network. 2020 IEEE/CIC International Conference on Communications in China (ICCC Workshops). :53–58.
Mobile edge computing (MEC), an emerging technology, has the characteristics of low latency, mobile energy savings, and context-awareness. As a type of access network, wireless mesh network (WMN) has gained wide attention due to its flexible network architecture, low deployment cost, and self-organization. The combination of MEC and WMN can solve the shortcomings of traditional wireless communication such as storage capacity, privacy, and security. In this paper, we propose a location-aware (LA) algorithm to cognize the location and a location-aware offloading policy (LAOP) algorithm considering the energy consumption and time delay. Simulation results show that the proposed LAOP algorithm can obtain a higher completion rate and lower average processing delay compared with the other two methods.
Davis, B., Glenski, M., Sealy, W., Arendt, D..  2020.  Measure Utility, Gain Trust: Practical Advice for XAI Researchers. 2020 IEEE Workshop on TRust and EXpertise in Visual Analytics (TREX). :1–8.
Research into the explanation of machine learning models, i.e., explainable AI (XAI), has seen a commensurate exponential growth alongside deep artificial neural networks throughout the past decade. For historical reasons, explanation and trust have been intertwined. However, the focus on trust is too narrow, and has led the research community astray from tried and true empirical methods that produced more defensible scientific knowledge about people and explanations. To address this, we contribute a practical path forward for researchers in the XAI field. We recommend researchers focus on the utility of machine learning explanations instead of trust. We outline five broad use cases where explanations are useful and, for each, we describe pseudo-experiments that rely on objective empirical measurements and falsifiable hypotheses. We believe that this experimental rigor is necessary to contribute to scientific knowledge in the field of XAI.
2021-02-08
Pelissero, N., Laso, P. M., Puentes, J..  2020.  Naval cyber-physical anomaly propagation analysis based on a quality assessed graph. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–8.
As any other infrastructure relying on cyber-physical systems (CPS), naval CPS are highly interconnected and collect considerable data streams, on which depend multiple command and navigation decisions. Being a data-driven decision system requiring optimized supervisory control on a permanent basis, it is critical to examine the CPS vulnerability to anomalies and their propagation. This paper presents an approach to detect CPS anomalies and estimate their propagation applying a quality assessed graph, which represents the CPS physical and digital subsystems, combined with system variables dependencies and a set of data and information quality measures vectors. Following the identification of variables dependencies and high-risk nodes in the CPS, data and information quality measures reveal how system variables are modified when an anomaly is detected, also indicating its propagation path. Taking as reference the normal state of a naval propulsion management system, four anomalies in the form of cyber-attacks - port scan, programmable logical controller stop, and man in the middle to change the motor speed and operation of a tank valve - were produced. Three anomalies were properly detected and their propagation path identified. These results suggest the feasibility of anomaly detection and estimation of propagation estimation in CPS, applying data and information quality analysis to a system graph.
2021-01-22
Sahabandu, D., Allen, J., Moothedath, S., Bushnell, L., Lee, W., Poovendran, R..  2020.  Quickest Detection of Advanced Persistent Threats: A Semi-Markov Game Approach. 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS). :9—19.
Advanced Persistent Threats (APTs) are stealthy, sophisticated, long-term, multi-stage attacks that threaten the security of sensitive information. Dynamic Information Flow Tracking (DIFT) has been proposed as a promising mechanism to detect and prevent various cyber attacks in computer systems. DIFT tracks suspicious information flows in the system and generates security analysis when anomalous behavior is detected. The number of information flows in a system is typically large and the amount of resources (such as memory, processing power and storage) required for analyzing different flows at different system locations varies. Hence, efficient use of resources is essential to maintain an acceptable level of system performance when using DIFT. On the other hand, the quickest detection of APTs is crucial as APTs are persistent and the damage caused to the system is more when the attacker spends more time in the system. We address the problem of detecting APTs and model the trade-off between resource efficiency and quickest detection of APTs. We propose a game model that captures the interaction of APT and a DIFT-based defender as a two-player, multi-stage, zero-sum, Stackelberg semi-Markov game. Our game considers the performance parameters such as false-negatives generated by DIFT and the time required for executing various operations in the system. We propose a two-time scale Q-learning algorithm that converges to a Stackelberg equilibrium under infinite horizon, limiting average payoff criteria. We validate our model and algorithm on a real-word attack dataset obtained using Refinable Attack INvestigation (RAIN) framework.
