Latest in cs.cr

total 6403took 0.11s
XONN: XNOR-based Oblivious Deep Neural Network InferenceFeb 19 2019Advancements in deep learning enable cloud servers to provide inference-as-a-service for clients. In this scenario, clients send their raw data to the server to run the deep learning model and send back the results. One standing challenge in this setting ... More
Extending the Anonymity of ZcashFeb 19 2019Although Bitcoin in its original whitepaper stated that it offers anonymous transactions, de-anonymization techniques have found otherwise. Therefore, alternative cryptocurrencies, like Dash, Monero, and Zcash, were developed to provide better privacy. ... More
When Energy Trading meets Blockchain in Electrical Power System: The State of the ArtFeb 19 2019With the rapid growth of renewable energy resources, the energy trading began to shift from centralized to distributed manner. Blockchain, as a distributed public ledger technology, has been widely adopted to design new energy trading schemes. However, ... More
Cybercrime Investigators are Users Too! Understanding the Socio-Technical Challenges Faced by Law EnforcementFeb 19 2019Cybercrime investigators face numerous challenges when policing online crimes. Firstly, the methods and processes they use when dealing with traditional crimes do not necessarily apply in the cyber-world. Additionally, cyber criminals are usually technologically-aware ... More
Smart Contract Vulnerabilities: Does Anyone Care?Feb 18 2019In the last year we have seen a great deal of both academic and practical interest in the topic of vulnerabilities in smart contracts, particularly those developed for the Ethereum blockchain. In this paper we survey the 21,270 vulnerable contracts reported ... More
Smart Contract Vulnerabilities: Does Anyone Care?Feb 18 2019Feb 19 2019In the last year we have seen a great deal of both academic and practical interest in the topic of vulnerabilities in smart contracts, particularly those developed for the Ethereum blockchain. In this paper we survey the 21,270 vulnerable contracts reported ... More
On Evaluating Adversarial RobustnessFeb 18 2019Correctly evaluating defenses against adversarial examples has proven to be extremely difficult. Despite the significant amount of recent work attempting to design defenses that withstand adaptive attacks, few have succeeded; most papers that propose ... More
Proving ErasureFeb 18 2019It seems impossible to certify that a remote hosting service does not leak its users' data --- or does quantum mechanics make it possible? We investigate if a server hosting data can information-theoretically prove its definite deletion using a "BB84-like" ... More
Adv-DWF: Defending Against Deep-Learning-Based Website Fingerprinting Attacks with Adversarial TracesFeb 18 2019Website Fingerprinting (WF) is a type of traffic analysis attack that enables a local passive eavesdropper to infer the victim's activity even when the traffic is protected by encryption, a VPN, or some other anonymity system like Tor. Leveraging a deep-learning ... More
Binary Debloating for Security via Demand Driven LoadingFeb 18 2019Modern software systems heavily use C/C++ based libraries. Because of the weak memory model of C/C++, libraries may suffer from vulnerabilities which can expose the applications to potential attacks. For example, a very large number of return oriented ... More
STRIP: A Defence Against Trojan Attacks on Deep Neural NetworksFeb 18 2019Recent trojan attacks on deep neural network (DNN) models are one insidious variant of data poisoning attacks. Trojan attacks exploit an effective backdoor created in a DNN model by leveraging the difficulty in interpretability of the learned model to ... More
BYOD, Personal Area Networks (PANs) and IOT: Threats to Patients PrivacyFeb 18 2019The passage of FISMA and HIPPA Acts have mandated various security controls that ensure the privacy of patients data. Hospitals and health-care organizations are required by law to ensure that patients data is stored and disseminated in a secure fashion. ... More
Tik-Tok: The Utility of Packet Timing in Website Fingerprinting AttacksFeb 18 2019A passive local eavesdropper can leverage Website Fingerprinting (WF) to deanonymize the web browsing activity of Tor users. The importance of timing information to WF has often been discounted in prior work due to the volatility of low-level timing information. ... More
AuxBlocks: Defense Adversarial Example via Auxiliary BlocksFeb 18 2019Deep learning models are vulnerable to adversarial examples, which poses an indisputable threat to their applications. However, recent studies observe gradient-masking defenses are self-deceiving methods if an attacker can realize this defense. In this ... More
