A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  

  First | 1 2        [Sort by number of followers]   [Restore default list]

  Subjects -> SCIENCES: COMPREHENSIVE WORKS (Total: 374 journals)
Showing 201 - 265 of 265 Journals sorted alphabetically
Jurnal Udayana Mengabdi     Open Access  
Karaelmas Science and Engineering Journal     Open Access  
Karbala International Journal of Modern Science     Open Access  
Kennedy Institute of Ethics Journal     Full-text available via subscription   (Followers: 10)
LOGIKA Jurnal Ilmiah Lemlit Unswagati Cirebon     Open Access  
Makara Journal of Science     Open Access  
Malawi Journal of Science and Technology     Open Access   (Followers: 6)
Maskana     Open Access  
Matters Select     Open Access  
MethodsX     Open Access   (Followers: 1)
Metode & Forskningsdesign     Open Access  
Mètode Science Studies Journal : Annual Review     Open Access  
Middle East Journal of Science     Open Access  
Middle European Scientific Bulletin     Open Access  
Modern Applied Science     Open Access   (Followers: 1)
Momona Ethiopian Journal of Science     Open Access   (Followers: 5)
MUST : Journal of Mathematics Education, Science and Technology     Open Access   (Followers: 4)
Mutis     Open Access  
National Academy Science Letters     Hybrid Journal   (Followers: 3)
National Science Review     Hybrid Journal   (Followers: 1)
Natural Sciences     Open Access  
Natural Sciences Education     Hybrid Journal  
Naturen     Full-text available via subscription  
Nepal Journal of Science and Technology     Open Access  
Network Science     Hybrid Journal   (Followers: 4)
New Directions in the Teaching of Physical Sciences     Open Access   (Followers: 2)
Nordic Journal of Science and Technology     Open Access   (Followers: 2)
Nordic Studies in Science Education     Open Access   (Followers: 3)
Nova     Open Access  
Nuncius     Hybrid Journal   (Followers: 2)
OmniScience : A Multi-disciplinary Journal     Full-text available via subscription  
Open Conference Proceedings Journal     Open Access  
Open Journal of Applied Sciences     Open Access  
Orbis Cógnita : Revista Científica     Open Access   (Followers: 3)
Patterns     Open Access  
PENDIPA : Journal of Science Education     Open Access  
People and Nature     Open Access   (Followers: 3)
Población y Desarrollo - Argonautas y caminantes     Open Access  
Politique et Sociétés     Full-text available via subscription   (Followers: 1)
Portal de la Ciencia     Open Access  
Proceedings of the Indian National Science Academy     Full-text available via subscription  
Proceedings of the Linnean Society of New South Wales     Full-text available via subscription   (Followers: 2)
Proceedings of the Royal Society of Queensland, The     Full-text available via subscription  
QScience Connect     Open Access  
RAC: Revista Angolana de Ciências     Open Access  
Rafidain Journal of Science     Open Access  
Rehabilitation Research, Policy, and Education     Hybrid Journal   (Followers: 2)
Rekayasa     Open Access  
Reportes Científicos de la FaCEN     Open Access  
Reports in Advances of Physical Sciences     Open Access  
Research     Open Access   (Followers: 1)
Research Ideas and Outcomes     Open Access  
Research Integrity and Peer Review     Open Access  
Research Policy : X     Open Access   (Followers: 2)
Respuestas     Open Access  
Reviews in Theoretical Science     Full-text available via subscription  
Revista Bases de la Ciencia     Open Access  
Revista Binacional Brasil - Argentina: Diálogo entre as ciências     Open Access  
Revista Brasileira de Iniciação Científica     Open Access  
Revista Catarinense da Ciência Contábil     Open Access  
Revista Ciencia y Tecnología     Open Access  
Revista Ciência, Tecnologia & Ambiente     Open Access  
Revista Científica de la FAREM     Open Access  
Revista Científica de la Universidad Nacional del Este     Open Access  
Revista Cientifica Guillermo de Ockham     Open Access  
Revista Científica y Tecnológica UPSE     Open Access  
Revista Conhecimento Online     Open Access  
Revista Crítica de Ciências Sociais     Open Access  
Revista de Ciencia y Tecnología     Open Access  
Revista de Información Científica     Open Access  
Revista de la Academia Colombiana de Ciencias Exactas, Físicas y Naturales     Open Access  
Revista de la Sociedad Científica del Paraguay     Open Access  
Revista de la Universidad del Zulia     Open Access  
Revista Eletrônica Ludus Scientiae     Open Access  
Revista Logos Ciencia & Tecnología     Open Access  
Revista MundoFesc     Open Access  
Revista Politécnica     Open Access  
Revista Saber Digital     Open Access  
Revista Sociedad y Economía     Open Access  
Revista Tecnológica     Open Access  
Revista Theoria     Open Access   (Followers: 1)
Revista UNIMAR     Open Access  
Revista UniVap     Open Access  
Revista Vivências em Ensino de Ciências     Open Access   (Followers: 1)
Rihan Journal for Scientific Publishing     Open Access  
Royal Society Open Science     Open Access   (Followers: 7)
Ruhuna Journal of Science     Open Access  
Sainstek : Jurnal Sains dan Teknologi     Open Access  
SAINSTIS     Open Access  
Sainteknol : Jurnal Sains dan Teknologi     Open Access  
Sakarya Üniversitesi Fen Bilimleri Enstitüsü Dergisi     Open Access  
Scholedge International Journal of Multidisciplinary & Allied Studies     Open Access  
Sci     Open Access  
Science     Full-text available via subscription   (Followers: 4348)
Science & Diplomacy     Free   (Followers: 3)
Science & Technology Studies     Open Access   (Followers: 3)
Science Advances     Free   (Followers: 27)
Science and Technology     Open Access   (Followers: 2)
Science Diliman     Open Access  
Science Heritage Journal     Open Access  
Science World Journal     Open Access  
Science, Technology and Arts Research Journal     Open Access   (Followers: 1)
ScienceRise     Open Access  
Sciences du jeu     Open Access  
Sciential     Open Access  
Scientific African     Open Access  
Scientific American     Full-text available via subscription   (Followers: 446)
Scientific American Mind     Full-text available via subscription   (Followers: 10)
Scientific Bulletin     Open Access  
Scientific Data     Open Access   (Followers: 5)
Scientific Journal of Mehmet Akif Ersoy University     Open Access  
Scientific Journal of Pure and Applied Sciences     Open Access   (Followers: 1)
Scientific Reports     Open Access   (Followers: 85)
Scientific World     Open Access  
Scientonomy : Journal for the Science of Science     Open Access   (Followers: 1)
Scienze Regionali : Italian Journal of Regional Science     Full-text available via subscription   (Followers: 18)
Selforganizology     Open Access  
Seminário de Iniciação Científica e Seminário Integrado de Ensino, Pesquisa e Extensão     Open Access  
Simbiótica     Open Access  
SINET : Ethiopian Journal of Science     Open Access   (Followers: 5)
Smart Science     Open Access  
South African Journal of Science     Open Access   (Followers: 3)
South American Sciences     Open Access  
South East European University Review (SEEU Review)     Open Access   (Followers: 2)
Springer Science Reviews     Hybrid Journal   (Followers: 2)
Studies in Science Education     Hybrid Journal   (Followers: 18)
Sultan Qaboos University Journal for Science     Open Access  
Tanzania Journal of Science     Open Access   (Followers: 4)
TD : The Journal for Transdisciplinary Research in Southern Africa     Open Access  
Technologies     Open Access   (Followers: 1)
TECNOSCIENZA: Italian Journal of Science & Technology Studies     Open Access   (Followers: 1)
Temas y Debates     Open Access  
The Innovation     Open Access   (Followers: 1)
The Scientific World Journal     Open Access  
The Social Studies     Hybrid Journal   (Followers: 3)
The Winnower     Open Access  
Theoria     Open Access   (Followers: 3)
THEORIA : An International Journal for Theory, History and Foundations of Science     Full-text available via subscription   (Followers: 1)
Transactions of Tianjin University     Full-text available via subscription  
Trilogía     Open Access  
TÜBAV Bilim Dergisi     Open Access  
Türk Bilim ve Mühendislik Dergisi     Open Access  
Tydskrif vir Geesteswetenskappe     Open Access  
Uluslararası Bilimsel Araştırmalar Dergisi (IBAD)     Open Access   (Followers: 1)
UNED Research Journal / Cuadernos de Investigación UNED     Open Access  
Uni-pluriversidad     Open Access  
Uniciencia     Open Access  
Universidad, Ciencia y Tecnología     Open Access  
Universitas (León)     Open Access  
Universitas Scientiarum     Open Access  
Unnes Science Education Journal     Open Access  
Vilnius University Proceedings     Open Access  
Walailak Journal of Science and Technology     Open Access  
WikiJournal of Science     Open Access  
World Scientific Research     Open Access  
Zeitschrift für Didaktik der Naturwissenschaften     Hybrid Journal  
Образование и наука     Open Access   (Followers: 1)
Східно-Європейський журнал передових технологій : Eastern-European Journal of Enterprise Technologies     Open Access   (Followers: 2)

  First | 1 2        [Sort by number of followers]   [Restore default list]

Similar Journals
Journal Cover
Springer Science Reviews
Number of Followers: 2  
 
  Hybrid Journal Hybrid journal (It can contain Open Access articles)
ISSN (Online) 2213-7793
Published by Springer-Verlag Homepage  [2469 journals]
  • Towards Transferable Adversarial Attack Against Deep Face Recognition

    • Free pre-print version: Loading...

      Authors: Yaoyao Zhong;Weihong Deng;
      Pages: 1452 - 1466
      Abstract: Face recognition has achieved great success in the last five years due to the development of deep learning methods. However, deep convolutional neural networks (DCNNs) have been found to be vulnerable to adversarial examples. In particular, the existence of transferable adversarial examples can severely hinder the robustness of DCNNs since this type of attacks can be applied in a fully black-box manner without queries on the target system. In this work, we first investigate the characteristics of transferable adversarial attacks in face recognition by showing the superiority of feature-level methods over label-level methods. Then, to further improve transferability of feature-level adversarial examples, we propose DFANet, a dropout-based method used in convolutional layers, which can increase the diversity of surrogate models and obtain ensemble-like effects. Extensive experiments on state-of-the-art face models with various training databases, loss functions and network architectures show that the proposed method can significantly enhance the transferability of existing attack methods. Finally, by applying DFANet to the LFW database, we generate a new set of adversarial face pairs that can successfully attack four commercial APIs without any queries. This TALFW database is available to facilitate research on the robustness and defense of deep face recognition.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Joint Estimation of Pose and Singular Points of Fingerprints

    • Free pre-print version: Loading...

      Authors: Qihao Yin;Jianjiang Feng;Jiwen Lu;Jie Zhou;
      Pages: 1467 - 1479
      Abstract: Fingerprint pose estimation is a challenging problem since the pose is not defined by salient anatomical features and fingerprint images usually suffer from noise and small area. In this article, we proposed a method for joint estimation of pose and singular points of fingerprints, with the expectation that the pose and singular points can improve each other. By virtue of that singular points can be located accurately, we hope to improve the accuracy of pose estimation. Meanwhile, the robustness of pose estimation can improve the anti-noise performance of singular point detection. To achieve this, we propose a multi-task deep neural network, which contains a feature extraction body and two estimation heads for singular point and pose respectively. The proposed network can deal with various types of fingerprints, including plain, rolled and latent fingerprints. Experiments on four databases (NIST SD4, SD14, SD27 and FVC2004 DB1A) show that (1) the estimated poses and detected singular points are close to manual annotations despite of different image qualities; (2) the estimated poses for mated fingerprint pairs are consistent; and (3) the proposed pose estimation method outperforms state-of-the-art methods while utilized as pose constraint for a fingerprint indexing algorithm.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Attribute-Aligned Domain-Invariant Feature Learning for Unsupervised
           Domain Adaptation Person Re-Identification

    • Free pre-print version: Loading...

      Authors: Huafeng Li;Yiwen Chen;Dapeng Tao;Zhengtao Yu;Guanqiu Qi;
      Pages: 1480 - 1494
      Abstract: Domain invariance and discrimination of learned features as two crucial factors affect the performance of unsupervised domain adaptation (UDA) person re-identification (Re-ID). Person attributes (such as “backpack”, “boots”, “handbag”, etc) remaining unchanged across multiple domains have been used as mid-level visual-semantic information in UDA person Re-ID. As two main challenges, both misalignment of attribute-related regions across multiple images and domain shift between source and target domains affect the learning of domain-invariant features (DIF). To address the above two challenges, this article proposes to take advantage of the stability of person attributes and the complementarity of person attributes and the corresponding low-level visual features to guide the learning of discriminative DIF. Specifically, the proposed solution contains the generation of latent attribute-correlated visual features (GLAVF), DIF learning under the guidance of person attributes, and the alignment of person attributes corresponding to the local regions of pedestrian images. Due to the gap between person attributes and visual features, person attributes are first converted into latent attribute-correlated visual features (LAVF) without any specific domain information in GLAVF, and then LAVF are used as the substitutions of person attributes to guide the learning of DIF. To enhance the discrimination of learned features, the proposed solution mainly explores the alignment between person attributes and corresponding local regions, and the alignment of the same person attributes across multiple pedestrian images. A fully connected layer is used to achieve the above two types of alignment in the proposed framework, which reduces the adverse impacts of inference information and ensures the semantic consistency between person attributes and corresponding local regions -cross multiple pedestrian images. The effectiveness of the proposed solution is confirmed on four existing datasets by comparative experiments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Zero-Forcing Beamforming for Active and Passive Eavesdropper Mitigation in
           Visible Light Communication Systems

    • Free pre-print version: Loading...

      Authors: Sunghwan Cho;Gaojie Chen;Justin P. Coon;
      Pages: 1495 - 1505
      Abstract: This article proposes zero-forcing (ZF) beamforming strategies that can simultaneously deal with active and passive eavesdroppers in visible light communication (VLC) systems. First, we propose a ZF beamforming scheme that steers a transmission beam to the null space of active eavesdroppers' (AEDs) channel, while simultaneously considering the SNRs for a legitimate user (UE) and passive eavesdroppers (PEDs) residing at unknown locations. To find an eigenmode related to the optimal beamforming vector, we adopt an inverse free preconditioned Krylov subspace projection method. For unfavorable VLC secrecy environments, the proposed ZF beamformer appears to be incapable of effectively coping with the PEDs due to the strict condition that the data transmission must be in the null space of the AEDs' channel matrix. Hence, an alternative beamforming scheme is proposed by relaxing the constraint on the SNRs of the AEDs. The related optimization problem is formulated to reduce the secrecy outages caused by PEDs, while simultaneously satisfying the target constraints on the SNRs of the UE and the AEDs. To simplify the mathematical complexity of the approach, Lloyd's algorithm is employed to sample the SNR field, which in turn discretizes the problem, thus making it tractable for practical implementation. The numerical results show that both the exact and relaxed ZF beamforming methods achieve superior performance in the sense of secrecy outage relative to a benchmark ZF scheme. Moreover, the proposed relaxed ZF beamforming method is shown to cope with PEDs better than the exact ZF beamforming approach for unfavorable VLC environments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Comparison of Statistical and Machine Learning Techniques for Physical
           Layer Authentication

    • Free pre-print version: Loading...

      Authors: Linda Senigagliesi;Marco Baldi;Ennio Gambi;
      Pages: 1506 - 1521
      Abstract: In this article we consider authentication at the physical layer, in which the authenticator aims at distinguishing a legitimate supplicant from an attacker on the basis of the characteristics of a set of parallel wireless channels, which are affected by time-varying fading. Moreover, the attacker's channel has a spatial correlation with the supplicant's one. In this setting, we assess and compare the performance achieved by different approaches under different channel conditions. We first consider the use of two different statistical decision methods, and we prove that using a large number of references (in the form of channel estimates) affected by different levels of time-varying fading is not beneficial from a security point of view. We then consider classification methods based on machine learning. In order to face the worst case scenario of an authenticator provided with no forged messages during training, we consider one-class classifiers. When instead the training set includes some forged messages, we resort to more conventional binary classifiers, considering the cases in which such messages are either labelled or not. For the latter case, we exploit clustering algorithms to label the training set. The performance of both nearest neighbor (NN) and support vector machine (SVM) classification techniques is evaluated. Through numerical examples, we show that under the same probability of false alarm, one-class classification (OCC) algorithms achieve the lowest probability of missed detection when a small spatial correlation exists between the main channel and the adversary one, while statistical methods are advantageous when the spatial correlation between the two channels is large.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Energy Management Strategy for Smart Meter Privacy and Cost Saving

    • Free pre-print version: Loading...

      Authors: Yang You;Zuxing Li;Tobias J. Oechtering;
      Pages: 1522 - 1537
      Abstract: We design optimal privacy-enhancing and cost-efficient energy management strategies for consumers that are equipped with a rechargeable energy storage. The Kullback-Leibler divergence rate is used as privacy measure and the expected cost-saving rate is used as utility measure. The corresponding energy management strategy is designed by optimizing a weighted sum of both privacy and cost measures over a finite time horizon, which is achieved by formulating our problem into a belief-state Markov decision process problem. A computationally efficient approximated Q-learning method is proposed as a generalization to high-dimensional problems over an infinite time horizon. At last, we explicitly characterize a stationary policy that achieves the steady belief state over an infinite time horizon, which greatly simplifies the design of the privacy-preserving energy management strategy. The performance of the practical design approaches are finally illustrated in numerical experiments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure Dynamic Searchable Symmetric Encryption With Constant Client
           Storage Cost

    • Free pre-print version: Loading...

      Authors: Kun He;Jing Chen;Qinxi Zhou;Ruiying Du;Yang Xiang;
      Pages: 1538 - 1549
      Abstract: Dynamic Searchable Symmetric Encryption (DSSE) enables users to search on the encrypted database stored on a semi-trusted server while keeping the search and update information under acceptable leakage. However, most existing DSSE schemes are not efficient enough in practice due to the complex structures and cryptographic primitives. Moreover, the storage cost on the client side grows linearly with the number of keywords in the database, which induces unaffordable storage cost when the size of keyword set is large. In this article, we focus on secure dynamic searchable symmetric encryption with constant client storage cost. Our framework is boosted by fish-bone chain, a novel two-level structure which consists of Logical Keyword Index Chain (LoKIC) and Document Index Chain (DIC). To instantiate the proposed framework, we propose a forward secure DSSE scheme, called CLOSE-F, and a forward and backward secure DSSE scheme, called CLOSE-FB. Experiments showed that the computation cost of CLOSE-F and CLOSE-FB are as efficient as the state-of-the-art solutions, while the storage costs on the client side are constant in both CLOSE-F and CLOSE-FB, which are much smaller than existing schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Dynamic-Hand-Gesture Authentication Dataset and Benchmark

    • Free pre-print version: Loading...

      Authors: Chang Liu;Yulin Yang;Xingyan Liu;Linpu Fang;Wenxiong Kang;
      Pages: 1550 - 1562
      Abstract: In recent years, biometrics have received considerable attention for its reliability and usability. Dynamic-hand-gesture is one of the representative biometric modalities, with advantages of safety and template-replaceability, has huge potential value. However, due to the lack of large-scale dataset and comprehensive evaluation methods, few researches are intended to study the dynamic-hand-gesture authentication method. In this article, we introduce a new dataset SCUT-DHGA, which is the first large-scale Dynamic-Hand-Gestures-Authentication dataset. SCUT-DHGA contains 29,160 dynamic-hand-gesture video sequences and more than 1.86 million frames for both color and depth modalities acquired from 193 volunteers. Six kinds of dynamic-hand-gestures are carefully designed for researching two types of authentication tasks: gesture-predefined authentication and gesture-free authentication. To investigate the hypothesis that users' gestures would be variant after time-span, which will degrade the performance of a dynamic-hand-gesture authentication system, two separate sessions' data were acquired from 50 volunteers with an average interval of one week. Beside the SCUT-DHGA dataset, we also benchmark this dataset with our proposed DHGA-net. By releasing such a large-scale dataset and benchmark, we expect dynamic-hand-gesture authentication methods to gain further improvement and generalization.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Performance-Sensitive Malware Detection System Using Deep Learning on
           Mobile Devices

    • Free pre-print version: Loading...

      Authors: Ruitao Feng;Sen Chen;Xiaofei Xie;Guozhu Meng;Shang-Wei Lin;Yang Liu;
      Pages: 1563 - 1578
      Abstract: Currently, Android malware detection is mostly performed on server side against the increasing number of malware. Powerful computing resource provides more exhaustive protection for app markets than maintaining detection by a single user. However, apart from the applications (apps) provided by the official market (i.e., Google Play Store), apps from unofficial markets and third-party resources are always causing serious security threats to end-users. Meanwhile, it is a time-consuming task if the app is downloaded first and then uploaded to the server side for detection, because the network transmission has a lot of overhead. In addition, the uploading process also suffers from the security threats of attackers. Consequently, a last line of defense on mobile devices is necessary and much-needed. In this paper, we propose an effective Android malware detection system, MobiTive, leveraging customized deep neural networks to provide a real-time and responsive detection environment on mobile devices. MobiTive is a pre-installed solution rather than an app scanning and monitoring engine using after installation, which is more practical and secure. Although a deep learning-based approach can be maintained on server side efficiently for malware detection, original deep learning models cannot be directly deployed and executed on mobile devices due to various performance limitations, such as computation power, memory size, and energy. Therefore, we evaluate and investigate the following key points: (1) the performance of different feature extraction methods based on source code or binary code; (2) the performance of different feature type selections for deep learning on mobile devices; (3) the detection accuracy of different deep neural networks on mobile devices; (4) the real-time detection performance and accuracy on different mobile devices; (5) the potential based on the evolution trend of mobile devices’-specifications; and finally we further propose a practical solution (MobiTive) to detect Android malware on mobile devices.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • On Joint Optimization of Automatic Speaker Verification and Anti-Spoofing
           in the Embedding Space

    • Free pre-print version: Loading...

      Authors: Alejandro Gomez-Alanis;Jose A. Gonzalez-Lopez;S. Pavankumar Dubagunta;Antonio M. Peinado;Mathew Magimai.-Doss;
      Pages: 1579 - 1593
      Abstract: Biometric systems are exposed to spoofing attacks which may compromise their security, and voice biometrics based on automatic speaker verification (ASV), is no exception. To increase the robustness against such attacks, anti-spoofing systems have been proposed for the detection of replay, synthesis and voice conversion-based attacks. However, most proposed anti-spoofing techniques are loosely integrated with the ASV system. In this work, we develop a new integration neural network which jointly processes the embeddings extracted from ASV and anti-spoofing systems in order to detect both zero-effort impostors and spoofing attacks. Moreover, we propose a new loss function based on the minimization of the area under the expected (AUE) performance and spoofability curve (EPSC), which allows us to optimize the integration neural network on the desired operating range in which the biometric system is expected to work. To evaluate our proposals, experiments were carried out on the recent ASVspoof 2019 corpus, including both logical access (LA) and physical access (PA) scenarios. The experimental results show that our proposal clearly outperforms some well-known techniques based on the integration at the score- and embedding-level. Specifically, our proposal achieves up to 23.62% and 22.03% relative equal error rate (EER) improvement over the best performing baseline in the LA and PA scenarios, respectively, as well as relative gains of 27.62% and 29.15% on the AUE metric.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Mockingbird: Defending Against Deep-Learning-Based Website Fingerprinting
           Attacks With Adversarial Traces

    • Free pre-print version: Loading...

      Authors: Mohammad Saidur Rahman;Mohsen Imani;Nate Mathews;Matthew Wright;
      Pages: 1594 - 1609
      Abstract: Website Fingerprinting (WF) is a type of traffic analysis attack that enables a local passive eavesdropper to infer the victim's activity, even when the traffic is protected by a VPN or an anonymity system like Tor. Leveraging a deep-learning classifier, a WF attacker can gain over 98% accuracy on Tor traffic. In this paper, we explore a novel defense, Mockingbird, based on the idea of adversarial examples that have been shown to undermine machine-learning classifiers in other domains. Since the attacker gets to design and train his attack classifier based on the defense, we first demonstrate that at a straightforward technique for generating adversarial-example based traces fails to protect against an attacker using adversarial training for robust classification. We then propose Mockingbird, a technique for generating traces that resists adversarial training by moving randomly in the space of viable traces and not following more predictable gradients. The technique drops the accuracy of the state-of-the-art attack hardened with adversarial training from 98% to 42-58% while incurring only 58% bandwidth overhead. The attack accuracy is generally lower than state-of-the-art defenses, and much lower when considering Top-2 accuracy, while incurring lower bandwidth overheads.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Achievable Rate Region of Energy-Harvesting Based Secure Two-Way
           Buffer-Aided Relay Networks

    • Free pre-print version: Loading...

      Authors: Yulong Nie;Xiaolong Lan;Yong Liu;Qingchun Chen;Gaojie Chen;Lisheng Fan;Dong Tang;
      Pages: 1610 - 1625
      Abstract: This paper considered an energy-harvesting based secure two-way relay (EH-STWR) network, where two users exchanged information with the assistance of one buffer-aided relay that harvested energy from two users. To realize the confidential message exchange between two users in the presence of a potential eavesdropper, a secure bidirectional relaying scheme based on time division broadcast (TDBC) was proposed, where one user sent artificial noise to suppress the eavesdropper and another user transmitted data to the relay. A secure sum-rate maximization problem was formulated subject to average and peak transmit power constraints, data buffer and energy storage causality, and transmission mode constraints. By employing the Lyapunov optimization framework, a security-aware adaptive transmission scheme was proposed to jointly adapt transmission mode selection, power allocation, and security rate allocation according to channel/buffer/energy state information (CSI/BSI/ESI). Analysis results showed that the average achievable secrecy rate region can be significantly improved and there exists an inherent trade-off among transmission delay, requirement of transmit power consumption, and achievable secure sum-rate. Moreover, the channel condition between the energy-constrained relay and the potential eavesdropper is a critical factor on the achievable long-term average secrecy rate performance.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Factory Calibration Fingerprinting of Sensors

    • Free pre-print version: Loading...

      Authors: Jiexin Zhang;Alastair R. Beresford;Ian Sheret;
      Pages: 1626 - 1639
      Abstract: Device fingerprinting aims to generate a distinctive signature, or fingerprint, that uniquely identifies individual computing devices. Fingerprints may be a privacy concern since apps and websites can use them to track user activity online. To protect user privacy, both Android and iOS have included a variety of measures to prevent such tracking. In this paper we present a new type of fingerprinting, factory calibration fingerprinting, that bypasses existing tracking protection. Our attack recovers embedded per-device factory calibration data from the accelerometer, gyroscope, and magnetometer sensors that are pervasive in modern smartphones by careful analysis of the sensor output alone. We discuss the factory calibration behaviour of each sensor and show that the calibration fingerprint is fast to generate, does not change over time or after a factory reset, and can be used to track users across apps and websites without any special permission from the user. We find the calibration fingerprint is very likely to be globally unique for iOS devices, with an estimated 67 bits of entropy for the iPhone 6S. In addition, we have analysed 146 Android device models from 11 vendors and found the attack also works on recent Google Pixel devices. For Pixel 4/4 XL, we estimate the calibration fingerprint provides about 57 bits of entropy. Following our disclosures, Apple deployed a mitigation in iOS 12.2 and Google in Android 11. We analyse Apple's fix and show that the mitigation is imperfect although it is likely to be sufficient in most threat models.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure Content Delivery in Two-Tier Cache-Enabled mmWave Heterogeneous
           Networks

    • Free pre-print version: Loading...

      Authors: Tong-Xing Zheng;Hao-Wen Liu;Ning Zhang;Zhiguo Ding;Victor C. M. Leung;
      Pages: 1640 - 1654
      Abstract: In this paper, we investigate secure content delivery in a two-tier cache-enabled millimeter wave (mmWave) heterogeneous network composed of a macro base station (MBS) and K small base stations (SBSs) with caching capabilities. We allocate finite cache units at the SBSs and MBS to pre-store files with high popularities, where the SBSs store the most popular files, and the MBS stores the less popular ones. To deliver the file requested by a legitimate user securely, two secure transmission schemes, namely, distributed beamforming and direct transmission, are employed at the SBSs and MBS, respectively. Moreover, artificial noise (AN) is combined with the above two transmission schemes to further improve transmission security. The connection outage probability, secrecy outage probability, and secrecy throughput for the proposed mmWave transmission schemes are obtained. Based on these results, we jointly design the transmission rates and the cache resource allocation between the SBSs and MBS to maximize the overall secrecy throughput. We also provide insights into how the overall secrecy throughput is influenced by various parameters, including transmission rates, power allocation ratio of the AN scheme, and cache allocation factor. Numerical results are eventually presented to validate our theoretical analysis and demonstrate the effectiveness of the proposed transmission schemes and cache resource allocation strategy.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secrecy Rate Optimization for Intelligent Reflecting Surface Assisted MIMO
           System

    • Free pre-print version: Loading...

      Authors: Zheng Chu;Wanming Hao;Pei Xiao;De Mi;Zilong Liu;Mohsen Khalily;James R. Kelly;Alexandros P. Feresidis;
      Pages: 1655 - 1669
      Abstract: This paper investigates the impact of intelligent reflecting surface (IRS) enabled wireless secure transmission. Specifically, an IRS is deployed to assist multiple-input multiple-output (MIMO) secure system to enhance the secrecy performance, and artificial noise (AN) is employed to introduce interference to degrade the reception of the eavesdropper. To improve the secrecy performance, we aim to maximize the achievable secrecy rate, subject to the transmit power constraint, by jointly designing the precoding of the secure transmission, the AN jamming, and the reflecting phase shift of the IRS. We first propose an alternative optimization algorithm (i.e., block coordinate descent (BCD) algorithm) to tackle the non-convexity of the formulated problem. This is made by deriving the transmit precoding and AN matrices via the Lagrange dual method and the phase shifts by the Majorization-Minimization (MM) algorithm. Our analysis reveals that the proposed BCD algorithm converges in a monotonically non-decreasing manner which leads to guaranteed optimal solution. Finally, we provide numerical results to validate the secrecy performance enhancement of the proposed scheme in comparison to the benchmark schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Multiuser MIMO Concept for Physical Layer Security in Multibeam Satellite
           Systems

    • Free pre-print version: Loading...

      Authors: Matthias G. Schraml;Robert T. Schwarz;Andreas Knopp;
      Pages: 1670 - 1680
      Abstract: In satellite communication downlinks, physical layer security is challenging to achieve due to their broadcasting nature and Line-of-Sight channel characteristics. This paper provides a precoding algorithm to secure the downlinks of multiple users against multiple eavesdroppers with optimization of the minimum secrecy capacity. By the use of artificial noise, a positive secrecy capacity is achievable even if the number of eavesdroppers is higher than the number of beams. We demonstrate that a multiple-reflector antenna design provides a significantly higher secrecy and throughput performance when compared to a single-reflector design due to additional degrees of freedom, exhibited by the signal phases. The total vulnerability region is introduced as a new figure of merit with respect to unidentified eavesdroppers.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure and Lightweight Conditional Privacy-Preserving Authentication for
           Securing Traffic Emergency Messages in VANETs

    • Free pre-print version: Loading...

      Authors: Lu Wei;Jie Cui;Yan Xu;Jiujun Cheng;Hong Zhong;
      Pages: 1681 - 1695
      Abstract: Owing to the development of wireless communication technology and the increasing number of automobiles, vehicular ad hoc networks (VANETs) have become essential tools to secure traffic safety and enhance driving convenience. It is necessary to design a conditional privacy-preserving authentication (CPPA) scheme for VANETs because of their vulnerability and security requirements. Traditional CPPA schemes have two deficiencies. One is that the communication or storage overhead is not sufficiently low, but the traffic emergency message requires an ultra-low transmission delay. The other is that traditional CPPA schemes do not consider updating the system secret key (SSK), which is stored in an unhackable Tamper Proof Device (TPD), whereas side-channel attack methods and the wide usage of the SSK increase the probability of breaking the SSK. To solve the first issue, we propose a CPPA signature scheme based on elliptic curve cryptography, which can achieve message recovery and be reduced to elliptic curve discrete logarithm assumption, so that traffic emergency messages are secured with ultra-low communication overhead. To solve the second issue, we design an SSK updating algorithm, which is constructed on Shamir's secret sharing algorithm and secure pseudo random function, so that the TPDs of unrevoked vehicles can update SSK securely. Formal security proof and analysis show that our proposed scheme satisfies the security and privacy requirements of VANETs. Performance analysis demonstrates that our proposed scheme requires less storage size and has a lower transmission delay compared with related schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • The P-DESTRE: A Fully Annotated Dataset for Pedestrian Detection,
           Tracking, and Short/Long-Term Re-Identification From Aerial Devices

    • Free pre-print version: Loading...