2021-02-22
Alzakari, N., Dris, A. B., Alahmadi, S..  2020.  Randomized Least Frequently Used Cache Replacement Strategy for Named Data Networking. 2020 3rd International Conference on Computer Applications Information Security (ICCAIS). :1–6.
To accommodate the rapidly changing Internet requirements, Information-Centric Networking (ICN) was recently introduced as a promising architecture for the future Internet. One of the ICN primary features is `in-network caching'; due to its ability to minimize network traffic and respond faster to users' requests. Therefore, various caching algorithms have been presented that aim to enhance the network performance using different measures, such as cache hit ratio and cache hit distance. Choosing a caching strategy is critical, and an adequate replacement strategy is also required to decide which content should be dropped. Thus, in this paper, we propose a content replacement scheme for ICN, called Randomized LFU that is implemented with respect to content popularity taking the time complexity into account. We use Abilene and Tree network topologies in our simulation models. The proposed replacement achieves encouraging results in terms of the cache hit ratio, inner hit, and hit distance and it outperforms FIFO, LRU, and Random replacement strategies.
2021-03-01
Taylor, E., Shekhar, S., Taylor, G. W..  2020.  Response Time Analysis for Explainability of Visual Processing in CNNs. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). :1555–1558.
Explainable artificial intelligence (XAI) methods rely on access to model architecture and parameters that is not always feasible for most users, practitioners, and regulators. Inspired by cognitive psychology, we present a case for response times (RTs) as a technique for XAI. RTs are observable without access to the model. Moreover, dynamic inference models performing conditional computation generate variable RTs for visual learning tasks depending on hierarchical representations. We show that MSDNet, a conditional computation model with early-exit architecture, exhibits slower RT for images with more complex features in the ObjectNet test set, as well as the human phenomenon of scene grammar, where object recognition depends on intrascene object-object relationships. These results cast light on MSDNet's feature space without opening the black box and illustrate the promise of RT methods for XAI.
2021-03-22
Larasati, H. T., Kim, H..  2020.  Simulation of Modular Exponentiation Circuit for Shor's Algorithm in Qiskit. 2020 14th International Conference on Telecommunication Systems, Services, and Applications (TSSA. :1–7.
This paper discusses and demonstrates the construction of a quantum modular exponentiation circuit in the Qiskit simulator for use in Shor's Algorithm for integer factorization problem (IFP), which is deemed to be able to crack RSA cryptosystems when a large-qubit quantum computer exists. We base our implementation on Vedral, Barenco, and Ekert (VBE) proposal of quantum modular exponentiation, one of the firsts to explicitly provide the aforementioned circuit. Furthermore, we present an example simulation of how to construct a 7xmod 15 circuit in a step-by-step manner, giving clear and detailed information and consideration that currently not provided in the existing literature, and present the whole circuit for use in Shor's Algorithm. Our present simulation shows that the 4-bit VBE quantum modular exponentiation circuit can be constructed, simulated, and measured in Qiskit, while the Shor's Algorithm incorporating this VBE approach itself can be constructed but not yet simulated due to an overly large number of QASM instructions.
2021-03-09
Cui, W., Li, X., Huang, J., Wang, W., Wang, S., Chen, J..  2020.  Substitute Model Generation for Black-Box Adversarial Attack Based on Knowledge Distillation. 2020 IEEE International Conference on Image Processing (ICIP). :648–652.
Although deep convolutional neural network (CNN) performs well in many computer vision tasks, its classification mechanism is very vulnerable when it is exposed to the perturbation of adversarial attacks. In this paper, we proposed a new algorithm to generate the substitute model of black-box CNN models by using knowledge distillation. The proposed algorithm distills multiple CNN teacher models to a compact student model as the substitution of other black-box CNN models to be attacked. The black-box adversarial samples can be consequently generated on this substitute model by using various white-box attacking methods. According to our experiments on ResNet18 and DenseNet121, our algorithm boosts the attacking success rate (ASR) by 20% by training the substitute model based on knowledge distillation.
2021-02-03
Liu, H., Zhou, Z., Zhang, M..  2020.  Application of Optimized Bidirectional Generative Adversarial Network in ICS Intrusion Detection. 2020 Chinese Control And Decision Conference (CCDC). :3009—3014.