Averaging Attacks on Bounded Perturbation AlgorithmsFeb 18 2019We describe and evaluate an attack that reconstructs the histogram of any target attribute of a sensitive dataset which can only be queried through a type of privacy-preserving algorithms which we call bounded perturbation algorithms. A defining property ... More
Generation of dynamical S-boxes via lag time chaotic series for cryptosystemsFeb 18 2019In this work, we present an algorithm for the design of $n\times n$-bits substitution boxes (S-boxes) based on time series of a discrete dynamical system with chaotic behavior. The elements of a $n\times n$-bits substitution box are given by binary sequences ... More
Scalable and Privacy-preserving Design of On/Off-chain Smart ContractsFeb 18 2019The rise of smart contract systems such as Ethereum has resulted in a proliferation of blockchain-based decentralized applications including applications that store and manage a wide range of data. Current smart contracts are designed to be executed solely ... More
Let the Cloud Watch Over Your IoT File SystemsFeb 17 2019Smart devices produce security-sensitive data and keep them in on-device storage for persistence. The current storage stack on smart devices, however, offers weak security guarantees: not only because the stack depends on a vulnerable commodity OS, but ... More
On the Complexity of Anonymous Communication Through Public NetworksFeb 17 2019Anonymous channels allow users to connect to websites or communicate with one another privately. Assume that either Alice or Allison is communicating with (a possibly corrupt) Bob. To protect the sender, we seek a protocol that provably guarantees that ... More
Conclave: secure multi-party computation on big data (extended TR)Feb 17 2019Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical ... More
Experimental Twin-Field Quantum Key Distribution Through Sending-or-Not-SendingFeb 17 2019Channel loss seems to be the most severe limitation to the application long distance quantum key distribution in practice. The idea of twin-field quantum key distribution can improve the key rate from the linear scale of channel loss in the traditional ... More
Nearest neighbor decoding for Tardos fingerprinting codesFeb 17 2019Over the past decade, various improvements have been made to Tardos' collusion-resistant fingerprinting scheme [Tardos, STOC 2003], ultimately resulting in a good understanding of what is the minimum code length required to achieve collusion-resistance. ... More
Non-Malleable Secret Sharing against Affine TamperingFeb 17 2019Non-malleable secret sharing was recently studied by Goyal and Kumar in independent tampering and joint tampering models for threshold scheme (STOC18) and secret sharing with general access structure (CRYPTO18). We study non-malleable secret sharing in ... More
A Little Is Enough: Circumventing Defenses For Distributed LearningFeb 16 2019Distributed learning is central for large-scale training of deep-learning models. However, they are exposed to a security threat in which Byzantine participants can interrupt or control the learning process. Previous attack models and their corresponding ... More
Compiled Obfuscation for Data Structures in Encrypted ComputingFeb 16 2019Encrypted computing is an emerging technology based on a processor that `works encrypted', taking encrypted inputs to encrypted outputs while data remains in encrypted form throughout. It aims to secure user data against possible insider attacks by the ... More
On Privacy-preserving Decentralized Optimization through Alternating Direction Method of MultipliersFeb 16 2019Privacy concerns with sensitive data in machine learning are receiving increasing attention. In this paper, we study privacy-preserving distributed learning under the framework of Alternating Direction Method of Multipliers (ADMM). While secure distributed ... More
Brief Note: Asynchronous Verifiable Secret Sharing with Optimal Resilience and Linear Amortized OverheadFeb 16 2019In this work we present hbAVSS, the Honey Badger of Asynchronous Verifiable Secret Sharing (AVSS) protocols - an AVSS protocol that guarantees linear amortized communication overhead even in the worst case. The best prior work can achieve linear overhead ... More
Precise Attack Synthesis for Smart ContractsFeb 16 2019Smart contracts are programs running on top of blockchain platforms. They interact with each other through well-defined interfaces to perform financial transactions in a distributed system with no trusted third parties. But these interfaces also provide ... More
DOCSDN: Dynamic and Optimal Configuration of Software-Defined NetworksFeb 15 2019Networks are designed with functionality, security, performance, and cost in mind. Tools exist to check or optimize individual properties of a network. These properties may conflict, so it is not always possible to run these tools in series to find a ... More