      Authors: S. V. Aruna Kumar;Ehsan Yaghoubi;Abhijit Das;B. S. Harish;Hugo Proença;
      Pages: 1696 - 1708
      Abstract: Over the years, unmanned aerial vehicles (UAVs) have been regarded as a potential solution to surveil public spaces, providing a cheap way for data collection, while covering large and difficult-to-reach areas. This kind of solutions can be particularly useful to detect, track and identify subjects of interest in crowds, for security/safety purposes. In this context, various datasets are publicly available, yet most of them are only suitable for evaluating detection, tracking and short-term re-identification techniques. This paper announces the free availability of the P-DESTRE dataset, the first of its kind to provide video/UAV-based data for pedestrian long-term re-identification research, with ID annotations consistent across data collected in different days. As a secondary contribution, we provide the results attained by the state-of-the-art pedestrian detection, tracking, short/long term re-identification techniques in well-known surveillance datasets, used as baselines for the corresponding effectiveness observed in the P-DESTRE data. This comparison highlights the discriminating characteristics of P-DESTRE with respect to similar sets. Finally, we identify the most problematic data degradation factors and co-variates for UAV-based automated data analysis, which should be considered in subsequent technologic/conceptual advances in this field. The dataset and the full specification of the empirical evaluation carried out are freely available at http://p-destre.di.ubi.pt/.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Automatic Segmentation and Enhancement of Latent Fingerprints Using Deep
           Nested UNets

    • Free pre-print version: Loading...

      Authors: Manhua Liu;Peng Qian;
      Pages: 1709 - 1719
      Abstract: Latent fingerprints are one of the most important evidences used to identify criminals in the law enforcement and forensic agencies. Automated recognition of latent fingerprints is still challenging due to their poor image quality caused by unclear ridge structure and various overlapping patterns. Segmentation and enhancement are important to identify valid fingerprint regions, reduce the noise and improve the clarity of ridge structure for more accurate fingerprint recognition. In this paper, we propose a deep convolutional neural network architecture with the nested UNets for automatic segmentation and enhancement of latent fingerprints. First, to prepare training data, we synthetically generate the latent fingerprints and their segmentation and enhancement ground truth data for training. Then, a deep architecture of nested UNets is proposed to transform low-quality latent image into the segmentation mask and high-quality fingerprint through the pixels-to-pixels and end-to-end training. Finally, the test latent fingerprint is segmented and enhanced with the deep nested UNets to improve the image quality in one shot. The enhancement network is optimized by combining the local and global losses, which not only helps reconstruct the global structure, but also enhance the local ridge details of latent fingerprints. The proposed network can make use of multi-level feature maps in a pyramid way of nested UNets for segmentation and enhancement. Experimental results and comparison on NIST SD27 and IIITD-MOLF latent fingerprint databases demonstrate the promising performance of the proposed method.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Self-Configurable Cyber-Physical Intrusion Detection for Smart Homes Using
           Reinforcement Learning

    • Free pre-print version: Loading...

      Authors: Ryan Heartfield;George Loukas;Anatolij Bezemskij;Emmanouil Panaousis;
      Pages: 1720 - 1735
      Abstract: The modern Internet of Things (IoT)-based smart home is a challenging environment to secure: devices change, new vulnerabilities are discovered and often remain unpatched, and different users interact with their devices differently and have different cyber risk attitudes. A security breach's impact is not limited to cyberspace, as it can also affect or be facilitated in physical space, for example, via voice. In this environment, intrusion detection cannot rely solely on static models that remain the same over time and are the same for all users. We present MAGPIE, the first smart home intrusion detection system that is able to autonomously adjust the decision function of its underlying anomaly classification models to a smart home's changing conditions (e.g., new devices, new automation rules and user interaction with them). The method achieves this goal by applying a novel probabilistic cluster-based reward mechanism to non-stationary multi-armed bandit reinforcement learning. MAGPIE rewards the sets of hyperparameters of its underlying isolation forest unsupervised anomaly classifiers based on the cluster silhouette scores of their output. Experimental evaluation in a real household shows that MAGPIE exhibits high accuracy because of two further innovations: it takes into account both cyber and physical sources of data; and it detects human presence to utilise models that exhibit the highest accuracy in each case. MAGPIE is available in open-source format, together with its evaluation datasets, so it can benefit from future advances in unsupervised and reinforcement learning and be able to be enriched with further sources of data as smart home environments and attacks evolve.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • VeriFL: Communication-Efficient and Fast Verifiable Aggregation
           for Federated Learning

    • Free pre-print version: Loading...

      Authors: Xiaojie Guo;Zheli Liu;Jin Li;Jiqiang Gao;Boyu Hou;Changyu Dong;Thar Baker;
      Pages: 1736 - 1751
      Abstract: Federated learning (FL) enables a large number of clients to collaboratively train a global model through sharing their gradients in each synchronized epoch of local training. However, a centralized server used to aggregate these gradients can be compromised and forge the result in order to violate privacy or launch other attacks, which incurs the need to verify the integrity of aggregation. In this work, we explore how to design communication-efficient and fast verifiable aggregation in FL. We propose VeriFL, a verifiable aggregation protocol, with O(N) (dimension-independent) communication and O(N+ d) computation for verification in each epoch, where N is the number of clients and d is the dimension of gradient vectors. Since d can be large in some real-world FL applications (e.g., 100K), our dimension-independent communication is especially desirable for clients with limited bandwidth and high-dimensional gradients. In addition, the proposed protocol can be used in the FL setting where secure aggregation is needed or there is a subset of clients dropping out of protocol execution. Experimental results indicate that our protocol is efficient in these settings.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Boundary Defense Against Cyber Threat for Power System State Estimation

    • Free pre-print version: Loading...

      Authors: Ming Jin;Javad Lavaei;Somayeh Sojoudi;Ross Baldick;
      Pages: 1752 - 1767
      Abstract: The operation of power grids is becoming increasingly data-centric. While the abundance of data could improve system efficiency, it poses major reliability challenges. In particular, state estimation aims to find the operating state of a network from the telemetered data, but an undetected attack on the data could lead to making wrong operational decisions for the system and trigger a large-scale blackout. Nevertheless, understanding the vulnerability of state estimation with regards to cyberattacks, which is a special instance of graph-structured quadratic sensing problem, has been hindered by the lack of tools for studying the topological and data-analytic aspects of networks. Algorithmic robustness is critical in extracting reliable information from abundant but untrusted grid data. For a large-scale power grid, we quantify, analyze, and visualize the regions of the network that are not robust to cyberattacks in the sense that there exists a data manipulation strategy for each of those local regions that misleads the operator at the global scale and yields a wrong estimation of the state of the network at almost all buses. We also propose an optimization-based graphical boundary defense mechanism to identify the border of the geographical area in which data have been manipulated. The proposed method does not allow a local attack to have a global effect on the data analysis of the entire network, which enhances the situational awareness of the grid, especially in the face of adversity. The developed mathematical framework reveals key geometric and algebraic factors that can affect algorithmic robustness and is used to study the vulnerability of the U.S. power grid in this paper.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Mobility-Assisted Covert Communication Over Wireless Ad Hoc Networks

    • Free pre-print version: Loading...

      Authors: Hyeon-Seong Im;Si-Hyeon Lee;
      Pages: 1768 - 1781
      Abstract: We study the effect of node mobility on the throughput scaling of the covert communication over a wireless adhoc network. It is assumed that n mobile nodes want to communicate each other in a unit disk while keeping the presence of the communication secret from each of Θ(ns) non-colluding wardens (s> 0). The wardens can be mobile or fixed. Our results show that the node mobility greatly improves the throughput scaling, compared to the case of fixed node location. In particular, for s ≤ 1, the aggregate throughput scaling, i.e., the maximally achievable throughput scaling of the total network when each source-destination pair communicates with the same rate, is shown to be arbitrarily close to linear in n when the number of channel uses l that each warden uses to judge the presence of communication is not too large compared to n. More specifically, the aggregate throughput scaling is arbitrarily close to linear when s ≤ 1 and l = O(n(α-2)(1-s)), where α ≥ 2 denotes the path loss exponent. For the achievability, we modify the two-hop based scheme by Grossglauser and Tse (2002), which was proposed for a wireless ad hoc network without a covertness constraint, by introducing a preservation region around each warden in which the senders are not allowed to transmit and by carefully analyzing the effect of covertness constraint on the transmit power and the resultant transmission rates. This scheme is shown to be optimal for 0
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure and Efficient Multi-Signature Schemes for Fabric: An Enterprise
           Blockchain Platform

    • Free pre-print version: Loading...

      Authors: Yue Xiao;Peng Zhang;Yuhong Liu;
      Pages: 1782 - 1794
      Abstract: Digital signature is a major component of transactions on Blockchain platforms, especially in enterprise Blockchain platforms, where multiple signatures from a set of peers need to be produced to endorse a transaction. However, such process is often complex and time-consuming. Multi-signature, which can improve transaction efficiency by having a set of signers cooperate to produce a joint signature, has attracted extensive attentions. In this work, we propose two multi-signature schemes, GMS and AGMS, which are proved to be more secure and efficient than state-of-the-art multi-signature schemes. Besides, we implement the proposed schemes in a real Enterprise Blockchain platform, Fabric. Experiment results show that the proposed AGMS scheme helps achieve the goal of high transaction efficiency, low storage complexity, as well as high robustness against rogue-key attacks and $k$ -sum problem attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • SAP-SSE: Protecting Search Patterns and Access Patterns in Searchable
           Symmetric Encryption

    • Free pre-print version: Loading...

      Authors: Qiyang Song;Zhuotao Liu;Jiahao Cao;Kun Sun;Qi Li;Cong Wang;
      Pages: 1795 - 1809
      Abstract: Searchable symmetric encryption (SSE) enables users to search over encrypted documents in untrusted clouds without leaking the search keywords to the clouds. Existing SSE schemes achieve high search efficiency at the expense of leaking access patterns and search patterns, where clouds can recover a large percentage of queried keywords using the leaked access patterns and search patterns. To prevent clouds from recovering users' keywords, researchers have proposed a number of solutions to protect either search patterns or access patterns. However, none of them can protect both access patterns and search patterns. Moreover, existing SSE schemes cannot work in the generic database setting that allows multiple users to write or read over encrypted documents. In this paper, we propose an efficient searchable symmetric encryption scheme, called SAP-SSE, which protects both access patterns and search patterns in the generic database setting. The main idea of protecting search patterns is to leverage re-encryption cryptosystems to shuffle index entries over multiple clouds. To protect access patterns, we distribute secure indexes to multiple clouds and then propose an index redistribution protocol that allows users to renew index entries in clouds. Furthermore, SAP-SSE provides a configurable security policy to balance security and efficiency. Formal security analysis and experimental evaluation show that SAP-SSE can prevent pattern leakage with low overhead.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • SMAKA: Secure Many-to-Many Authentication and Key Agreement Scheme for
           Vehicular Networks

    • Free pre-print version: Loading...

      Authors: Jing Zhang;Hong Zhong;Jie Cui;Yan Xu;Lu Liu;
      Pages: 1810 - 1824
      Abstract: With the rising popularity of the Internet and communication technology, vehicles can analyze and judge the real-time data collected by various cloud service providers (CSPs) in a vehicular network. However, in a vehicular network environment, real-time data are transmitted via wireless channels, which can lead to security and privacy issues. To avoid illegal access by adversaries, vehicle authentication and key agreement mechanism has been considered as one of the promising security measures in vehicular network environments. Besides, most of the solutions focus on authentication between one vehicle and one CSP. In such strategies, the implementation of efficient authentication for multiple vehicles and CSPs simultaneously is usually challenging. Further, they are also subjected to performance limitations due to the overhead incurred. To solve these issues, we propose a many-to-many authentication and key agreement scheme for secure authentication between multiple vehicles and CSPs. The proposed scheme can prevent unauthorized access and provide SK-security even if temporary information is leaked. To improve the service, the CSP only needs to broadcast an anonymous message periodically instead of having to generate a unique anonymous message for each of vehicles. Similarly, when a vehicle wants to request the services of m CSPs, it only needs to send one request message instead of m. Therefore, the proposed scheme not only implements many-to-many communication but also significantly reduces the computation and communication overhead. Moreover, a thorough security analysis shows that the proposed scheme provides better security compared to other related schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Copy Move Source-Target Disambiguation Through Multi-Branch CNNs

    • Free pre-print version: Loading...

      Authors: Mauro Barni;Quoc-Tin Phan;Benedetta Tondi;
      Pages: 1825 - 1840
      Abstract: We propose a method to identify the source and target regions of a copy-move forgery so allow a correct localisation of the tampered area. First, we cast the problem into a hypothesis testing framework whose goal is to decide which region between the two nearly-duplicate regions detected by a generic copy-move detector is the original one. Then we design a multi-branch CNN architecture that solves the hypothesis testing problem by learning a set of features capable to reveal the presence of interpolation artefacts and boundary inconsistencies in the copy-moved area. The proposed architecture, trained on a synthetic dataset explicitly built for this purpose, achieves good results on copy-move forgeries from both synthetic and realistic datasets. Based on our tests, the proposed disambiguation method can reliably reveal the target region even in realistic cases where an approximate version of the copy-move localization mask is provided by a state-of-the-art copy-move detection algorithm.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Preventing DeepFake Attacks on Speaker Authentication by Dynamic Lip
           Movement Analysis

    • Free pre-print version: Loading...

      Authors: Chen-Zhao Yang;Jun Ma;Shilin Wang;Alan Wee-Chung Liew;
      Pages: 1841 - 1854
      Abstract: Recent research has demonstrated that lip-based speaker authentication systems can not only achieve good authentication performance but also guarantee liveness. However, with modern DeepFake technology, attackers can produce the talking video of a user without leaving any visually noticeable fake traces. This can seriously compromise traditional face-based or lip-based authentication systems. To defend against sophisticated DeepFake attacks, a new visual speaker authentication scheme based on the deep convolutional neural network (DCNN) is proposed in this paper. The proposed network is composed of two functional parts, namely, the Fundamental Feature Extraction network (FFE-Net) and the Representative lip feature extraction and Classification network (RC-Net). The FFE-Net provides the fundamental information for speaker authentication. As the static lip shape and lip appearance is vulnerable to DeepFake attacks, the dynamic lip movement is emphasized in the FFE-Net. The RC-Net extracts high-level lip features that discriminate against human imposters while capturing the client's talking style. A multi-task learning scheme is designed, and the proposed network is trained end-to-end. Experiments on the GRID and MOBIO datasets have demonstrated that the proposed approach is able to achieve an accurate authentication result against human imposters and is much more robust against DeepFake attacks compared to three state-of-the-art visual speaker authentication algorithms. It is also worth noting that the proposed approach does not require any prior knowledge of the DeepFake spoofing method and thus can be applied to defend against different kinds of DeepFake attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Cyber-Insurance Scheme for Water Distribution Systems Considering
           Malicious Cyberattacks

    • Free pre-print version: Loading...

      Authors: Yunfan Zhang;Lingfeng Wang;Zhaoxi Liu;Wei Wei;
      Pages: 1855 - 1867
      Abstract: As one of the national critical infrastructures, the water distribution system supports our daily life and economic growth, the failure of which may lead to catastrophic results. Besides the uncertainty from the system component failures, cyberattacks are vital to the secure system operation and have great impacts on the reliability of the water supply service. Malicious attackers may intrude into the supervisory control and data acquisition (SCADA) system of pump stations in the water distribution networks and interrupt the water supply to the customers. Cyber insurance is emerging as a promising financial tool in system risk management. In this paper, cyber insurance is proposed for the cyber risk management of the water distribution system. A semi-Markov process (SMP) model is devised to model the cyberattacks against pump stations in the water distribution system. Both the impacts of the independent cyber risks in the individual distribution network and the correlated cyber risks shared across different water distribution networks are evaluated and modeled. A sequential Monte Carlo Simulation (MCS) based algorithm is developed to evaluate the system loss. Cyber insurance premiums for the water distribution networks are designed based on the actuarial principles and potential system losses. Case studies are also performed on multiple representative water distribution networks, and the results demonstrate the validity of the proposed cyber insurance model.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • On the Security of Lattice-Based Fiat-Shamir Signatures in the Presence of
           Randomness Leakage

    • Free pre-print version: Loading...

      Authors: Yuejun Liu;Yongbin Zhou;Shuo Sun;Tianyu Wang;Rui Zhang;Jingdian Ming;
      Pages: 1868 - 1879
      Abstract: Leakages during the signing process, including partial key exposure and partial (or complete) randomness exposure, may be devastating for the security of digital signatures. In this work, we investigate the security of lattice-based Fiat-Shamir signatures in the presence of randomness leakage. To this end, we present a generic key recovery attack that relies on minimum leakage of randomness, and then theoretically connect it to a variant of Integer-LWE (ILWE) problem. The ILWE problem, introduced by Bootle et al. at Asiacrypt 2018, is to recover the secret vector s given polynomially many samples of the form (a, 〈a〉, s)+e) ϵ ℤn+1, and it is solvable if the error e ϵ ℤ is not superpolynomially larger than the inner product (a, s). However, in our variant (we call the variant FS-ILWE problem in this paper), a ϵ ℤn is a sparse vector whose coefficients are NOT independent any more, and e is related to a and s as well. We prove that the FS-ILWE problem can be solved in polynomial time, and present an efficient algorithm to solve it. Our generic key recovery method directly implies that many lattice-based Fiat-Shamir signatures will be totally broken with one (deterministic or probabilistic) bit of randomness leakage per signature. Our attack has been validated by experiments on two NIST PQC signatures Dilithium and qTESLA. For example, as to Dilithium-III of 125-bit quantum security, the secret key will be recovered within 10 seconds over an ordinary PC desktop, with about one million signatures. Similarly, key recovery attacks on Dilithium under other parameters and qTESLA will be completed within 20 seconds and 31 minutes respectively. In addition, we also present a non-profiled attack to show how to obtain the required randomness bit in practice through power analysis attacks on a proof-of-conce-t implementation of polynomial addition. The experimental results confirm the practical feasibility of our method.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy-Preserving Localization for Underwater Sensor Networks via Deep
           Reinforcement Learning

    • Free pre-print version: Loading...

      Authors: Jing Yan;Yuan Meng;Xian Yang;Xiaoyuan Luo;Xinping Guan;
      Pages: 1880 - 1895
      Abstract: Underwater sensor networks (USNs) are envisioned to enable a large variety of marine applications. Such applications require accurate position information of sensor nodes. However, the openness and inhomogeneity characteristics of underwater medium make it much more challenging to solve the localization issue. This paper is concerned with a privacy-preserving localization issue for USNs in inhomogeneous underwater medium. An honest-but-curious model is considered to develop a privacy-preserving localization protocol. Based on this, a localization problem is constructed for sensor nodes to minimize the sum of all measurement errors, where a ray compensation strategy is incorporated to remove the localization bias from assuming the straight-line transmission. To make the above problem tractable, we consider the unsupervised, supervised and semisupervised scenarios, through which deep reinforcement learning (DRL) based localization estimators are utilized to estimate the positions of sensor nodes. It is noted that, the proposed localization solution in this paper can hide the private position information of USNs, and more importantly, it is robust to local optimum for nonconvex and nonsmooth localization problem in inhomogeneous underwater medium. Finally, simulation studies are given to show the position privacy can be preserved, while the localization accuracy can be enhanced as compared with the other existing works.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Injecting Reliable Radio Frequency Fingerprints Using Metasurface for the
           Internet of Things

    • Free pre-print version: Loading...

      Authors: Sekhar Rajendran;Zhi Sun;Feng Lin;Kui Ren;
      Pages: 1896 - 1911
      Abstract: In Internet of Things, where billions of devices with limited resources are communicating with each other, security has become a major stumbling block affecting the progress of this technology. Existing authentication schemes based on digital signatures have overhead costs associated with them in terms of computation time, battery power, bandwidth, memory, and related hardware costs. Radio frequency fingerprint (RFF), utilizing the unique device-based information, can be a promising solution for IoT. However, traditional RFFs have become obsolete because of low reliability and reduced user capability. Our proposed solution, Metasurface RF-Fingerprinting Injection (MeRFFI), is to inject a carefully-designed radio frequency fingerprint into the wireless physical layer that can increase the security of a stationary IoT device with minimal overhead. The injection of fingerprint is implemented using a low cost metasurface developed and fabricated in our lab, which is designed to make small but detectable perturbations in the specific frequency band in which the IoT devices are communicating. We have conducted comprehensive system evaluations including distance, orientation, multiple channels where the feasibility, effectiveness, and reliability of these fingerprints are validated. The proposed MeRFFI system can be easily integrated into the existing authentication schemes. The security vulnerabilities are analyzed for some of the most threatening wireless physical layer-based attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • AppAngio: Revealing Contextual Information of Android App Behaviors by
           API-Level Audit Logs

    • Free pre-print version: Loading...

      Authors: Zhaoyi Meng;Yan Xiong;Wenchao Huang;Fuyou Miao;Jianmeng Huang;
      Pages: 1912 - 1927
      Abstract: Android users are now suffering severe threats from unwanted behaviors of various apps. The analysis of apps' audit logs is one of the essential methods for the security analysts of various companies to unveil the underlying maliciousness within apps. We propose and implement AppAngio, a novel system that reveals contextual information in Android app behaviors by API-level audit logs. Our goal is to help security analysts understand how the target apps worked and facilitate the identification of the maliciousness within apps. The key module of AppAngio is identifying the path matched with the logs on the app's control-flow graphs (CFGs). The challenge, however, is that the limited-quantity logs may incur high computational complexity in the log matching, where there are a large number of candidates caused by the coupling relation of successive logs. To address the challenge, we propose a divide and conquer strategy that precisely positions the nodes matched with log records on the corresponding CFGs and connects the nodes with as few backtracks as possible. Our experiments show that AppAngio reveals contextual information of behaviors in real-world apps. Moreover, the revealed results assist the analysts in identifying the maliciousness of app behaviors and complement existing analysis schemes. Meanwhile, AppAngio incurs negligible performance overhead on the real device in the experiments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Stealthy and Robust Glitch Injection Attack on Deep Learning Accelerator
           for Target With Variational Viewpoint

    • Free pre-print version: Loading...

      Authors: Wenye Liu;Chip-Hong Chang;Fan Zhang;
      Pages: 1928 - 1942
      Abstract: Deep neural network (DNN) accelerators overcome the power and memory walls for executing neural-net models locally on edge-computing devices to support sophisticated AI applications. The advocacy of “model once, run optimized anywhere” paradigm introduces potential new security threat to edge intelligence that is methodologically different from the well-known adversarial examples. Existing adversarial examples modify the input samples presented to an AI application either digitally or physically to cause a misclassification. Nevertheless, these input-based perturbations are not robust or surreptitious on multi-view target. To generate a good adversarial example for misclassifying a real-world target of variational viewing angle, lighting and distance, a decent number of target's samples are required to extract the rare anomalies that can cross the decision boundary. The feasible perturbations are substantial and visually perceptible. In this paper, we propose a new glitch injection attack on DNN accelerator that is capable of misclassifying a target under variational viewpoints. The glitches injected into the computation clock signal induce transitory but disruptive errors in the intermediate results of the multiply-and-accumulate (MAC) operations. The attack pattern for each target of interest consists of sparse instantaneous glitches, which can be derived from just one sample of the target. Two modes of attack patterns are derived, and their effectiveness are demonstrated on four representative ImageNet models implemented on the Deep-learning Processing Unit (DPU) of FPGA edge and its DNN development toolchain. The attack success rates are evaluated on 118 objects in 61 diverse sensing conditions, including 25 viewing angles (-60° to 60°), 24 illumination directions and 12 color temperatures. In the covert mode, the success rates of our attack exceed existing stealthy adversarial example- by more than 16.3%, with only two glitches injected into ten thousands to a million cycles for one complete inference. In the robust mode, the attack success rates on all four DNNs are more than 96.2% with an average glitch intensity of 1.4% and a maximum glitch intensity of 10.2%.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Combining Graph-Based Learning With Automated Data Collection for Code
           Vulnerability Detection

    • Free pre-print version: Loading...

      Authors: Huanting Wang;Guixin Ye;Zhanyong Tang;Shin Hwei Tan;Songfang Huang;Dingyi Fang;Yansong Feng;Lizhong Bian;Zheng Wang;
      Pages: 1943 - 1958
      Abstract: This paper presents FUNDED (Flow-sensitive vUl-Nerability coDE Detection), a novel learning framework for building vulnerability detection models. Funded leverages the advances in graph neural networks (GNNs) to develop a novel graph-based learning method to capture and reason about the program's control, data, and call dependencies. Unlike prior work that treats the program as a sequential sequence or an untyped graph, Funded learns and operates on a graph representation of the program source code, in which individual statements are connected to other statements through relational edges. By capturing the program syntax, semantics and flows, Funded finds better code representation for the downstream software vulnerability detection task. To provide sufficient training data to build an effective deep learning model, we combine probabilistic learning and statistical assessments to automatically gather high-quality training samples from open-source projects. This provides many real-life vulnerable code training samples to complement the limited vulnerable code samples available in standard vulnerability databases. We apply Funded to identify software vulnerabilities at the function level from program source code. We evaluate Funded on large real-world datasets with programs written in C, Java, Swift and Php, and compare it against six state-of-the-art code vulnerability detection models. Experimental results show that Funded significantly outperforms alternative approaches across evaluation settings.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Joint Optimization of Trajectory, Propulsion, and Thrust Powers for Covert
           UAV-on-UAV Video Tracking and Surveillance

    • Free pre-print version: Loading...

      Authors: Shuyan Hu;Wei Ni;Xin Wang;Abbas Jamalipour;Dean Ta;
      Pages: 1959 - 1972
      Abstract: Autonomous tracking of suspicious unmanned aerial vehicles (UAVs) by legitimate monitoring UAVs (or monitors) can be crucial to public safety and security. It is non-trivial to optimize the trajectory of a monitor while conceiving its monitoring intention, due to typically non-convex propulsion and thrust power functions. This article presents a novel framework to jointly optimize the propulsion and thrust powers, as well as the 3D trajectory of a solar-powered monitor which conducts covert, video-based, UAV-on-UAV tracking and surveillance. A multi-objective problem is formulated to minimize the energy consumption of the monitor and maximize a weighted sum of distance keeping and altitude changing, which measures the disguising of the monitor. Based on the practical power models of the UAV propulsion, thrust and hovering, and the model of the harvested solar power, the problem is non-convex and intangible for existing solvers. We convexify the propulsion power by variable substitution, and linearize the solar power. With successive convex approximation, the resultant problem is then transformed with tightened constraints and efficiently solved by the proximal difference-of-convex algorithm with extrapolation in polynomial time. The proposed scheme can be also applied online. Extensive simulations corroborate the merits of the scheme, as compared to baseline schemes with partial or no disguising.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Detection of Fake and Fraudulent Faces via Neural Memory Networks

    • Free pre-print version: Loading...

      Authors: Tharindu Fernando;Clinton Fookes;Simon Denman;Sridha Sridharan;
      Pages: 1973 - 1988
      Abstract: Advances in computer vision have brought us to the point where we have the ability to synthesise realistic fake content. Such approaches are seen as a source of disinformation and mistrust, and pose serious concerns to governments around the world. Convolutional Neural Networks (CNNs) demonstrate encouraging results when detecting fake images that arise from the specific type of manipulation they are trained on. However, this success has not transitioned to unseen manipulation types, resulting in a significant gap in the line-of-defense. We propose a Hierarchical Attention Memory Network (HAMN), motivated by the social cognition processes of the human brain, for the detection of fake faces. Through visual cues and by utilising knowledge stored in neural memories, we allow the network to reason about the perceived face and anticipate it's future semantic embeddings. This renders a generalisable face tampering detection framework. Experimental results demonstrate the proposed approach achieves superior performance for fake and fraudulent face detection.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Alternate-Jamming-Aided Wireless Physical-Layer Surveillance: Protocol
           Design and Performance Analysis

    • Free pre-print version: Loading...

      Authors: Li Sun;Yong Zhang;A. Lee Swindlehurst;
      Pages: 1989 - 2003
      Abstract: In this article, we develop an alternate-jamming-aided wireless physical-layer surveillance protocol where two devices (M1 and M2) work cooperatively to eavesdrop on and intervene in a suspicious transmission link from a source (S) to a destination (D). Unlike existing approaches which rely on the use of a multi-antenna full-duplex radio as the monitor, in our protocol, M1 and M2 are both single-antenna nodes operating in half-duplex mode, which alternately perform proactive eavesdropping and jamming to mimic the behavior of a full-duplex monitor. Within any time slot, M1 sends a jamming signal to deteriorate the signal reception at D and M2 eavesdrops on the transmission from S. During the next slot, M1 overhears the signal sent from S, and M2 forwards its received signal during the previous slot to realize jamming. In this manner, the jamming signal received at M1 can be perfectly removed after self-interference cancellation, and the signals from S during the two consecutive slots are jointly decoded with high reliability, thus enabling successful surveillance. On the other hand, the detection performance at D is heavily degraded due to the injection of the jamming signal, thereby preventing information leakage from S to D. The performance of the proposed protocol is analyzed in terms of the eavesdropping non-outage probability, the surveillance success probability, as well as the symbol error probability. Theoretical analysis and simulation results demonstrate the superiority of our design compared to competing solutions in the literature.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • VulDetector: Detecting Vulnerabilities Using Weighted Feature Graph
           Comparison

    • Free pre-print version: Loading...

      Authors: Lei Cui;Zhiyu Hao;Yang Jiao;Haiqiang Fei;Xiaochun Yun;
      Pages: 2004 - 2017
      Abstract: Code similarity is one promising approach to detect vulnerabilities hidden in software programs. However, due to the complexity and diversity of source code, current methods suffer low accuracy, high false negative and poor performance, especially in analyzing a large program. In this paper, we propose to tackle these problems by presenting VulDetector, a static-analysis tool to detect C/C++ vulnerabilities based on graph comparison at the granularity of function. At the key of VulDetector is a weighted feature graph (WFG) model which characterizes function with a small yet semantically rich graph. It first pinpoints vulnerability-sensitive keywords to slice the control flow graph of a function, thereby reducing the graph size without compromising security-related semantics. Then, each sliced subgraph is characterized using WFG, which provides both syntactic and semantic features in varying degrees of security. As for graph comparison, we take full usage of vulnerability graph and patch graph to improve accuracy. In addition, we propose two optimization methods based on analysis of vulnerabilities. We have implemented VulDetector to automatically detect vulnerabilities in software programs with known vulnerabilities. The experimental results prove the effectiveness and efficiency of VulDetector.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Quantifying Interference-Assisted Signal Strength Surveillance of Sound
           Vibrations

    • Free pre-print version: Loading...

      Authors: Alemayehu Solomon Abrar;Neal Patwari;Sneha Kumar Kasera;
      Pages: 2018 - 2030
      Abstract: A malicious attacker could, by taking control of internet-of-things devices, use them to capture received signal strength (RSS) measurements and perform surveillance on a person's vital signs, activities, and sound in their environment. This article considers an attacker who looks for subtle changes in the RSS in order to eavesdrop sound vibrations. The challenge to the adversary is that sound vibrations cause very low amplitude changes in RSS, and RSS is typically quantized with a significantly larger step size. This article contributes a lower bound on an attacker's monitoring performance as a function of the RSS step size and sampling frequency so that a designer can understand their relationship. Our bound considers the little-known and counter-intuitive fact that an adversary can improve their sinusoidal parameter estimates by making some devices transmit to add interference power into the RSS measurements. We demonstrate this capability experimentally. As we show, for typical transceivers, the RSS surveillance attacker can monitor sound vibrations with remarkable accuracy. New mitigation strategies will be required to prevent RSS surveillance attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • PFA-GAN: Progressive Face Aging With Generative Adversarial Network

    • Free pre-print version: Loading...

      Authors: Zhizhong Huang;Shouzhen Chen;Junping Zhang;Hongming Shan;
      Pages: 2031 - 2045
      Abstract: Face aging is to render a given face to predict its future appearance, which plays an important role in the information forensics and security field as the appearance of the face typically varies with age. Although impressive results have been achieved with conditional generative adversarial networks (cGANs), the existing cGANs-based methods typically use a single network to learn various aging effects between any two different age groups. However, they cannot simultaneously meet three essential requirements of face aging-including image quality, aging accuracy, and identity preservation-and usually generate aged faces with strong ghost artifacts when the age gap becomes large. Inspired by the fact that faces gradually age over time, this paper proposes a novel progressive face aging framework based on generative adversarial network (PFA-GAN) to mitigate these issues. Unlike the existing cGANs-based methods, the proposed framework contains several sub-networks to mimic the face aging process from young to old, each of which only learns some specific aging effects between two adjacent age groups. The proposed framework can be trained in an end-to-end manner to eliminate accumulative artifacts and blurriness. Moreover, this paper introduces an age estimation loss to take into account the age distribution for an improved aging accuracy, and proposes to use the Pearson correlation coefficient as an evaluation metric measuring the aging smoothness for face aging methods. Extensively experimental results demonstrate superior performance over existing (c)GANs-based methods, including the state-of-the-art one; e.g., PFA-GAN reduces the aging estimation errors by 0.23 and 0.35 and increases the identity preservation rates by 0.49 and 0.63 on two benchmarked datasets compared to the second best method for the challenging face aging from 30- to 51+. The source code is available at https://github.com/Hzzone/PFA-GAN.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Fine-Grained Webpage Fingerprinting Using Only Packet Length Information
           of Encrypted Traffic

    • Free pre-print version: Loading...