Aiming at the problem that the traditional intrusion detection method can not effectively deal with the massive and high-dimensional network traffic data of industrial control system (ICS), an ICS intrusion detection strategy based on bidirectional generative adversarial network (BiGAN) is proposed in this paper. In order to improve the applicability of BiGAN model in ICS intrusion detection, the optimal model was obtained through the single variable principle and cross-validation. On this basis, the supervised control and data acquisition (SCADA) standard data set is used for comparative experiments to verify the performance of the optimized model on ICS intrusion detection. The results show that the ICS intrusion detection method based on optimized BiGAN has higher accuracy and shorter detection time than other methods.

2021-01-20
Shi, F., Chen, Z., Cheng, X..  2020.  Behavior Modeling and Individual Recognition of Sonar Transmitter for Secure Communication in UASNs. IEEE Access. 8:2447—2454.

It is necessary to improve the safety of the underwater acoustic sensor networks (UASNs) since it is mostly used in the military industry. Specific emitter identification is the process of identifying different transmitters based on the radio frequency fingerprint extracted from the received signal. The sonar transmitter is a typical low-frequency radiation source and is an important part of the UASNs. Class D power amplifier, a typical nonlinear amplifier, is usually used in sonar transmitters. The inherent nonlinearity of power amplifiers provides fingerprint features that can be distinguished without transmitters for specific emitter recognition. First, the nonlinearity of the sonar transmitter is studied in-depth, and the nonlinearity of the power amplifier is modeled and its nonlinearity characteristics are analyzed. After obtaining the nonlinear model of an amplifier, a similar amplifier in practical application is obtained by changing its model parameters as the research object. The output signals are collected by giving the same input of different models, and, then, the output signals are extracted and classified. In this paper, the memory polynomial model is used to model the amplifier. The power spectrum features of the output signals are extracted as fingerprint features. Then, the dimensionality of the high-dimensional features is reduced. Finally, the classifier is used to recognize the amplifier. The experimental results show that the individual sonar transmitter can be well identified by using the nonlinear characteristics of the signal. By this way, this method can enhance the communication safety of the UASNs.

2021-03-04
Crescenzo, G. D., Bahler, L., McIntosh, A..  2020.  Encrypted-Input Program Obfuscation: Simultaneous Security Against White-Box and Black-Box Attacks. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.

We consider the problem of protecting cloud services from simultaneous white-box and black-box attacks. Recent research in cryptographic program obfuscation considers the problem of protecting the confidentiality of programs and any secrets in them. In this model, a provable program obfuscation solution makes white-box attacks to the program not more useful than black-box attacks. Motivated by very recent results showing successful black-box attacks to machine learning programs run by cloud servers, we propose and study the approach of augmenting the program obfuscation solution model so to achieve, in at least some class of application scenarios, program confidentiality in the presence of both white-box and black-box attacks.We propose and formally define encrypted-input program obfuscation, where a key is shared between the entity obfuscating the program and the entity encrypting the program's inputs. We believe this model might be of interest in practical scenarios where cloud programs operate over encrypted data received by associated sensors (e.g., Internet of Things, Smart Grid).Under standard intractability assumptions, we show various results that are not known in the traditional cryptographic program obfuscation model; most notably: Yao's garbled circuit technique implies encrypted-input program obfuscation hiding all gates of an arbitrary polynomial circuit; and very efficient encrypted-input program obfuscation for range membership programs and a class of machine learning programs (i.e., decision trees). The performance of the latter solutions has only a small constant overhead over the equivalent unobfuscated program.

2021-03-29
Pranav, E., Kamal, S., Chandran, C. Satheesh, Supriya, M. H..  2020.  Facial Emotion Recognition Using Deep Convolutional Neural Network. 2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS). :317—320.

The rapid growth of artificial intelligence has contributed a lot to the technology world. As the traditional algorithms failed to meet the human needs in real time, Machine learning and deep learning algorithms have gained great success in different applications such as classification systems, recommendation systems, pattern recognition etc. Emotion plays a vital role in determining the thoughts, behaviour and feeling of a human. An emotion recognition system can be built by utilizing the benefits of deep learning and different applications such as feedback analysis, face unlocking etc. can be implemented with good accuracy. The main focus of this work is to create a Deep Convolutional Neural Network (DCNN) model that classifies 5 different human facial emotions. The model is trained, tested and validated using the manually collected image dataset.