Privacy of Existence of Secrets: Introducing Steganographic DCOPs and Revisiting DCOP FrameworksFeb 15 2019Here we identify a type of privacy concern in Distributed Constraint Optimization (DCOPs) not previously addressed in literature, despite its importance and impact on the application field: the privacy of existence of secrets. Science only starts where ... More
A Somewhat Homomorphic Encryption Scheme based on Multivariate Polynomial EvaluationFeb 15 2019We propose a symmetric key homomorphic encryption scheme based on the evaluation of multivariate polynomials over a finite field. The proposed scheme is somewhat homomorphic with respect to addition and multiplication. Further, we define a generalization ... More
ForestFirewalls: Getting Firewall Configuration Right in Critical Networks (Technical Report)Feb 15 2019Firewall configuration is critical, yet often conducted manually with inevitable errors, leaving networks vulnerable to cyber attack [40]. The impact of misconfigured firewalls can be catastrophic in Supervisory Control and Data Acquisition (SCADA) networks. ... More
Decentralized Release of Self-emerging Data using Smart ContractsFeb 14 2019In the age of Big Data, releasing protected sensitive data at a future point in time is critical for various applications. Such self-emerging data release requires the data to be protected until a prescribed data release time and be automatically released ... More
Estimating the Circuit Deobfuscating Runtime based on Graph Deep LearningFeb 14 2019Circuit obfuscation is a recently proposed defense mechanism to protect digital integrated circuits (ICs) from reverse engineering by using camouflaged gates i.e., logic gates whose functionality cannot be precisely determined by the attacker. There have ... More
Security and Privacy Preserving Data Aggregation in Cloud ComputingFeb 14 2019Smart metering is an essential feature of smart grids, allowing residential customers to monitor and reduce electricity costs. Devices called smart meters allows residential customers to monitor and reduce electricity costs, promoting energy saving, demand ... More
Protect Your Chip Design Intellectual Property: An OverviewFeb 14 2019The increasing cost of integrated circuit (IC) fabrication has driven most companies to "go fabless" over time. The corresponding outsourcing trend gave rise to various attack vectors, e.g., illegal overproduction of ICs, piracy of the design intellectual ... More
Spy the little Spies - Security and Privacy issues of Smart GPS trackersFeb 14 2019Tracking expensive goods and/or targeted individuals with high-tech devices has been of high interest for the last 30 years. More recently, other use cases such as parents tracking their children have become popular. One primary functionality of these ... More
Smart contracts meet quantum cryptographyFeb 14 2019We put forward the idea that classical blockchains and smart contracts are potentially useful primitives not only for classical cryptography, but for quantum cryptography as well. Abstractly, a smart contract is a functionality that allows parties to ... More
Potentially Information-theoretic Secure Y00 Quantum Stream Cipher with Limited Key Lengths beyond One-Time PadFeb 14 2019The previous work showed that the Y00 protocol could stay secure with the eavesdropper's guessing probability on the secret keys being strictly less than one under an unlimitedly long known-plaintext attack with quantum memory. However, an assumption ... More
Spectre is here to stay: An analysis of side-channels and speculative executionFeb 14 2019The recent discovery of the Spectre and Meltdown attacks represents a watershed moment not just for the field of Computer Security, but also of Programming Languages. This paper explores speculative side-channel attacks and their implications for programming ... More
SoK: Transparent Dishonesty: front-running attacks on BlockchainFeb 13 2019We consider front-running to be a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades. Front-running has been an issue in financial instrument markets since the 1970s. With ... More
A Low-overhead Kernel Object Monitoring Approach for Virtual Machine IntrospectionFeb 13 2019Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspection-based security monitors to protect virtual machines in cloud computing, such as monitoring dentry objects to intercept file operations, etc. However, ... More
Business Process Privacy Analysis in PleakFeb 13 2019Pleak is a tool to capture and analyze privacy-enhanced business process models to characterize and quantify to what extent the outputs of a process leak information about its inputs. Pleak incorporates an extensible set of analysis plugins, which enable ... More
An Empirical Study of Blockchain-based Decentralized ApplicationsFeb 13 2019A decentralized application (dapp for short) refers to an application that is executed by multiple users over a decentralized network. In recent years, the number of dapp keeps fast growing, mainly due to the popularity of blockchain technology. Despite ... More
