Latest in cs.cr

total 10361took 0.13s
Lower Bounds for Adversarially Robust PAC LearningJun 13 2019In this work, we initiate a formal study of probably approximately correct (PAC) learning under evasion attacks, where the adversary's goal is to \emph{misclassify} the adversarially perturbed sample point $\widetilde{x}$, i.e., $h(\widetilde{x})\neq ... More
Deep Reinforcement Learning for Cyber SecurityJun 13 2019The scale of Internet-connected systems has increased considerably, and these systems are being exposed to cyber attacks more than ever. The complexity and dynamics of cyber attacks require protecting mechanisms to be responsive, adaptive, and large-scale. ... More
Probing the Mystery of Cryptocurrency Theft: An Investigation into Methods for Cryptocurrency Tainting AnalysisJun 13 2019Since the first theft of the Mt.Gox exchange service in 2011, Bitcoin has seen major thefts in subsequent years. For most thefts, the perpetrators remain uncaught and unknown. Although every transaction is recorded and transparent in the blockchain, thieves ... More
Metrics Towards Measuring Cyber AgilityJun 12 2019In cyberspace, evolutionary strategies are commonly used by both attackers and defenders. For example, an attacker's strategy often changes over the course of time, as new vulnerabilities are discovered and/or mitigated. Similarly, a defender's strategy ... More
Differential Imaging ForensicsJun 12 2019We introduce some new forensics based on differential imaging, where a novel category of visual evidence created via subtle interactions of light with a scene, such as dim reflections, can be computationally extracted and amplified from an image of interest ... More
Hackers vs. Security: Attack-Defence Trees as Asynchronous Multi-Agent SystemsJun 12 2019Attack-Defence Trees (ADTs) are well-suited to assess possible attacks to systems and the efficiency of counter-measures. In this paper, we first enrich the available constructs with reactive patterns that cover further security scenarios, and equip all ... More
Handel: Practical Multi-Signature Aggregation for Large Byzantine CommitteesJun 12 2019We present Handel, a Byzantine fault tolerant aggregation protocol that allows for the quick aggregation of cryptographic signatures over a WAN. Handel has logarithmic time and polylogarithmic network complexity and needs minimal computing resources. ... More
Secure Federated Matrix FactorizationJun 12 2019To protect user privacy and meet law regulations, federated (machine) learning is obtaining vast interests in recent years. The key principle of federated learning is training a machine learning model without needing to know each user's personal raw private ... More
Integrating Privacy Enhancing Techniques into Blockchains Using SidechainsJun 12 2019Blockchains are turning into decentralized computing platforms and are getting worldwide recognition for their unique advantages. There is an emerging trend beyond payments that blockchains could enable a new breed of decentralized applications, and serve ... More
A Blockchain-based Framework for Detecting Malicious Mobile Applications in App StoresJun 12 2019The dramatic growth in smartphone malware shows that malicious program developers are shifting from traditional PC systems to smartphone devices. Therefore, security researchers are also moving towards proposing novel antimalware methods to provide adequate ... More
A Comment on Privacy-Preserving Scalar Product Protocols as proposed in "SPOC"Jun 11 2019Privacy-preserving scalar product (PPSP) protocols are an important building block for secure computation tasks in various applications. Lu et al. (TPDS'13) introduced a PPSP protocol that does not rely on cryptographic assumptions and that is used in ... More
Polymorphic Relaxed NoninterferenceJun 11 2019Information-flow security typing statically preserves confidentiality by enforcing noninterference. To address the practical need of selective and flexible declassification of confidential information, several approaches have developed a notion of relaxed ... More
New dynamic and verifiable multi-secret sharing schemes based on LFSR public key cryptosystemJun 11 2019A verifiable multi-secret sharing (VMSS) scheme enables the dealer to share multiple secrets, and the deception of both participants and the dealer can be detected. After analyzing the security of VMSS schemes proposed by Mashhadi and Dehkordi in 2015, ... More
Competing (Semi)-Selfish Miners in BitcoinJun 11 2019The Bitcoin protocol prescribes certain behavior by the miners who are responsible for maintaining and extending the underlying blockchain; in particular, miners who successfully solve a puzzle, and hence can extend the chain by a block, are supposed ... More
Combinatorial Optimization based Feature Selection Method: A study on Network Intrusion DetectionJun 11 2019Jun 12 2019Advancements in computer networks and communication technologies like software defined networks (SDN), Internet of things (IoT), microservices architecture, cloud computing and network function virtualization (NFV) have opened new fronts and challenges ... More