      Authors: Meng Shen;Yiting Liu;Liehuang Zhu;Xiaojiang Du;Jiankun Hu;
      Pages: 2046 - 2059
      Abstract: Encrypted web traffic can reveal sensitive information of users, such as their browsing behaviors. Existing studies on encrypted traffic analysis focus on website fingerprinting. We claim that fine-grained webpage fingerprinting, which speculates specific webpages on a same website visited by a victim, allows exploiting more user private information, e.g., shopping interests in an online shopping mall. Since webpages from the same website usually have very similar traffic traces that make them indistinguishable, existing solutions may end up with low accuracy. In this paper, we propose FineWP, a novel fine-grained webpage fingerprinting method. We make an observation that the length information of packets in bidirectional client-server interactions can be distinctive features for webpage fingerprinting. The extracted features are then fed into traditional machine learning models to train classifiers, which achieve both high accuracy and low training overhead. We collect two real-world traffic datasets and construct closed- and open-world evaluations to verify the effectiveness of FineWP. The experimental results demonstrate that FineWP is superior to the state-of-the-art methods in terms of accuracy, time complexity and stability.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secrecy of Multi-Antenna Transmission With Full-Duplex User in the
           Presence of Randomly Located Eavesdroppers

    • Free pre-print version: Loading...

      Authors: Ishmam Zabir;Ahmed Maksud;Gaojie Chen;Brian M. Sadler;Yingbo Hua;
      Pages: 2060 - 2075
      Abstract: This paper considers the secrecy performance of several schemes for multi-antenna transmission to single-antenna users with full-duplex (FD) capability against randomly distributed single-antenna eavesdroppers (EDs). These schemes and related scenarios include transmit antenna selection (TAS), transmit antenna beamforming (TAB), artificial noise (AN) from the transmitter, user selection based their distances to the transmitter, and colluding and non-colluding EDs. The locations of randomly distributed EDs and users are assumed to be distributed as Poisson Point Process (PPP). We derive closed form expressions for the secrecy outage probabilities (SOP) of all these schemes and scenarios. The derived expressions are useful to reveal the impacts of various environmental parameters and user's choices on the SOP, and hence useful for network design purposes. Examples of such numerical results are discussed.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Thwarting Bio-IP Theft Through Dummy-Valve-Based Obfuscation

    • Free pre-print version: Loading...

      Authors: Mohammed Shayan;Sukanta Bhattacharjee;Ajymurat Orozaliev;Yong-Ak Song;Krishnendu Chakrabarty;Ramesh Karri;
      Pages: 2076 - 2089
      Abstract: Researchers develop bioassays following rigorous experimentation in the lab that involves considerable fiscal and highly-skilled-person-hour investment. Previous work shows that a bioassay implementation can be reverse-engineered by using images or video and control signals of the biochip. Hence, techniques must be devised to protect the intellectual property (IP) rights of the bioassay developer. This study is the first step in this direction and it makes the following contributions: (1) it introduces the use of a dummy valve as a security primitive to obfuscate bioassay implementations; (2) it shows how dummy valves can be used to obscure biochip building blocks such as multiplexers and mixers; (3) it presents design rules and security metrics to design and measure obfuscation. In our preliminary work, we presented the concept through the use of sieve-valve as a dummy-valve. However, sieve-valves are difficult to fabricate. To overcome fabrication complexities, we propose a novel multi-height-valve as an obfuscation primitive. Moreover, we showcase the suitability of multi-height-valve for obfuscation through COMSOL simulations. We demonstrate the practicality of the proposal by fabricating an obfuscated biochip using multi-height valves. We assess the cost-security trade-offs associated with this solution and study the practical implications of dummy-valve based obfuscation on real-life biochips.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy-Preserving Distributed Processing: Metrics, Bounds and Algorithms

    • Free pre-print version: Loading...

      Authors: Qiongxiu Li;Jaron Skovsted Gundersen;Richard Heusdens;Mads Græsbøll Christensen;
      Pages: 2090 - 2103
      Abstract: Privacy-preserving distributed processing has recently attracted considerable attention. It aims to design solutions for conducting signal processing tasks over networks in a decentralized fashion without violating privacy. Many existing algorithms can be adopted to solve this problem such as differential privacy, secure multiparty computation, and the recently proposed distributed optimization based subspace perturbation algorithms. However, since each of them is derived from a different context and has different metrics and assumptions, it is hard to choose or design an appropriate algorithm in the context of distributed processing. In order to address this problem, we first propose general mutual information based information-theoretical metrics that are able to compare and relate these existing algorithms in terms of two key aspects: output utility and individual privacy. We consider two widely-used adversary models, the passive and eavesdropping adversary. Moreover, we derive a lower bound on individual privacy which helps to understand the nature of the problem and provides insights on which algorithm is preferred given different conditions. To validate the above claims, we investigate a concrete example and compare a number of state-of-the-art approaches in terms of the concerned aspects using not only theoretical analysis but also numerical validation. Finally, we discuss and provide principles for designing appropriate algorithms for different applications.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • ON-OFF Privacy Against Correlation Over Time

    • Free pre-print version: Loading...

      Authors: Fangwei Ye;Carolina Naim;Salim El Rouayheb;
      Pages: 2104 - 2117
      Abstract: We consider the problem of ON-OFF privacy in which a user is interested in the latest message generated by one of n sources available at a server. The user has the choice to turn privacy ON or OFF depending on whether he wants to hide his interest at the time or not. The challenge of allowing the privacy to be toggled between ON and OFF is that the user's online behavior is correlated over time. Therefore, the user cannot simply ignore the privacy requirement when privacy is OFF. We represent the user's correlated requests by an n-state Markov chain. Our goal is to design ON-OFF privacy schemes with optimal download rate that ensure privacy for past and future requests. We devise a polynomial-time algorithm to construct an ON-OFF privacy scheme. Moreover, we present an upper bound on the achievable rate. We show that the proposed scheme is optimal and the upper bound is tight for some special families of Markov chains. We also give an implicit characterization of the optimal achievable rate as a linear programming (LP).
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • The Cost of Privacy in Asynchronous Differentially-Private Machine
           Learning

    • Free pre-print version: Loading...

      Authors: Farhad Farokhi;Nan Wu;David Smith;Mohamed Ali Kaafar;
      Pages: 2118 - 2129
      Abstract: We consider training machine learning models using data located on multiple private and geographically-scattered servers with different privacy settings. Due to the distributed nature of the data, communicating with all collaborating private data owners simultaneously may prove challenging or altogether impossible. We consider differentially-private asynchronous algorithms for collaboratively training machine-learning models on multiple private datasets. The asynchronous nature of the algorithms implies that a central learner interacts with the private data owners one-on-one whenever they are available for communication without needing to aggregate query responses to construct gradients of the entire fitness function. Therefore, the algorithm efficiently scales to many data owners. We define the cost of privacy as the difference between the fitness of a privacy-preserving machine-learning model and the fitness of trained machine-learning model in the absence of privacy concerns. We demonstrate that the cost of privacy has an upper bound that is inversely proportional to the combined size of the training datasets squared and the sum of the privacy budgets squared. We validate the theoretical results with experiments on financial and medical datasets. The experiments illustrate that collaboration among more than 10 data owners with at least 10,000 records with privacy budgets greater than or equal to 1 results in a superior machine-learning model in comparison to a model trained in isolation on only one of the datasets, illustrating the value of collaboration and the cost of the privacy. The number of the collaborating datasets can be lowered if the privacy budget is higher.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Leet Usage and Its Effect on Password Security

    • Free pre-print version: Loading...

      Authors: Wanda Li;Jianping Zeng;
      Pages: 2130 - 2143
      Abstract: Text-based passwords have long acted as the dominating authentication method. Leet, as one of the significant components in password, has not been paid enough attention yet. In this paper, we systematically study the presence of Leet in passwords. We define single and pattern forms of Leet and propose a matching approach to check whether a user password contains Leet. We extract the most prevalent counterpart pairs of Leet manifestations. Afterward, we examine the effect of Leet in passwords by incorporating Leet transformation into the probabilistic context-free grammar(PCFG) method to crack passwords. We construct the first comprehensively analyzed dictionary of Leets for passwords, which is confirmed suitable for most datasets by user survey. Experiments on four leaked password sets demonstrate that distinguished Leet usage accumulates to account for around 1% of the total dataset. Only 5% of high-frequency Leets replacement could increase the cracking rate by 0.55%. For crackers, incorporating popular Leets aids to improve password cracking performance. For users, adopting low-frequency Leets could strengthen their passwords. This research provides a new perspective to investigate Leet transformations in passwords.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Hunting Vulnerable Smart Contracts via Graph Embedding Based Bytecode
           Matching

    • Free pre-print version: Loading...

      Authors: Jianjun Huang;Songming Han;Wei You;Wenchang Shi;Bin Liang;Jingzheng Wu;Yanjun Wu;
      Pages: 2144 - 2156
      Abstract: Smart contract vulnerabilities have attracted lots of concerns due to the resultant financial losses. Matching-based detection methods extrapolating known vulnerabilities to unknown have proven to be effective in other platforms. However, directly adopting the technique to smart contracts is obstructed by two issues, i.e., diversity of bytecode generation resulting from the rapid evolution of compilers and interference of noise code easily caused by the homogeneous business logics. To address the problems, we propose contract bytecode-oriented normalization and slicing techniques to augment bytecode matching. Specifically, we conduct data- and instruction-level normalizations to uniform the bytecode generated by different compilers, and enforce contract-specific slicing by tracking data- and control-flows with simulated bytecode executions to prune the noise code as far as possible. Based on the above techniques, we design an unsupervised graph embedding algorithm to encode the code graphs into quantitatively comparable vectors. The potentially vulnerable smart contracts can be identified by measuring the similarities between their vectors and known vulnerable ones. Our evaluations have shown the efficiency (0.47 seconds per contract on average), effectiveness (160 verified true positives) and high precision (91.95% for top-ranked). It is worth noting that, we also identify dozens of honeypot contracts, further demonstrating the capability of our method.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Random Partitioning Forest for Point-Wise and Collective Anomaly
           Detection—Application to Network Intrusion Detection

    • Free pre-print version: Loading...

      Authors: Pierre-Francois Marteau;
      Pages: 2157 - 2172
      Abstract: In this paper, we propose DiFF-RF, an ensemble approach composed of random partitioning binary trees to detect point-wise and collective (as well as contextual) anomalies. Thanks to a distance-based paradigm used at the leaves of the trees, this semi-supervised approach solves a drawback that has been identified in the isolation forest (IF) algorithm. Moreover, taking into account the frequencies of visits in the leaves of the random trees allows to significantly improve the performance of DiFF-RF when considering the presence of collective anomalies. DiFF-RF is fairly easy to train, and good performance can be obtained by using a simple semi-supervised procedure to setup the extra hyper-parameter that is introduced. We first evaluate DiFF-RF on a synthetic data set to i) verify that the limitation of the IF algorithm is overcome, ii) demonstrate how collective anomalies are actually detected and iii) to analyze the effect of the meta-parameters it involves. We assess the DiFF-RF algorithm on a large set of datasets from the UCI repository, as well as four benchmarks related to network intrusion detection applications. Our experiments show that DiFF-RF almost systematically outperforms the IF algorithm and one of its extended variant, but also challenges the one-class SVM baseline, deep learning variational auto-encoder and ensemble of auto-encoder architectures. Finally, DiFF-RF is computationally efficient and can be easily parallelized on multi-core architectures.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Artificial Noise-Aided MIMO Physical Layer Authentication With Imperfect
           CSI

    • Free pre-print version: Loading...

      Authors: Jake Bailey Perazzone;Paul L. Yu;Brian M. Sadler;Rick S. Blum;
      Pages: 2173 - 2185
      Abstract: Fingerprint embedding at the physical layer is a highly tunable authentication framework for wireless communication that achieves information-theoretic security by hiding a traditional HMAC tag in noise. In a multiantenna scenario, artificial noise (AN) can be transmitted to obscure the tag even further. The AN strategy, however, relies on perfect knowledge of the channel state information (CSI) between the legitimate users. When the CSI is not perfectly known, the added noise leaks into the receiver's observations. In this article, we explore whether AN still improves security in the fingerprint embedding authentication framework with only imperfect CSI available at the transmitter and receiver. Specifically, we discuss and design detectors that account for AN leakage and analyze the adversary's ability to recover the key from observed transmissions. We compare the detection and security performance of the optimal perfect CSI detector with the imperfect CSI robust matched filter test and a generalized likelihood ratio test (GLRT). We find that utilizing AN can greatly improve security, but suffers from diminishing returns when the quality of CSI knowledge is poor. In fact, we find that in some cases allocating additional power to AN can begin to decrease key security.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Framework for Predicting Data Breach Risk: Leveraging Dependence to Cope
           With Sparsity

    • Free pre-print version: Loading...

      Authors: Zijian Fang;Maochao Xu;Shouhuai Xu;Taizhong Hu;
      Pages: 2186 - 2201
      Abstract: Data breach is a major cybersecurity problem that has caused huge financial losses and compromised many individuals' privacy (e.g., social security numbers). This calls for deeper understanding about the data breach risk. Despite the substantial amount of attention that has been directed toward the issue, many fundamental problems are yet to be investigated. In this article, we initiate the study of modeling and predicting risk in enterprise-level data breaches. This problem is challenging because of the sparsity of breaches experienced by individual enterprises over time, which immediately disqualifies standard statistical models because there are not enough data to train such models. As a first step towards tackling the problem, we propose an innovative statistical framework to leverage the dependence between multiple time series. In order to validate the framework, we apply it to a dataset of enterprise-level breach incidents. Experimental results show its effectiveness in modeling and predicting enterprise-level breach incidents.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Detectability-Based JPEG Steganography Modeling the Processing Pipeline:
           The Noise-Content Trade-off

    • Free pre-print version: Loading...

      Authors: Quentin Giboulot;Rémi Cogranne;Patrick Bas;
      Pages: 2202 - 2217
      Abstract: The current art of steganography shows that schemes using a deflection criterion (such as MiPOD) for JPEG steganography are usually subpar with respect to distortion-based schemes. We link this lack of performance to a poor estimation of the variance of the model of the noise on the cover image. However, this statistically-based method provides a better assessment of the detectability of hidden data as well as theoretical guarantees under a given model. In this paper, we propose a method to obtain better estimates of the variances of DCT coefficients by taking into account the dependencies introduced by development pipeline on pixels. A second method, which is a side-informed extension of Gaussian Embedding in the JPEG domain using quantization error as side-information, is also formulated and shown to achieve state-of-the-art performances. Eventually, the trade-off between noise and content complexity in steganography is thoroughly analyzed through the lenses of these two new methods using a wide range of numerical experiments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • High-Fidelity Face Manipulation With Extreme Poses and Expressions

    • Free pre-print version: Loading...

      Authors: Chaoyou Fu;Yibo Hu;Xiang Wu;Guoli Wang;Qian Zhang;Ran He;
      Pages: 2218 - 2231
      Abstract: Face manipulation has shown remarkable advances with the flourish of Generative Adversarial Networks. However, due to the difficulties of controlling structures and textures, it is challenging to model poses and expressions simultaneously, especially for the extreme manipulation at high-resolution. In this article, we propose a novel framework that simplifies face manipulation into two correlated stages: a boundary prediction stage and a disentangled face synthesis stage. The first stage models poses and expressions jointly via boundary images. Specifically, a conditional encoder-decoder network is employed to predict the boundary image of the target face in a semi-supervised way. Pose and expression estimators are introduced to improve the prediction performance. In the second stage, the predicted boundary image and the input face image are encoded into the structure and the texture latent space by two encoder networks, respectively. A proxy network and a feature threshold loss are further imposed to disentangle the latent space. Furthermore, due to the lack of high-resolution face manipulation databases to verify the effectiveness of our method, we collect a new high-quality Multi-View Face (MVF-HQ) database. It contains 120,283 images at 6000 × 4000 resolution from 479 identities with diverse poses, expressions, and illuminations. MVF-HQ is much larger in scale and much higher in resolution than publicly available high-resolution face manipulation databases. We will release MVF-HQ soon to push forward the advance of face manipulation. Qualitative and quantitative experiments on four databases show that our method dramatically improves the synthesis quality.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Joint Beam Training and Data Transmission Design for Covert
           Millimeter-Wave Communication

    • Free pre-print version: Loading...

      Authors: Jiayu Zhang;Min Li;Shihao Yan;Chunshan Liu;Xihan Chen;Min-Jian Zhao;Philip Whiting;
      Pages: 2232 - 2245
      Abstract: Covert communication prevents legitimate transmission from being detected by a warden while maintaining certain covert rate at the intended user. Prior works have considered the design of covert communication over conventional low-frequency bands, but few works so far have explored the higher-frequency millimeter-wave (mmWave) spectrum. The directional nature of mmWave communication makes it attractive for covert transmission. However, how to establish such directional link in a covert manner in the first place remains as a significant challenge. In this paper, we consider a covert mmWave communication system, where legitimate parties Alice and Bob adopt beam training approach for directional link establishment. Accounting for the training overhead, we develop a new design framework that jointly optimizes beam training duration, training power and data transmission power to maximize the effective throughput of Alice-Bob link while ensuring the covertness constraint at warden Willie is met. We further propose a dual-decomposition successive convex approximation algorithm to solve the problem efficiently. Numerical studies demonstrate interesting tradeoff among the key design parameters considered and also the necessity of joint design of beam training and data transmission for covert mmWave communication.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • VD-GAN: A Unified Framework for Joint Prototype and Representation
           Learning From Contaminated Single Sample per Person

    • Free pre-print version: Loading...

      Authors: Meng Pang;Binghui Wang;Yiu-ming Cheung;Yiran Chen;Bihan Wen;
      Pages: 2246 - 2259
      Abstract: Single sample per person (SSPP) face recognition with a contaminated biometric enrolment database (SSPP-ce FR) is an emerging practical FR problem, where the SSPP in the enrolment database is no longer standard but contaminated by nuisance facial variations such as expression, lighting, pose, and disguise. In this case, the conventional SSPP FR methods, including the patch-based and generic learning methods, will suffer from serious performance degradation. Few recent methods were proposed to tackle SSPP-ce FR by either performing prototype learning on the contaminated enrolment database or learning discriminative representations that are robust against variation. Despite that, most of these approaches can only handle a specified single variation, e.g., pose, but cannot be extended to multiple variations. To address these two limitations, we propose a novel Variation Disentangling Generative Adversarial Network (VDGAN) to jointly perform prototype learning and representation learning in a unified framework. The proposed VD-GAN consists of an encoder-decoder structural generator and a multi-task discriminator to handle universal variations including single, multiple, and even mixed variations in practice. The generator and discriminator play an adversarial game such that the generator learns a discriminative identity representation and generates an identity-preserved prototype for each face image, while the discriminator aims to predict face identity label, distinguish real vs. fake prototype, and disentangle target variations from the learned representations. Qualitative and quantitative evaluations on various real-world face datasets containing single/multiple and mixed variations demonstrate the effectiveness of VD-GAN.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Direct Anonymous Attestation With Optimal TPM Signing Efficiency

    • Free pre-print version: Loading...

      Authors: Kang Yang;Liqun Chen;Zhenfeng Zhang;Christopher J. P. Newton;Bo Yang;Li Xi;
      Pages: 2260 - 2275
      Abstract: Direct Anonymous Attestation (DAA) is an anonymous signature scheme, which allows the Trusted Platform Module (TPM), a small chip embedded in a host computer, to attest to the state of the host system, while preserving the privacy of the user. DAA provides two signature modes: fully anonymous signatures and pseudonymous signatures. One main goal of designing DAA schemes is to reduce the TPM signing workload as much as possible, as the TPM has only limited resources. In an optimal DAA scheme, the signing workload on the TPM will be no more than that required for a normal signature like ECSchnorr. To date, no scheme has achieved the optimal signing efficiency for both signature modes. In this paper, we propose the first DAA scheme which achieves the optimal TPM signing efficiency for both signature modes. In this scheme, the TPM takes only a single exponentiation to generate a signature, and this single exponentiation can be pre-computed. Our scheme can be implemented using the existing TPM 2.0 commands, and thus is compatible with the TPM 2.0 specification. We benchmarked the TPM 2.0 commands needed for three DAA use cases on an Infineon TPM 2.0 chip, and also implemented the host signing and verification algorithm for our DAA scheme on a laptop with 1.80GHz Intel Core i7-8550U CPU. Our experimental results show that our DAA scheme obtains a total signing time of about 144 ms for either signature mode, while with pre-computation we can obtain a signing time of about 65 ms. Based on our benchmark results for the pseudonymous signature mode, our scheme is roughly $2times $ (resp., $5times $ ) faster than the existing DAA schemes supported by TPM 2.0 in terms of total (resp., online) signing efficiency.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Optimal Adversarial Policies in the Multiplicative Learning System With a
           Malicious Expert

    • Free pre-print version: Loading...

      Authors: S. Rasoul Etesami;Negar Kiyavash;Vincent Leon;H. Vincent Poor;
      Pages: 2276 - 2287
      Abstract: We consider a learning system based on the conventional multiplicative weight (MW) rule that combines experts' advice to predict a sequence of true outcomes. It is assumed that one of the experts is malicious and aims to impose the maximum loss on the system. The system's loss is naturally defined to be the aggregate absolute difference between the sequence of predicted outcomes and the true outcomes. We consider this problem under both offline and online settings. In the offline setting where the malicious expert must choose its entire sequence of decisions a priori, we show somewhat surprisingly that a simple greedy policy of always reporting false prediction is asymptotically optimal with an approximation ratio of 1+O√(ln N)/N, where N is the total number of prediction stages. In particular, we describe a policy that closely resembles the structure of the optimal offline policy. For the online setting where the malicious expert can adaptively make its decisions, we show that the optimal online policy can be efficiently computed by solving a dynamic program in O(N3). We also discuss a generalization of our model to multi-expert settings. Our results provide a new direction for vulnerability assessment of commonly-used learning algorithms to internal adversarial attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Multi-Party Dynamic State Estimation That Preserves Data and Model Privacy

    • Free pre-print version: Loading...

      Authors: Yuqing Ni;Junfeng Wu;Li Li;Ling Shi;
      Pages: 2288 - 2299
      Abstract: In this paper we focus on the dynamic state estimation which harnesses a vast amount of sensing data harvested by multiple parties and recognize that in many applications, to improve collaborations between parties, the estimation procedure must be designed with the awareness of protecting participants' data and model privacy, where the latter refers to the privacy of key parameters of observation models. We develop a state estimation paradigm for the scenario where multiple parties with data and model privacy concerns are involved. Multiple parties monitor a physical dynamic process by deploying their own sensor networks and update the state estimate according to the average state estimate of all the parties calculated by a cloud server and security module. The paradigm taps additively homomorphic encryption which enables the cloud server and security module to jointly fuse parties' data while preserving the data privacy. Meanwhile, all the parties collaboratively develop a stable (or optimal) fusion rule without divulging sensitive model information. For the proposed filtering paradigm, we analyze the stabilization and the optimality. First, to stabilize the multi-party state estimator while preserving observation model privacy, two stabilization design methods are proposed. For special scenarios, the parties directly design their estimator gains by the matrix norm relaxation. For general scenarios, after transforming the original design problem into a convex semi-definite programming problem, the parties collaboratively derive suitable estimator gains based on the alternating direction method of multipliers (ADMM). Second, an optimal collaborative gain design method with model privacy guarantees is provided, which results in the asymptotic minimum mean square error (MMSE) state estimation. Finally, numerical examples are presented to illustrate our design and theoretical findings.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Log-Based Anomaly Detection With Robust Feature Extraction and Online
           Learning

    • Free pre-print version: Loading...

      Authors: Shangbin Han;Qianhong Wu;Han Zhang;Bo Qin;Jiankun Hu;Xingang Shi;Linfeng Liu;Xia Yin;
      Pages: 2300 - 2311
      Abstract: Cloud technology has brought great convenience to enterprises as well as customers. System logs record notable events and are becoming valuable resources to track and investigate system status. Detecting anomaly from logs as fast as possible can improve the quality of service significantly. Although many machine learning algorithms (e.g., SVM, Logistic Regression) have high detection accuracy, we find that they assume data are clean and might have high training time. Facing these challenges, in this paper, we propose Robust Online Evolving Anomaly Detection (ROEAD) framework which adopts Robust Feature Extractor (RFE) to remove the effects of noise and Online Evolving Anomaly Detection (OEAD) to dynamic update parameters. We propose Online Evolving SVM (OES) algorithm as the example of online anomaly detection methods. We analyze the performance of OES in theory and prove the performance difference between OES and the best hypothesis tends to zero as time goes infinity. We compare the performance of ROEAD against state-of-the-art anomaly detection algorithms using public log datasets. The results demonstrate that ROEAD is able to remove the effects of noise and OES can improve the detection accuracy by more than 40%.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Design Framework for Strongly χ²-Private
           Data Disclosure

    • Free pre-print version: Loading...

      Authors: Amirreza Zamani;Tobias J. Oechtering;Mikael Skoglund;
      Pages: 2312 - 2325
      Abstract: In this paper, we study a stochastic disclosure control problem using information-theoretic methods. The useful data to be disclosed depend on private data that should be protected. Thus, we design a privacy mechanism to produce new data which maximizes the disclosed information about the useful data under a strong χ2-privacy criterion. For sufficiently small leakage, the privacy mechanism design problem can be geometrically studied in the space of probability distributions by a local approximation of the mutual information. By using methods from Euclidean information geometry, the original highly challenging optimization problem can be reduced to a problem of finding the principal right-singular vector of a matrix, which characterizes the optimal privacy mechanism. In two extensions we first consider a scenario where an adversary receives a noisy version of the user's message and then we look for a mechanism which finds U based on observing X, maximizing the mutual information between U and Y while satisfying the privacy criterion on U and Z under the Markov chain (Z, Y)-X-U.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Differential Privacy on the Unit Simplex via the Dirichlet Mechanism

    • Free pre-print version: Loading...

      Authors: Parham Gohari;Bo Wu;Calvin Hawkins;Matthew Hale;Ufuk Topcu;
      Pages: 2326 - 2340
      Abstract: As members of network systems share more information among agents and with network providers, sensitive data leakage raises privacy concerns. Motivated by such concerns, we introduce a novel mechanism that privatizes vectors belonging to the unit simplex. Such vectors can be found in many applications, such as privatizing a decision-making policy in a Markov decision process. We use differential privacy as the underlying mathematical framework for this work. The introduced mechanism is a probabilistic mapping that maps a vector within the unit simplex to the same domain using a Dirichlet distribution. We find the mechanism well-suited for inputs within the unit simplex because it always returns a privatized output that is also in the unit simplex. Therefore, no further projection back onto the unit simplex is required. We verify and quantify the privacy guarantees of the mechanism for three cases: identity queries, average queries, and general linear queries. We establish a trade-off between the level of privacy and the accuracy of the mechanism output, and we introduce a parameter to balance the trade-off between them. Numerical results illustrate the proposed mechanism.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • FA-GAN: Face Augmentation GAN for Deformation-Invariant Face Recognition

    • Free pre-print version: Loading...

      Authors: Mandi Luo;Jie Cao;Xin Ma;Xiaoyu Zhang;Ran He;
      Pages: 2341 - 2355
      Abstract: Substantial improvements have been achieved in the field of face recognition due to the successful application of deep neural networks. However, existing methods are sensitive to both the quality and quantity of the training data. Despite the availability of large-scale datasets, the long tail data distribution induces strong biases in model learning. In this paper, we present a Face Augmentation Generative Adversarial Network (FA-GAN) to reduce the influence of imbalanced deformation attribute distributions. We propose to decouple these attributes from the identity representation with a novel hierarchical disentanglement module. Moreover, Graph Convolutional Networks (GCNs) are applied to recover geometric information by exploring the interrelations among local regions to guarantee the preservation of identities in face data augmentation. Extensive experiments on face reconstruction, face manipulation, and face recognition demonstrate the effectiveness and generalization ability of the proposed method.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Physical-Layer Authentication Using Multiple Channel-Based Features

    • Free pre-print version: Loading...

      Authors: Ning Xie;Junjie Chen;Lei Huang;
      Pages: 2356 - 2366
      Abstract: This paper concerns the problem of authenticating the transmitter without a secret key. In comparison with traditional cryptographic-based authentication mechanisms, the Physical-Layer Authentication (PLA) has the following advantages: high security, low complexity, and high compatibility, since it exploits intrinsic and unique features of the physical layer to authenticate the transmitter rather than using a secret key. The prior channel-based PLA schemes use a quantization algorithm to deal with multiple channel-based features for simplicity. However, there are two main limitations in the prior schemes: performance loss due to quantization error and the difficulty of obtaining the optimal thresholds in closed-form. In this paper, we propose two multiple Channel Impulse Response (CIR) based PLA schemes to effectively overcome the aforementioned limitations of the prior schemes. The first scheme uses multiple CIRs to realize the PLA, which is named as the Multiple CIRs PLA (MCP) scheme. The MCP scheme has better authentication performance than the prior schemes, since it avoids to use a quantization algorithm. The second scheme further improves the authentication performance by exploiting the channel correlation coefficient, which is named as the Enhanced Multiple CIRs PLA (EMCP) scheme. We provide rigorous performance analysis of two proposed schemes. We implemented the proposed schemes and conducted extensive performance comparisons through simulations. Our experimental results show that the closed-form expressions of the theoretical results of the proposed schemes perfectly match the corresponding simulation results. The EMCP scheme has the best authentication performance and the MCP scheme is the second one, whereas the prior scheme is the worst one. As the SNR or the channel correlation coefficient declines, the performance gap among various schemes gradually increases.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Accurate Decentralized Application Identification via Encrypted Traffic
           Analysis Using Graph Neural Networks

    • Free pre-print version: Loading...

      Authors: Meng Shen;Jinpeng Zhang;Liehuang Zhu;Ke Xu;Xiaojiang Du;
      Pages: 2367 - 2380
      Abstract: Decentralized Applications (DApps) are increasingly developed and deployed on blockchain platforms such as Ethereum. DApp fingerprinting can identify users' visits to specific DApps by analyzing the resulting network traffic, revealing much sensitive information about the users, such as their real identities, financial conditions and religious or political preferences. DApps deployed on the same platform usually adopt the same communication interface and similar traffic encryption settings, making the resulting traffic less discriminative. Existing encrypted traffic classification methods either require hand-crafted and fine-tuning features or suffer from low accuracy. It remains a challenging task to conduct DApp fingerprinting in an accurate and efficient way. In this paper, we present GraphDApp, a novel DApp fingerprinting method using Graph Neural Networks (GNNs). We propose a graph structure named Traffic Interaction Graph (TIG) as an information-rich representation of encrypted DApp flows, which implicitly reserves multiple dimensional features in bidirectional client-server interactions. Using TIG, we turn DApp fingerprinting into a graph classification problem and design a powerful GNN-based classifier. We collect real-world traffic datasets from 1,300 DApps with more than 169,000 flows. The experimental results show that GraphDApp is superior to the other state-of-the-art methods in terms of classification accuracy in both closed- and open-world scenarios. In addition, GraphDApp maintains its high accuracy when being applied to the traditional mobile application classification.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Nelder-Mead Simplex Channel Estimation for the RF-DNA Fingerprinting of
           OFDM Transmitters Under Rayleigh Fading Conditions

    • Free pre-print version: Loading...

      Authors: Mohamed Fadul;Donald Reising;T. Daniel Loveless;Abdul Ofoli;
      Pages: 2381 - 2396
      Abstract: The Internet of Things (IoT) is a collection of Internet connected devices capable of interacting with the physical world and computer systems. It is estimated that IoT will consist of more than seventy five billion devices by the year 2025. In addition to the sheer numbers, the need for IoT security is exacerbated by the fact that many of the edge devices employ weak to no encryption of the communication link. It has been estimated that almost 70% of IoT devices use no form of encryption. Previous research has suggested the use of Specific Emitter Identification (SEI), a physical layer technique, as a means of augmenting bit-level security mechanisms such as encryption. Radio Frequency-Distinct Native Attributes (RF-DNA) fingerprinting is an SEI technique that has demonstrated success in discriminating radios operating within a noise only channel. This work extends RF-DNA fingerprinting to the discrimination of radios operating under Rayleigh fading conditions through the use of a Nelder-Mead (N-M) simplex-based channel estimator. The N-M estimator estimates the multipath channel directly from the received waveform; thus, eliminating the need for demodulation that is required when using constellation-based estimators. N-M estimator proves superior to three alternative waveform-based estimation approaches under increasing fading paths/reflections and decreasing Signal-to-Noise Ratio (SNR). Radio discrimination performance is maximized through the assessment of: (i) RF-DNA fingerprints generated from the magnitude versus phase representation of the Gabor transform's coefficients, (ii) a statistic-based classifier versus a neural network-based classifier, and (iii) the size of patch used to subdivide the Gabor-based time-frequency response prior to calculation of the RF-DNA fingerprint features. The resulting RF-DNA fingerprinting process achieves an average percent correct classification of 92.3% or greater for Rayleigh fading channels consisting of: tw-, three, or five reflections/paths at SNR≥15 dB.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Data-Driven Decision Support for Optimizing Cyber Forensic Investigations

    • Free pre-print version: Loading...

      Authors: Antonia Nisioti;George Loukas;Aron Laszka;Emmanouil Panaousis;
      Pages: 2397 - 2412
      Abstract: Cyber attacks consisting of several attack actions can present considerable challenge to forensic investigations. Consider the case where a cybersecurity breach is suspected following the discovery of one attack action, for example by observing the modification of sensitive registry keys, suspicious network traffic patterns, or the abuse of legitimate credentials. At this point, the investigator can have multiple options as to what to check next to discover the rest, and will likely pick one based on experience and training. This will be the case at each new step. We argue that the efficiency of this aspect of the job, which is the selection of what next step to take, can have significant impact on its overall cost (e.g., the duration) of the investigation and can be improved through the application of constrained optimization techniques. Here, we present DISCLOSE, the first data-driven decision support framework for optimizing forensic investigations of cybersecurity breaches. DISCLOSE benefits from a repository of known adversarial tactics, techniques, and procedures (TTPs), for each of which it harvests threat intelligence information to calculate its probabilistic relations with the rest. These relations, as well as a proximity parameter derived from the projection of quantitative data regarding the adversarial TTPs on an attack life cycle model, are both used as input to our optimization framework. We show the feasibility of this approach in a case study that consists of 31 adversarial TTPs, data collected from 6 interviews with experienced cybersecurity professionals and data extracted from the MITRE ATT&CK STIX repository and the Common Vulnerability Scoring System (CVSS).
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • CPS Device-Class Identification via Behavioral Fingerprinting: From Theory
           to Practice

    • Free pre-print version: Loading...