Federated Machine Learning: Concept and ApplicationsFeb 13 2019Today's AI still faces two major challenges. One is that in most industries, data exists in the form of isolated islands. The other is the strengthening of data privacy and security. We propose a possible solution to these challenges: secure federated ... More
Delog: A Privacy Preserving Log Filtering Framework for Online Compute PlatformsFeb 13 2019In many software applications, logs serve as the only interface between the application and the developer. However, navigating through the logs of long-running applications is often challenging. Logs from previously successful application runs can be ... More
Towards a Better Indicator for Cache Timing ChannelsFeb 13 2019Recent studies highlighting the vulnerability of computer architecture to information leakage attacks have been a cause of significant concern. Among the various classes of microarchitectural attacks, cache timing channels are especially worrisome since ... More
Privacy-Utility Trade-off of Linear Regression under Random Projections and Additive NoiseFeb 13 2019Data privacy is an important concern in machine learning, and is fundamentally at odds with the task of training useful learning models, which typically require the acquisition of large amounts of private user data. One possible way of fulfilling the ... More
Evaluating Reputation Management Schemes of Internet of Vehicles based on Evolutionary Game TheoryFeb 12 2019Conducting reputation management is very important for Internet of vehicles. However, most of the existing researches evaluate the effectiveness of their schemes with settled attacking behaviors in their simulation which cannot represent the scenarios ... More
A Privacy-Preserving Traffic Monitoring Scheme via Vehicular CrowdsourcingFeb 12 2019The explosive growth of vehicle amount has given rise to a series of traffic problems, such as traffic congestion, road safety, and fuel waste. Collecting vehicles' speed information is an effective way to monitor the traffic condition and avoid vehicles ... More
RTbust: Exploiting Temporal Patterns for Botnet Detection on TwitterFeb 12 2019Within OSNs, many of our supposedly online friends may instead be fake accounts called social bots, part of large groups that purposely re-share targeted content. Here, we study retweeting behaviors on Twitter, with the ultimate goal of detecting retweeting ... More
Intrinsic Rowhammer PUFs: Leveraging the Rowhammer Effect for Improved SecurityFeb 12 2019Physically Unclonable Functions (PUFs) have become an important and promising hardware primitive for device fingerprinting, device identification, or key storage. Intrinsic PUFs leverage components already found in existing devices, unlike extrinsic silicon ... More
Examining Adversarial Learning against Graph-based IoT Malware Detection SystemsFeb 12 2019The main goal of this study is to investigate the robustness of graph-based Deep Learning (DL) models used for Internet of Things (IoT) malware classification against Adversarial Learning (AL). We designed two approaches to craft adversarial IoT software, ... More
TensorSCONE: A Secure TensorFlow Framework using Intel SGXFeb 12 2019Machine learning has become a critical component of modern data-driven online services. Typically, the training phase of machine learning techniques requires to process large-scale datasets which may contain private and sensitive information of customers. ... More
Verification Code Recognition Based on Active and Deep LearningFeb 12 2019A verification code is an automated test method used to distinguish between humans and computers. Humans can easily identify verification codes, whereas machines cannot. With the development of convolutional neural networks, automatically recognizing ... More
Real Time Lateral Movement Detection based on Evidence Reasoning Network for Edge Computing EnvironmentFeb 12 2019Edge computing is providing higher class intelligent service and computing capabilities at the edge of the network. The aim is to ease the backhaul impacts and offer an improved user experience, however, the edge artificial intelligence exacerbates the ... More
Asymptotic Performance Analysis of Blockchain ProtocolsFeb 12 2019In the light of the recent fame of Blockchain technologies, numerous proposals and projects aiming at better practical viability have emerged. However, formally assessing their particularities and benefits has proven to be a difficult task. The aim of ... More
Achieving Trust-Based and Privacy-Preserving Customer Selection in Ubiquitous ComputingFeb 12 2019The recent proliferation of smart devices has given rise to ubiquitous computing, an emerging computing paradigm which allows anytime & anywhere computing possible. In such a ubiquitous computing environment, customers release different computing or sensing ... More