TS-RF: Combinatorial Optimization based Feature Selection Method for Network Intrusion DetectionJun 11 2019Advancements in computer networks and communication technologies like software defined networks (SDN), Internet of things (IoT), microservices architecture, cloud computing and network function virtualization (NFV) have opened new fronts and challenges ... More
The Fifth International Students' Olympiad in Cryptography -- NSUCRYPTO: problems and their solutionsJun 11 2019Problems and their solutions of the Fifth International Students' Olympiad in cryptography NSUCRYPTO'2018 are presented. We consider problems related to attacks on ciphers and hash functions, Boolean functions, quantum circuits, Enigma, etc. We discuss ... More
The merits of using Ethereum MainNet as a Coordination Blockchain for Ethereum Private SidechainsJun 11 2019A Coordination Blockchain is a blockchain with the task of coordinating activities of multiple private blockchains. This paper discusses the pros and cons of using Ethereum MainNet, the public Ethereum blockchain, as a Coordination Blockchain. The requirements ... More
Evolutionary Trigger Set Generation for DNN Black-Box WatermarkingJun 11 2019The commercialization of deep learning creates a compelling need for intellectual property (IP) protection. Deep neural network (DNN) watermarking has been proposed as a promising tool to help model owners prove ownership and fight piracy. A popular approach ... More
Quantum Random Numbers generated by the Cloud Superconducting Quantum ComputerJun 11 2019A cloud quantum computer is similar to a random number generator in that its physical mechanism is inaccessible to the users. In this respect, a cloud quantum computer is a black box. In both devices, the users decide the device condition from the output. ... More
Subspace Attack: Exploiting Promising Subspaces for Query-Efficient Black-box AttacksJun 11 2019Unlike the white-box counterparts that are widely studied and readily accessible, adversarial examples in black-box settings are generally more Herculean on account of the difficulty of estimating gradients. Many methods achieve the task by issuing numerous ... More
Secure Software-Defined Networking Based on BlockchainJun 11 2019Software-Defined Networking (SDN) separates the network control plane and data plane, which provides a network-wide view with centralized control (in the control plane) and programmable network configuration for data plane injected by SDN applications ... More
General Linear Group Action on Tensors: A Candidate for Post-Quantum CryptographyJun 11 2019Starting from the one-way group action framework of Brassard and Yung (Crypto '90), we revisit building cryptography based on group actions. Several previous candidates for one-way group actions no longer stand, due to progress both on classical algorithms ... More
Topology Attack and Defense for Graph Neural Networks: An Optimization PerspectiveJun 10 2019Graph neural networks (GNNs) which apply the deep neural networks to graph data have achieved significant performance for the task of semi-supervised node classification. However, only few work has addressed the adversarial robustness of GNNs. In this ... More
Malware Detection with LSTM using Opcode LanguageJun 10 2019Nowadays, with the booming development of Internet and software industry, more and more malware variants are designed to perform various malicious activities. Traditional signature-based detection methods can not detect variants of malware. In addition, ... More
SCGDet: Malware Detection using Semantic Features Based on Reachability RelationJun 10 2019Recently, with the booming development of software industry, more and more malware variants are designed to perform malicious behaviors. The evolution of malware makes it difficult to detect using traditional signature-based methods. Moreover, malware ... More
Attacking Graph Convolutional Networks via RewiringJun 10 2019Graph Neural Networks (GNNs) have boosted the performance of many graph related tasks such as node classification and graph classification. Recent researches show that graph neural networks are vulnerable to adversarial attacks, which deliberately add ... More
Improved Adversarial Robustness via Logit Regularization MethodsJun 10 2019While great progress has been made at making neural networks effective across a wide range of visual tasks, most models are surprisingly vulnerable. This frailness takes the form of small, carefully chosen perturbations of their input, known as adversarial ... More
Provably Robust Deep Learning via Adversarially Trained Smoothed ClassifiersJun 09 2019Recent works have shown the effectiveness of randomized smoothing as a scalable technique for building neural network-based classifiers that are provably robust to $\ell_2$-norm adversarial perturbations. In this paper, we employ adversarial training ... More