2021-02-23
Liao, D., Huang, S., Tan, Y., Bai, G..  2020.  Network Intrusion Detection Method Based on GAN Model. 2020 International Conference on Computer Communication and Network Security (CCNS). :153—156.

The existing network intrusion detection methods have less label samples in the training process, and the detection accuracy is not high. In order to solve this problem, this paper designs a network intrusion detection method based on the GAN model by using the adversarial idea contained in the GAN. The model enhances the original training set by continuously generating samples, which expanding the label sample set. In order to realize the multi-classification of samples, this paper transforms the previous binary classification model of the generated adversarial network into a supervised learning multi-classification model. The loss function of training is redefined, so that the corresponding training method and parameter setting are obtained. Under the same experimental conditions, several performance indicators are used to compare the detection ability of the proposed method, the original classification model and other models. The experimental results show that the method proposed in this paper is more stable, robust, accurate detection rate, has good generalization ability, and can effectively realize network intrusion detection.

2021-04-08
Ameer, S., Benson, J., Sandhu, R..  2020.  The EGRBAC Model for Smart Home IoT. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :457–462.
The Internet of Things (IoT) is enabling smart houses, where multiple users with complex social relationships interact with smart devices. This requires sophisticated access control specification and enforcement models, that are currently lacking. In this paper, we introduce the extended generalized role based access control (EGRBAC) model for smart home IoT. We provide a formal definition for EGRBAC and illustrate its features with a use case. A proof-of-concept demonstration utilizing AWS-IoT Greengrass is discussed in the appendix. EGRBAC is a first step in developing a comprehensive family of access control models for smart home IoT.
2021-02-08
Haque, M. A., Shetty, S., Kamhoua, C. A., Gold, K..  2020.  Integrating Mission-Centric Impact Assessment to Operational Resiliency in Cyber-Physical Systems. GLOBECOM 2020 - 2020 IEEE Global Communications Conference. :1–7.
Developing mission-centric impact assessment techniques to address cyber resiliency in the cyber-physical systems (CPSs) requires integrating system inter-dependencies to the risk and resilience analysis process. Generally, network administrators utilize attack graphs to estimate possible consequences in a networked environment. Attack graphs lack to incorporate the operations-specific dependencies. Localizing the dependencies among operational missions, tasks, and the hosting devices in a large-scale CPS is also challenging. In this work, we offer a graphical modeling technique to integrate the mission-centric impact assessment of cyberattacks by relating the effect to the operational resiliency by utilizing a combination of the logical attack graph and mission impact propagation graph. We propose formal techniques to compute cyberattacks’ impact on the operational mission and offer an optimization process to minimize the same, having budgetary restrictions. We also relate the effect to the system functional operability. We illustrate our modeling techniques using a SCADA (supervisory control and data acquisition) case study for the cyber-physical power systems. We believe our proposed method would help evaluate and minimize the impact of cyber attacks on CPS’s operational missions and, thus, enhance cyber resiliency.
2021-03-30
Lin, T.-H., Jiang, J.-R..  2020.  Anomaly Detection with Autoencoder and Random Forest. 2020 International Computer Symposium (ICS). :96—99.

This paper proposes AERFAD, an anomaly detection method based on the autoencoder and the random forest, for solving the credit card fraud detection problem. The proposed AERFAD first utilizes the autoencoder to reduce the dimensionality of data and then uses the random forest to classify data as anomalous or normal. Large numbers of credit card transaction data of European cardholders are applied to AEFRAD to detect possible frauds for the sake of performance evaluation. When compared with related methods, AERFAD has relatively excellent performance in terms of the accuracy, true positive rate, true negative rate, and Matthews correlation coefficient.

2021-03-29
Malek, Z. S., Trivedi, B., Shah, A..  2020.  User behavior Pattern -Signature based Intrusion Detection. 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). :549—552.

Technology advancement also increases the risk of a computer's security. As we can have various mechanisms to ensure safety but still there have flaws. The main concerned area is user authentication. For authentication, various biometric applications are used but once authentication is done in the begging there was no guarantee that the computer system is used by the authentic user or not. The intrusion detection system (IDS) is a particular procedure that is used to identify intruders by analyzing user behavior in the system after the user logged in. Host-based IDS monitors user behavior in the computer and identify user suspicious behavior as an intrusion or normal behavior. This paper discusses how an expert system detects intrusions using a set of rules as a pattern recognized engine. We propose a PIDE (Pattern Based Intrusion Detection) model, which is verified previously implemented SBID (Statistical Based Intrusion Detection) model. Experiment results indicate that integration of SBID and PBID approach provides an extensive system to detect intrusion.