Parametric analyses of attack-fault treesFeb 12 2019Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are conditions that ... More
Orchestrating Product Provenance Story: When IOTA ECOSYSTEM Meets The Electronics Supply Chain SpaceFeb 12 2019"Trustworthy data" is the fuel for ensuring the transparent traceability, precise decision-making, and cogent coordination in the supply chain (SC) space. However, the disparate data silos act as a trade barrier in orchestrating the provenance of product ... More
Achieving GWAS with Homomorphic EncryptionFeb 12 2019One way of investigating how genes affect human traits would be with a genome-wide association study (GWAS). Genetic markers, known as single-nucleotide polymorphism (SNP), are used in GWAS. This raises privacy and security concerns as these genetic markers ... More
Communication-efficient Certificate Revocation Management for Advanced Metering InfrastructureFeb 12 2019Advanced Metering Infrastructure (AMI) forms a communication network for the collection of power data from smart meters in Smart Grid. As the communication within an AMI needs to be secure, public-key cryptography (PKC) can be used to reduce the overhead ... More
Adversarial Samples on Android Malware Detection Systems for IoT SystemsFeb 12 2019Many IoT(Internet of Things) systems run Android systems or Android-like systems. With the continuous development of machine learning algorithms, the learning-based Android malware detection system for IoT devices has gradually increased. However, these ... More
A survey on Adversarial Attacks and Defenses in TextFeb 12 2019Deep neural networks (DNNs) have shown an inherent vulnerability to adversarial examples which are maliciously crafted on real examples by attackers, aiming at making target DNNs misbehave. The threats of adversarial examples are widely existed in image, ... More
Statistical Model Checking for Probabilistic HyperpropertiesFeb 11 2019Feb 13 2019In this paper, we propose the temporal logic HyperPCTL$^*$ that extends PCTL$^*$ and HyperPCTL to reason about probabilistic hyperproperties. It allows expressing probabilistic hyperproperties with nested temporal and probability operators. We show that ... More
Statistical Model Checking for Probabilistic HyperpropertiesFeb 11 2019In this paper, we propose the temporal logic HyperPCTL$^*$ that extends PCTL$^*$ and HyperPCTL to reason about probabilistic hyperproperties. It allows expressing probabilistic hyperproperties with nested temporal and probability operators. We show that ... More
Applications of Machine Learning in Cryptography: A SurveyFeb 11 2019Machine learning techniques have had a long list of applications in recent years. However, the use of machine learning in information and network security is not new. Machine learning and cryptography have many things in common. The most apparent is the ... More
Analyzing, Comparing, and Detecting Emerging Malware: A Graph-based ApproachFeb 11 2019The growth in the number of Android and Internet of Things (IoT) devices has witnessed a parallel increase in the number of malicious software (malware), calling for new analysis approaches. We represent binaries using their graph properties of the Control ... More
Energy-recycling Blockchain with Proof-of-Deep-LearningFeb 11 2019An enormous amount of energy is wasted in Proofof-Work (PoW) mechanisms adopted by popular blockchain applications (e.g., PoW-based cryptocurrencies), because miners must conduct a large amount of computation. Owing to this, one serious rising concern ... More
Achieving Secure and Efficient Cloud Search Services: Cross-Lingual Multi-Keyword Rank Search over Encrypted Cloud DataFeb 11 2019Multi-user multi-keyword ranked search scheme in arbitrary language is a novel multi-keyword rank searchable encryption (MRSE) framework based on Paillier Cryptosystem with Threshold Decryption (PCTD). Compared to previous MRSE schemes constructed based ... More
Mind the MiningFeb 11 2019In this paper we revisit the mining strategies in proof of work based cryptocurrencies and propose two strategies, we call smart and smarter mining, that in many cases strictly dominate honest mining. In contrast to other known attacks, like selfish mining, ... More
Mind the MiningFeb 11 2019Feb 12 2019In this paper we revisit the mining strategies in proof of work based cryptocurrencies and propose two strategies, we call smart and smarter mining, that in many cases strictly dominate honest mining. In contrast to other known attacks, like selfish mining, ... More