      Authors: Leonardo Babun;Hidayet Aksu;A. Selcuk Uluagac;
      Pages: 2413 - 2428
      Abstract: Cyber-Physical Systems (CPS) utilize different devices to collect sensitive data, communicate with other systems, and monitor essential processes in critical infrastructure applications. However, in the ecosystem of CPS, unauthorized or spoofed devices may danger or compromise the performance and security of the critical infrastructure. The unauthorized and spoofed devices may include tampered pieces of software or hardware components that can negatively impact CPS operations or collect vital CPS metrics from the network. Such devices can be outsider or insider threats trying to impersonate other real CPS devices via spoofing their legitimate identifications to gain access to systems, steal information, or spread malware. Device fingerprinting techniques are promising approaches to identify unauthorized or illegitimate devices. However, current fingerprinting solutions are not suitable as they disrupt critical real-time operations in CPS due to the nature of their extensive data analysis or too much overhead on the devices' computational resources. To address these concerns, in this work, we propose STOP-AND- FRISK (S&F), a novel fingerprinting framework to identify CPS device classes and complement traditional security mechanisms in CPS. S&F is based on a secure challenge/response mechanism that analyzes the behavior of the CPS devices at both the hardware and OS/kernel levels. Specifically, the proposed novel mechanism combines system and function call tracing techniques, signal processing, and hardware performance analysis to create specific device-class signatures. Then, the signatures are correlated against known behavioral ground-truth to identify the device types. To test the efficacy of S&F extensively, we implemented a realistic testbed that included different classes of CPS devices with a variety of computing resources, architectures, and configurations. Our experimental results reveal an excellent rate on the CPS device-class identification. Finally, ex-ensive performance analysis demonstrates that the use of S&F yields minimal overhead on the CPS devices' computing resources.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Quantum Learning Based Nonrandom Superimposed Coding for Secure Wireless
           Access in 5G URLLC

    • Free pre-print version: Loading...

      Authors: Dongyang Xu;Pinyi Ren;
      Pages: 2429 - 2444
      Abstract: Secure wireless access in ultra-reliable low-latency communications (URLLC), which is a critical aspect of 5G security, has become increasingly important due to its potential support of grant-free configuration. In grant-free URLLC, precise allocation of different pilot resources to different users that share the same time-frequency resource is essential for the next generation NodeB (gNB) to exactly identify those users under access collision and to maintain precise channel estimation required for reliable data transmission. However, this process easily suffers from attacks on pilots. We in this article propose a quantum learning based nonrandom superimposed coding method to encode and decode pilots on multidimensional resources, such that the uncertainty of attacks can be learned quickly and eliminated precisely. Particularly, multiuser pilots for uplink access are encoded as distinguishable subcarrier activation patterns (SAPs) and gNB decodes pilots of interest from observed SAPs, a superposition of SAPs from access users, by joint design of attack mode detection and user activity detection though a quantum learning network (QLN). We found that the uncertainty lies in the identification process of codeword digits from the attacker, which can be always modelled as a black-box model, resolved by a quantum learning algorithm and quantum circuit. Novel analytical closed-form expressions of failure probability are derived to characterize the reliability of this URLLC system with short packet transmission. Simulations how that our method can bring ultra-high reliability and low latency despite attacks on pilots.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Rebuttal: On the Security of Reversible Data Hiding in Encrypted Images by
           MSB Prediction

    • Free pre-print version: Loading...

      Authors: Pauline Puteaux;William Puech;
      Pages: 2445 - 2446
      Abstract: Prior to the publication of our article in 2018, to our knowledge, there were no methods of achieving a favourable trade-off between the payload in bits-per-pixel (bpp) and the quality of the reconstructed image in terms of PSNR or SSIM. Indeed, a high payload value would lead to a degradation of the reconstructed image’s quality. Moreover, it should also be noted that almost all of the other state-of-the-art methods at the time, were based on Least Significant Bit (LSB) substitution and made little use of the redundancy between pixels in the clear domain to realize the data embedding of a secret message. In our proposed work [2], we have taken the opposing view by developing a Most Significant Bits (MSB) prediction-based reversible data hiding in encrypted images (RDHEI) method. In the EPE-HCRDH approach, the original image is encrypted without modification and information about the location of all pixels which cannot be correctly predicted is embedded by MSB substitution. In order to localize the prediction errors, flags of consecutive bits equal to 1 are used. With this information, the data hider can detect all the bits which can be marked and substitute them with bits of a secret message. In this case, the payload is slightly lower than 1 bpp, but perfect reversibility is achieved. So, the proposed EPE-HCRDH approach provides a high payload with a little complexity. But as highlighted by Dragoi and Coltuc [1], the fact of using flags, so that the data hider can embed a secret message introduces security flaws in the method. Despite this, the method has attracted the attention of many researchers, with 100 citations (according to Google Scholar on November 9, 2020) in several peer-reviewed journals of excellent reputation (IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY [3], IEEE TRANSACTIONS ON MULTIMEDIA [4]–[7], IEEE ACCESS [8], IEEE TRANSACTIONS ON SIGNAL PROCESSING, and IEEE TRANSACTION ON DEPENDABLE AND SECURE COMPUTING [9]. Today, we can say that high capacity RDHEI has become a hot topic.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Adversarial Adaptive Neighborhood With Feature Importance-Aware Convex
           Interpolation

    • Free pre-print version: Loading...

      Authors: Qian Li;Yong Qi;Qingyuan Hu;Saiyu Qi;Yun Lin;Jin Song Dong;
      Pages: 2447 - 2460
      Abstract: Adversarial Examples threaten to fool deep learning models to output erroneous predictions with high confidence. Optimization-based methods for constructing such samples have been extensively studied. While being effective in terms of aggression, they typically lack clear interpretation and constraint about their underlying generation process, which thus hinders us from leveraging the produced adversarial samples for model protection in the reverse direction. Hence, we expect them to repair bugs in the pre-trained models by produced additional training data equipped with strong attack ability rather than time-consuming full re-training from scratch. To address these issues, we first study the black-box behaviors and the intrinsic deficiency of neighborhood information in previous optimization-based adversarial attacks and defenses, respectively. Then we introduce a new method dubbed FeaCP, which uses correct predicted samples in disjoint classes to guide the generation of more explainable adversarial samples in the ambiguous region around the decision boundary instead of uncontrolled “blind spots”, via convex combination in a feature component-wise manner which takes the individual importance of feature ingredients into account. Our method incorporates the prior fact that for well-separated samples, the path connecting them would go through model's decision-boundary that lies in a low-density region, however, wherein adversarial examples are spread with high probability, thus having an impact on the ultimate trained model. In our work, the path is constructed by proposed inhomogeneous feature-wise convex interpolation rather than operating on sample-wise level, limiting the search space of FeaCP to obtain an adaptive neighborhood. Finally, we provide detailed insights and extend our method to adversarial fine-tuning using vicinity distribution to optimize the approximated decision boundary, and validate the significance of our-FeaCP to model performance. The experimental results show that our method provides competitive performance on various datasets and networks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Depth as Attention for Face Representation Learning

    • Free pre-print version: Loading...

      Authors: Hardik Uppal;Alireza Sepas-Moghaddam;Michael Greenspan;Ali Etemad;
      Pages: 2461 - 2476
      Abstract: Face representation learning solutions have recently achieved great success for various applications such as verification and identification. However, face recognition approaches that are based purely on RGB images rely solely on intensity information, and therefore are more sensitive to facial variations, notably pose, occlusions, and environmental changes such as illumination and background. A novel depth-guided attention mechanism is proposed for deep multi-modal face recognition using low-cost RGB-D sensors. Our novel attention mechanism directs the deep network “where to look” for visual features in the RGB image by focusing the attention of the network using depth features extracted by a Convolution Neural Network (CNN). The depth features help the network focus on regions of the face in the RGB image that contain more prominent person-specific information. Our attention mechanism then uses this correlation to generate an attention map for RGB images from the depth features extracted by the CNN. We test our network on four public datasets, showing that the features obtained by our proposed solution yield better results on the Lock3DFace, CurtinFaces, IIIT-D RGB-D, and KaspAROV datasets which include challenging variations in pose, occlusion, illumination, expression, and time lapse. Our solution achieves average (increased) accuracies of 87.3% (+5.0%), 99.1% (+0.9%), 99.7% (+0.6%) and 95.3%(+0.5%) for the four datasets respectively, thereby improving the state-of-the-art. We also perform additional experiments with thermal images, instead of depth images, showing the high generalization ability of our solution when adopting other modalities for guiding the attention mechanism instead of depth information.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Camera Invariant Feature Learning for Generalized Face Anti-Spoofing

    • Free pre-print version: Loading...

      Authors: Baoliang Chen;Wenhan Yang;Haoliang Li;Shiqi Wang;Sam Kwong;
      Pages: 2477 - 2492
      Abstract: There has been an increasing consensus in learning based face anti-spoofing that the divergence in terms of camera models is causing a large domain gap in real application scenarios. We describe a framework that eliminates the influence of inherent variance from acquisition cameras at the feature level, leading to the generalized face spoofing detection model that could be highly adaptive to different acquisition devices. In particular, the framework is composed of two branches. The first branch aims to learn the camera invariant spoofing features via feature level decomposition in the high frequency domain. Motivated by the fact that the spoofing features exist not only in the high frequency domain, in the second branch the discrimination capability of extracted spoofing features is further boosted from the enhanced image based on the recomposition of the high-frequency and low-frequency information. Finally, the classification results of the two branches are fused together by a weighting strategy. Experiments show that the proposed method can achieve better performance in both intra-dataset and cross-dataset settings, demonstrating the high generalization capability in various application scenarios.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Transformation-Aware Embeddings for Image Provenance

    • Free pre-print version: Loading...

      Authors: Aparna Bharati;Daniel Moreira;Patrick J. Flynn;Anderson de Rezende Rocha;Kevin W. Bowyer;Walter J. Scheirer;
      Pages: 2493 - 2507
      Abstract: A dramatic rise in the flow of manipulated image content on the Internet has led to a prompt response from the media forensics research community. New mitigation efforts leverage cutting-edge data-driven strategies and increasingly incorporate usage of techniques from computer vision and machine learning to detect and profile the space of image manipulations. This paper addresses Image Provenance Analysis, which aims at discovering relationships among different manipulated image versions that share content. One important task in provenance analysis, like most visual understanding problems, is establishing a visual description and dissimilarity computation method that connects images that share full or partial content. But the existing handcrafted or learned descriptors - generally appropriate for tasks such as object recognition - may not sufficiently encode the subtle differences between near-duplicate image variants, which significantly characterize the provenance of any image. This paper introduces a novel data-driven learning-based approach that provides the context for ordering images that have been generated from a single image source through various transformations. Our approach learns transformation-aware embeddings using weak supervision via composited transformations and a rank-based Edit Sequence Loss. To establish the effectiveness of the proposed approach, comparisons are made with state-of-the-art handcrafted and deep-learning-based descriptors, as well as image matching approaches. Further experimentation validates the proposed approach in the context of image provenance analysis and improves upon existing approaches.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • UNSAIL: Thwarting Oracle-Less Machine Learning Attacks on
           Logic Locking

    • Free pre-print version: Loading...

      Authors: Lilas Alrahis;Satwik Patnaik;Johann Knechtel;Hani Saleh;Baker Mohammad;Mahmoud Al-Qutayri;Ozgur Sinanoglu;
      Pages: 2508 - 2523
      Abstract: Logic locking aims to protect the intellectual property (IP) of integrated circuit (IC) designs throughout the globalized supply chain. The SAIL attack, based on tailored machine learning (ML) models, circumvents combinational logic locking with high accuracy and is amongst the most potent attacks as it does not require a functional IC acting as an oracle. In this work, we propose UNSAIL, a logic locking technique that inserts key-gate structures with the specific aim to confuse ML models like those used in SAIL. More specifically, UNSAIL serves to prevent attacks seeking to resolve the structural transformations of synthesis-induced obfuscation, which is an essential step for logic locking. Our approach is generic; it can protect any local structure of key-gates against such ML-based attacks in an oracle-less setting. We develop a reference implementation for the SAIL attack and launch it on both traditionally locked and UNSAIL-locked designs. For SAIL, two ML models have been proposed (which we implement accordingly), namely a change-prediction model and a reconstruction model; the change-prediction model is used to determine which key-gate structures to restore using the reconstruction model. Our study on benchmarks ranging from the ISCAS-85 and ITC-99 suites to the OpenRISC Reference Platform System-on-Chip (ORPSoC) confirms that UNSAIL degrades the accuracy of the change-prediction model and the reconstruction model by an average of 20.13 and 17 percentage points (pp), respectively. When the aforementioned models are combined, which is the most powerful scenario for SAIL, UNSAIL reduces the attack accuracy of SAIL by an average of 11pp. We further demonstrate that UNSAIL thwarts other oracle-less attacks, i.e., SWEEP and the redundancy attack, indicating the generic nature and strength of our approach. Detailed layout-level evaluations illustrate that UNSAIL incurs minimal area and power overheads of 0.26% and 0.61%, respectively, on th- million-gate ORPSoC design.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Sampling Rate Distribution for Flow Monitoring and DDoS Detection in
           Datacenter

    • Free pre-print version: Loading...

      Authors: Rajorshi Biswas;Sungji Kim;Jie Wu;
      Pages: 2524 - 2534
      Abstract: Monitoring all the internal flows in a datacenter is important to protect a victim against internal distributed denial-of-service (DDoS) attacks. Unused virtual machines (VMs) in a datacenter are used as monitors and flows are copied to the monitors from software defined networking (SDN) switches by adding some special rules. In such a system, a VM runs a machine learning method to detect DDoS behavior but it can only process a limited number/amount of flows. When the amount of flows is beyond the capacities of all monitor VMs, the system sub-samples each flow probabilistically. The sampling rate affects the DDoS detection rate of the monitors. Besides, the DDoS detection rates of different types of flows are different for the same sampling rate. A uniform sampling rate might not produce a good overall DDoS detection rate. Assigning different sampling rates to different flows may produce the best result. In this paper, we propose a flow grouping approach based on behavioral similarity among the VMs followed by hierarchical clustering of VMs. The sampling rate is uniform among all the flows in a group. We investigate the relationship between the sampling rate and the DDoS detection rate. Then, we formulate an optimization problem for finding an optimal sampling rate distribution and solve it using mix-integer linear programming. We conduct extensive experiments with Hadoop and Spark and present results that support the feasibility of our model.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Reinforcement Learning-Based Physical-Layer Authentication for Controller
           Area Networks

    • Free pre-print version: Loading...

      Authors: Liang Xiao;Xiaozhen Lu;Tangwei Xu;Weihua Zhuang;Huaiyu Dai;
      Pages: 2535 - 2547
      Abstract: In controller area networks (CANs), electronic control units (ECUs) such as telematics ECUs and on-board diagnostic ports must protect the message exchange from spoofing attacks. In this paper, we propose a CAN bus authentication framework that exploits physical layer features of the messages, including message arrival intervals and signal voltages, and applies reinforcement learning to choose the authentication mode and parameter. By applying the Dyna architecture and using a double estimator, this scheme improves the utility in terms of authentication accuracy without changing the CAN bus protocol or the ECU components and requiring knowledge of the spoofing model. We also propose a deep learning version to further improve the authentication efficiency for the CAN bus. The learning scheme applies a hierarchical structure to reduce the exploration time, and uses two deep neural networks to compress the high-dimensional state space and to fully exploit the physical authentication experiences. We provide the computational complexity and the performance analysis. Experimental results verify the theoretical analysis and show that our proposed schemes significantly improve the authentication accuracy as compared with benchmark schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Utilizing and Extending Trusted Execution Environment in Heterogeneous
           SoCs for a Pay-Per-Device IP Licensing Scheme

    • Free pre-print version: Loading...

      Authors: Nadir Khan;Sven Nitzsche;Asier Garciandia López;Jürgen Becker;
      Pages: 2548 - 2563
      Abstract: A pay-per-use Intellectual Property (IP) licensing model that can protect IPs from multiple participants will benefit the FPGA IP market and Small to Medium Enterprises (SMEs). Existing protection solutions in modern FPGA devices rely on dedicated decryption engines that use cryptographic keys, which require programming them in a trusted environment. Since designs from multiple participants need protection in a typical licensing scenario, it requires a trusted third party for key programming and encryption tasks. These requirements led to the proposition of several licensing schemes; however, they do not address several security and flexibility challenges. Therefore, in this work, we propose a pay-per-device IP licensing scheme that is secure, less restrictive for the system developer and offers protection against malicious IP cores. The scheme relies on a Security Framework (SFW) that provides a Trusted Execution Environment (TEE), which handles key storage, cryptographic operations, and security monitoring. A device running the SFW can be considered a trusted platform that provides a direct secure path for the IP from its vendor to the device's TEE, where it is decrypted, analyzed and, then configured on the programmable logic.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Cryptoanalysis of an Authenticated Data Structure Scheme With Public
           Privacy-Preserving Auditing

    • Free pre-print version: Loading...

      Authors: Shiyu Li;Yuan Zhang;Chunxiang Xu;Kefei Chen;
      Pages: 2564 - 2565
      Abstract: In this letter, we point out that the privacy-preserving adaptive trapdoor hash authentication tree scheme (published in IEEE TIFS, doi: 10.1109/TIFS.2020.2986879) can be invalidated by an adversarial cloud server: if the outsourced data is arbitrarily modified, the cloud server still can pass the third-party auditor's auditing.
      PubDate: 2021
      DOI: 10.1109/tifs.2020.2986879) can be invalidated by an adversarial cloud server: if the outsourced data
      Issue No: Vol. 16 (2021)
       
  • Defending Support Vector Machines Against Data Poisoning Attacks

    • Free pre-print version: Loading...

      Authors: Sandamal Weerasinghe;Tansu Alpcan;Sarah M. Erfani;Christopher Leckie;
      Pages: 2566 - 2578
      Abstract: Support Vector Machines (SVMs) are vulnerable to targeted training data manipulations such as poisoning attacks and label flips. By carefully manipulating a subset of training samples, the attacker forces the learner to compute an incorrect decision boundary, thereby causing misclassifications. Considering the increased importance of SVMs in engineering and life-critical applications, we develop a novel defense algorithm that improves resistance against such attacks. Local Intrinsic Dimensionality (LID) is a promising metric that characterizes the outlierness of data samples. In this work, we introduce a new approximation of LID called K-LID that uses kernel distance in the LID calculation, which allows LID to be calculated in high dimensional transformed spaces. We introduce a weighted SVM against such attacks using K-LID as a distinguishing characteristic that de-emphasizes the effect of suspicious data samples on the SVM decision boundary. Each sample is weighted on how likely its K-LID value is from the benign K-LID distribution rather than the attacked K-LID distribution. Experiments with benchmark data sets show that the proposed defense reduces classification error rates substantially (10% on average).
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Comments on “Attribute-Based Data Sharing Scheme Revisited in Cloud
           Computing”

    • Free pre-print version: Loading...

      Authors: Caihui Lan;Caifen Wang;Haifeng Li;Liangliang Liu;
      Pages: 2579 - 2580
      Abstract: In this letter, we discuss the security weakness of Wang et al.'s attribute-based data sharing scheme, in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (TIFS) (
      DOI : 10.1109/TIFS.2016.2549004). Through designing two concrete attacks, we identify two serious security flaws in their scheme. 1) First, we show that their scheme is insecure because in their scheme any authenticated user can freely tamper with the weight of his own attribute to gain higher level decryption privilege to arbitrarily decrypt the ciphertext belonging to another user with higher weight of attribute. 2) Second, we further demonstrate that their scheme is trivial insecure because in their scheme even any malicious authenticated user's attribute does not match the access policy of a ciphertext, he/she still has the power to decrypt the ciphertext, i.e., the decryption power is independent of attributes, thus, their scheme is not a rigorous attribute-based scheme. The two weaknesses discovered may hinder their scheme infeasible for practical deployment. Accordingly, we present a remedy solution to the issues while preserving all the security features of the original scheme. We hope that our cryptoanalysis and remedy scheme may contribute to avoiding similar design flaws in future designs.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Generalized SAT-Attack-Resistant Logic Locking

    • Free pre-print version: Loading...

      Authors: Jingbo Zhou;Xinmiao Zhang;
      Pages: 2581 - 2592
      Abstract: Logic locking is used to protect integrated circuits (ICs) from piracy and counterfeiting. An encrypted IC implements the correct function only when the right key is input. Many existing logic-locking methods are subject to the powerful satisfiability (SAT)-based attack. Recently, an Anti-SAT scheme has been developed. By adopting two complementary logic blocks that consist of AND/NAND trees, it makes the number of iterations needed by the SAT attack exponential to the number of input bits. Nevertheless, the Anti-SAT scheme is vulnerable to the later AppSAT and removal attacks. This article proposes a generalized (G-)Anti-SAT scheme. Different from the Anti-SAT scheme, a variety of complementary or non-complementary functions can be adopted for the two blocks in our G-Anti-SAT scheme. The Anti-SAT scheme is just a special case of our proposed design. Our design can achieve higher output corruptibility, which is also tunable, so that better resistance to the AppSAT and removal attacks is achieved. Meanwhile, unlike existing AppSAT-resilient designs, our design does not sacrifice the resistance to the SAT attack.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Attribute Prototype Learning for Interactive Face Retrieval

    • Free pre-print version: Loading...

      Authors: Yuchun Fang;Zhengye Xiao;Wei Zhang;Yan Huang;Liang Wang;Nozha Boujemaa;Donald Geman;
      Pages: 2593 - 2607
      Abstract: Interactive face retrieval aims at finding target subjects in face databases through human and machine interaction, which involves user feedback based on human perception and machine similarity measure in feature spaces. In this article, we propose an attribute prototype learning method to tackle the semantic gap between human and machine in face perception for fast interactive face retrieval. We reformulate the theoretical explanation of the interactive retrieval model and develop the algorithm of the heuristic solution of the model. Each module of the prototype model is learned with a set of identity-related facial attributes. The outputs of the prototype modules form the semantic representation. To adapt the prototype models across different databases, we propose a transfer selection algorithm based on the coherence measurements in interactive face retrieval. Coherence analysis proves that the proposed attribute prototype representation can effectively narrow down the semantic gap even in the case of cross-database transfer learning. The prototype representation can effectively reduce the feature dimension in the retrieval process. Real user retrieval with the Bayesian relevance feedback model shows that attribute prototype space is superior to low-level feature space and proves that interactive retrieval with attribute prototype representation can converge fast in large face databases.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • On Privacy of Dynamical Systems: An Optimal Probabilistic Mapping Approach

    • Free pre-print version: Loading...

      Authors: Carlos Murguia;Iman Shames;Farhad Farokhi;Dragan Nešić;H. Vincent Poor;
      Pages: 2608 - 2620
      Abstract: We address the problem of maximizing privacy of stochastic dynamical systems whose state information is released through quantized sensor data. In particular, we consider the setting where information about the system state is obtained using noisy sensor measurements. This data is quantized and transmitted to a (possibly untrustworthy) remote station through a public/unsecured communication network. We aim at keeping (part of) the state of the system private; however, because the network (and/or the remote station) might be unsecure, adversaries might have access to sensor data, which can be used to estimate the system state. To prevent such adversaries from obtaining an accurate state estimate, before transmission, we randomize quantized sensor data using additive random vectors, and send the corrupted data to the remote station instead. We design the joint probability distribution of these additive vectors (over a time window) to minimize the mutual information (our privacy metric) between some linear function of the system state (a desired private output) and the randomized sensor data for a desired level of distortion-how different quantized sensor measurements and distorted data are allowed to be. We pose the problem of synthesising the joint probability distribution of the additive vectors as a convex program subject to linear constraints. Simulation experiments are presented to illustrate our privacy scheme.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Information Sources Estimation in Time-Varying Networks

    • Free pre-print version: Loading...

      Authors: Yun Chai;Youguo Wang;Liang Zhu;
      Pages: 2621 - 2636
      Abstract: Identifying information sources plays a significant role in network science and engineering. However, existing source identification approaches generally focus on static networks without considering the temporal features of networks. To this end, we comprehensively study the problem of identifying single and multiple information sources in time-varying networks. Specifically, we first represent the time-varying networks by time aggregated graph (TAG), and employ a microcosmic susceptible-infected-recovered (SIR) model to characterize the diffusion dynamics of each node. Second, in the case of single-source, we exploit a TAG-based reverse infection (RI-TAG) algorithm to specify a set of suspect nodes, which not only reduces the scope of seeking the source but also ensures the feasibility of path calculation. Then, a novel computationally efficient algorithm is proposed to estimate the information source and diffusion time simultaneously. Subsequently, in the case of multi-source, we design a multi-source estimation algorithm, which divides the set of infected nodes into various partitions, and then runs our single-source estimation algorithm in each partition. Moreover, we present an effective algorithm to estimate the number of sources. Finally, experimental results on various synthetic and empirical time-varying networks demonstrate the effectiveness of the proposed algorithms.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Formal Model and Technique to Redistribute the Packet Filtering Load in
           Multiple Firewall Networks

    • Free pre-print version: Loading...

      Authors: Luca Durante;Lucia Seno;Adriano Valenzano;
      Pages: 2637 - 2651
      Abstract: The dynamic redistribution of filtering rules between firewalls, which are located in the same network, is a technical solution that can cope with temporary changes in the traffic load processed by the firewalls themselves. This paper presents a novel formal model for networks including multiple cascaded firewalls, that can be leveraged to enable the transfer of a set of rules from a firewall to its downstream neighbors when the changes in the input traffic profile suggest to do so. With respect to other solutions appeared in the literature a formal approach, besides providing unambiguous specifications and mathematical proofs of correctness, also enables the computation of theoretical bounds for the expected performance before the proposed scheme is actually deployed in the target network. The underlying mechanism, on which our approach is based, is the reduction of the average number of rules checked per packet in order to increase the packet processing rate. Our network model takes into account both the system topology and firewall characteristics. A suitable transformation algorithm is then introduced, which is able to preserve the security integrity of the network while moving rules between cascaded firewalls and allowing tangible performance improvements in terms of packets processing rate for a given traffic profile. Correctness of the proposed solution has been formally proven and validated by means of simulation. Performance figures have also been obtained by running the proposed algorithm in a laboratory experimental test-bed.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Multi-Scale and Multi-Direction GAN for CNN-Based Single Palm-Vein
           Identification

    • Free pre-print version: Loading...

      Authors: Huafeng Qin;Mounim A. El-Yacoubi;Yantao Li;Chongwen Liu;
      Pages: 2652 - 2666
      Abstract: Despite recent advances of deep neural networks in hand vein identification, the existing solutions assume the availability of a large and rich set of training image samples. These solutions, therefore, still lack the capability to extract robust and discriminative hand-vein features from a single training image sample. To overcome this problem, we propose a single-sample-per-person (SSPP) palm-vein identification approach, where only a single sample per class is enrolled in the gallery set for training. Our approach, named MSMDGAN + CNN, consists of a multi-scale and multi-direction generative adversarial network (MSMDGAN) for data augmentation and a convolutional neural network (CNN) for palm-vein identification. First, a novel data augmentation approach, MSMDGAN, is developed to learn the internal distribution of patches in a single image. The proposed MSMDGAN consists of multiple fully convolutional GANs, each of which is responsible for learning the patch distribution within an image at a different scale and at a different direction. Second, given the resulting augmented data by MSMDGAN, we design a CNN for single sample palm-vein recognition. The experimental results on two public hand-vein databases demonstrate that MSMDGAN is able to generate realistic and diverse samples, which, in turn, improves the stability of the CNN. In terms of accuracy, MSMDGAN + CNN outperforms other representative approaches and achieves state-of-the-art recognition results.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • User Behavior Fingerprinting With Multi-Item-Sets and Its Application in
           IPTV Viewer Identification

    • Free pre-print version: Loading...

      Authors: Can Yang;Lan Wang;Houwei Cao;Qihu Yuan;Yong Liu;
      Pages: 2667 - 2682
      Abstract: User activities in cyberspace leave unique traces for user identification (UI). Individual users can be identified by their frequent activity items through statistical feature matching. However, such approaches face the data sparsity problem. In this paper, we propose to address this problem by multi-item-set fingerprinting that identifies users not only based on their frequent individual activity items, but also their frequent consecutive item sequences with different lengths. We also propose a new similarity metric between fingerprint vectors that combines the advantages of Jaccard distance and relative entropy distance. Furthermore, we develop a fusion decision scheme by consolidating matching candidates generated by different similarity metrics. It improves the precision at the price of extra rejection. Our proposed approaches can be used in both one-by-one matching and bipartite graph group matching. Through extensive experiments on three real user datasets, in particular a large-scale Internet Protocol Television (IPTV) viewer dataset, we demonstrate that the proposed approaches outperform the state-of-the-art methods. The average matching precision reaches 93.8% for a dataset of 1,000 users and 100% for a dataset of 100 users. This work is of significance for information forensics and raises a new challenge for human privacy protection in cyberspace.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Multi-Channel Remote Photoplethysmography Correspondence Feature for 3D
           Mask Face Presentation Attack Detection

    • Free pre-print version: Loading...

      Authors: Si-Qi Liu;Xiangyuan Lan;Pong C. Yuen;
      Pages: 2683 - 2696
      Abstract: With the advancement of 3D printing technologies, 3D mask presentation attack becomes a critical challenge in face recognition. To tackle the 3D mask presentation attack detection (PAD), remote Photoplethysmography (rPPG) is employed as an intrinsic detection cue which is independent of the mask material and appearance quality. Although the effectiveness of existing rPPG-based methods has been verified, they may not be robust enough when rPPG signals are contaminated by noise. To identify the heartbeat information from the noisy raw rPPG signals, we propose a new 3D mask PAD feature, multi-channel rPPG correspondence feature (MCCFrPPG) with the global noise-aware template learning and verification framework. To further boost the discriminability, temporal variation of the rPPG signal is considered and extracted through the multi-channel time-frequency analysis scheme. This paper also extends HKBU-MARs V2 dataset with more customized high-quality masks and increases the number of videos by two times. Comprehensive experiments were performed on existing 3D mask datasets and the extended HKBU-MARs V2+, which totally covers 3 types of masks, 12 different light settings and 6 cameras. The results not only justify the effectiveness and robustness of the proposed MCCFrPPG on 3D mask attacks but also indicate its potential on handling the replay attack with camera motion and dim light.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Brain-Inspired Golden Chip Free Hardware Trojan Detection

    • Free pre-print version: Loading...

      Authors: Sina Faezi;Rozhin Yasaei;Anomadarshi Barua;Mohammad Abdullah Al Faruque;
      Pages: 2697 - 2708
      Abstract: Since 2007, the use of side-channel measurements for detecting Hardware Trojan (HT) has been extensively studied. However, the majority of works either rely on a golden chip, or they rely on methods that are not robust against subtle acceptable changes that would occur over the life-cycle of an integrated circuit (IC). In this paper, we propose using a brain-inspired architecture called Hierarchical Temporal Memory (HTM) for HT detection. Similar to the human brain, our proposed solution is resilient against natural changes that might happen in the side-channel measurements while being able to accurately detect abnormal behavior of the chip when the HT gets triggered. We use a self-referencing method for HT detection, which eliminates the need for the golden chip. The effectiveness of our approach is evaluated using TrustHub benchmarks, which shows 92.20% detection accuracy on average.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Block-Wise Image Transformation With Secret Key for Adversarially Robust
           Defense

    • Free pre-print version: Loading...

      Authors: Maungmaung Aprilpyone;Hitoshi Kiya;
      Pages: 2709 - 2723
      Abstract: In this paper, we propose a novel defensive transformation that enables us to maintain a high classification accuracy under the use of both clean images and adversarial examples for adversarially robust defense. The proposed transformation is a block-wise preprocessing technique with a secret key to input images. The proposed defense obfuscates gradients in the absence of the secret key unlike previously defeated obfuscating defenses. We developed three algorithms to realize the proposed transformation: Pixel Shuffling, Bit Flipping, and FFX Encryption. Experiments were carried out on the CIFAR-10 and ImageNet datasets by using both black-box and white-box attacks with various metrics including adaptive ones. The results show that the proposed defense achieves high accuracy close to that of using clean images even under adaptive attacks for the first time. In the best-case scenario, a model trained by using images transformed by FFX Encryption (block size of 4) yielded an accuracy of 92.30% on clean images and 91.48% under PGD attack with a noise distance of 8/255, which is close to the non-robust accuracy (95.45%) for the CIFAR-10 dataset, and it yielded an accuracy of 72.18% on clean images and 71.43% under the same attack, which is also close to the standard accuracy (73.70%) for the ImageNet dataset. Overall, all three proposed algorithms are demonstrated to outperform state-of-the-art defenses including adversarial training whether or not a model is under attack.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Comments on “Random Distance Method for Generating Unimodal and
           Multimodal Cancelable Biometric Features”

    • Free pre-print version: Loading...