2021-02-01
Rathi, P., Adarsh, P., Kumar, M..  2020.  Deep Learning Approach for Arbitrary Image Style Fusion and Transformation using SANET model. 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). :1049–1057.
For real-time applications of arbitrary style transformation, there is a trade-off between the quality of results and the running time of existing algorithms. Hence, it is required to maintain the equilibrium of the quality of generated artwork with the speed of execution. It's complicated for the present arbitrary style-transformation procedures to preserve the structure of content-image while blending with the design and pattern of style-image. This paper presents the implementation of a network using SANET models for generating impressive artworks. It is flexible in the fusion of new style characteristics while sustaining the semantic-structure of the content-image. The identity-loss function helps to minimize the overall loss and conserves the spatial-arrangement of content. The results demonstrate that this method is practically efficient, and therefore it can be employed for real-time fusion and transformation using arbitrary styles.
2021-01-28
Kariyappa, S., Qureshi, M. K..  2020.  Defending Against Model Stealing Attacks With Adaptive Misinformation. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). :767—775.

Deep Neural Networks (DNNs) are susceptible to model stealing attacks, which allows a data-limited adversary with no knowledge of the training dataset to clone the functionality of a target model, just by using black-box query access. Such attacks are typically carried out by querying the target model using inputs that are synthetically generated or sampled from a surrogate dataset to construct a labeled dataset. The adversary can use this labeled dataset to train a clone model, which achieves a classification accuracy comparable to that of the target model. We propose "Adaptive Misinformation" to defend against such model stealing attacks. We identify that all existing model stealing attacks invariably query the target model with Out-Of-Distribution (OOD) inputs. By selectively sending incorrect predictions for OOD queries, our defense substantially degrades the accuracy of the attacker's clone model (by up to 40%), while minimally impacting the accuracy (\textbackslashtextless; 0.5%) for benign users. Compared to existing defenses, our defense has a significantly better security vs accuracy trade-off and incurs minimal computational overhead.

2021-01-11
Wu, N., Farokhi, F., Smith, D., Kaafar, M. A..  2020.  The Value of Collaboration in Convex Machine Learning with Differential Privacy. 2020 IEEE Symposium on Security and Privacy (SP). :304–317.
In this paper, we apply machine learning to distributed private data owned by multiple data owners, entities with access to non-overlapping training datasets. We use noisy, differentially-private gradients to minimize the fitness cost of the machine learning model using stochastic gradient descent. We quantify the quality of the trained model, using the fitness cost, as a function of privacy budget and size of the distributed datasets to capture the trade-off between privacy and utility in machine learning. This way, we can predict the outcome of collaboration among privacy-aware data owners prior to executing potentially computationally-expensive machine learning algorithms. Particularly, we show that the difference between the fitness of the trained machine learning model using differentially-private gradient queries and the fitness of the trained machine model in the absence of any privacy concerns is inversely proportional to the size of the training datasets squared and the privacy budget squared. We successfully validate the performance prediction with the actual performance of the proposed privacy-aware learning algorithms, applied to: financial datasets for determining interest rates of loans using regression; and detecting credit card frauds using support vector machines.
2021-01-25
Ghazo, A. T. Al, Ibrahim, M., Ren, H., Kumar, R..  2020.  A2G2V: Automatic Attack Graph Generation and Visualization and Its Applications to Computer and SCADA Networks. IEEE Transactions on Systems, Man, and Cybernetics: Systems. 50:3488–3498.
Securing cyber-physical systems (CPS) and Internet of Things (IoT) systems requires the identification of how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Therefore, accurate attack graphs play a significant role in systems security. A manual construction of the attack graphs is tedious and error-prone, this paper proposes a model-checking-based automated attack graph generator and visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security. The architecture description tool captures a formal representation of the networked system, its atomic vulnerabilities, their pre-and post-conditions, and security property of interest. A model-checker is employed to automatically identify an attack sequence in the form of a counterexample. Our own code integrated with the model-checker parses the counterexamples, encodes those for specification relaxation, and iterates until all attack sequences are revealed. Finally, a visualization tool has also been incorporated with A2G2V to generate a graphical representation of the generated attack graph. The results are illustrated through application to computer as well as control (SCADA) networks.