Drynx: Decentralized, Secure, Verifiable System for Statistical Queries and Machine Learning on Distributed DatasetsFeb 11 2019Data sharing has become of primary importance in many domains such as big-data analytics, economics and medical research, but remains difficult to achieve when the data are sensitive. In fact, sharing personal information requires individuals' unconditional ... More
Blockchain based Privacy-Preserving Software Updates with Proof-of-Delivery for Internet of ThingsFeb 11 2019A large number of IoT devices are connected via the Internet. However, most of these IoT devices are generally not perfect-by-design even have security weaknesses or vulnerabilities. Thus, it is essential to update these IoT devices securely, patching ... More
A Blockchain-based Self-tallying Voting Scheme in Decentralized IoTFeb 11 2019The Internet of Things (IoT) is experiencing explosive growth and has gained extensive attention from academia and industry in recent years. Most of the existing IoT infrastructures are centralized, in which the presence of a cloud server is mandatory. ... More
Authentication Scheme Based on Hashchain for Space-Air-Ground Integrated NetworkFeb 10 2019With the development of artificial intelligence and self-driving, vehicular ad-hoc network (VANET) has become an irreplaceable part of the Intelligent Transportation Systems (ITSs). However, the traditional network of the ground cannot meet the requirements ... More
Physical Layer Identification based on Spatial-temporal Beam Features for Millimeter Wave Wireless NetworksFeb 10 2019With millimeter wave (mmWave) wireless communication envisioned to be the key enabler of next generation high data rate wireless networks, security is of paramount importance. While conventional security measures in wireless networks operate at a higher ... More
Machine Learning With Feature Selection Using Principal Component Analysis for Malware Detection: A Case StudyFeb 10 2019Cyber security threats have been growing significantly in both volume and sophistication over the past decade. This poses great challenges to malware detection without considerable automation. In this paper, we have proposed a novel approach by extending ... More
Exploring Spatial, Temporal, and Logical Attacks on the Bitcoin NetworkFeb 10 2019In this paper, we explore the partitioning attacks on the Bitcoin network, which is shown to exhibit spatial bias, and temporal and logical diversity. Through data-driven study we highlight: 1) the centralization of Bitcoin nodes across autonomous systems, ... More
A Novel Secure Authentication Scheme for Heterogeneous Internet of ThingFeb 10 2019Today, Internet of Things (IoT) technology is being increasingly popular which is applied in a wide range of industry sectors such as healthcare, transportation and some critical infrastructures. With the widespread applications of IoT technology, people's ... More
Architecting Non-Volatile Main Memory to Guard Against Persistence-based AttacksFeb 09 2019DRAM-based main memory and its associated components increasingly account for a significant portion of application performance bottlenecks and power budget demands inside the computing ecosystem. To alleviate the problems of storage density and power ... More
An Efficient Linkable Group Signature for Payer Tracing in Anonymous CryptocurrenciesFeb 09 2019Cryptocurrencies, led by bitcoin launched in 2009, have obtained wide attention due to the emerging Blockchain in recent years. Anonymous cryptocurrencies are highly essential since users want to preserve their privacy when conducting transactions. However, ... More
A Novel Data Encryption Algorithm Design and Implementation in Information Security ScopeFeb 09 2019Today, the protection of information, ensuring of the safety and the recall in lossless in case of need is highly significant and it is seen as a major threat in the field. Information security is possible by hiding the available data, by encrypting, ... More
A Light-Weight Authentication Scheme for Air Force Internet of ThingsFeb 08 2019Internet of Things (IoT) is ubiquitous because of its broad applications and the advance in communication technologies. The capabilities of IoT also enable its important role in homeland security and tactical missions, including Reconnaissance, Intelligence, ... More
Practical Enclave Malware with Intel SGXFeb 08 2019Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. For instance, Intel's threat model for SGX assumes fully trusted enclaves, yet there is an ongoing debate on whether this threat model is realistic. ... More
Privacy Leakage in Smart Homes and Its Mitigation: IFTTT as a Case StudyFeb 08 2019The combination of smart home platforms and automation apps introduces much convenience to smart home users. However, this also brings the potential for privacy leakage. If a smart home platform is permitted to collect all the events of a user day and ... More