      Authors: Subir Singh Lamba;
      Pages: 2724 - 2726
      Abstract: This article points out the fallacies in the theory and its implementation proposed by Kaur and Khanna. They have set out a cancelable biometric-based template protection method to address the security and privacy concerns emerging from the use of biometric systems. There are three major issues associated with the method proposed in their study. The first issue relates to the mathematical fallacy in the proof of the random distance method. The second issue concerns the claim of dimension-reduction by 50%, despite the fact that RDM does not preserve inter- and intra-user variations. The third issue is in salting the feature vectors using the OR operation between the feature vectors and random grid (RG), which is incorrect. As it will result in revealing partial information only and will not increase entropy. Furthermore, they have stated that their approach results in noninvertibility using the median filtering. However, its implementation is flawed.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Beam-Domain Anti-Jamming Transmission for Downlink Massive MIMO Systems: A
           Stackelberg Game Perspective

    • Free pre-print version: Loading...

      Authors: Zhexian Shen;Kui Xu;Xiaochen Xia;
      Pages: 2727 - 2742
      Abstract: In this paper, beam-domain (BD) anti-jamming transmission in a downlink massive multiple-input multiple-output (MIMO) system is investigated. A smart jammer with multiple antennas attempts to interfere with the signal reception of users with the desired energy efficiency (EE), whereas a base station (BS) tries to minimize the transmission cost while ensuring uninterrupted communication. A Bayesian Stackelberg game between the BS and jammer, where the jammer is the follower and the BS acts as the leader, is modeled. In the follower subgame, the optimal jamming precoding with a closed-form power solution is introduced. The optimal jamming power is proportional to the transmission power in the downlink, and thus, for the BS, the strategy of suppressing malicious attacks by increasing the transmission power fails. In the leader subgame, generalized zero-forcing (ZF), whose closed-form power solution constitutes the unique Stackelberg equilibrium (SE) with that of the jammer, is found to be the optimal anti-jamming precoding for robust transmission. The results show that there always exists a precoding solution for the BS that ensures reliable transmission when the SE is obtained. A proper increase in the minimum signal-to-interference-and-noise ratio (SINR) threshold or the BD channel approximation error helps the BS save power during the resistance against the jammer. Then, a simplified power solution without the instantaneous channel state information (CSI) of jamming channels is further introduced for practical implementation. Numerical results are provided to verify the proposed solutions.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Two-Multicast Channel With Confidential Messages

    • Free pre-print version: Loading...

      Authors: Hassan Zivarifard;Matthieu R. Bloch;Aria Nosratinia;
      Pages: 2743 - 2758
      Abstract: Motivated in part by the problem of secure multicast distributed storage, we analyze secrecy rates for a channel in which two transmitters simultaneously multicast to two receivers in the presence of an eavesdropper. Achievable rates are calculated via extensions of a technique due to Chia and El Gamal and the method of output statistics of random binning. Outer bounds are derived for both the degraded and non-degraded versions of the channel, and examples are provided in which the inner and outer bounds meet. The inner bounds recover known results for the multiple-access wiretap channel, broadcast channel with confidential messages, and the compound MAC channel. An auxiliary result is also produced that derives an inner bound on the minimal randomness necessary to achieve secrecy in multiple-access wiretap channels.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Face Anti-Spoofing via Adversarial Cross-Modality Translation

    • Free pre-print version: Loading...

      Authors: Ajian Liu;Zichang Tan;Jun Wan;Yanyan Liang;Zhen Lei;Guodong Guo;Stan Z. Li;
      Pages: 2759 - 2772
      Abstract: Face Presentation Attack Detection (PAD) approaches based on multi-modal data have been attracted increasingly by the research community. However, they require multi-modal face data consistently involved in both the training and testing phases. It would severely limit the applicability due to the most Face Anti-spoofing (FAS) systems are only equipped with Visible (VIS) imaging devices, i.e., RGB cameras. Therefore, how to use other modality (i.e., Near-Infrared (NIR)) to assist the performance improvement of VIS-based PAD is significant for FAS. In this work, we first discuss the big gap of performances among different modalities even though the same backbone network is applied. Then, we propose a novel Cross-modal Auxiliary (CMA) framework for the VIS-based FAS task. The main trait of CMA is that the performance can be greatly improved with the help of other modality while no other modality is required in the testing stage. The proposed CMA consists of a Modality Translation Network (MT-Net) and a Modality Assistance Network (MA-Net). The former aims to close the visible gap between different modalities via a generative model that maps inputs from one modality (i.e., RGB) to another (i.e., NIR). The latter focuses on how to use the translated modality (i.e., target modality) and RGB modality (i.e., source modality) together to train a discriminative PAD model. Extensive experiments are conducted to demonstrate that the proposed framework can push the state-of-the-art (SOTA) performances on both multi-modal datasets (i.e., CASIA-SURF, CeFA, and WMCA) and RGB-based datasets (i.e., OULU-NPU, and SiW).
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Cryptanalysis of an Anonymous and Traceable Group Data Sharing in Cloud
           Computing

    • Free pre-print version: Loading...

      Authors: Xi-Jun Lin;Lin Sun;Haipeng Qu;
      Pages: 2773 - 2775
      Abstract: In cloud environments, group data sharing has become a hot topic in recent years. How to share data securely and efficiently in cloud environments is an urgent problem to be solved. Recently, an anonymous and traceable group data sharing scheme was proposed by Shen et al. to address this issue. They constructed their scheme using a group signature scheme as the building block. In this comment, we discuss the security of their group signature scheme and point out that it does not achieve the anonymity which they claimed and give a corresponding attack.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A3GAN: An Attribute-Aware Attentive Generative Adversarial
           Network for Face Aging

    • Free pre-print version: Loading...

      Authors: Yunfan Liu;Qi Li;Zhenan Sun;Tieniu Tan;
      Pages: 2776 - 2790
      Abstract: Face aging has received significant research attention in recent years. Although great progress has been achieved with the success of Generative Adversarial Networks (GANs) in synthesizing realistic images, most existing GAN-based face aging methods have two main problems: 1) unnatural changes of high-level semantic information due to the insufficient consideration of prior knowledge of input faces, and 2) distortions of low-level image content (e.g. modifications in age-irrelevant regions). In this article, we introduce A3GAN, an Attribute-Aware Attentive face aging model to address the above issues. Facial attribute vectors are regarded as the conditional information and embedded into both the generator and discriminator, encouraging synthesized faces to be faithful to attributes of corresponding inputs. To improve the visual fidelity of generation results, we leverage the attention mechanism to restrict modifications to age-related areas and preserve image details. Unlike previous works with attention modules, we introduce face parsing maps to help the generator distinguish image regions of interest and suppress attention activation elsewhere. Moreover, the wavelet packet transform is employed to capture textural features at multiple scales in the frequency space. Extensive experimental results demonstrate the effectiveness of our model in synthesizing photo-realistic aged face images and achieving state-of-the-art performance on popular datasets.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • FlipIt Game Model-Based Defense Strategy Against Cyberattacks on SCADA
           Systems Considering Insider Assistance

    • Free pre-print version: Loading...

      Authors: Zhaoxi Liu;Lingfeng Wang;
      Pages: 2791 - 2804
      Abstract: The industrial internet of things (IIoT) is emerging as a global trend to dramatically enhance the intelligence and efficiency of the industries in recent years. With the emphasis on data communication by IIoT, cyber vulnerabilities are introduced at the same time. As a key subsystem of the industrial automation systems, the supervisory control and data acquisition (SCADA) system is becoming one of the primary targets for cyberattacks in the IIoT paradigm. In this paper, the semi-Markov process (SMP) is employed to model and evaluate the cyberattacks against the SCADA systems considering the insider assistance. Based on the SMP model, the probability distribution of the time-to-compromise the system of the attacks is derived with the Monte Carlo simulation (MCS). Then, a FlipIt game model is developed to investigate the defense and attack strategies of the defender and attacker, and analyze the impacts of the insider assistance. Case studies were carried out to verify the proposed model. The results of the case studies show that the insider assistance will improve the payoff of the attacker and increase the defense action frequency of the system defender. With a high enough defense action frequency, the defender can force the attacker to drop out and eliminate the attack actions.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • ThermoTag: A Hidden ID of 3D Printers for Fingerprinting and Watermarking

    • Free pre-print version: Loading...

      Authors: Yang Gao;Wei Wang;Yincheng Jin;Chi Zhou;Wenyao Xu;Zhanpeng Jin;
      Pages: 2805 - 2820
      Abstract: To address the increasing challenges of counterfeit detection and IP protection for 3D printing, we propose that every 3D printer holds unique fingerprinting features characterized by the thermodynamic properties of the extruder hot-end and can be used as a new way of 3D watermarking. We prove that these physical fingerprints resulting from manufacturing imperfections and system variations exhibit distinct heating responses, namely “ThermoTag,” which can be represented as the distinguishable thermodynamic processes and, ultimately, the temperature readings during the preheating process. Experimental results show that, by only changing the hot-ends of the same model on the same 3D printer, we can achieve about 92% identification accuracy amongst 45 hot-ends. The permanence and robustness of ThermoTag for the same hot-end were examined, throughout a period of one month with hundreds of trials under different environmental temperature settings. Leveraging the hidden ThermoTag, an example of watermarking scheme in 3D printing is presented and evaluated.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Comments on “Fixed Region Beamforming Using Frequency Diverse Subarray
           for Secure mmWave Wireless Communications”

    • Free pre-print version: Loading...

      Authors: Haejoon Jung;In-Ho Lee;
      Pages: 2821 - 2822
      Abstract: In the above article, Hong et al. proposed a frequency region beamforming scheme exploiting frequency diverse subarray. We found that there is a mathematical flaw in precoding vector normalization in their sidelobe randomization scheme called the inverted subarray subset technique (ISST). We show that it is not only a matter of how to define and interpret the array factor, but it leads to the wrong performance optimization and misoperation of their own proposed scheme, which may cause detrimental security risks. Furthermore, to avoid any false conclusions in the future study caused by the irrational normalization, we also present the related techniques and their correct normalization.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Anti-Counterfeiting for Polymer Banknotes Based on Polymer Substrate
           Fingerprinting

    • Free pre-print version: Loading...

      Authors: Shen Wang;Ehsan Toreini;Feng Hao;
      Pages: 2823 - 2835
      Abstract: Polymer banknotes are the trend for printed currency and have been adopted by more than fifty countries worldwide. However, over the past years, the quantity of polymer counterfeits has been increasing, so has the quality of counterfeits. This shows that the initial advantage of bringing a new polymer technology to fight against counterfeiting is reducing. To maintain one step ahead of counterfeiters, we propose a novel anti-counterfeiting technique called Polymer Substrate Fingerprinting (PSF). Our technique is built based on the observation that the opacity coating, a critical step during the production of polymer notes, is a stochastic manufacturing process, leaving uneven thickness in the coating layer and the random dispersion of impurities from the ink. The imperfections in the coating layer result in random translucent patterns when a polymer banknote is back-lit by a light source. We show these patterns can be reliably captured by a commodity negative-film scanner and processed into a compact fingerprint to uniquely identify each banknote. Using an extensive dataset of 6,200 sample images collected from 340 UK banknotes, we show that our method can reliably authenticate banknotes, and is robust against rough daily handling of banknotes. Furthermore, we show the extracted fingerprints contain around 900 bits of entropy, which makes it extremely scalable to identify every polymer note circulated globally. As compared with previous or existing anti-counterfeiting mechanisms for banknotes, our method has a distinctive advantage: it ensures that even in the extreme case when counterfeiters have procured the same printing equipment and ink as used by a legitimate government, counterfeiting banknotes remains infeasible because of the difficulty to replicate a stochastic manufacturing process.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Framing in Secret Sharing

    • Free pre-print version: Loading...

      Authors: Yvo Desmedt;Songbao Mo;Arkadii M. Slinko;
      Pages: 2836 - 2842
      Abstract: Secret sharing, a well-known cryptographic technique, introduced 40 years ago as a private and reliable variant of classical storage, has now become a major cryptographic primitive with numerous real-world applications. In this paper we consider the digital forensics aspects of secret sharing. We investigate the problem of framing which occurs when a coalition is able to calculate the share of a participant who does not belong to it. In the extreme case one authorized coalition can calculate shares of another authorized coalition and use the secret in some way blaming another authorized coalition for their action. In this context seniority plays an important role. We define seniority, which comes natural in the context of hierarchical access structures. Roughly speaking, our work shows that in an ideal secret sharing scheme an authorized coalition cannot frame participants who are less senior than all members of the coalition and is able to frame a participant who is more senior than at least one pivotal member of the coalition. We show that for any monotone access structure there exists a (non-ideal) frameproof secret sharing scheme.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Environmental-Variation-Tolerant Magnetic Tunnel Junction-Based Physical
           Unclonable Function Cell With Auto Write-Back Technique

    • Free pre-print version: Loading...

      Authors: Byungkyu Song;Sehee Lim;Seung H. Kang;Seong-Ook Jung;
      Pages: 2843 - 2853
      Abstract: Recently, with the increase in popularity of Internet of Things (IoT) devices, cryptographic protection techniques have become necessary for high-security applications. In general, IoT devices have strict power and area constraints. Thus, use of a physical unclonable function (PUF), which can generate a secret key at low cost, can be advantageous for high-security IoT devices. This paper presents a novel environmental-variation-tolerant (EVT) magnetic tunnel junction (MTJ)-based PUF that has a small area, high randomness, and low bit error rate (BER) compared to previous PUFs. The simulation results obtained using industry-compatible 65-nm model parameters indicate that the proposed PUF exhibits an inter-chip Hamming distance of 0.4901 and entropy of 0.9997, which proves the randomness of the PUF response. In addition, the proposed PUF exhibits the lowest BER across a wide voltage range (0.9 V-1.3 V) and temperature range (-25 °C - 75 °C) compared with previous PUFs.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Rebuttal to “Comments on ‘Fixed Region Beamforming Using Frequency
           Diverse Subarray for Secure MmWave Wireless Communications”’

    • Free pre-print version: Loading...

      Authors: Yuanquan Hong;Hui Gao;Xiaojun Jing;Yuan He;
      Pages: 2854 - 2855
      Abstract: Concerns have been raised about our recently published article on the fixed region beamforming using frequency diverse subarray for secure mmWave wireless communications. In a comment, the authors thought our precoding vector normalization method of the sidelobe randomization scheme has a flaw and proposed a non-physical-layer-security-oriented (non-PLS-oriented) normalization method by keeping the norm of the steering vector as a unit. However, we believe our PLS-oriented normalization method of the transmit beamforming vector is correct and reasonable from the PLS perspective, i.e., we hope to keep the target use's beampattern gain unit. In this rebuttal, we further clarify and justify our scheme to show its correctness. In addition, we also present a generalized normalization method to compare our proposed PLS-oriented scheme and the non-PLS-oriented scheme in the comment to offer useful insights.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Evidence of Task-Independent Person-Specific Signatures in EEG Using
           Subspace Techniques

    • Free pre-print version: Loading...

      Authors: Mari Ganesh Kumar;Shrikanth Narayanan;Mriganka Sur;Hema A. Murthy;
      Pages: 2856 - 2871
      Abstract: Electroencephalography (EEG) signals are promising as alternatives to other biometrics owing to their protection against spoofing. Previous studies have focused on capturing individual variability by analyzing task/condition-specific EEG. This work attempts to model biometric signatures independent of task/condition by normalizing the associated variance. Toward this goal, the paper extends ideas from subspace-based text-independent speaker recognition and proposes novel modifications for modeling multi-channel EEG data. The proposed techniques assume that biometric information is present in the entire EEG signal and accumulate statistics across time in a high dimensional space. These high dimensional statistics are then projected to a lower dimensional space where the biometric information is preserved. The lower dimensional embeddings obtained using the proposed approach are shown to be task-independent. The best subspace system identifies individuals with accuracies of 86.4% and 35.9% on datasets with 30 and 920 subjects, respectively, using just nine EEG channels. The paper also provides insights into the subspace model's scalability to unseen tasks and individuals during training and the number of channels needed for subspace modeling.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Specific Emitter Identification Based on Multi-Level Sparse Representation
           in Automatic Identification System

    • Free pre-print version: Loading...

      Authors: Yunhan Qian;Jie Qi;Xiaoyan Kuai;Guangjie Han;Haixin Sun;Shaohua Hong;
      Pages: 2872 - 2884
      Abstract: Illegally forged signals in automatic identification system (AIS) pose a threat to maritime traffic safety management. In this paper, a multi-level sparse representation based identification (MSRI) algorithm is proposed for specific emitter identification (SEI) in the AIS. The MSRI innovatively combines neural networks with sparse representation based classification (SRC). Channel attention mechanism is introduced to a multi-scale convolutional neural network (CNN) for extracting hidden features in the signal. These extracted features are divided into shallow and deep features according to the depth of the network layer they are extracted from. The original AIS signals and the two-level features are spliced together to form a multi-level dictionary. Subsequently, a sparse representation based identification is performed on the decorrelated multi-level dictionary using the principal components analysis (PCA) method. The proposed MSRI is evaluated on a dataset composed of real-world AIS signals, and compared with the state-of-the-art identification algorithms. The evaluation is based on several factors including computational complexity, number of training samples, and number of emitters. Numerical results indicate that the proposed algorithm can identify emitters with higher accuracy and requires lower training time compared to other methods. Given more than 15 training samples at each emitter, the MSRI can identify nine emitters with an accuracy higher than 90%.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Modulation Classification Based on Fourth-Order Cumulants of Superposed
           Signal in NOMA Systems

    • Free pre-print version: Loading...

      Authors: Tao Li;Yongzhao Li;Octavia A. Dobre;
      Pages: 2885 - 2897
      Abstract: In this paper, we study the automatic modulation classification in a non-orthogonal multiple access system. To mitigate the effect of interference, a likelihood-based algorithm and a fourth-order cumulant-based algorithm are proposed. Different from the maximum likelihood classifier for a single signal without interference, a likelihood function of the far and near users' signals is derived. Then, a marginal probability for the far user is obtained by using the Bayesian formula. Hence, the modulation type can be determined by maximizing the marginal probability. The high computational complexity of the likelihood-based algorithm renders it impractical; accordingly, it serves as a theoretical performance bound. On the other hand, we construct a feature vector through the estimated fourth-order cumulants of the received signal including the superposed signal and noise. For each modulation pair, using the mean and covariance matrix of the estimated feature vector, its probability density function can be obtained. Then, the key is to calculate the mean and covariance matrix of the estimated feature vector. To solve this problem, the moments of the superposed signal are derived. Therefore, modulation classification can be performed by maximizing the probability density function. Extensive simulations verify that the two proposed algorithms perform well under a wide range of signal-to-noise ratios and observation lengths.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Fair Subcarrier Allocation for Securing OFDMA in IoT Against Full-Duplex
           Hybrid Attacker

    • Free pre-print version: Loading...

      Authors: Bhawna Ahuja;Deepak Mishra;Ranjan Bose;
      Pages: 2898 - 2911
      Abstract: Secure communication with low computational resources is a critical issue in the Internet-of-Things (IoT) implementations. It is more challenging in the presence of hybrid adversary enabled with full-duplex (FD) capability to perform eavesdropping and jamming simultaneously. In this work we aim to address this issue through optimal subcarrier allocation towards combating the FD hybrid attacker. We begin with secrecy performance analysis in a multi-user IoT system considering statistical channel state information only of all attacker links. Novel analytical expression for the exact intercept probability is derived and a closed-form approximation is also provided. We further propose an optimisation framework for fair subcarrier allocation with a novel objective of minimising maximum intercept probability among multiple users. Considering the proposed optimisation framework as a non-convex combinatorial, we propose a low-complexity sub-optimal solution by leveraging the integer linear program (ILP) structure of the problem. To reduce the complexity further, the original problem is mapped to the assignment model and solved by exploiting its special structure with graph theory tools providing an optimal solution in polynomial time. Comprehensive investigations, conducted to verify the analysis and quantify the secrecy performance, demonstrate that proposed optimal solutions yield significant enhancement in secrecy performance over relevant schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Transform Domain-Based Invertible and Lossless Secret Image Sharing With
           Authentication

    • Free pre-print version: Loading...

      Authors: Lizhi Xiong;Xinwei Zhong;Ching-Nung Yang;Xiao Han;
      Pages: 2912 - 2925
      Abstract: Secret Image Sharing (SIS) as a secure data sharing scheme in multiple cover images, has become an increasing researchers' concern. In traditional SIS, the cover image can't be recovered losslessly. The distorted cover images would reduce the practicability of the scheme, especially in medical and military images. The lossless recovery of cover images is required since all details of these images are very critical. In current Invertible SIS (ISIS), the secret image and the cover image may not be reconstructed losslessly. In addition, the authentication capability, visual quality of the stego cover image and embedding rate are limited in spatial domain-based ISIS. As an important carrier, the binary cover image is desired in real applications. Therefore, this paper proposes Transform domain-based Invertible and Lossless Secret Image Sharing schemes with Authentication (T-ILSISA), namely Integer Wavelet Transform-based ILSISA (IWT-ILSISA) and Binarization Transform-based ILSISA (BT-ILSISA) respectively. In (k,n) threshold IWT-ILSISA, the pixels of secret image and the data of cover image are regarded as the coefficients of the (k-1) degree polynomial. The values of generated share are embedded into IWT domain of the cover image. In BT-ILSISA, many different cover images are applied. The generated shares are transformed to the meaningful images since noise-like shares are easy to attract the attacker's attention, are suspected to censors and are difficult for identification and management. In the two schemes, the original secret image and the cover image can be recovered losslessly. The experimental results and theoretical analysis demonstrate that the performances of IWT-ILSISA are better than other similar schemes in the terms of embedding capacity, authentication capability and visual quality of the stego cover image. The BT-ILSISA has a lower computational complexity of the recovery.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Multi-Filter Fingerprint Matching Framework for Cancelable Template
           Design

    • Free pre-print version: Loading...

      Authors: Quang Nhat Tran;Jiankun Hu;
      Pages: 2926 - 2940
      Abstract: Despite the ubiquity in the use of biometrics due to its many advantages against traditional methods such as password or token, the emerging cancelable biometric methods, which are designed to protect the biometrics are still exposed to certain threats. Attack via Record Multiplicity (ARM) is one of those. In this paper, we propose a novel framework that possesses two layers of authentication to improve the matching performance of a fingerprint authentication system in the cancelable template setting. In addition, a multi-filter fingerprint matching scheme is devised to deal more effectively with low-quality fingerprint images. Two techniques that are capable of defending against the heinous ARM are also introduced. Security analysis on the system's capability against the hill-climb attack and pre-image attack is also provided. The proposed scheme has been evaluated over public datasets FVC2002-DB1, FVC2002-DB2, FVC2002-DB3, and FVC2004-DB2. It has achieved the best result compared with the state-of-art methods. The source code for this framework is available on demand.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Event-Triggered Interval-Based Anomaly Detection and Attack Identification
           Methods for an In-Vehicle Network

    • Free pre-print version: Loading...

      Authors: Mee Lan Han;Byung Il Kwak;Huy Kang Kim;
      Pages: 2941 - 2956
      Abstract: Vehicle communication technology has been steadily progressing alongside the convergence of the in-vehicle network (IVN) and wireless communication technology. The communication with various external networks further reinforces the connectivity between the inside and outside of a vehicle. However, this bears risks of malicious packet attacks on computer-assisted mechanical mechanisms that are capable of hijacking the vehicle's functions. The present study proposes a method to detect and identify abnormalities in vehicular networks based on the periodic event-triggered interval of the controller area network (CAN) messages. To this end, we first define four attack scenarios and then extract normal and abnormal driving data corresponding to these scenarios. Next, we analyze the CAN ID's event-triggered interval and measure statistical moments depending on the defined time-window. Finally, we conduct extensive evaluations of the proposed methods' performance by considering different attack scenarios and three types of machine learning models. The results demonstrate that the proposed method can effectively detect an abnormality in the IVN, with up to 99% accuracy. Our results suggest that when tree-based machine learning models are used as the classifier, the proposed method of attack identification can achieve more than 94% accuracy.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Manifold Learning for Real-World Event Understanding

    • Free pre-print version: Loading...

      Authors: Caroline Mazini Rodrigues;Aurea Soriano-Vargas;Bahram Lavi;Anderson Rocha;Zanoni Dias;
      Pages: 2957 - 2972
      Abstract: Information coming from social media is vital to the understanding of the dynamics involved in multiple events such as terrorist attacks and natural disasters. With the spread and popularization of cameras and the means to share content through social networks, an event can be followed through many different lenses and vantage points. However, social media data present numerous challenges, and frequently it is necessary a great deal of data cleaning and filtering techniques to separate what is related to the depicted event from contents otherwise useless. In a previous effort of ours, we decomposed events into representative components aiming at describing vital details of an event to characterize its defining moments. However, the lack of minimal supervision to guide the combination of representative components somehow limited the performance of the method. In this paper, we extend upon our prior work and present a learning-from-data method for dynamically learning the contribution of different components for a more effective event representation. The method relies upon just a few training samples (few-shot learning), which can be easily provided by an investigator. The obtained results on real-world datasets show the effectiveness of the proposed ideas.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy Leakage of SIFT Features via Deep Generative Model Based Image
           Reconstruction

    • Free pre-print version: Loading...

      Authors: Haiwei Wu;Jiantao Zhou;
      Pages: 2973 - 2985
      Abstract: Many practical applications, e.g., content based image retrieval and object recognition, heavily rely on the local features extracted from the query image. As these local features are usually exposed to untrustworthy parties, the privacy leakage problem of image local features has received increasing attention in recent years. In this work, we thoroughly evaluate the privacy leakage of Scale Invariant Feature Transform (SIFT), which is one of the most widely-used image local features. We first consider the case that the adversary can fully access the SIFT features, i.e., both the SIFT descriptors and the coordinates are available. We propose a novel end-to-end, coarse-to-fine deep generative model for reconstructing the latent image from its SIFT features. The designed deep generative model consists of two networks, where the first one attempts to learn the structural information of the latent image by transforming from SIFT features to Local Binary Pattern (LBP) features, while the second one aims to reconstruct the pixel values guided by the learned LBP. Compared with the state-of-the-art algorithms, the proposed deep generative model produces much improved reconstructed results over three public datasets. Furthermore, we address more challenging cases that only partial SIFT features (either SIFT descriptors or coordinates) are accessible to the adversary. It is shown that, if the adversary can only have access to the SIFT descriptors while not their coordinates, then the modest success of reconstructing the latent image might be achieved for highly-structured images (e.g., faces) and probably would fail in general settings. In addition, the latent image usually can be reconstructed with acceptable quality solely from the SIFT coordinates. Our results would suggest that the privacy leakage problem can be avoided to a certain extent if the SIFT coordinates can be well protected.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Image Tampering Localization Using a Dense Fully Convolutional Network

    • Free pre-print version: Loading...

      Authors: Peiyu Zhuang;Haodong Li;Shunquan Tan;Bin Li;Jiwu Huang;
      Pages: 2986 - 2999
      Abstract: The emergence of powerful image editing software has substantially facilitated digital image tampering, leading to many security issues. Hence, it is urgent to identify tampered images and localize tampered regions. Although much attention has been devoted to image tampering localization in recent years, it is still challenging to perform tampering localization in practical forensic applications. The reasons include the difficulty of learning discriminative representations of tampering traces and the lack of realistic tampered images for training. Since Photoshop is widely used for image tampering in practice, this paper attempts to address the issue of tampering localization by focusing on the detection of commonly used editing tools and operations in Photoshop. In order to well capture tampering traces, a fully convolutional encoder-decoder architecture is designed, where dense connections and dilated convolutions are adopted for achieving better localization performance. In order to effectively train a model in the case of insufficient tampered images, we design a training data generation strategy by resorting to Photoshop scripting, which can imitate human manipulations and generate large-scale training samples. Extensive experimental results show that the proposed approach outperforms state-of-the-art competitors when the model is trained with only generated images or fine-tuned with a small amount of realistic tampered images. The proposed method also has good robustness against some common post-processing operations.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Reversible Data Hiding Based on Adaptive Multiple Histograms Modification

    • Free pre-print version: Loading...

      Authors: Wenguang He;Gangqiang Xiong;Yaomin Wang;
      Pages: 3000 - 3012
      Abstract: Pixel value ordering prediction has been verified as an effective mechanism to exploit image redundancy for reversible data hiding (RDH) and numerous extensions have been devised. However, their performance is still unsatisfactory since the error modification is generally fixed and independent of image content. In this paper, a new RDH scheme is proposed by incorporating pixel distance to realize adaptive multiple histograms modification (AMHM). During exploiting the correlation between the largest/smallest pixel and any other one in the scope of pixel block, we propose to process every two correlated pixels successively following the ascending order of their distance. Specifically, the generated errors with a given distance are collected and verified. If they are all shiftable errors, the follow-up errors would be collected into the next sub-histogram. In this way, a histogram sequence is adaptively generated such that different modification mechanisms can be taken for different sub-histograms to achieve adaptive embedding. Finally, AMHM for conventional prediction-error expansion (PEE) and AMHM for 2D PEE have been both realized in this paper. Experimental results show that AMHM is of great significance to better exploit pixel correlation and the proposed scheme outperforms a series of the latest schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • On the Efficient Estimation of Min-Entropy

    • Free pre-print version: Loading...

      Authors: Yongjune Kim;Cyril Guyot;Young-Sik Kim;
      Pages: 3013 - 3025
      Abstract: The min-entropy is a widely used metric to quantify the randomness of generated random numbers in cryptographic applications; it measures the difficulty of guessing the most likely output. An important min-entropy estimator is the compression estimator of NIST Special Publication (SP) 800-90B, which relies on Maurer's universal test. In this paper, we propose two kinds of min-entropy estimators to improve computational complexity and estimation accuracy by leveraging two variations of Maurer's test: Coron's test (for Shannon entropy) and Kim's test (for Rényi entropy). First, we propose a min-entropy estimator based on Coron's test. It is computationally more efficient than the compression estimator while maintaining the estimation accuracy. The secondly proposed estimator relies on Kim's test that computes the Rényi entropy. This estimator improves estimation accuracy as well as computational complexity. We analytically characterize the bias-variance tradeoff, which depends on the order of Rényi entropy. By taking into account this tradeoff, we observe that the order of two is a proper assignment and focus on the min-entropy estimation based on the collision entropy (i.e., Rényi entropy of order two). The min-entropy estimation from the collision entropy can be described by a closed-form solution, whereas both the compression estimator and the proposed estimator based on Coron's test do not have closed-form solutions. By leveraging the closed-form solution, we also propose a lightweight estimator that processes data samples in an online manner. Numerical evaluations demonstrate that the first proposed estimator achieves the same accuracy as the compression estimator with much less computation. The proposed estimator based on the collision entropy can even improve the accuracy and reduce the computational complexity.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Robust Beamforming Design for Covert Communications

    • Free pre-print version: Loading...

      Authors: Shuai Ma;Yunqi Zhang;Hang Li;Songtao Lu;Naofal Al-Dhahir;Sha Zhang;Shiyin Li;
      Pages: 3026 - 3038
      Abstract: In this paper, we consider a common unicast beamforming network where Alice utilizes the communication to Carol as a cover and covertly transmits a message to Bob without being recognized by Willie. We investigate the beamformer design of Alice to maximize the covert rate to Bob when Alice has either perfect or imperfect knowledge about Willie's channel state information (WCSI). For the perfect WCSI case, the problem is formulated under the perfect covert constraint, and we develop a covert beamformer by applying semidefinite relaxation and the bisection method. Then, to reduce the computational complexity, we further propose a zero-forcing beamformer design with a single iteration processing. For the case of the imperfect WCSI, the robust beamformer is developed based on a relaxation and restriction approach by utilizing the property of Kullback-Leibler divergence. Furthermore, we derive the optimal decision threshold of Willie, and analyze the false alarm and the missed detection probabilities in this case. Finally, the performance of the proposed beamformer designs is evaluated through numerical experiments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • On Microstructure Estimation Using Flatbed Scanners for Paper
           Surface-Based Authentication

    • Free pre-print version: Loading...

      Authors: Runze Liu;Chau-Wai Wong;
      Pages: 3039 - 3053
      Abstract: Paper surfaces under the microscopic view are observed to be formed by intertwisted wood fibers. Such structures of paper surfaces are unique from one location to another and are almost impossible to duplicate. Previous work used microscopic surface normals to characterize such intrinsic structures as a “fingerprint” of paper for security and forensic applications. In this work, we examine several key research questions of feature extraction in both scientific and engineering aspects to facilitate the deployment of paper surface-based authentication when flatbed scanners are used as the acquisition device. We analytically show that, under the unique optical setup of flatbed scanners, the specular reflection does not play a role in norm map estimation. We verify, using a larger dataset than prior work, that the scanner-acquired norm maps, although blurred, are consistent with those measured by confocal microscopes. We confirm that, when choosing an authentication feature, high spatial-frequency subbands of the heightmap are more powerful than the norm map. Finally, we show that it is possible to empirically calculate the physical dimensions of the paper patch needed to achieve a certain authentication performance in equal error rate (EER). We analytically show that log(EER) is decreasing linearly in the edge length of a paper patch.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Estimating Uniqueness of I-Vector-Based Representation of Human Voice

    • Free pre-print version: Loading...