Beyond Adversarial Training: Min-Max Optimization in Adversarial Attack and DefenseJun 09 2019The worst-case training principle that minimizes the maximal adversarial loss, also known as adversarial training (AT), has shown to be a state-of-the-art approach for enhancing adversarial robustness against norm-ball bounded input perturbations. Nonetheless, ... More
A Federated Authorization Framework for Distributed Personal Data and Digital IdentityJun 09 2019The digital identity problem is a complex one in large part because it involves personal data, the algorithms which compute reputations on the data and the management of the identifiers that are linked to personal data. The reality of today is that personal ... More
Strategies to architect AI Safety: Defense to guard AI from AdversariesJun 08 2019The impact of designing for security of AI is critical for humanity in the AI era. With humans increasingly becoming dependent upon AI, there is a need for neural networks that work reliably, inspite of Adversarial attacks. The vision for Safe and secure ... More
Sensitivity of Deep Convolutional Networks to Gabor NoiseJun 08 2019Jun 11 2019Deep Convolutional Networks (DCNs) have been shown to be sensitive to Universal Adversarial Perturbations (UAPs): input-agnostic perturbations that fool a model on large portions of a dataset. These UAPs exhibit interesting visual patterns, but this phenomena ... More
Sensitivity of Deep Convolutional Networks to Gabor NoiseJun 08 2019Deep Convolutional Networks (DCNs) have been shown to be sensitive to Universal Adversarial Perturbations (UAPs): input-agnostic perturbations that fool a model on large portions of a dataset. These UAPs exhibit interesting visual patterns, but this phenomena ... More
Making targeted black-box evasion attacks effective and efficientJun 08 2019We investigate how an adversary can optimally use its query budget for targeted evasion attacks against deep neural networks in a black-box setting. We formalize the problem setting and systematically evaluate what benefits the adversary can gain by using ... More
Efficient Project Gradient Descent for Ensemble Adversarial AttackJun 07 2019Recent advances show that deep neural networks are not robust to deliberately crafted adversarial examples which many are generated by adding human imperceptible perturbation to clear input. Consider $l_2$ norms attacks, Project Gradient Descent (PGD) ... More
Adversarial Examples for Non-Parametric Methods: Attacks, Defenses and Large Sample LimitsJun 07 2019Adversarial examples have received a great deal of recent attention because of their potential to uncover security flaws in machine learning systems. However, most prior work on adversarial examples has been on parametric classifiers, for which generic ... More
A Unifying Hybrid Consensus ProtocolJun 07 2019We introduce Unity, a new consensus algorithm for public blockchain settings. Unity is an eventual consistency protocol merging the Proof-of-Work (PoW) and Proof-of-Stake (PoS) into a coherent stochastic process. It encompasses hardware and economic security ... More
A cryptographic approach to black box adversarial machine learningJun 07 2019We propose an ensemble technique for converting any classifier into a computationally secure classifier. We define a simpler security problem for random binary classifiers and prove a reduction from this model to the security of the overall ensemble classifier. ... More
Reconstruction and Membership Inference Attacks against Generative ModelsJun 07 2019We present two information leakage attacks that outperform previous work on membership inference against generative models. The first attack allows membership inference without assumptions on the type of the generative model. Contrary to previous evaluation ... More
Software Ethology: An Accurate and Resilient Semantic Binary Analysis FrameworkJun 07 2019When reverse engineering a binary, the analyst must first understand the semantics of the binary's functions through either manual or automatic analysis. Manual semantic analysis is time-consuming, because abstractions provided by high level languages, ... More
A Note on Lower Digits Extraction Polynomial for BootstrappingJun 07 2019Bootstrapping is a crucial but computationally expensive step for realizing Fully Homomorphic Encryption (FHE). Recently, Chen and Han (Eurocrypt 2018) introduced a family of low-degree polynomials to extract the lowest digit with respect to a certain ... More
Robust Attacks against Multiple ClassifiersJun 06 2019We address the challenge of designing optimal adversarial noise algorithms for settings where a learner has access to multiple classifiers. We demonstrate how this problem can be framed as finding strategies at equilibrium in a two-player, zero-sum game ... More