Game-Theoretic Analysis of Cyber Deception: Evidence-Based Strategies and Dynamic Risk MitigationFeb 08 2019Deception is a technique to mislead human or computer systems by manipulating beliefs and information. For the applications of cyber deception, non-cooperative games become a natural choice of models to capture the adversarial interactions between the ... More
Discretization based Solutions for Secure Machine Learning against Adversarial AttacksFeb 08 2019Feb 11 2019Adversarial examples are perturbed inputs that are designed (from a deep learning network's (DLN) parameter gradients) to mislead the DLN during test time. Intuitively, constraining the dimensionality of inputs or parameters of a network reduces the 'space' ... More
Discretization based Solutions for Secure Machine Learning against Adversarial AttacksFeb 08 2019Adversarial examples are perturbed inputs that are designed (from a deep learning network's (DLN) parameter gradients) to mislead the DLN during test time. Intuitively, constraining the dimensionality of inputs or parameters of a network reduces the 'space' ... More
Two-tier blockchain timestamped notarization with incremental securityFeb 08 2019Digital notarization is one of the most promising services offered by modern blockchain-based solutions. We present a digital notary design with incremental security and cost reduced with respect to current solutions. A client of the service receives ... More
Blind Channel Separation in Massive MIMO System under Pilot Spoofing and Jamming AttackFeb 08 2019We consider a channel separation approach to counter the pilot attack in a massive MIMO system, where malicious users (MUs) perform pilot spoofing and jamming attack (PSJA) in uplink by sending symbols to the basestation (BS) during the channel estimation ... More
Hash Functions and Benchmarks for Resource Constrained Passive Devices: A Preliminary StudyFeb 08 2019Recently, we have witnessed the emergence of intermittently powered computational devices, an early example is the Intel WISP (Wireless Identification and Sensing Platform). How we engineer basic security services to realize mutual authentication, confidentiality ... More
Building Secure SRAM PUF Key Generators on Resource Constrained DevicesFeb 08 2019A securely maintained key is the premise upon which data stored and transmitted by ubiquitously deployed resource limited devices, such as those in the Internet of Things (IoT), are protected. However, many of these devices lack a secure non-volatile ... More
Adversarial Initialization -- when your network performs the way I wantFeb 08 2019The increase in computational power and available data has fueled a wide deployment of deep learning in production environments. Despite their successes, deep architectures are still poorly understood and costly to train. We demonstrate in this paper ... More
Taxonomy driven indicator scoring in MISP threat intelligence platformsFeb 08 2019IT security community is recently facing a change of trend from closed to open working groups and from restrictive information to full information disclosure and sharing. One major feature for this trend change is the number of incidents and various Indicators ... More
Understanding the One-Pixel Attack: Propagation Maps and Locality AnalysisFeb 08 2019Deep neural networks were shown to be vulnerable to single pixel modifications. However, the reason behind such phenomena has never been elucidated. Here, we propose Propagation Maps which show the influence of the perturbation in each layer of the network. ... More
ARM2GC: Succinct Garbled Processor for Secure ComputationFeb 08 2019We present ARM2GC, a novel secure computation framework based on Yao's Garbled Circuit (GC) protocol and the ARM processor. It allows users to develop privacy-preserving applications using standard high-level programming languages (e.g., C) and compile ... More
Achieving Data Utility-Privacy Tradeoff in Internet of Medical Things: A Machine Learning ApproachFeb 08 2019The emergence and rapid development of the Internet of Medical Things (IoMT), an application of the Internet of Things into the medical and healthcare systems, have brought many changes and challenges to modern medical and healthcare systems. Particularly, ... More
Constructive Non-Linear Polynomial Cryptanalysis of a Historical Block CipherFeb 07 2019One of the major open problems in symmetric cryptanalysis is to discover new specif i c types of invariant properties which can hold for a larger number of rounds of a block cipher. We have Generalised Linear Cryptanalysis (GLC) and Partitioning Cryptanalysis ... More
Hide and Speak: Deep Neural Networks for Speech SteganographyFeb 07 2019Steganography is the science of hiding a secret message within an ordinary public message, which referred to as Carrier. Traditionally, digital signal processing techniques, such as least significant bit encoding, were used for hiding messages. In this ... More