      Authors: Sinan E. Tandogan;Hüsrev Taha Sencar;
      Pages: 3054 - 3067
      Abstract: We study the individuality of the human voice with respect to a widely used feature representation of speech utterances, namely, the i-vector model. As a first step toward this goal, we compare and contrast uniqueness measures proposed for different biometric modalities. Then, we introduce a new uniqueness measure that evaluates the entropy of i-vectors while taking into account speaker level variations. Our measure operates in the discrete feature space and relies on accurate estimation of the distribution of i-vectors. Therefore, i-vectors are quantized while ensuring that both the quantized and original representations yield similar speaker verification performance. Uniqueness estimates are obtained from two newly generated datasets and the public VoxCeleb dataset. The first custom dataset contains more than one and a half million speech samples of 20,741 speakers obtained from TEDx Talks videos. The second one includes over twenty one thousand speech samples from 1,595 actors that are extracted from movie dialogues. Using this data, we analyzed how several factors, such as the number of speakers, number of samples per speaker, sample durations, and diversity of utterances affect uniqueness estimates. Most notably, we determine that the discretization of i-vectors does not cause a reduction in speaker recognition performance. Our results show that the degree of distinctiveness offered by i-vector-based representation may reach 43-70 bits considering 5-second long speech samples; however, under less constrained variations in speech, uniqueness estimates are found to reduce by around 30 bits. We also find that doubling the sample duration increases the distinctiveness of the i-vector representation by around 20 bits.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Privacy-Preserving Online Ride-Hailing System Without Involving a Third
           Trusted Server

    • Free pre-print version: Loading...

      Authors: Hongcheng Xie;Yu Guo;Xiaohua Jia;
      Pages: 3068 - 3081
      Abstract: The increasing popularity of Online Ride-hailing (ORH) services has greatly facilitated our daily travel. It enables a rider to easily request the nearest driver through mobile devices in a short time. However, existing ORH systems require the collection of users' location information and thus raise critical privacy concerns. While several privacy-preserving solutions for ORH service have been proposed, most of existing schemes rely on an additional trusted party to compute the distance between a rider and a driver. Such a security assumption cannot fully address the privacy concerns for practical deployment. In this paper, we present a new ride-matching scheme for ORH systems, which allows privacy-preserving and effective distance calculation without involving a third-party server. Our proposed scheme enables ORH systems to securely compute the user distance while protecting the location privacy of both riders and drivers. Specifically, we resort to state-of-the-art distance calculation techniques based on Road Network Embedding (RNE), and show how to uniquely bridge cryptographic primitives like Property-preserving Hash (PPH) with RNE in depth to support privacy-preserving ride-matching services. Moreover, we also propose an optimized design to improve the matching efficiency. We formally analyze the security strengths and implement the system prototype. Evaluation results demonstrate that our design is secure and efficient for ORH systems.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Decomposed Meta Batch Normalization for Fast Domain Adaptation in Face
           Recognition

    • Free pre-print version: Loading...

      Authors: Jianzhu Guo;Xiangyu Zhu;Zhen Lei;Stan Z. Li;
      Pages: 3082 - 3095
      Abstract: Face recognition systems are sometimes deployed to a target domain with limited unlabeled samples available. For instance, a model trained on the large-scale webfaces may be required to adapt to a NIR-VIS scenario via very limited unlabeled faces. This situation poses a great challenge to Unsupervised Domain Adaptation with Limited samples for Face Recognition (UDAL-FR), which is less studied in previous works. In this paper, with deep learning methods, we propose a novel training remedy by decomposing the model into the weight parameters and the BN statistics in the training phase. Based on decomposing, we design a novel framework via meta-learning, called Decomposed Meta Batch Normalization (DMBN) for fast domain adaptation in face recognition. DMBN trains the network such that domain-invariant information is prone to store in the weight parameters and domain-specific knowledge tends to be represented by the BN statistics. Specifically, DMBN constructs distribution-shifted tasks via domain-aware sampling, on which several meta-gradients are obtained by optimizing discriminative representations across different BNs. Finally, the weight parameters are updated with these meta-gradients for better consistency across different BNs. With the learned weight parameters, the adaptation is very fast since only the BN updating on limited data is needed. We propose two UDAL-FR benchmarks to evaluate the domain-adaptive ability of a model with limited unlabeled samples. Extensive experiments validate the efficacy of our proposed DMBN.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Quantifying Membership Privacy via Information Leakage

    • Free pre-print version: Loading...

      Authors: Sara Saeidian;Giulia Cervia;Tobias J. Oechtering;Mikael Skoglund;
      Pages: 3096 - 3108
      Abstract: Machine learning models are known to memorize the unique properties of individual data points in a training set. This memorization capability can be exploited by several types of attacks to infer information about the training data, most notably, membership inference attacks. In this paper, we propose an approach based on information leakage for guaranteeing membership privacy. Specifically, we propose to use a conditional form of the notion of maximal leakage to quantify the information leaking about individual data entries in a dataset, i.e., the entrywise information leakage. We apply our privacy analysis to the Private Aggregation of Teacher Ensembles (PATE) framework for privacy-preserving classification of sensitive data and prove that the entrywise information leakage of its aggregation mechanism is Schur-concave when the injected noise has a log-concave probability density. The Schur-concavity of this leakage implies that increased consensus among teachers in labeling a query reduces its associated privacy cost. Finally, we derive upper bounds on the entrywise information leakage when the aggregation mechanism uses Laplace distributed noise.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • AWA: Adversarial Website Adaptation

    • Free pre-print version: Loading...

      Authors: Amir Mahdi Sadeghzadeh;Behrad Tajali;Rasool Jalili;
      Pages: 3109 - 3122
      Abstract: One of the most important obligations of privacy-enhancing technologies is to bring confidentiality and privacy to users' browsing activities on the Internet. The website fingerprinting attack enables a local passive eavesdropper to predict the target user's browsing activities even she uses anonymous technologies, such as VPNs, IPsec, and Tor. Recently, the growth of deep learning empowers adversaries to conduct the website fingerprinting attack with higher accuracy. In this paper, we propose a new defense against website fingerprinting attack using adversarial deep learning approaches called Adversarial Website Adaptation (AWA). AWA creates a transformer set in each run so that each website has a unique transformer. Each transformer generates adversarial traces to evade the adversary's classifier. AWA has two versions, including Universal AWA (UAWA) and Non-Universal AWA (NUAWA). Unlike NUAWA, there is no need to access the entire trace of a website in order to generate an adversarial trace in UAWA. We accommodate secret random elements in the training phase of transformers in order for AWA to generate various sets of transformers in each run. We run AWA several times and create multiple sets of transformers. If an adversary and a target user select different sets of transformers, the accuracy of adversary's classifier is almost 19.52% and 31.94% with almost 22.28% and 26.28% bandwidth overhead in UAWA and NUAWA, respectively. If a more powerful adversary generates adversarial traces through multiple sets of transformers and trains a classifier on them, the accuracy of adversary's classifier is almost 49.10% and 25.93% with almost 62.52% and 64.33% bandwidth overhead in UAWA and NUAW, respectively.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Unexpected Information Leakage of Differential Privacy Due to the Linear
           Property of Queries

    • Free pre-print version: Loading...

      Authors: Wen Huang;Shijie Zhou;Yongjian Liao;
      Pages: 3123 - 3137
      Abstract: Differential privacy is a widely accepted concept of privacy preservation, and the Laplace mechanism is a famous instance of differentially private mechanisms used to deal with numerical data. In this paper, we find that differential privacy does not take the linear property of queries into account, resulting in unexpected information leakage. Specifically, the linear property makes it possible to divide one query into two queries, such as q(D)=q(D1)+q(D2) if D=D1∪D2 and D1∩D2=Ø. If attackers try to obtain an answer to q(D), they can not only issue the query q(D) but also issue q(D1) and calculate q(D2) by themselves as long as they know D2. Through different divisions of one query, attackers can obtain multiple different answers to the same query from differentially private mechanisms. However, from the attackers' perspective and differentially private mechanisms' perspective, the total consumed privacy budget is different if divisions are delicately designed. This difference leads to unexpected information leakage because the privacy budget is the key parameter for controlling the amount of information that is legally released from differentially private mechanisms. To demonstrate unexpected information leakage, we present a membership inference attack against the Laplace mechanism. Specifically, under the constraints of differential privacy, we propose a method for obtaining multiple independent identically distributed samples of answers to queries that satisfy the linear property. The proposed method is based on a linear property and some background knowledge of the attackers. When the background knowledge is sufficient, the proposed method can obtain a sufficient number of samples from differentially private mechanisms such that the total consumed privacy budget can be made unreasonably large. Based on th- obtained samples, a hypothesis testing method is used to determine whether a target record is in a target dataset.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • BottleNet: Hiding Network Bottlenecks Using SDN-Based Topology Deception

    • Free pre-print version: Loading...

      Authors: Jinwoo Kim;Jaehyun Nam;Suyeol Lee;Vinod Yegneswaran;Phillip Porras;Seungwon Shin;
      Pages: 3138 - 3153
      Abstract: The robustness of a network's connectivity to other networks is often highly dependent on a few critical nodes and links that tie the network to the larger topology. The failure or degradation to such network bottlenecks can result in outages that may propagate throughout the network. Unfortunately, the presence of the bottlenecks also offers opportunities for targeted link flooding attacks (LFAs). Researchers have proposed a new and promising defense to counter LFAs, referred to as topology deception. This strategy centers on hindering the discovery of bottlenecks by presenting false trace responses to adversaries as they perform topological probing of the target network. Even though the goal of topology deception centers on obscuring critical links, node dependencies can be exploited by an adversary. However, current approaches do not consider a wide range of metrics that may reveal important and diverse aspects of network bottlenecks. Furthermore, existing approaches create a simple form of virtual topology, which is subject to relatively easy detection by the adversary, reducing its effectiveness. In this paper, we propose a comprehensive topology deception framework, which we refer to as BottleNet. Our suggested approach can analyze various network topology features both with respect to static and dynamic metrics and then use this information to identify bottlenecks, finally producing complex virtual topologies that are resilient to adversarial detection.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Gini-Impurity Index Analysis

    • Free pre-print version: Loading...

      Authors: Ye Yuan;Liji Wu;Xiangmin Zhang;
      Pages: 3154 - 3169
      Abstract: In the past few decades, DPA-based side-channel attack strategies, such as DPA and CPA, have shown strong ability to analyze the security of the cryptographic implementations. However, the unpredictability of the leakage model and the correspondence between leakage behavior of the target device and the hypothetical leakage value make it less-effective without prior knowledge. Therefore, in this paper, we present a novel generic side-channel analysis method called Gini-impurity Index Analysis (GIA), utilizing Gini-impurity Index as the distinguisher, which can perform well even without any leakage model and is not sensitive to the existing methods' restrictions about the leakage behavior. Firstly, we introduce the basic idea of GIA. According to the proposed GIA attack strategy, the Gini-impurity index for each key hypothesis should be calculated, determined by the clustered power consumption and the classified subsets based on the key dependent target function. Secondly, we verify the feasibility and evaluate the efficiency of GIA with different target functions by the practical experimental results against AES-128 implemented on an AT89S52 microcontroller. We present one possible multivariate extension of GIA and find the advantage of GIA on leakage information utilization. Thirdly, we present the results of comparisons. On the one hand, we compare GIA with three widely-used distinguishers under simulated traces in various leakage scenarios and practical traces with Hamming-weight-related leakage. Results confirm that GIA can always perform well with different leakage models in most situations. On the other hand, we analyze the relationship between GIA and Mutual Information Analysis (MIA). Theoretical and experimental results confirm that these two methods can obtain similar attack results. However, the guessing entropy of GIA is lower than MIA by up to 21%, and the averaged computational time overhead of GIA is lower than MIA by up to 13.3%, indicating that GIA-is more efficient than MIA. Compared to traditional MIA, GIA is easier to operate and more flexible with noise. Therefore, GIA is an efficient and useful alternative to these existed strategies.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Efficient Known-Sample Attack for Distance-Preserving Hashing Biometric
           Template Protection Schemes

    • Free pre-print version: Loading...

      Authors: Yenlung Lai;Zhe Jin;KokSheik Wong;Massimo Tistarelli;
      Pages: 3170 - 3185
      Abstract: The rapid deployment of biometric authentication systems raises concern over user privacy and security. A biometric template protection scheme emerges as a solution to protect individual biometric templates stored in a database. Among all available protection schemes, a template protection scheme that relies on distance-preserving hashing has received much attention due to its simplicity and efficiency in offering privacy protection while archiving decent authentication performance. In this work, we introduce an efficient attack called known sample attack and demonstrate that most state-of-art template protection schemes that utilize distance-preserving hashing can be compromised in practice (within few seconds), especially when the output is significantly smaller than the original input sample size. These findings further motivated our subsequent work in proposing a secure authentication mechanism to resist such an attack with proper study over the distribution of the input samples. Furthermore, we conducted revocability, unlinkability analysis to demonstrate the satisfactory of general biometric template protection requirements; and showed the resistance of various security and privacy attacks, i.e., false acceptance attack, and attack via record multiplicity.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Joint Discriminative Sparse Coding for Robust Hand-Based Multimodal
           Recognition

    • Free pre-print version: Loading...

      Authors: Shuyi Li;Bob Zhang;
      Pages: 3186 - 3198
      Abstract: Multimodal biometrics recognition has recently attracted much interest for its higher security and effectiveness compared with unimodal biometrics recognition. However, most of the conventional multimodal recognition approaches generally focus on extracting semantic information from different modalities independently, while ignoring the implicit correlations among inter-modality. In this paper, we propose a simple yet effective supervised multimodal feature learning method, called joint discriminative sparse coding (JDSC), which is applied for hand-based multimodal recognition including finger-vein and finger-knuckle-print fusion, palm-vein and palmprint fusion, as well as palm-vein and dorsal-hand-vein fusion. Considering that relevant samples from different modalities have semantic correlations, JDSC projects the raw data into a shared space in which the distance of the between-class is maximized and the distance of the within-class is minimized, at the same time, the correlation among the inter-modality of the within-class is maximized. Therefore, sparse binary codes quantified by the obtained projection matrix can have more discriminative power for multimodal recognition tasks. Thorough experiments on six commonly used multimodal datasets demonstrate the superiority of our proposed method over several state-of-the-art techniques.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Who Is in Control' Practical Physical Layer Attack and Defense for
           mmWave-Based Sensing in Autonomous Vehicles

    • Free pre-print version: Loading...

      Authors: Zhi Sun;Sarankumar Balakrishnan;Lu Su;Arupjyoti Bhuyan;Pu Wang;Chunming Qiao;
      Pages: 3199 - 3214
      Abstract: With the wide bandwidths in millimeter wave (mmWave) frequency band that results in unprecedented accuracy, mmWave sensing has become vital for many applications, especially in autonomous vehicles (AVs). In addition, mmWave sensing has superior reliability compared to other sensing counterparts such as camera and LiDAR, which is essential for safety-critical driving. Therefore, it is critical to understand the security vulnerabilities and improve the security and reliability of mmWave sensing in AVs. To this end, we perform the end-to-end security analysis of a mmWave-based sensing system in AVs, by designing and implementing practical physical layer attack and defense strategies in a state-of-the-art mmWave testbed and an AV testbed in real-world settings. Various strategies are developed to take control of the victim AV by spoofing its mmWave sensing module, including adding fake obstacles at arbitrary locations and faking the locations of existing obstacles. Five real-world attack scenarios are constructed to spoof the victim AV and force it to make dangerous driving decisions leading to a fatal crash. Field experiments are conducted to study the impact of the various attack scenarios using a Lincoln MKZ-based AV testbed, which validate that the attacker can indeed assume control of the victim AV to compromise its security and safety. To defend the attacks, we design and implement a challenge-response authentication scheme and a RF fingerprinting scheme to reliably detect aforementioned spoofing attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Back to the Basics: Seamless Integration of Side-Channel Pre-Processing in
           Deep Neural Networks

    • Free pre-print version: Loading...

      Authors: Yoo-Seung Won;Xiaolu Hou;Dirmanto Jap;Jakub Breier;Shivam Bhasin;
      Pages: 3215 - 3227
      Abstract: Deep learning approaches have become popular for Side-Channel Analysis (SCA) in the recent years. Especially Convolutional Neural Networks (CNN) due to their natural ability to overcome jitter-based as well as masking countermeasures. Most of the recent works have been focusing on optimising the performance on given dataset, for example finding optimal architecture and using ensemble, and bypass the need for trace pre-processing. However, trace pre-processing is a long studied topic and several proven techniques exist in the literature. There is no straightforward manner to integrate those techniques into deep learning based SCA. In this paper, we propose a generic framework which allows seamless integration of multiple, user defined pre-processing techniques into the neural network architecture. The framework is based on Multi-scale Convolutional Neural Networks ( MCNN) that were originally proposed for time series analysis. MCNN are composed of multiple branches that can apply independent transformation to input data in each branch to extract the relevant features and allowing a better generalization of the model. In terms of SCA, these transformations can be used for integration of pre-processing techniques, such as phase-only correlation, principal component analysis, alignment methods, etc. We present successful results on generic network which generalizes to different publicly available datasets. Our findings show that it is possible to design a network that can be used in a more general way to analyze side-channel leakage traces and perform well across datasets.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Physical Layer Security Aided Wireless Interference Networks in the
           Presence of Strong Eavesdropper Channels

    • Free pre-print version: Loading...

      Authors: Zhichao Sheng;Hoang Duong Tuan;Ali Arshad Nasir;H. Vincent Poor;Eryk Dutkiewicz;
      Pages: 3228 - 3240
      Abstract: Under both long (infinite) and short (finite) blocklength transmissions, this paper considers physical layer security for a wireless interference network of multiple transmitter-user pairs, which is overheard by multiple eavesdroppers (EVs). The EVs are assumed to have better channel conditions than the legitimate users (UEs), making the conventional transmission unsecured. The paper develops a novel time-fraction based transmission, under which the information is transmitted to the UEs within a fraction of the time slot and artificial noise (AN) is transmitted within the remaining fraction to counter the strong EVs' channels. Based on channel distribution information of UEs and EVs, the joint design of transmit beamforming, time fractions and AN power allocation to maximize the worst users' secrecy rate is formulated in terms of nonconvex problems. Path-following algorithms of low complexity and rapid convergence are proposed for their solution. Simulations are provided to demonstrate the viability of the proposed methodology.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • OBFP: Optimized Blockchain-Based Fair Payment for Outsourcing Computations
           in Cloud Computing

    • Free pre-print version: Loading...

      Authors: Chao Lin;Debiao He;Xinyi Huang;Kim-Kwang Raymond Choo;
      Pages: 3241 - 3253
      Abstract: Outsourcing computations have been widely used to meet the growing computing demands, although achieving trust in an untrusted (or a zero-trust) environment can be challenging in practice. Fair payment, a candidate solution, can potentially facilitate fair trading among outsourcing computation participants such as users and workers. However, most existing solutions including traditional e-cash-based or blockchain-based, may potentially compromise the worker's fairness (i.e., does not achieve robust fairness, since trusted third parties are required during the trading process), or involve heavy zero-knowledge proofs (ZKPs, with significant computation costs). To mitigate these limitations, we propose a system model of an optimized blockchain-based fair payment (OBFP) for outsourcing computations. Then, we construct a ZKP-free solution based on blockchain by combining any secure commitment, accumulator, and symmetric encryption schemes, as well as a hash function. To demonstrate the utility of our proposed OBFP system, we provide security analysis, performance evaluation and a comparison with existing popular solutions. Specifically, the cryptographic tools are instantiated as commitment (Perdesen commitment), accumulator (RSA-based accumulator), and symmetric encryption (a concrete scheme with the indistinguishability under chosen-plaintext attack (IND-CPA) security), and a hash function (Keccak-256). The prototype is implemented in COSBench and Remix to analyze cloud scalability and concurrency, as well as gas cost.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Finding the Needle in the Haystack: Metrics for Best Trace Selection in
           Unsupervised Side-Channel Attacks on Blinded RSA

    • Free pre-print version: Loading...

      Authors: Alexander Kulow;Thomas Schamberger;Lars Tebelmann;Georg Sigl;
      Pages: 3254 - 3268
      Abstract: For asymmetric ciphers, such as RSA and ECC, side-channel attacks on the underlying exponentiation are mitigated by countermeasures like constant-time implementation and blinding. This restricts an attacker to a single side-channel trace for an attack as a different representation of the private key is used for each exponentiation. In this work, we propose an unsupervised machine learning framework for side-channel attacks on asymmetric cryptography that analyzes leakage in multiple side-channel traces, identifying the best trace for key retrieval. We apply Principal Component Analysis (PCA) preprocessing followed by a classification step that assigns segments of traces to elementary operations of the Square and Multiply exponentiation of RSA. In order to estimate the attack complexity for each trace in terms of key enumeration effort, we introduce two new metrics: The Entropy-based Cost Function (EBCF) is used to select a trace for the attack as well as bits which have to be brute-forced if not all bits can be determined correctly from this single trace. To reduce brute-force complexity further, we introduce Illegal Sequence Detection (ISD) to remove brute-force candidates which do not fit to the Square-and-Multiply scheme. We first provide a proof of concept for 320-bit key length traces and, moving towards a more realistic scenario, retrieve the key from a 1024-bit RSA implementation protected by message and exponent blinding. We are able to select the trace with the least remaining brute-force complexity from 1000 power measurements of the signature generation with randomized inputs and blinding values on a 32-bit ARM Cortex-M4 microcontroller.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Zilch: A Framework for Deploying Transparent Zero-Knowledge Proofs

    • Free pre-print version: Loading...

      Authors: Dimitris Mouris;Nektarios Georgios Tsoutsos;
      Pages: 3269 - 3284
      Abstract: As cloud computing becomes more popular, research has focused on usable solutions to the problem of verifiable computation (VC), where a computationally weak device (Verifier) outsources a program execution to a powerful server (Prover) and receives guarantees that the execution was performed faithfully. A Prover can further demonstrate knowledge of a secret input that causes the Verifier's program to satisfy certain assertions, without ever revealing which input was used. State-of-the-art Zero-Knowledge Proofs of Knowledge (ZKPK) methods encode a computation using arithmetic circuits and preserve the privacy of Prover's inputs while attesting the integrity of program execution. Nevertheless, developing, debugging, and optimizing programs as circuits remains a daunting task, as most users are unfamiliar with this programming paradigm. In this work, we present Zilch, a framework that accelerates and simplifies the deployment of VC and ZKPK for any application transparently, i.e., without the need of trusted setup. Zilch uses traditional instruction sequences rather than static arithmetic circuits that would need to be regenerated for each different computation. Towards that end, we have implemented Z MIPS: a MIPS-like processor model that allows verifying each instruction independently and compose a proof for the execution of the target application. To foster usability, Zilch incorporates a novel cross-compiler from an object-oriented Java-like language tailored to ZKPK and optimized our Z MIPS model, as well as a powerful API that enables integration of ZKPK within existing C/C++ programs. In our experiments, we demonstrate the flexibility of Zilch using two real-life applications, and evaluate Prover and Verifier performance on a variety of benchmarks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Sequential Attack Detection in Recommender Systems

    • Free pre-print version: Loading...

      Authors: Mehmet Aktukmak;Yasin Yilmaz;Ismail Uysal;
      Pages: 3285 - 3298
      Abstract: Recommender systems are widely used in electronic commerce, social media and online streaming services to provide personalized recommendations to the users by exploiting past ratings and interactions. This paper considers the security aspect with quick and accurate detection of attacks by observing the newly created profiles sequentially to prevent the damage which may be incurred by the injection of new profiles with dishonest ratings. The proposed framework consists of a latent variable model, which is trained by a variational EM algorithm, followed by a sequential detection algorithm. The latent variable model generates homogeneous representations of the users given their rating history and mixed data-type attributes such as age and gender. The representations are then exploited to generate univariate statistics to be efficiently used in a CUSUM-like sequential detection algorithm that can quickly detect persistent attacks while maintaining low false alarm rates. We apply our proposed framework to three different real-world datasets and exhibit superior performance in comparison to the existing baseline algorithms for both attack profile and sequential detection. Furthermore, we demonstrate robustness to different attack strategies and configurations.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Minutiae Attention Network With Reciprocal Distance Loss for Contactless
           to Contact-Based Fingerprint Identification

    • Free pre-print version: Loading...

      Authors: Hanzhuo Tan;Ajay Kumar;
      Pages: 3299 - 3311
      Abstract: Interoperability between contactless and conventional contact-based fingerprint recognition systems is fundamental for the success of emerging contactless fingerprint technologies which are highly sought, especially due to current pandemic. However, image formation differences and acquisition distortions between these two modalities pose significant challenges for such interoperability. In order to address these challenges, this paper presents a minutiae attention network with Siamese architecture and the reciprocal distance loss function to enable more accurate contactless to contact-based fingerprint identification. The proposed network contains two branches, a global-net branch to recover global features and a minutiae attention branch that focuses on the local minutiae areas. Attention mechanism is introduced to guide the minutiae attention branch to concentrate on distorted areas and recover minutiae/features correspondence for contactless and contact-based fingerprint images from the same fingers. Meanwhile, reciprocal distance loss is specifically designed to impose strong penalty towards contactless and contact-based fingerprint images from different fingers and guide the network to learn robust features for distinguishing identities. Experimental results on two publicly available databases illustrate significant performance improvements, over state-of-art methods in the literature, and validate the effectiveness of the proposed framework for the contactless to contact-based fingerprint identification.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • General, Efficient, and Real-Time Data Compaction Strategy for APT
           Forensic Analysis

    • Free pre-print version: Loading...

      Authors: Tiantian Zhu;Jiayu Wang;Linqi Ruan;Chunlin Xiong;Jinkai Yu;Yaosheng Li;Yan Chen;Mingqi Lv;Tieming Chen;
      Pages: 3312 - 3325
      Abstract: The damage caused by Advanced Persistent Threat (APT) attacks to governments and large enterprises is gradually escalating. Once an attack event is detected, forensic analysis will use the dependencies between system audit logs to rapidly locate intrusion points and determine the impact of the attacks. Due to the high persistence of APT attacks, huge amounts of data will be stored to meet the needs of forensic analysis, which not only brings great storage overhead, but also sharply increases the computing costs. To compact data without affecting forensic analysis, several methods have been proposed. However, in real-world scenarios, we meet the problems of weak cross-platform capability, large data processing overhead, and poor real-time performance, rendering existing data compaction methods difficult to meet the usability and universality requirements jointly. To overcome these difficulties, this paper proposes a general, efficient, and real-time data compaction method at the system log level; it does not involve internal analysis of the program or depend on the specific operating system type, and it includes two strategies: 1) data compaction of maintaining global semantics (GS), which determines and deletes redundant events that do not affect global dependencies, and 2) data compaction based on suspicious semantics (SS). Given that the purpose of forensic analysis is to restore the attack chain, SS performs context analysis on the remaining events from GS and further deletes the parts that are not related to the attack. The results of the real-world experiments show that the compaction ratios of our method to system events are as high as $4.36times $ to $13.18times $ and $7.86times $ to $-6.99times $ on GS and SS, respectively, which is better than state-of-the-art studies.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Steganalysis of H.264/AVC Videos Exploiting Subtractive Prediction Error
           Blocks

    • Free pre-print version: Loading...

      Authors: Yun Cao;Hong Zhang;Xianfeng Zhao;Xiaolei He;
      Pages: 3326 - 3338
      Abstract: To cope with the abuse of steganography using H.264 videos, i.e., the dominant video format, as the carrier, this paper presents a steganalytic method which works well even in the scenario where both the training data and the prior knowledge of the test data are limited. As a key feature of H.264, intra prediction is incorporated to remove redundancies within one single frame by predicting the current block using previously coded blocks. Unlike in JPEG domain, the quantized discrete cosine transform (QDCT) coefficients in H.264 videos come from the prediction error (residual) blocks (PEBs) instead of the original pixel block, hence we suggest shifting the focal point from the spatial domain to the prediction error domain, i.e., the PEB domain. According to the traits of video coding, 3 types of subtractive PEB (SPEB) are defined to capture the inconsistency between correlated PEBs, and the differences between correlated SPEBs are modeled by first-order Markov chain. Then the so-called SUPERB (SUbtractive Prediction ERror Block) features are engineered by subsets of sample transition probability matrices for a steganalyzer. What's more, the features derived from IPM (Intra Prediction Mode) transition probabilities are also merged into SUPERB to improve detection ability. Extensive experiments are carried out from different aspects. Performance results demonstrate the effectiveness of SUPERB, particularly its essence of general applicability when the training and test data are of quite different attributes, which is more favorable for real-world applications.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Tensor-Compensated Color Face Recognition

    • Free pre-print version: Loading...

      Authors: Tuyen Ngoc Le;Duong Binh Giap;Jing-Wein Wang;Chih-Chiang Wang;
      Pages: 3339 - 3354
      Abstract: Making face recognition more reliable under uncontrolled lighting conditions is one of the most important challenges for practical recognition systems. The reasons come from the need for automatic recognitions and security systems. To overcome this problem, we propose a novel illumination compensation method called adaptive high-order singular value decomposition to enhance face images at the preprocessing step of the face recognition system. First, we present an RGB color face image as a third-order tensor. Then, adaptive high-order singular value decomposition is proposed to adjust the core tensor automatically by multiplying three frontal slices of the core tensor with their corresponding compensation weight coefficients while keeping the third inverse factor fixed. The experiments performed on five of the most famous public color face databases, namely CMU-PIE, Color FERET, FEI, LFW, and IJB-C reveal that adaptive high-order singular value decomposition not only yields compensated images that are clear, natural, and smooth but also considerably improves the accuracy and computing time of face recognition.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Threat Intelligence Generation Using Network Telescope Data for Industrial
           Control Systems

    • Free pre-print version: Loading...

      Authors: Olivier Cabana;Amr M. Youssef;Mourad Debbabi;Bernard Lebel;Marthe Kassouf;Ribal Atallah;Basile L. Agba;
      Pages: 3355 - 3370
      Abstract: Industrial Control Systems (ICSs) are cyber-physical systems that offer attractive targets to threat actors due to the scale of damages, both physical and cyber, that successful exploitation can cause. As such, ICSs often find themselves victims to reconnaissance campaigns - coordinated scanning activity that targets a wide subset of the Internet - that aim to discover vulnerable systems. As these campaigns likely scan broad netblocks of the Internet, some traffic is directed to network telescopes, which are routable, allocated, and unused IP space. In this paper, we explore the threat landscape of ICS devices by analyzing and investigating network telescope traffic. Our network traffic analysis tool takes darknet traffic and generates threat intelligence on scanning campaigns targeting ICSs in the form of campaign fragments, which we leverage in new ways to get more in-depth knowledge of the cybersecurity threats. We investigate the payloads of the identified campaigns using a custom Deep Packet Inspection (DPI) technique to dissect and analyze the packets. We found 13 distinct payload templates and deduced their purpose, and by extension the campaign goals. We use machine learning to classify the sources behind the campaigns and identify threat actors such as botnets, malicious attackers, or researchers, and establish a methodology to rank our campaigns to prioritize our analysis. To conduct our analysis of the threats targeting ICSs, we have leveraged 12.85 TB (330 days) of network traffic received by our observed darknet IP space. Combining these investigative threads, we provide a thorough overview of the threat landscape targeting ICS systems.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure and Energy-Efficient Precoding for MIMO Two-Way Untrusted Relay
           Systems

    • Free pre-print version: Loading...

      Authors: Shuangrui Zhao;Jia Liu;Yulong Shen;Xiaohong Jiang;Norio Shiratori;
      Pages: 3371 - 3386
      Abstract: This paper focuses on the multiple-input-multiple-output (MIMO) two-way relay system with an untrusted relay and investigates its secure and energy-efficient precoding design issue based on the physical layer security technology. We first provide theoretical modeling for the index of secrecy energy efficiency (SEE) and formulate the optimal precoding design for SEE maximization (SEEM) as a high-dimensional non-convex programming problem. By exploring the techniques like fractional programming, alternate optimization and semi-definite programming, we then develop a hierarchical theoretical framework to solve the SEEM problem and thus to identify the optimal precoding designs for the source and relay. Furthermore, we demonstrate the proposed theoretical framework is also applicable to the problem of precoding design for secrecy sum rate maximization. Finally, with the help of generalized singular value decomposition, we propose a sub-optimal relay precoding design scheme with significantly lower computational complexity. Extensive numerical results provided in the paper indicate that the proposed schemes can remarkably improve the SEE performance in MIMO two-way untrusted relay systems.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • An Exploit Kits Detection Approach Based on HTTP Message Graph

    • Free pre-print version: Loading...

      Authors: Yan Qin;Weiping Wang;Shigeng Zhang;Kai Chen;
      Pages: 3387 - 3400
      Abstract: The exploit kits (EKs) are used by attackers to distribute malware automatically and silently. Existing approaches to EKs detection usually need to perform dynamic analysis on the content contained in the network traffic, which requires dumping all the network traffic and thus causes high detection overhead. Although some approaches detect EKs based on static analysis, they usually fail to restore the complete attack path because of the obstruction set by the attackers. In this paper, we propose an approach that can detect EKs based on only information extracted by static analysis. Our method builds a graph for web sessions and extracts features from the graph to perform EKs detection. The built graph catches important structural characteristics of the interaction during EK attacks that were not revealed in existing methods, with which EKs can be detected with high accuracy. The experiments show that our method works well in both the ground-truth datasets and the latest practical cases. Our method can also identify the malicious websites concealed in EKs, which can further improve the efficiency of analysis.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure Transmission in Multiple Access Wiretap Channel: Cooperative
           Jamming Without Sharing CSI

    • Free pre-print version: Loading...