A Blockchain-Based Architecture for Traffic Signal Control SystemsJun 06 2019Ever-growing incorporation of connected vehicle (CV) technologies into intelligent traffic signal control systems brings about significant data security issues in the connected vehicular networks. This paper presents a novel decentralized and secure by ... More
CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus DataJun 06 2019We propose a novel neural network architecture for detecting intrusions on the CAN bus. The Controller Area Network (CAN) is the standard communication method between the Electronic Control Units (ECUs) of automobiles. However, CAN lacks security mechanisms ... More
The Open Vault Challenge -- Learning how to build calibration-free interactive systems by cracking the code of a vaultJun 06 2019This demo takes the form of a challenge to the IJCAI community. A physical vault, secured by a 4-digit code, will be placed in the demo area. The author will publicly open the vault by entering the code on a touch-based interface, and as many times as ... More
Should Adversarial Attacks Use Pixel p-Norm?Jun 06 2019Adversarial attacks aim to confound machine learning systems, while remaining virtually imperceptible to humans. Attacks on image classification systems are typically gauged in terms of $p$-norm distortions in the pixel feature space. We perform a behavioral ... More
Lookout for Zombies: Mitigating Flush+Reload Attack on Shared Caches by Monitoring Invalidated LinesJun 06 2019OS-based page sharing is a commonly used optimization in modern systems to reduce memory footprint. Unfortunately, such sharing can cause Flush+Reload cache attacks, whereby a spy periodically flushes a cache line of shared data (using the clflush instruction) ... More
Privacy-Preserving Classification of Personal Text Messages with Secure Multi-Party Computation: An Application to Hate-Speech DetectionJun 05 2019Classification of personal text messages has many useful applications in surveillance, e-commerce, and mental health care, to name a few. Giving applications access to personal texts can easily lead to (un)intentional privacy violations. We propose the ... More
Private Deep Learning with Teacher EnsemblesJun 05 2019Privacy-preserving deep learning is crucial for deploying deep neural network based solutions, especially when the model works on data that contains sensitive information. Most privacy-preserving methods lead to undesirable performance degradation. Ensemble ... More
Enhancing Gradient-based Attacks with Symbolic IntervalsJun 05 2019Recent breakthroughs in defenses against adversarial examples, like adversarial training, make the neural networks robust against various classes of attackers (e.g., first-order gradient-based attacks). However, it is an open question whether the adversarially ... More
Investigation of Cyber Attacks on a Water Distribution SystemJun 05 2019A Cyber Physical System (CPS) consists of cyber components for computation and communication, and physical components such as sensors and actuators for process control. These components are networked and interact in a feedback loop. CPS are found in critical ... More
Don't Paint It Black: White-Box Explanations for Deep Learning in Computer SecurityJun 05 2019Deep learning is increasingly used as a basic building block of security systems. Unfortunately, deep neural networks are hard to interpret, and their decision process is opaque to the practitioner. Recent work has started to address this problem by considering ... More
Don't Paint It Black: White-Box Explanations for Deep Learning in Computer SecurityJun 05 2019Jun 06 2019Deep learning is increasingly used as a basic building block of security systems. Unfortunately, deep neural networks are hard to interpret, and their decision process is opaque to the practitioner. Recent work has started to address this problem by considering ... More
Security in Asynchronous Interactive SystemsJun 05 2019Secure function computation has been thoroughly studied and optimized in the past decades. We extend techniques used for secure computation to simulate arbitrary protocols involving a mediator. The key feature of our notion of simulation is that it is ... More
An Interposer-Based Root of Trust: Seize the Opportunity for Secure System-Level Integration of Untrusted ChipletsJun 05 2019Leveraging 2.5D interposer technology, we advocate the integration of untrusted commodity components/chiplets with physically separate, entrusted logic components. Such organization provides a modern root of trust for secure system-level integration. ... More
Impact of Prior Knowledge and Data Correlation on Privacy Leakage: A Unified AnalysisJun 05 2019It has been widely understood that differential privacy (DP) can guarantee rigorous privacy against adversaries with arbitrary prior knowledge. However, recent studies demonstrate that this may not be true for correlated data, and indicate that three ... More
