Visible to the public Biblio

Filters: Author is Hu, Qin  [Clear All Filters]
Hu, Qin, Wang, Shengling, Cheng, Xiuzhen.  2019.  A Game Theoretic Analysis on Block Withholding Attacks Using the Zero-Determinant Strategy. 2019 IEEE/ACM 27th International Symposium on Quality of Service (IWQoS). :1–10.
In Bitcoin's incentive system that supports open mining pools, block withholding attacks incur huge security threats. In this paper, we investigate the mutual attacks among pools as this determines the macroscopic utility of the whole distributed system. Existing studies on pools' interactive attacks usually employ the conventional game theory, where the strategies of the players are considered pure and equal, neglecting the existence of powerful strategies and the corresponding favorable game results. In this study, we take advantage of the Zero-Determinant (ZD) strategy to analyze the block withholding attack between any two pools, where the ZD adopter has the unilateral control on the expected payoffs of its opponent and itself. In this case, we are faced with the following questions: who can adopt the ZD strategy? individually or simultaneously? what can the ZD player achieve? In order to answer these questions, we derive the conditions under which two pools can individually or simultaneously employ the ZD strategy and demonstrate the effectiveness. To the best of our knowledge, we are the first to use the ZD strategy to analyze the block withholding attack among pools.
Sundar, Agnideven Palanisamy, Li, Feng, Zou, Xukai, Hu, Qin, Gao, Tianchong.  2020.  Multi-Armed-Bandit-based Shilling Attack on Collaborative Filtering Recommender Systems. 2020 IEEE 17th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :347–355.
Collaborative Filtering (CF) is a popular recommendation system that makes recommendations based on similar users' preferences. Though it is widely used, CF is prone to Shilling/Profile Injection attacks, where fake profiles are injected into the CF system to alter its outcome. Most of the existing shilling attacks do not work on online systems and cannot be efficiently implemented in real-world applications. In this paper, we introduce an efficient Multi-Armed-Bandit-based reinforcement learning method to practically execute online shilling attacks. Our method works by reducing the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach. Such practical online attacks open new avenues for research in building more robust recommender systems. We treat the recommender system as a black box, making our method effective irrespective of the type of CF used. Finally, we also experimentally test our approach against popular state-of-the-art shilling attacks.