      Authors: Hongliang He;Xizhao Luo;Jian Weng;Kaimin Wei;
      Pages: 3401 - 3411
      Abstract: This paper investigates the secure transmission in multiple access wiretap channels, where multiple legitimate users transmit private information to an intended receiver in the presence of multiple eavesdroppers. In order to improve security, we propose a novel cooperative jamming scheme, in which users do not share channel state information (CSI) but the legitimate channels will not be degraded by the artificial noise. The basic idea is to make each user exploit its own CSI in two slots to design artificial noise, so that the intended receiver can eliminate all the artificial noise but the eavesdroppers cannot. In this process, the interference between users plays a key role to achieve security, because it guarantees that the artificial noise from different users helps each other. We consider the non-collusion and collusion of eavesdroppers and analyze the secrecy performance for both scenarios. We adopt the secrecy sum-rate as the main metric, and show that positive secrecy sum-rate can be achieved by using the proposed scheme. Especially, we observe that when eavesdroppers collude and their additive white Gaussian noise (AWGN) close to zero, the number of users must not be less than twice the number of eavesdroppers to ensure positive secrecy sum-rate. Finally, simulation results are provided to corroborate our theoretical findings.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • De-Pois: An Attack-Agnostic Defense against Data Poisoning Attacks

    • Free pre-print version: Loading...

      Authors: Jian Chen;Xuxin Zhang;Rui Zhang;Chen Wang;Ling Liu;
      Pages: 3412 - 3425
      Abstract: Machine learning techniques have been widely applied to various applications. However, they are potentially vulnerable to data poisoning attacks, where sophisticated attackers can disrupt the learning procedure by injecting a fraction of malicious samples into the training dataset. Existing defense techniques against poisoning attacks are largely attack-specific: they are designed for one specific type of attacks but do not work for other types, mainly due to the distinct principles they follow. Yet few general defense strategies have been developed. In this paper, we propose De-Pois, an attack-agnostic defense against poisoning attacks. The key idea of De-Pois is to train a mimic model the purpose of which is to imitate the behavior of the target model trained by clean samples. We take advantage of Generative Adversarial Networks (GANs) to facilitate informative training data augmentation as well as the mimic model construction. By comparing the prediction differences between the mimic model and the target model, De-Pois is thus able to distinguish the poisoned samples from clean ones, without explicit knowledge of any ML algorithms or types of poisoning attacks. We implement four types of poisoning attacks and evaluate De-Pois with five typical defense methods on different realistic datasets. The results demonstrate that De-Pois is effective and efficient for detecting poisoned data against all the four types of poisoning attacks, with both the accuracy and F1-score over 0.9 on average.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Machine Learning in Wavelet Domain for Electromagnetic Emission Based
           Malware Analysis

    • Free pre-print version: Loading...

      Authors: Nikhil Chawla;Harshit Kumar;Saibal Mukhopadhyay;
      Pages: 3426 - 3441
      Abstract: This paper presents a signal processing and machine learning (ML) based methodology to leverage Electromagnetic (EM) emissions from an embedded device to remotely detect a malicious application running on the device and classify the application into a malware family. We develop Fast Fourier Transform (FFT) based feature extraction followed by Support Vector Machine (SVM) and Random Forest (RF) based ML models to detect a malware. We further propose methods to learn characteristic behavior of different malwares from EM traces to reveal similarities to known malware families and improve efficiency of malware analysis. We propose to use Discrete Wavelet Transform (DWT) based feature extraction from spectrograms of EM side-channel traces and perform ML on the extracted features to learn fine-grained patterns of malware families. The experimental demonstration on Open-Q 820 development platform demonstrate 0.99 F1 score in detecting malware and 0.88 F1 score in uniquely classifying malwares among 8 malware family evaluated using Support Vector Machines (SVM) and Random Forest (RF) Machine Learning(ML) models. We also demonstrate capability of proposed framework in identifying new unknown applications with 0.99 recall and unknown malware family with 0.87 recall.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Beyond Universal Person Re-Identification Attack

    • Free pre-print version: Loading...

      Authors: Wenjie Ding;Xing Wei;Rongrong Ji;Xiaopeng Hong;Qi Tian;Yihong Gong;
      Pages: 3442 - 3455
      Abstract: Deep learning-based person re-identification (Re-ID) has made great progress and achieved high performance recently. In this paper, we make the first attempt to examine the vulnerability of current person Re-ID models against a dangerous attack method, i.e., the universal adversarial perturbation (UAP) attack, which has been shown to fool classification models with a little overhead. We propose a more universal adversarial perturbation (MUAP) method for both image-agnostic and model-insensitive person Re-ID attack. Firstly, we adopt a list-wise attack objective function to disrupt the similarity ranking list directly. Secondly, we propose a model-insensitive mechanism for cross-model attack. Extensive experiments show that the proposed attack approach achieves high attack performance and outperforms other state of the arts by large margin in cross-model scenario. The results also demonstrate the vulnerability of current Re-ID models to MUAP and further suggest the need of designing more robust Re-ID models.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • DFraud³: Multi-Component Fraud Detection Free of Cold-Start

    • Free pre-print version: Loading...

      Authors: Saeedreza Shehnepoor;Roberto Togneri;Wei Liu;Mohammed Bennamoun;
      Pages: 3456 - 3468
      Abstract: Fraud review detection is a hot research topic in recent years. The Cold-start is a particularly new but significant problem referring to the failure of a detection system to recognize the authenticity of a new user. State-of-the-art solutions employ a translational knowledge graph embedding approach (TransE) to model the interaction of the components of a review system. However, these approaches suffer from the limitation of TransE in handling N-1 relations and the narrow scope of a single classification task, i.e., detecting fraudsters only. In this paper, we model a review system as a Heterogeneous Information Network (HIN) which enables a unique representation to every component and performs graph inductive learning on the review data through aggregating features of nearby nodes. HIN with graph induction helps to address the camouflage issue (fraudsters with genuine reviews) which has shown to be more severe when it is coupled with cold-start, i.e., new fraudsters with genuine first reviews. In this research, instead of focusing only on one component, detecting either fraud reviews or fraud users (fraudsters), vector representations are learned for each component, enabling multi-component classification. In other words, we can detect fraud reviews, fraudsters, and fraud-targeted items, thus the name of our approach DFraud3. DFraud3 demonstrates a significant accuracy increase of 13% over the state of the art on Yelp.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Functionality-Preserving Black-Box Optimization of Adversarial Windows
           Malware

    • Free pre-print version: Loading...

      Authors: Luca Demetrio;Battista Biggio;Giovanni Lagorio;Fabio Roli;Alessandro Armando;
      Pages: 3469 - 3478
      Abstract: Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker is only given black-box query access to the model. The main drawback of these attacks is that: ( i) they are query-inefficient, as they rely on iteratively applying random transformations to the input malware; and ( ii) they may also require executing the adversarial malware in a sandbox at each iteration of the optimization process, to ensure that its intrusive functionality is preserved. In this paper, we overcome these issues by presenting a novel family of black-box attacks that are both query-efficient and functionality-preserving, as they rely on the injection of benign content (which will never be executed) either at the end of the malicious file, or within some newly-created sections. Our attacks are formalized as a constrained minimization problem which also enables optimizing the trade-off between the probability of evading detection and the size of the injected payload. We empirically investigate this trade-off on two popular static Windows malware detectors, and show that our black-box attacks can bypass them with only few queries and small payloads, even when they only return the predicted labels. We also evaluate whether our attacks transfer to other commercial antivirus solutions, and surprisingly find that they can evade, on average, more than 12 commercial antivirus engines. We conclude by discussing the limitations of our approach, and its possible future extensions to target malware classifiers based on dynamic analysis.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Corrections to “Hardware-Assisted Transparent Tracing and Debugging
           on ARM”

    • Free pre-print version: Loading...

      Authors: Zhenyu Ning;Fengwei Zhang;
      Pages: 3479 - 3479
      Abstract: In the above article [1], in the first-page footnote, the corresponding author should appear as: (Corresponding author: Dr. Fengwei Zhang) instead of (Corresponding author: Zhenyu Ning).
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Physical Layer Security Enhancement With Reconfigurable Intelligent
           Surface-Aided Networks

    • Free pre-print version: Loading...

      Authors: Jiayi Zhang;Hongyang Du;Qiang Sun;Bo Ai;Derrick Wing Kwan Ng;
      Pages: 3480 - 3495
      Abstract: Reconfigurable intelligent surface (RIS)-aided wireless communications have drawn significant attention recently. We study the physical layer security of the downlink RIS-aided transmission framework for randomly located users in the presence of a multi-antenna eavesdropper. To show the advantages of RIS-aided networks, we consider two practical scenarios: Communication with and without RIS. In both cases, we apply the stochastic geometry theory to derive exact probability density function (PDF) and cumulative distribution function (CDF) of the received signal-to-interference-plus-noise ratio. Furthermore, the obtained PDF and CDF are exploited to evaluate important security performance of wireless communication including the secrecy outage probability, the probability of nonzero secrecy capacity, and the average secrecy rate. Monte-Carlo simulations are subsequently conducted to validate the accuracy of our analytical results. Compared with traditional MIMO systems, the RIS-aided system offers better performance in terms of physical layer security. In particular, the security performance is improved significantly by increasing the number of reflecting elements equipped in a RIS. However, adopting RIS equipped with a small number of reflecting elements cannot improve the system performance when the path loss of NLoS is small.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Generalized Likelihood Ratio Test for GNSS Spoofing Detection in Devices
           With IMU

    • Free pre-print version: Loading...

      Authors: Marco Ceccato;Francesco Formaggio;Nicola Laurenti;Stefano Tomasin;
      Pages: 3496 - 3509
      Abstract: Spoofing attacks in global navigation satellite systems (GNSSs) aim at inducing the estimation of a fake position at the victim receiver. Many devices, including smartphones, are nowadays equipped with both a GNSS receiver and an inertial measurement unit (IMU), which also provides location/movement information, while being immune from GNSS attacks. We propose a spoofing detection technique based on the comparison between GNSS and IMU measurements. The detection is performed through a generalized likelihood ratio test (GLRT), which is efficiently implemented by a matrix multiplication approach. In particular, the device a) estimates its orientation from magnetometer and gyroscope measurements, b) estimates its position, acceleration, and velocity by a maximum likelihood approach, and c) performs the GLRT for spoofing detection. The performance of the proposed GLRT is compared with the Kalman filter innovation test and with the direct comparison method (DCM), both in terms of false alarm/missed detection probabilities and computational complexity.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy-Preserving Identification Systems With Noisy Enrollment

    • Free pre-print version: Loading...

      Authors: Linghui Zhou;Minh Thanh Vu;Tobias J. Oechtering;Mikael Skoglund;
      Pages: 3510 - 3523
      Abstract: In this paper, we study fundamental trade-offs in privacy-preserving biometric identification systems with noisy enrollment. The proposed identification systems include helper data, secret keys, and private keys. Helper data are stored in a public database and used for identification. Secret keys are either stored in a secure database or provided to the user, and can be used in a next step, e.g. for authentication. Private keys are provided by users, and are also used for identification. In this paper, we impose a noisy enrollment channel and an arbitrarily small privacy and secrecy leakage rate. We characterize the optimal trade-off among the identification, secret key, private key, and helper data rates. Depending on how secret keys are produced, we study two cases of the proposed privacy-preserving identification systems, where the secret keys are generated and chosen respectively. By introducing private keys, it is shown that the identification system achieves close to zero privacy leakage rate in both generated and chosen secret key settings. The results also show that the identification rate and the secret key rate can be enlarged by increasing the private key rate. This work provides a framework for analyzing privacy-preserving identification systems and an insight on the design of optimal systems.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure Automatic Speaker Verification (SASV) System Through sm-ALTP
           Features and Asymmetric Bagging

    • Free pre-print version: Loading...

      Authors: Muteb Aljasem;Aun Irtaza;Hafiz Malik;Noushin Saba;Ali Javed;Khalid Mahmood Malik;Mohammad Meharmohammadi;
      Pages: 3524 - 3537
      Abstract: The growing number of voice-enabled devices and applications consider automatic speaker verification (ASV) a fundamental component. However, maximum outreach for ASV in critical domains e.g., financial services and health care, is not possible unless we overcome security breaches caused by voice cloning algorithms and replayed audios. Therefore, to overcome these vulnerabilities, a secure ASV (SASV) system based on the novel sign modified acoustic local ternary pattern (sm-ALTP) features and asymmetric bagging-based classifier-ensemble with enhanced attack vector is presented. The proposed audio representation approach clusters the high and low frequency components in audio frames by normally distributing frequency components against a convex function. Then, the neighborhood statistics are applied to capture the user specific vocal tract information. The proposed SASV system simultaneously verifies the bonafide speakers and detects the voice cloning attack, cloning algorithm used to synthesize cloned audio (in the defined settings), and voice-replay attacks over the ASVspoof 2019 dataset. In addition, the proposed method detects the voice replay and cloned voice replay attacks over the VSDC dataset. Both the voice cloning algorithm detection and cloned-replay attack detection are novel concepts introduced in this paper. The voice cloning algorithm detection module determines the voice cloning algorithm used to generate the fake audios. Whereas, the cloned voice replay attack detection is performed to determine the SASV behavior when audio samples are simultaneously contemplated with cloning and replay artifacts.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Conditional Variational Auto-Encoder and Extreme Value Theory Aided
           Two-Stage Learning Approach for Intelligent Fine-Grained Known/Unknown
           Intrusion Detection

    • Free pre-print version: Loading...

      Authors: Jian Yang;Xiang Chen;Shuangwu Chen;Xiaofeng Jiang;Xiaobin Tan;
      Pages: 3538 - 3553
      Abstract: Promptly discovering unknown network attacks is critical for reducing the risk of major loss imposed on organizations and information infrastructure. This paper aims at developing an intelligent intrusion detection system capable of classifying known attacks as well as inferring unknown ones. To achieve this, we formulate the problem of fine-grained known/unknown intrusion detection as a two-stage minimization problem, where the first stage is to seek a score measure for minimizing the empirical risk of misclassifying the known attacks, while the second stage is to find another score measure for minimizing the identification risk of inferring unknown attacks. The hierarchical nature of problem formulation allows us to employ the class conditioned auto-encoders to construct a hierarchical intrusion detection framework. Since the reconstruction errors of unknown attacks are generally higher than that of the known attacks, we further employ extreme value theory in the second stage to model the distribution of reconstruction errors for differentiating known/unknown attack. To further reduce the false positive rate, we add a benign clustering module for learning the multimodal distribution of benign traffic. We conduct an experiment on two widely used datasets for assessing intrusion detection. The results show that the proposed method improves the detection rate of unknown attacks while keeping a low false positive rate.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Botnet Identification in DDoS Attacks With Multiple Emulation Dictionaries

    • Free pre-print version: Loading...

      Authors: Michele Cirillo;Mario Di Mauro;Vincenzo Matta;Marco Tambasco;
      Pages: 3554 - 3569
      Abstract: In a Distributed Denial of Service (DDoS) attack, a network (botnet) of dispersed agents (bots) sends requests to a website to saturate its resources. Since the requests are sent by automata, the typical way to detect them is to look for some repetition pattern or commonalities between requests of the same user or from different users. For this reason, recent DDoS variants exploit communication layers that offer broader possibility in terms of admissible request patterns, such as, e.g., the application layer. In this case, the malicious agents can pick legitimate messages from an emulation dictionary, and each individual agent sends a relatively low number of admissible requests, so as to make its activity non suspicious. This problem has been recently addressed under the assumption that all the members of the botnet use the same emulation dictionary. This situation is an idealization of what occurs in practice, since different clusters of agents are typically sharing only part of a global emulation dictionary. The diversity among the emulation dictionaries across different clusters introduces significant complexity in the botnet identification challenge. This work tackles this issue and provides the following main contributions. We obtain an analytical characterization of the message innovation rate of the DDoS attack with multiple emulation dictionaries. Exploiting this result, we design a botnet identification algorithm equipped with a cluster expurgation rule, which, under appropriate technical conditions, is shown to provide exact classification of bots and normal users as the observation window size increases. Then, an experimental campaign over real network traces is conducted to assess the validity of the theoretical analysis, as well as to examine the effect of a number of non-ideal effects that are unavoidably observed in practical scenarios.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Rebuttal to “Comments on Random Distance Method Generating Unimodal and
           Multimodal Cancelable Biometric Features”

    • Free pre-print version: Loading...

      Authors: Harkeerat Kaur;Pritee Khanna;
      Pages: 3570 - 3572
      Abstract: This rebuttal highlights major flaws in the comments made by Lamba due to possible oversight in understanding the scheme given by Kaur and Khanna. Firstly, the random distance method (RDM) does not suffer from any mathematical fallacy. It is a unique technique to generate cancelable biometric templates. Secondly, the size of the original log-Gabor feature vector is reduced by half due to the inherent nature of the RDM scheme, and it does not affect the inter-and intra user variations in any adverse way. An experimental analysis is also performed to showcase that RDM maintains inter and intra-user variations. Thirdly, the comment correspondence author has not noticed that the sole purpose of using the random grid (RG) with OR operation is to increase the entropy of the log-Gabor features, which have a low dynamic range. The issue of partial information revelation is out of context here as salting is not used for hiding information. Finally, the author of comment correspondence has failed to understand that padding is used in the implementation of median filters, which is very common in the filtering process.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Practical Threshold Multi-Factor Authentication

    • Free pre-print version: Loading...

      Authors: Wenting Li;Haibo Cheng;Ping Wang;Kaitai Liang;
      Pages: 3573 - 3588
      Abstract: Multi-factor authentication (MFA) has been widely used to safeguard high-value assets. Unlike single-factor authentication (e.g., password-only login), t-factor authentication ( tFA) requires a user always to carry and present t specified factors so as to strengthen the security of login. Nevertheless, this may restrict user experience in limiting the flexibility of factor usage, e.g., the user may prefer to choose any factors at hand for login authentication. To bring back usability and flexibility without loss of security, we introduce a new notion of authentication, called (t,n) threshold MFA, that allows a user to actively choose t factors out of n based on preference. We further define the “most-rigorous” multi-factor security model for the new notion, allowing attackers to control public channels, launch active/passive attacks, and compromise/corrupt any subset of parties as well as factors. We state that the model can capture the most practical security needs in the literature. We design a threshold MFA key exchange (T-MFAKE) protocol built on the top of a threshold oblivious pseudorandom function and an authenticated key exchange protocol. Our protocol achieves the “highest-attainable” security against all attacking attempts in the context of parties/factors being compromised/corrupted. As for efficiency, our design only requires 4+t exponentiations, 2 multi-exponentiations and 2 communication rounds. Compared with existing tFA schemes, even the degenerated (t,t) version of our protocol achieves the strongest security (stronger than most schemes) and higher efficiency on computational and communication. We instantiate our design on real-world platform to highlight its practicability and efficiency.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • MBTree: Detecting Encryption RATs Communication Using Malicious Behavior
           Tree

    • Free pre-print version: Loading...

      Authors: Cong Dong;Zhigang Lu;Zelin Cui;Baoxu Liu;Kai Chen;
      Pages: 3589 - 3603
      Abstract: Network trace signature matching is one reliable approach to detect active Remote Control Trojan, (RAT). Compared to statistical-based detection of malicious network traces in the face of known RATs, the signature-based method can achieve more stable performance and thus more reliability. However, with the development of encrypted technologies and disguise tricks, current methods suffer inaccurate signature descriptions and inflexible matching mechanisms. In this paper, we propose to tackle above problems by presenting MBTree, an approach to detect encryption RATs Command and Control (C&C) communication based on host-level network trace behavior. MBTree first models the RAT network behaviors as the malicious set by automatically building the multiple level tree, MLTree from distinctive network traces of each sample. Then, MBTree employs a detection algorithm to detect malicious network traces that are similar to any MLTrees in the malicious set. To illustrate the effectiveness of our proposed method, we adopt theoretical analysis of MBTree from the probability perspective. In addition, we have implemented MBTree to evaluate it on five datasets which are reorganized in a sophisticated manner for comprehensive assessment. The experimental results demonstrate the accurate and robust of MBTree, especially in the face of new emerging benign applications.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Adversarial Kendall’s Model Towards Containment of Distributed
           Cyber-Threats

    • Free pre-print version: Loading...

      Authors: Paolo Addesso;Mauro Barni;Mario Di Mauro;Vincenzo Matta;
      Pages: 3604 - 3619
      Abstract: This work examines propagation of cyber-threats over networks under an adversarial formulation. Exploiting Kendall’s birth-death-immigration model, we propose an analytical framework to describe the stochastic dynamics of cyber-threat propagation in a collection of heterogeneous sub-networks characterized by different attributes. We propose two formalisations of the problem as zero-sum games involving two adversaries: an attacker, who launches cyber-threats across the distinct sub-networks; and a defender, who tries to mitigate the threats by delivering suitable countermeasures. According to the first formalisation, the interplay between the defender and the attacker is modelled as a Stackelberg leader-follower game, while the second formalisation considers a strategic game wherein the two contenders play simultaneously without knowing the choice of the other player. We derive the equilibrium strategies for both versions of the game, and discuss a number of insightful interplays and ramifications of the different equilibrium points for the problem at hand. The equilibrium strategies depend on three fundamental attributes: $i$ ) the available resource budget of the attacker and the defender; $ii$ ) the capacity of the legitimate nodes to (unintentionally) forward the threat across the network, after they have been compromised during the propagation of the threat; $iii$ ) the intrinsic characteristics of the sub-networks, namely, their immunity to the attacks, their inertia in responding to the countermeasures, and the importance of the individual sub-networks. The relevance of the proposed solution is illustrated through a series of examples and numerical simulations.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Practical Black-Box Attack on Source Code Authorship Identification
           Classifiers

    • Free pre-print version: Loading...

      Authors: Qianjun Liu;Shouling Ji;Changchang Liu;Chunming Wu;
      Pages: 3620 - 3633
      Abstract: Existing researches have recently shown that adversarial stylometry of source code can confuse source code authorship identification (SCAI) models, which may threaten the security of related applications such as programmer attribution, software forensics, etc. In this work, we propose source code authorship disguise (SCAD) to automatically hide programmers' identities from authorship identification, which is more practical than the previous work that requires to known the output probabilities or internal details of the target SCAI model. Specifically, SCAD trains a substitute model and develops a set of semantically equivalent transformations, based on which the original code is modified towards a disguised style with small manipulations in lexical features and syntactic features. When evaluated under totally black-box settings, on a real-world dataset consisting of 1,600 programmers, SCAD induces state-of-the-art SCAI models to cause above 30% misclassification rates. The efficiency and utility-preserving properties of SCAD are also demonstrated with multiple metrics. Furthermore, our work can serve as a guideline for developing more robust identification methods in the future.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • CASIA-Face-Africa: A Large-Scale African Face Image Database

    • Free pre-print version: Loading...

      Authors: Jawad Muhammad;Yunlong Wang;Caiyong Wang;Kunbo Zhang;Zhenan Sun;
      Pages: 3634 - 3646
      Abstract: Face recognition is a popular and well-studied area with wide applications in our society. However, racial bias had been proven to be inherent in most State Of The Art (SOTA) face recognition systems. Many investigative studies on face recognition algorithms have reported higher false positive rates of African subjects cohorts than the other cohorts. Lack of large-scale African face image databases in public domain is one of the main restrictions in studying the racial bias problem of face recognition. To this end, we collect a face image database namely CASIA-Face-Africa which contains 38,546 images of 1,183 African subjects. Multi-spectral cameras are utilized to capture the face images under various illumination settings. Demographic attributes and facial expressions of the subjects are also carefully recorded. For landmark detection, each face image in the database is manually labeled with 68 facial keypoints. A group of evaluation protocols are constructed according to different applications, tasks, partitions and scenarios. The performances of SOTA face recognition algorithms without re-training are reported as baselines. The proposed database along with its face landmark annotations, evaluation protocols and preliminary results form a good benchmark to study the essential aspects of face biometrics for African subjects, especially face image preprocessing, face feature analysis and matching, facial expression recognition, sex/age estimation, ethnic classification, face image generation, etc. The database can be downloaded from our website.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • CPA-Secure Privacy-Preserving Reversible Data Hiding for JPEG Images

    • Free pre-print version: Loading...

      Authors: Sorour Sheidani;Ahmad Mahmoudi-Aznaveh;Ziba Eslami;
      Pages: 3647 - 3661
      Abstract: The Encrypted Image Reversible Data Hiding (EIRDH) is a hot area of research in multimedia outsourcing scenarios. In such a setting, a content owner possesses confidential images that he wants to upload to an untrusted server. The server is supposed to embed a secret message in the images before sending them to potential receivers, and the receivers expect to recover the original images without any distortion. EIRDH schemes are designed to meet reversible data hiding goals while preserving the confidentiality of the host images. Confidentiality is provided by means of encryption algorithms; however, these algorithms, in turn, introduce the challenge of dealing with ciphered images in both embedding and extraction phases. The current paper tries to propose a privacy-preserving reversible data hiding scheme for JPEG images without the need for any levels of decompression. We propose an elliptic curve-based asymmetric, commutative, and separable EIRDH method, in which no entities other than the sender and the eligible receiver of the hidden message (embedded in the encrypted image) are able to recognize its existence. In particular, even the server that performs the embedding remains completely unaware of the content of the images. An important security feature of our scheme involves the security of its multiple encryptions against Chosen-Plaintext Attack (CPA), which is an attack model that assumes the adversary can obtain the encryptions of the images on his choice to achieve possible extra information to attack. Experimental results show that our scheme achieves full reversibility and a satisfactory level of capacity, while it accurately extracts all the hidden bits.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Strong Secrecy of Arbitrarily Varying Multiple Access Channels

    • Free pre-print version: Loading...

      Authors: Yiqi Chen;Dan He;Yuan Luo;
      Pages: 3662 - 3677
      Abstract: This paper investigates the strong secrecy capacity of the arbitrarily varying multiple access channel (AVMAC). First, Csiszár’s almost independent coloring lemma is generalized to establish an achievable secrecy rate region of the AVMAC with an eavesdropper, which includes existing results on both the arbitrarily varying wiretap channel and the multiple access wiretap channel. We then determine the capacity for a special case named semi-noiseless wiretap channel. In addition, a multi-letter outer bound is also presented. Finally, the results of this paper are further explained via a binary example with a numerical inner bound.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • On the Efficiency of Pairing-Based Authentication for Connected Vehicles:
           Time is Not on Our Side!

    • Free pre-print version: Loading...

      Authors: Mir Ali Rezazadeh Baee;Leonie Simpson;Xavier Boyen;Ernest Foo;Josef Pieprzyk;
      Pages: 3678 - 3693
      Abstract: In the near future, intelligent vehicles will be connected via wireless communication links, forming Vehicular Ad-hoc Networks (VANETs). This has potential to improve road safety and to optimize traffic. However, if the communications are not secure, VANETs are vulnerable to cyber attacks involving message manipulation. Research on this problem has produced multiple authentication protocols based on bilinear pairings (a variant of elliptic curve cryptography). The efficiency of such authentication schemes must be addressed before they can be used in real-world deployments. Standards bodies have begun standardizing various pairing-based schemes. The IEEE 1609.2 security standard has not yet selected any pairing-based scheme, leaving the settings related to pairing-based cryptography in the vehicular environments unspecified. In this work, we investigate the efficiency of pairing-based cryptographic primitives over the Barreto-Lynn-Scott and Barreto-Naehrig pairing friendly elliptic curves recommended in the IETF and ISO standards, to determine their suitability for practical application. We implement the algorithms and evaluate the effect of cryptographic pairings using theoretical and experimental analysis of four well-known pairing-based short signature schemes, including: Boneh-Lynn-Shacham, Boneh-Boyen, Zhang-Safavi-Susilo, and Boneh-Gentry-Lynn-Shacham. We use metrics including CPU clock cycles per operation, average computation time in milliseconds, and signature/public key size in bits to estimate the cost of implementing cryptographic pairings on modern processors. We demonstrate the effect of pairing-based cryptography on authentication in vehicular networks. We investigate a high-density highway scenario and show that a crash is possible, as a result of the evaluated authentication delay. We share our findings ahead of the IEEE 1609.2 recommendations for the use of cryptographic pairings.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Context-Aware Local Information Privacy

    • Free pre-print version: Loading...

      Authors: Bo Jiang;Mohamed Seif;Ravi Tandon;Ming Li;
      Pages: 3694 - 3708
      Abstract: In this paper, we study Local Information Privacy (LIP). As a context-aware privacy notion, LIP relaxes the de facto standard privacy notion of local differential privacy (LDP) by incorporating prior knowledge and therefore achieving better utility. We study the relationships between LIP and some of the representative privacy notions including LDP, mutual information and maximal leakage. We show that LIP provides strong instance-wise privacy protection compared to other context-aware privacy notions. Moreover, we present some useful properties of LIP, including post-processing, linkage, composability, transferability and robustness to imperfect prior knowledge. Then we study a general utility-privacy tradeoff framework, under which we derive LIP based privacy-preserving mechanisms for both discrete and continuous-valued data. Three types of perturbation mechanisms are studied in this paper: 1) randomized response (RR), 2) random sampling (RS) and 3) additive noise (AN) (e.g., Gaussian mechanism). Our privacy mechanisms incorporate the prior knowledge into the perturbation parameters so as to enhance utility. Finally, we present a comprehensive set of experiments on real datasets to illustrate the advantage of context-awareness and compare the utility-privacy tradeoffs provided by different mechanisms.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • With Great Dispersion Comes Greater Resilience: Efficient Poisoning
           Attacks and Defenses for Linear Regression Models

    • Free pre-print version: Loading...

      Authors: Jialin Wen;Benjamin Zi Hao Zhao;Minhui Xue;Alina Oprea;Haifeng Qian;
      Pages: 3709 - 3723
      Abstract: With the rise of third parties in the machine learning pipeline, the service provider in “Machine Learning as a Service” (MLaaS), or external data contributors in online learning, or the retraining of existing models, the need to ensure the security of the resulting machine learning models has become an increasingly important topic. The security community has demonstrated that without transparency of the data and the resulting model, there exist many potential security risks, with new risks constantly being discovered. In this paper, we focus on one of these security risks – poisoning attacks. Specifically, we analyze how attackers may interfere with the results of regression learning by poisoning the training datasets. To this end, we analyze and develop a new poisoning attack algorithm. Our attack, termed Nopt, in contrast with previous poisoning attack algorithms, can produce larger errors with the same proportion of poisoning data-points. Furthermore, we also significantly improve the state-of-the-art defense algorithm, termed TRIM, proposed by Jagielsk et al. (IEEE S&P 2018), by incorporating the concept of probability estimation of clean data-points into the algorithm. Our new defense algorithm, termed Proda, demonstrates an increased effectiveness in reducing errors arising from the poisoning dataset through optimizing ensemble models. We highlight that the time complexity of TRIM had not been estimated; however, we deduce from their work that TRIM can take exponential time complexity in the worst-case scenario, in excess of Proda’s logarithmic time. The performance of both our proposed attack and defense algorithms is extensively evaluated on four real-world datasets of housing prices, loans, health care, and bike sharing services. We hope that our work will inspire fu-ure research to develop more robust learning algorithms immune to poisoning attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • SARO: Scalable Attack-Resistant Logic Locking

    • Free pre-print version: Loading...

      Authors: Abdulrahman Alaql;Swarup Bhunia;
      Pages: 3724 - 3739
      Abstract: Intellectual property (IP) protection against piracy and reverse engineering (RE) has emerged as a critical area of research in the field of hardware security. Logic locking has been studied as a promising technique to provide robust protection against these attacks. However, a vast body of recent works has presented successful attacks to break existing locking methods in terms of retrieving the secret key and restoring the original functionality. In this paper, we propose SARO, a scalable attack-resistant logic locking that provides a robust functional and structural design transformation process. SARO treats the target circuit as a hypergraph (G), and performs partitioning of G to produce a set of sub-graphs, then applies an efficient Truth Table Transformation (T3) process to each partition. Further, to mitigate specific attacks (such as SAT-based analysis), SARO implements distributed attack resistance, which integrates random SAT-hard functions (obtained from an automatic function generator, RanSAT) into select partitions. RanSAT produces non-biased and non-deterministic design transformations, where added locking mechanisms are not distinguishable from the original circuit. Finally, it implements a concept of a derived key generation that simultaneously helps to minimize the required key size through judicious reuse of key bits, as well as enhancing the structural alterations. Unlike state-of-the-art logic locking solutions, which focus on primarily enhancing robustness against functional query-based attacks, the proposed transformation steps provide the following unique benefits: (1) high scalability to large designs obtained through partitioning; (2) high structural obfuscation leading to resistance to structural attacks; and (3) low key size, while maintaining strong resistance against functional attacks. To quantitatively represent the level of structural and functional transformation, we also propose the $T3_{metric}$ . We evaluate SARO on ISCAS85 and EPFL benchmarks, and provide comprehensive security and performance analysis of our proposed framework.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • DOReN: Toward Efficient Deep Convolutional Neural Networks with Fully
           Homomorphic Encryption

    • Free pre-print version: Loading...