Fusion of Mobile Device Signal Data Attributes Enables Multi-Protocol Entity Resolution and Enhanced Large-Scale TrackingJun 05 2019Use of persistent identifiers in wireless communication protocols is a known privacy concern as they can be used to track the location of mobile devices. Furthermore, inherent structure in the assignment of hardware identifiers as well as upper-layer ... More
Practical Byte-Granular Memory Blacklisting using CaliformsJun 05 2019Jun 10 2019Recent rapid strides in memory safety tools and hardware have improved software quality and security. While coarse-grained memory safety has improved, achieving memory safety at the granularity of individual objects remains a challenge due to high performance ... More
Practical Byte-Granular Memory Blacklisting using CaliformsJun 05 2019Jun 06 2019Recent rapid strides in memory safety tools and hardware have improved software quality and security. While coarse-grained memory safety has improved, achieving memory safety at the granularity of individual objects remains a challenge due to high performance ... More
Practical Byte-Granular Memory Blacklisting using CaliformsJun 05 2019Recent rapid strides in memory safety tools and hardware have improved software quality and security. While coarse-grained memory safety has improved, achieving memory safety at the granularity of individual objects remains a challenge due to high performance ... More
TrustChain: Trust Management in Blockchain and IoT supported Supply ChainsJun 05 2019Traceability and integrity are major challenges for the increasingly complex supply chains of today's world. Although blockchain technology has the potential to address these challenges through providing a tamper-proof audit trail of supply chain events ... More
Owner-centric sharing of physical resources, data, and data-driven insights in digital ecosystemsJun 05 2019We are living in an age in which digitization will connect more and more physical assets with IT systems and where IoT endpoints will generate a wealth of valuable data. Companies, individual users, and organizations alike therefore have the need to control ... More
Locally Differentially Private Data Collection and AnalysisJun 05 2019Local differential privacy (LDP) can provide each user with strong privacy guarantees under untrusted data curators while ensuring accurate statistics derived from privatized data. Due to its powerfulness, LDP has been widely adopted to protect privacy ... More
A Differentially Private Incentive Design for Traffic Offload to Public TransportationJun 04 2019Increasingly large trip demands have strained urban transportation capacity, which consequently leads to traffic congestion. In this work, we focus on mitigating traffic congestion by incentivizing passengers to switch from private to public transit services. ... More
Privacy-preserving Crowd-guided AI Decision-making in Ethical DilemmasJun 04 2019With the rapid development of artificial intelligence (AI), ethical issues surrounding AI have attracted increasing attention. In particular, autonomous vehicles may face moral dilemmas in accident scenarios, such as staying the course resulting in hurting ... More
What do AI algorithms actually learn? - On false structures in deep learningJun 04 2019There are two big unsolved mathematical questions in artificial intelligence (AI): (1) Why is deep learning so successful in classification problems and (2) why are neural nets based on deep learning at the same time universally unstable, where the instabilities ... More
SPECCFI: Mitigating Spectre Attacks using CFI Informed SpeculationJun 04 2019Spectre attacks and their many subsequent variants are a new vulnerability class for modern CPUs. The attacks rely on the ability to misguide/hijack speculative execution, generally by exploiting the branch prediction structures, to execute a vulnerable ... More
SoK: Differential PrivaciesJun 04 2019Shortly after its introduction in 2006, differential privacy became the flagship data privacy definition. Since then, numerous variants and extensions were proposed to adapt it to different scenarios and attacker models. In this work, we propose a systematic ... More
Need for Critical Cyber Defence, Security Strategy and Privacy Policy in Bangladesh - Hype or Reality?Jun 04 2019Cyber security is one of the burning issues in modern world. Increased IT infrastructure has given rise to enormous chances of security breach. Bangladesh being a relatively new member of cyber security arena has its own demand and appeal. Digitalization ... More
Anonymity Network Tor and Performance Analysis of ARANEA; an IOT Based Privacy-Preserving RouterJun 04 2019There was a time when the word security was only confined to the physical protection of things that were valuable which must be guarded against all the odds. Today, in a world where people can do things virtually have emerged the necessity to protect ... More
Access Control for Electronic Health Records with Hybrid Blockchain-Edge ArchitectureJun 04 2019The global Electronic Health Record (EHR) market is growing dramatically and expected to reach $39.7 billions by 2022. To safe-guard security and privacy of EHR, access control is an essential mechanism for managing EHR data. This paper proposes a hybrid ... More
Towards Fair and Decentralized Privacy-Preserving Deep Learning with BlockchainJun 04 2019In collaborative deep learning, current learning frameworks follow either a centralized architecture or a distributed architecture. Whilst centralized architecture deploys a central server to train a global model over the massive amount of joint data ... More
Sequential Triggers for Watermarking of Deep Reinforcement Learning PoliciesJun 03 2019This paper proposes a novel scheme for the watermarking of Deep Reinforcement Learning (DRL) policies. This scheme provides a mechanism for the integration of a unique identifier within the policy in the form of its response to a designated sequence of ... More
Adversarial Exploitation of Policy ImitationJun 03 2019This paper investigates a class of attacks targeting the confidentiality aspect of security in Deep Reinforcement Learning (DRL) policies. Recent research have established the vulnerability of supervised machine learning models (e.g., classifiers) to ... More
Analysis and Improvement of Adversarial Training in DQN Agents With Adversarially-Guided Exploration (AGE)Jun 03 2019This paper investigates the effectiveness of adversarial training in enhancing the robustness of Deep Q-Network (DQN) policies to state-space perturbations. We first present a formal analysis of adversarial training in DQN agents and its performance with ... More
RL-Based Method for Benchmarking the Adversarial Resilience and Robustness of Deep Reinforcement Learning PoliciesJun 03 2019This paper investigates the resilience and robustness of Deep Reinforcement Learning (DRL) policies to adversarial perturbations in the state space. We first present an approach for the disentanglement of vulnerabilities caused by representation learning ... More
Correctness Verification of Neural NetworksJun 03 2019We present the first verification that a neural network produces a correct output within a specified tolerance for every input of interest. We define correctness relative to a specification which identifies 1) a state space consisting of all relevant ... More
Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault AttacksJun 03 2019Deep neural networks (DNNs) have been shown to tolerate "brain damage": cumulative changes to the network's parameters (e.g., pruning, numerical perturbations) typically result in a graceful degradation of classification accuracy. However, the limits ... More
Gap-Measure Tests with Applications to Data Integrity VerificationJun 03 2019In this paper we propose and examine gap statistics for assessing uniform distribution hypotheses. We provide examples relevant to data integrity testing for which max-gap statistics provide greater sensitivity than chi-square ($\chi^2$), thus allowing ... More
Secure Distributed On-Device Learning Networks With Byzantine AdversariesJun 03 2019The privacy concern exists when the central server has the copies of datasets. Hence, there is a paradigm shift for the learning networks to change from centralized in-cloud learning to distributed \mbox{on-device} learning. Benefit from the parallel ... More
Mind the Gap: Trade-Offs between Distributed Ledger Technology CharacteristicsJun 03 2019While design decisions determine the quality and viability of applications in general, in Distributed Ledger Technology (DLT), the decision for a suitable DLT design (e.g., Ethereum, IOTA) is of particular relevance because the retroactive change of the ... More
DAWN: Dynamic Adversarial Watermarking of Neural NetworksJun 03 2019Training machine learning (ML) models is expensive in terms of computational power, large amounts of labeled data, and human expertise. Thus, ML models constitute intellectual property (IP) and business value for their owners. Embedding digital watermarks ... More
Encryption Scheme Based on Expanded Reed-Solomon CodesJun 03 2019Jun 13 2019We present a code-based public-key cryptosystem, in which we use Reed-Solomon codes over an extension field as secret codes and disguise it by considering its expanded code over the base field. Considering the expanded codes provide a safeguard against ... More
Encryption Scheme Based on Expanded Reed-Solomon CodesJun 03 2019We present a code-based public-key cryptosystem, in which we use Reed-Solomon codes over an extension field as secret codes and disguise it by considering its expanded code over the base field. Considering the expanded codes provide a safeguard against ... More
Voice Mimicry Attacks Assisted by Automatic Speaker VerificationJun 03 2019In this work, we simulate a scenario, where a publicly available ASV system is used to enhance mimicry attacks against another closed source ASV system. In specific, ASV technology is used to perform a similarity search between the voices of recruited ... More
BAYHENN: Combining Bayesian Deep Learning and Homomorphic Encryption for Secure DNN InferenceJun 03 2019Recently, deep learning as a service (DLaaS) has emerged as a promising way to facilitate the employment of deep neural networks (DNNs) for various purposes. However, using DLaaS also causes potential privacy leakage from both clients and cloud servers. ... More
Evolutionary Fuzzing of Android OS Vendor System ServicesJun 03 2019Android devices are shipped in several flavors by more than 100 manufacturer partners, which extend the Android "vanilla" OS with new system services, and modify the existing ones. These proprietary extensions expose Android devices to reliability and ... More
An overview of memristive cryptographyJun 03 2019Smaller, smarter and faster edge devices in the Internet of things era demands secure data analysis and transmission under resource constraints of hardware architecture. Lightweight cryptography on edge hardware is an emerging topic that is essential ... More
Generative Adversarial Networks for Distributed Intrusion Detection in the Internet of ThingsJun 03 2019To reap the benefits of the Internet of Things (IoT), it is imperative to secure the system against cyber attacks in order to enable mission critical and real-time applications. To this end, intrusion detection systems (IDSs) have been widely used to ... More
Heterogeneous Gaussian Mechanism: Preserving Differential Privacy in Deep Learning with Provable RobustnessJun 02 2019In this paper, we propose a novel Heterogeneous Gaussian Mechanism (HGM) to preserve differential privacy in deep neural networks, with provable robustness against adversarial examples. We first relax the constraint of the privacy budget in the traditional ... More
New non-linearity parameters of Boolean functionsJun 02 2019The study of non-linearity (linearity) of Boolean function was initiated by Rothaus in 1976. The classical non-linearity of a Boolean function is the minimum Hamming distance of its truth table to that of affine functions. In this note we introduce new ... More
Disentangling Improves VAEs' Robustness to Adversarial AttacksJun 01 2019This paper is concerned with the robustness of VAEs to adversarial attacks. We highlight that conventional VAEs are brittle under attack but that methods recently introduced for disentanglement such as $\beta$-TCVAE (Chen et al., 2018) improve robustness, ... More
Perceptual Evaluation of Adversarial Attacks for CNN-based Image ClassificationJun 01 2019Deep neural networks (DNNs) have recently achieved state-of-the-art performance and provide significant progress in many machine learning tasks, such as image classification, speech processing, natural language processing, etc. However, recent studies ... More
IoT Network Security from the Perspective of Adversarial Deep LearningMay 31 2019Machine learning finds rich applications in Internet of Things (IoT) networks such as information retrieval, traffic management, spectrum sensing, and signal authentication. While there is a surge of interest to understand the security issues of machine ... More
Human-Usable Password Schemas: Beyond Information-Theoretic SecurityMay 31 2019Password users frequently employ passwords that are too simple, or they just reuse passwords for multiple websites. A common complaint is that utilizing secure passwords is too difficult. One possible solution to this problem is to use a password schema. ... More
Protocols for Checking Compromised CredentialsMay 31 2019To prevent credential stuffing attacks, industry best practice now proactively checks if user credentials are present in known data breaches. Recently, some web services, such as HaveIBeenPwned (HIBP) and Google Password Checkup (GPC), have started providing ... More
Known-plaintext attack and ciphertext-only attack for encrypted single-pixel imagingMay 31 2019In many previous works, a single-pixel imaging (SPI) system is constructed as an optical image encryption system. Unauthorized users are not able to reconstruct the plaintext image from the ciphertext intensity sequence without knowing the illumination ... More
Secure Memory Erasure in the Presence of Man-in-the-Middle AttackersMay 31 2019Memory erasure protocols serve to clean up a device's memory before the installation of new software. Although this task can be accomplished by direct hardware manipulation, remote software-based memory erasure protocols have emerged as a more efficient ... More
Comparative Analysis of State-of-the-Art EDoS Mitigation Techniques in Cloud Computing EnvironmentMay 31 2019A new variant of the DDoS attack, called Economic Denial of Sustainability attack has emerged. Since the cloud service is based on the pay-per-use model, the EDoS attack endeavors to scale up the resource usage over time to the point the purveyor of the ... More