      Authors: Souhail Meftah;Benjamin Hong Meng Tan;Chan Fook Mun;Khin Mi Mi Aung;Bharadwaj Veeravalli;Vijay Chandrasekhar;
      Pages: 3740 - 3752
      Abstract: Fully homomorphic encryption (FHE) is a powerful cryptographic primitive to secure outsourced computations against an untrusted third-party provider. With the growing demand for AI and the usefulness of machine learning as a service (MLaaS), the need for secure training and inference of artificial neural networks is rising. However, the computational complexity of existing FHE schemes has been a strong deterrent to this. Prior works suffered from accuracy degradation, lack of scalability, and ciphertext expansion issues. In this paper, we take the first step towards the problem of space-efficiency in evaluating deep neural networks through designing DOReN: a low depth, batched neuron that can simultaneously evaluate multiple quantized ReLU-activated neurons on encrypted data without approximations. Our circuit design reduced the complexity of the accumulator circuit depth from $O(log m cdot log n)$ to $O(log m + log n)$ for $n$ bit integers. The experimental results show that the amortized processing time of our homomorphic neuron is approximately 1.26 seconds for 300 inputs and less than 0.13 seconds for 10 inputs at 80 bit security, which is a 20 fold improvement upon Lou and Jiang, NeurIPS 2019.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • How to Test the Randomness From the Wireless Channel for Security'

    • Free pre-print version: Loading...

      Authors: Zhe Qu;Shangqing Zhao;Jie Xu;Zhuo Lu;Yao Liu;
      Pages: 3753 - 3766
      Abstract: We revisit the traditional framework of wireless secret key generation, where two parties leverage the wireless channel randomness to establish a secret key. The essence in the framework is to quantify channel randomness into bit sequences for key generation. Conducting randomness tests on such bit sequences has been a common practice to provide the confidence to validate whether they are random. Interestingly, despite different settings in the tests, existing studies interpret the results the same: passing tests means that the bit sequences are indeed random. In this paper, we investigate how to properly test the wireless channel randomness to ensure enough security strength and key generation efficiency. In particular, we define an adversary model that leverages the imperfect randomness of the wireless channel to search the generated key, and create a guideline to set up randomness testing and privacy amplification to eliminate security loss and achieve efficient key generation rate. We use theoretical analysis and comprehensive experiments to reveal that common practice misuses randomness testing and privacy amplification: (i) no security insurance of key strength, (ii) low efficiency of key generation rate. After revision by our guideline, security loss can be eliminated and key generation rate can be increased significantly.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Novel Normalized Variance-Based Differential Power Analysis Against
           Masking Countermeasures

    • Free pre-print version: Loading...

      Authors: Juncheng Chen;Jun-Sheng Ng;Kwen-Siong Chong;Zhiping Lin;Bah-Hwee Gwee;
      Pages: 3767 - 3779
      Abstract: In this paper, we propose two normalization techniques to reduce the ghost peaks occurring in Differential Power Analysis (DPA). Ghost peaks can be defined as the DPA output generated by the wrong key guesses, having higher amplitudes than the DPA output generated by the correct key guess. We further propose variance-based Differential Power Analysis (vDPA) to attack masked crypto devices. The proposed normalization techniques and vDPA constitute four contributions. First, based on the side-channel signal modeling with the linear coefficient representing the strength of the linear component in a side-channel signal, we formulate the condition function of linear coefficients for the appearance of ghost peaks in DPA. Second, we propose pre-normalization in DPA and mathematically analyze how it can reduce ghost peaks by modulating the strength of the linear components in side-channel signals. Third, we propose post-normalization and mathematically analyze how it can reduce ghost peaks by de-correlating the strength of the linear components in side-channel signals with the condition function for the appearance of ghost peaks. Fourth, we propose vDPA to apply simultaneously with either one of the proposed normalization techniques to effectively attack masked crypto devices. Based on the experiments, we show that the proposed basic vDPA (without normalization), pre-normalized vDPA and post-normalized vDPA are all able to reveal the secret key from ASCAD data set. The pre- and post-normalized vDPAs require up to $18times $ and $14times $ fewer traces than the basic vDPA respectively. While attacking ASCAD data set, the proposed pre- and post-normalized vDPAs are both 13, $095times $ faster than the reported 2nd order CPA, and reveal the key-bytes successf-lly with only half of side-channel traces required by the reported Zero-offset DPA.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Effect of Correlation Between Information and Energy Links in Secure
           Wireless Powered Communications

    • Free pre-print version: Loading...

      Authors: Antonio Tarrías-Muñoz;José Luis Matez-Bandera;Pablo Ramírez-Espinosa;F. Javier López-Martínez;
      Pages: 3780 - 3789
      Abstract: In this paper, we investigate the impact of correlation between the energy and information links in wireless power transfer systems, from a physical layer security perspective. With that aim, we first determine how correlation can affect system capacity in practical energy harvesting set-ups. We quantify that even though link correlation improves the average signal-to-noise ratio (SNR) for a fixed transmit power, it also increases its variance, which ultimately degrades capacity. Based on this observation, we show that correlation between the energy and information links may be detrimental for the secrecy capacity in the legitimate high SNR regime, but beneficial in the low-SNR regime, whenever such correlation affects the legitimate user. Conversely, we also point out that when link correlation between the energy and wiretap links is rigorously accounted for, it barely affects secrecy performance, causing only a minor degradation in some instances.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Imbalanced Data Problems in Deep Learning-Based Side-Channel Attacks:
           Analysis and Solution

    • Free pre-print version: Loading...

      Authors: Akira Ito;Kotaro Saito;Rei Ueno;Naofumi Homma;
      Pages: 3790 - 3802
      Abstract: In recent years, the threat of profiling attacks using deep learning has emerged. Successful attacks have been demonstrated against various types of cryptographic modules. However, the application of deep learning to side-channel attacks (SCAs) is often not adequately assessed because the labels that are widely used in SCAs, such as the Hamming weight (HW) and Hamming distance (HD), follow an imbalanced distribution. This study analyzes and solves the problems caused by dataset imbalance during training and inference. First, we state the reasons for the negative effect of data imbalance in classification for deep-learning-based SCAs and introduce the Kullback–Leibler (KL) divergence as a metric to measure this effect. Using the KL divergence, we demonstrate through analysis how the recently reported cross-entropy ratio loss function can solve the problem of imbalanced data. We further propose a method to solve dataset imbalance at the inference phase, which utilizes a likelihood function based on the key value instead of the HW/HD. The proposed method can be easily applied in deep-learning-based SCAs because it only needs an extra multiplication of the inverted binomial coefficients and inference results (i.e., the output probabilities) from the conventionally trained model. The proposed solution corresponds to data-augmentation techniques at the training phase, and furthermore, it better estimates the keys because the probability distributions of the training and test data are preserved. We demonstrate the validity of our analysis and the effectiveness of our solution through extensive experiments on two public databases.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • End-to-End Domain Adaptive Attention Network for Cross-Domain Person
           Re-Identification

    • Free pre-print version: Loading...

      Authors: Amena Khatun;Simon Denman;Sridha Sridharan;Clinton Fookes;
      Pages: 3803 - 3813
      Abstract: Person re-identification (re-ID) remains challenging in a real-world scenario, as it requires a trained network to generalise to totally unseen target data in the presence of variations across domains. Recently, generative adversarial models have been widely adopted to enhance the diversity of training data. These approaches, however, often fail to generalise to other domains, as existing generative person re-identification models have a disconnect between the generative component and the discriminative feature learning stage. To address the on-going challenges regarding model generalisation, we propose an end-to-end domain adaptive attention network to jointly translate images between domains and learn discriminative re-id features in a single framework. To address the domain gap challenge, we introduce an attention module for image translation from source to target domains without affecting the identity of a person. More specifically, attention is directed to the background instead of the entire image of the person, ensuring identifying characteristics of the subject are preserved. The proposed joint learning network results in a significant performance improvement over state-of-the-art methods on several challenging benchmark datasets.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Multilevel Coding Scheme for Multi-Valued Physical Unclonable Functions

    • Free pre-print version: Loading...

      Authors: Sven Müelich;Holger Mandry;Maurits Ortmanns;Robert F. H. Fischer;
      Pages: 3814 - 3827
      Abstract: Physical unclonable functions (PUFs) produce responses by exploiting randomness that intrinsically occurs in integrated circuits due to uncontrollable variations in the manufacturing process of physical items. It is common practice that PUFs generate binary responses. Recently, it has been proposed to extract symbols from a higher-order alphabet in order to increase the length of the final response. In this paper, coding for this concept of multi-valued PUFs (MV-PUFs) is derived from the analogy to pulse-amplitude modulation in digital communications. To that end, based on ROPUF measurement data, we replace the classical binary symmetric channel model by a suited additive white Gaussian noise model. Consequently, the hard-input binary channel coding scheme is replaced by methods from coded modulation, utilizing the soft output. In addition, the functionality of helper data, which are required to stabilize noisy PUF responses, is transferred to the multi-valued case. By applying the designed methods to the available measurement data we eventually show that imagining the analog PUF output as $M$ -ary amplitude-shift keying symbols observed over an AWGN channel, both the extracted entropy per response symbol and the reliability of the final key can be increased.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • SAIL: Analyzing Structural Artifacts of Logic Locking Using Machine
           Learning

    • Free pre-print version: Loading...

      Authors: Prabuddha Chakraborty;Jonathan Cruz;Abdulrahman Alaql;Swarup Bhunia;
      Pages: 3828 - 3842
      Abstract: Obfuscation or Logic locking (LL) is a technique for protecting hardware intellectual property (IP) blocks against diverse threats, including IP theft, reverse engineering, and malicious modifications. State-of-the-art locking techniques primarily focus on securing a design from unauthorized usage by disabling correct functionality – they often do not directly address hiding design intent through structural transformations. They rely on the synthesis tool to introduce structural changes. We observe that this process is insufficient as the resulting changes in circuit topology are: (1) local and (2) predictable. In this paper, we analyze the structural transformations introduced by LL and introduce a potential attack, called SAIL, that can exploit structural artifacts introduced by LL. SAIL uses machine learning (ML) guided structural recovery that exposes a critical vulnerability in these techniques. Through this attack, we demonstrate that the gate-level structure of a locked design can be retrieved in most parts through a systematic set of steps. The proposed attack is applicable to most forms of logic locking, and significantly more powerful than existing attacks, e.g., SAT-based attacks, since it does not require the availability of golden functional responses (e.g., an unlocked IC). Evaluation on benchmark circuits shows that we can recover an average of about 92%, up to 97%, transformations (Top-10 R-Metric) introduced by logic locking. We show that this attack is scalable, flexible, and versatile. Additionally, to evaluate the SAIL attack resilience of a locked design, we present the SIVA-Metric that is fast in terms of computation speed and does not require any training. We also propose possible mitigation steps for incorporating SAIL resilience into a locked design.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Dynamic Privacy-Aware Collaborative Schemes for Average Computation: A
           Multi-Time Reporting Case

    • Free pre-print version: Loading...

      Authors: Xin Wang;Hideaki Ishii;Jianping He;Peng Cheng;
      Pages: 3843 - 3858
      Abstract: Collaborative computing is efficient to conduct large-scale computation tasks, especially with the surge in data volume. However, when the data contains sensitive information, privacy has to be attached significant attention during the execution of computation tasks. In this paper, based on a two-step average computation framework, we first propose three different privacy-aware schemes, where noises are carefully designed to be injected into the distributed computing process. The challenging issue is to guarantee the privacy loss in each iteration to be controllable and quantifiable, which we call the dynamic privacy-preserving collaborative computing problem. By employing Kullback-Leibler differential privacy, we obtain the privacy preserving levels in different iterations regarding the three schemes, followed by the analysis of their convergence performances. Further, we devise an approach to balance the privacy loss and the computation accuracy, whose challenge lies in how to motivate data contributors (DCs) to report more accurate data without providing them with monetized payments. This is done by allowing DCs to report data multiple times, and we obtain the optimal reporting times for each DC. Finally, extensive numerical experiments are performed to validate the obtained theoretical results.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Compcrypt–Lightweight ANS-Based Compression and Encryption

    • Free pre-print version: Loading...

      Authors: Seyit Camtepe;Jarek Duda;Arash Mahboubi;Paweł Morawiecki;Surya Nepal;Marcin Pawłowski;Josef Pieprzyk;
      Pages: 3859 - 3873
      Abstract: Compression is widely used in Internet applications to save communication time, bandwidth and storage. Recently invented by Jarek Duda asymmetric numeral system (ANS) offers an improved efficiency and a close to optimal compression. The ANS algorithm has been deployed by major IT companies such as Facebook, Google and Apple. Compression by itself does not provide any security (such as confidentiality or authentication of transmitted data). An obvious solution to this problem is an encryption of compressed bitstream. However, it requires two algorithms: one for compression and the other for encryption. In this work, we investigate natural properties of ANS that allow to incorporate authenticated encryption using as little cryptography as possible. We target low-level security communication and storage such as transmission of data from IoT devices/sensors. In particular, we propose three solutions for joint compression and encryption (compcrypt). The solutions offer different tradeoffs between security and efficiency assuming a slight compression deterioration. All of them use a pseudorandom bit generator (PRBG) based on lightweight stream ciphers. The first solution is close to original ANS and applies state jumps controlled by PRBG. The second one employs two copies of ANS, where compression is switched between the copies. The switch is controlled by a PRBG bit. The third compcrypt modifies the encoding function of ANS depending on PRBG bits. Security and efficiency of the proposed compcrypt algorithms are evaluated. The first compcrypt is the most efficient with a slight loss of compression quality. The second one consumes more storage but the loss of compression quality is negligible. The last compcrypt offers the best security but is the least efficient.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Robust ENF Estimation Based on Harmonic Enhancement and Maximum Weight
           Clique

    • Free pre-print version: Loading...

      Authors: Guang Hua;Han Liao;Haijian Zhang;Dengpan Ye;Jiayi Ma;
      Pages: 3874 - 3887
      Abstract: The electric network frequency (ENF) is an important and extensively researched forensic criterion to authenticate digital recordings, but currently it is still challenging to extract reliable ENF traces from recordings in uncontrollable environments. In this paper, we present a framework for robust ENF extraction from real-world audio recordings, featuring multi-tone harmonic ENF enhancement and graph-based harmonic selection. We first extend the recently developed single-tone robust filtering algorithm (RFA) to the multi-tone scenario and propose a harmonic robust filtering algorithm (HRFA). It can enhance each harmonic component without cross-component interference, thus alleviating the effects of unwanted noise and audio content. In addition, considering the fact that some harmonic components could still be severely corrupted after the HRFA, interfering rather than facilitating ENF estimation, we propose a graph-based harmonic selection algorithm (GHSA), which finds a subset of harmonic components having the overall highest mutual cross-correlation. Noticeably, the harmonic selection problem is found to be equivalent to the maximum weight clique problem in graph theory, and the Bron-Kerbosch algorithm is adopted in the GHSA. With the enhanced and carefully selected harmonic components, both the existing maximum likelihood estimator (MLE) and weighted MLE are incorporated to yield the final ENF estimation results. The proposed framework is evaluated using both synthetic signals and the ENF-WHU dataset consisting of 130 real-world audio recordings, demonstrating its advantages over both the existing single- and multi-tone competitors. This work further improves the applicability of the ENF as a forensic criterion in real-world situations.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • P2BA: A Privacy-Preserving Protocol With Batch Authentication Against
           Semi-Trusted RSUs in Vehicular Ad Hoc Networks

    • Free pre-print version: Loading...

      Authors: Xia Feng;Qichen Shi;Qingqing Xie;Liangmin Wang;
      Pages: 3888 - 3899
      Abstract: Vehicular Ad-hoc Networks (VANETs) supporting the seamless operation of autonomous vehicles introduce various network-connected devices. The widespread devices are engaged in VANETs so that users can enjoy advantageous computing and reliable services. The combination brings in massive real-time message propagation and dissemination, which would be leveraged by the adversaries to perform data association, integration analysis and privacy mining. To address such challenges, existing authentication schemes use $n$ pseudonym certificates for pre-defined $k$ times and try to keep the vehicles anonymous. These schemes require fresh certificates for each authentication process, which cost more communication and storage resources. In this paper, we propose a novel privacy-preserving authentication protocol (P2BA) in bilinear groups, where a registered vehicle signs a traffic-related message and sends it to the nearby Road-side Unit (RSU) together with its blinded certificate. The RSU is able to independently check the message for validity based on a non-interactive zero-knowledge proof protocol. In this way, the computation time has been reduced from $mathcal {O}(n)$ to $mathcal {O}(1)$ while the storage overhead from $mathcal {O}(nk)$ to $mathcal {O}(n)$ compared to anonymous authentication protocols. Moreover, our scheme provides privacy properties such as anonymity and unlinkability. The simulations show that the message authentication can be processed by individual RSUs within 1 ms under the batch-enabled scheme, which outperforms the -xisting schemes in terms of computation overhead and latency.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • MProve+: Privacy Enhancing Proof of Reserves Protocol for Monero

    • Free pre-print version: Loading...

      Authors: Arijit Dutta;Suyash Bagad;Saravanan Vijayakumaran;
      Pages: 3900 - 3915
      Abstract: Proof of reserves protocols enable cryptocurrency exchanges to prove solvency, i.e. prove that they have enough reserves to meet their liabilities towards their customers. $textsf{MProve}$ (EuroS&PW, 2019) was the first proof of reserves protocol for Monero which provided some privacy to the exchanges’ addresses. As the key images and the addresses are inherently linked in the $textsf{MProve}$ proof, an observer could easily recognize the exchange-owned address when a transaction spending from it appears on the blockchain. This is detrimental for an exchange’s privacy and becomes a natural reason for exchanges to not adopt $textsf{MProve}$ . To this end, we propose $textsf{MProve}$ +, a Bulletproofs-based (S&P, 2018) NIZK protocol, which unlinks the key images and the addresses, thus alleviating the drawback of $textsf{MProve}$ . Furthermore, $textsf{MProve}$ + presents a promising alternative to $textsf{MProve}$ due to an order of magnitude smaller proof sizes along with practical proof generation and verification times.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy-Aware Data Trading

    • Free pre-print version: Loading...

      Authors: Shengling Wang;Lina Shi;Qin Hu;Junshan Zhang;Xiuzhen Cheng;Jiguo Yu;
      Pages: 3916 - 3927
      Abstract: The growing threat of personal data breach in data trading pinpoints an urgent need to develop countermeasures for preserving individual privacy. The state-of-the-art work either endows the data collector with the responsibility of data privacy or reports only a privacy-preserving version of the data. The basic assumption of the former approach that the data collector is trustworthy does not always hold true in reality, whereas the latter approach reduces the value of data. In this paper, we investigate the privacy leakage issue from the root source. Specifically, we take a fresh look to reverse the inferior position of the data provider by making her dominate the game with the collector to solve the dilemma in data trading. To that aim, we propose the noisy-sequentially zero-determinant (NSZD) strategies by tailoring the classical zero-determinant strategies, originally designed for the simultaneous-move game, to adapt to the noisy sequential game. NSZD strategies can empower the data provider to unilaterally set the expected payoff of the data collector or enforce a positive relationship between her and the data collector’s expected payoffs. Both strategies can stimulate a rational data collector to behave honestly, boosting a healthy data trading market. Numerical simulations are used to examine the impacts of key parameters and the feasible region where the data provider can be an NSZD player. Finally, we prove that the data collector cannot employ NSZD to further dominate the data market for deteriorating privacy leakage.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Enabling Cross-Chain Transactions: A Decentralized Cryptocurrency Exchange
           Protocol

    • Free pre-print version: Loading...

      Authors: Hangyu Tian;Kaiping Xue;Xinyi Luo;Shaohua Li;Jie Xu;Jianqing Liu;Jun Zhao;David S. L. Wei;
      Pages: 3928 - 3941
      Abstract: Inspired by Bitcoin, many different kinds of cryptocurrencies based on blockchain technology have turned up on the market. Due to the special structure of the blockchain, it has been deemed impossible to directly trade between traditional currencies and cryptocurrencies or between different types of cryptocurrencies. Generally, trading between different currencies is conducted through a centralized third-party platform. However, it has the problem of a single point of failure, which is vulnerable to attacks and thus affects the security of the transactions. In this paper, we propose a distributed cryptocurrency trading scheme to solve the problem of centralized exchanges, which can achieve secure trading between different types of cryptocurrencies. Our scheme is implemented with smart contracts on an Ethereum blockchain and deployed on an Ethereum test network. In addition to implementing transactions between individual users, our scheme also allows transactions among multiple users. The experimental result proves that the cost of our scheme is acceptable.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • MAAD-Face: A Massively Annotated Attribute Dataset for Face Images

    • Free pre-print version: Loading...

      Authors: Philipp Terhörst;Daniel Fährmann;Jan Niklas Kolf;Naser Damer;Florian Kirchbuchner;Arjan Kuijper;
      Pages: 3942 - 3957
      Abstract: Soft-biometrics play an important role in face biometrics and related fields since these might lead to biased performances, threaten the user’s privacy, or are valuable for commercial aspects. Current face databases are specifically constructed for the development of face recognition applications. Consequently, these databases contain a large number of face images but lack in the number of attribute annotations and the overall annotation correctness. In this work, we propose a novel annotation-transfer pipeline that allows to accurately transfer attribute annotations from multiple source datasets to a target dataset. The transfer is based on a massive attribute classifier that can accurately state its prediction confidence. Using these prediction confidences, a high correctness of the transferred annotations is ensured. Applying this pipeline to the VGGFace2 database, we propose the MAAD-Face annotation database. It consists of 3.3M faces of over 9k individuals and provides 123.9M attribute annotations of 47 different binary attributes. Consequently, it provides 15 and 137 times more attribute annotations than CelebA and LFW. Our investigation on the annotation quality by three human evaluators demonstrated the superiority of the MAAD-Face annotations over existing databases. Additionally, we make use of the large number of high-quality annotations from MAAD-Face to study the viability of soft-biometrics for recognition, providing insights into which attributes support genuine and imposter decisions. The MAAD-Face annotations dataset is publicly available.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A SC PUF Standard Cell Used for Key Generation and Anti-Invasive-Attack
           Protection

    • Free pre-print version: Loading...

      Authors: Yin Zhang;Zhangqing He;Meilin Wan;Jiuyang Liu;Haoshuang Gu;Xuecheng Zou;
      Pages: 3958 - 3973
      Abstract: By using metal blocks as the protective coating, placing the sensitive signals in last but second metal (LSM), integrating a low-cost one-time programming (OTP) cell in each PUF unit, the proposed switched-capacitor (SC) PUF can both provide sensitive anti-invasive-attack protective coating and stable key for the security chip. Moreover, the circuit parameters and the layout implementation of the SC PUF unit are all compatible with other digital standard cells, which greatly facilitates the integration of SC PUF unit in the security chip by using digital design flow when its function, timing, power, and layout views are characterized using commercial timing and layout extraction tools. The anti-invasive-attack ability, stability, and digital design flow compatibility of the proposed SC PUF standard cell are verified in a security chip by using a standard 0.18- $mu text{m}$ CMOS process. The measured bit error rate, bias, average intra-die HD, and average inter-die HD of output keys after OTP is
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Radio Frequency Fingerprint Identification for Narrowband Systems,
           Modelling and Classification

    • Free pre-print version: Loading...

      Authors: Junqing Zhang;Roger Woods;Magnus Sandell;Mikko Valkama;Alan Marshall;Joseph Cavallaro;
      Pages: 3974 - 3987
      Abstract: Device authentication is essential for securing Internet of things. Radio frequency fingerprint identification (RFFI) is an emerging technique that exploits intrinsic and unique hardware impairments as the device identifier. The existing RFFI literature focuses on experimental exploration but comprehensive modelling is missing. This paper systematically models impairments of transmitter and receiver in narrowband systems and carries out extensive experiments and simulations to evaluate their effects on RFFI. The modelled impairments include oscillator imperfections, imbalance of inphase (I) and quadrature (Q) branches of mixers and power amplifier (PA) nonlinearity. We then propose a convolutional neural network-based RFFI protocol. We carry out experimental measurements over three months and demonstrate that oscillator imperfections are not suitable for RFFI due to their unpredictable time variation caused by temperature change. Our simulation results show that our protocol can classify 50 and 200 devices with uniformly and randomly distributed IQ imbalances and PA nonlinearities with high accuracy, namely 99% and 89%, respectively. We also show that the RFFI has some tolerance on different receiver imbalances during training and classification. Specifically, the accuracy is shown to degrade less than 20% when the residual receiver’s gain and phase imbalances are small. Based on the experimental and simulation results, we made recommendations for designing a robust RFFI protocol, namely compensate carrier frequency offset and calibrate IQ imbalances of receivers.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • DPF-ECC: A Framework for Efficient ECC With Double Precision
           Floating-Point Computing Power

    • Free pre-print version: Loading...

      Authors: Lili Gao;Fangyu Zheng;Rong Wei;Jiankuo Dong;Niall Emmart;Yuan Ma;Jingqiang Lin;Charles Weems;
      Pages: 3988 - 4002
      Abstract: Used ubiquitously in a huge amount of security protocols or applications, elliptic curve cryptography (ECC) is one of the most important cryptographic primitives, featuring efficiency and short key size compared with other public-key cryptosystems such as DSA and RSA. However, as a computation-intensive public-key cryptographic primitive, ECC arithmetic is still the bottleneck that restrains the overall performance of the end applications. In this paper, instead of the conventional and straightforward integer-based methods, we present a general framework to accelerate ECC schemes over prime field, called DPF-ECC, that deeply exploits double precision floating-point (DPF) computing power. The DPF-ECC framework finely manages each bit of the DPF numbers and minimizes the overhead brought by additional data format conversion, by making use of the DPF representation, the rounding operations, and fused multiply-add instruction supported by the IEEE 754 floating point standard. We also conduct two comprehensive case studies on Crandall primes and Solinas primes to demonstrate how the DPF-ECC framework is applied to the prevailing ECC schemes. To evaluate the proposed DPF-ECC framework in the real world, leveraging the floating-point computing power of GPUs, we implement Curve25519/448 and Edwards25519/448, the popular ECC schemes widely used in TLS 1.3, SSH, etc. The experimental result in Tesla P100 achieves a record-setting performance that outperforms the existing fastest integer work with 2x to 3x throughput. With dependency only on the very commonly supported IEEE 754 floating point standard, DPF-ECC framework can be a very competent and promising candidate for ECC implementation in most of general-purpose platforms.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Secure Group Testing

    • Free pre-print version: Loading...

      Authors: Alejandro Cohen;Asaf Cohen;Omer Gurewitz;
      Pages: 4003 - 4018
      Abstract: The principal goal of Group Testing (GT) is to identify a small subset of “defective” items from a large population, by grouping items into as few test pools as possible. The test outcome of a pool is positive if it contains at least one defective item, and is negative otherwise. GT algorithms are utilized in numerous applications, and in many of them maintaining the privacy of the tested items, namely, keeping secret whether they are defective or not, is critical. In this paper, we consider a scenario where there is an eavesdropper (Eve) who is able to observe a subset of the GT outcomes (pools). We propose a new non-adaptive Secure Group Testing (SGT) scheme based on information-theoretic principles. The new proposed test design keeps the eavesdropper ignorant regarding the items’ status. Specifically, when the fraction of tests observed by Eve is $0 leq delta < 1$ , we prove that with the naive Maximum Likelihood (ML) decoding algorithm the number of tests required for both correct reconstruction at the legitimate user (with high probability) and negligible information leakage to Eve is $frac {1}{1-delta }$ times the number of tests required with no secrecy constraint for the fixed $K$ regime. By a matching converse, we completely characterize the Secure GT capacity. Moreover, we consider the Definitely Non-Defective (DND) computationally efficient decoding algorithm, proposed in the literature for non-secure GT. We prove that with the new secure test design, for $delta < 1/2$ , the number of tests required, without any constraint on $K$ , is at most $frac {1}{1/2-delta }$ times the number of tests required with no secrecy constraint.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Hybrid Analog-Digital Precoder Design for Securing Cognitive Millimeter
           Wave Networks

    • Free pre-print version: Loading...

      Authors: Zhengmin Kong;Jing Song;Chao Wang;Hongyang Chen;Lajos Hanzo;
      Pages: 4019 - 4034
      Abstract: Millimeter wave (mmWave) communications and cognitive radio technologies constitute key technologies of improving the spectral efficiency of communications. Hence, we conceive a hybrid secure precoder for enhancing the physical layer security of a cognitive mmWave wiretap channel, where a secondary transmitter broadcasts confidential information signals to multiple secondary users under the interference temperature constraint of the primary user (PU). The optimization problem is formulated as jointly optimizing the analog and digital precoder for maximizing the minimum secrecy rate of all the secondary users under practical constraints. In particular, our design satisfies the constraint on the maximum interference power received by multiple PUs, as well as the secondary users’ minimum quality-of-service (Qos), and the unit-modulus constraint on the analog precoder. Due to the non-convexity of the resultant objective function and owing to the coupling between the analog and digital precoder, the optimization problem formulated is nonconvex and nonlinear, hence it is very challenging to solve directly. Hence, we first transform it into a tractable form, and develop a penalty dual decomposition (PDD) based iterative algorithm to locate its Karush-Kuhn-Tucker (KKT) solution. Finally, we generalize the proposed PDD algorithm to a secure hybrid precoder design relying on practical finite-resolution phase shifters and show that the proposed PDD algorithm can be straightforwardly adapted to handle the scenario, where each PU is equipped with multiple antennas and the CSI of multiple eavesdroppers (Eves) is imperfectly known. Our simulation results validate the efficiency of the proposed iterative algorithm.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Memory-Based PUFs are Vulnerable as Well: A Non-Invasive Attack Against
           SRAM PUFs

    • Free pre-print version: Loading...

      Authors: B. M. S. Bahar Talukder;Farah Ferdaus;Md Tauhidur Rahman;
      Pages: 4035 - 4049
      Abstract: Memory-based physical unclonable functions (mPUFs) are widely accepted as highly secure because of the unclonable and immutable nature of manufacturer process variations. Although numerous successful attacks have been proposed against PUFs, mPUFs are resistant to non-invasive attacks as the mPUF does not support the open-access protocol. Hence, existing attacks against mPUFs mostly rely on invasive/semi-invasive techniques or at least require physical access to the target device, which is not always feasible. In this paper, we experimentally demonstrate that signatures generated from two memory chips may have highly correlated properties if they possess the same set of specifications and a similar manufacturing facility, which is used to mount a non-invasive attack against memory-based PUFs. Our proposed technique shows that if an attacker has access to a device similar to the victim’s one, the attacker might be able to guess up to ~45% of the challenge-response pairs of a 64-bit SRAM PUF.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Private Set Intersection With Authorization Over Outsourced Encrypted
           Datasets

    • Free pre-print version: Loading...

      Authors: Yuanhao Wang;Qiong Huang;Hongbo Li;Meiyan Xiao;Sha Ma;Willy Susilo;
      Pages: 4050 - 4062
      Abstract: Thanks to its convenience and cost-savings feature, cloud computing ushers a new era. Yet its security and privacy issues must not be neglected. Private set intersection (PSI) is useful and important in many cloud computing applications, such as document similarity, genetic paternity and data mining. The cloud server performs intersection operations on two outsourced encrypted datasets of data owners. In the existing protocols, however, data owners cannot decide whether to use all or part of their encrypted data to compute the intersection, nor can they specify whom to compare with. In this paper, we introduce an enhanced notion of outsourced PSI, called authorized PSI (APSI), which supports flexible authorization and cross-type authorized comparison of datasets. To demonstrate this notion, we propose a concrete APSI protocol, and prove it to be secure in the random oracle model based on simple number-theoretic assumptions. Experimental results show that our APSI protocol has performance comparable with existing related outsourced PSI protocols.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Effective and Robust Physical-World Attacks on Deep Learning Face
           Recognition Systems

    • Free pre-print version: Loading...

      Authors: Meng Shen;Hao Yu;Liehuang Zhu;Ke Xu;Qi Li;Jiankun Hu;
      Pages: 4063 - 4077
      Abstract: Deep neural networks (DNNs) have been increasingly used in face recognition (FR) systems. Recent studies, however, show that DNNs are vulnerable to adversarial examples, which potentially mislead DNN-based FR systems in the physical world. Existing attacks either generate perturbations working merely in the digital world, or rely on customized equipment to generate perturbations that are not robust in the ever-changing physical environment. In this paper, we propose FaceAdv, a physical-world attack that crafts adversarial stickers to deceive FR systems. It mainly consists of a sticker generator and a convertor, where the former can craft several stickers with different shapes while the latter aims to digitally attach stickers to human faces and provide feedback to the generator to improve the effectiveness. We conduct extensive experiments to evaluate the effectiveness of FaceAdv on attacking three typical FR systems (i.e., ArcFace, CosFace and FaceNet). The results show that compared with a state-of-the-art attack, FaceAdv can significantly improve the success rates of both dodging and impersonating attacks. We also conduct comprehensive evaluations to demonstrate the robustness of FaceAdv.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy-Utility Tradeoff for Hypothesis Testing Over a Noisy Channel

    • Free pre-print version: Loading...

      Authors: Lin Zhou;Daming Cao;
      Pages: 4078 - 4091
      Abstract: We study a hypothesis testing problem with a privacy constraint over a noisy channel and derive the performance of optimal tests under the Neyman-Pearson criterion. The fundamental limit of interest is the privacy-utility tradeoff (PUT) between the exponent of the type-II error probability and the leakage of the information source subject to a constant constraint on the type-I error probability. We provide an exact characterization of the asymptotic PUT for any non-vanishing type-I error probability. Our result implies that tolerating a larger type-I error probability cannot improve the PUT. Such a result is known as a strong converse or strong impossibility theorem. To prove the strong converse theorem, we apply the recently proposed technique in (Tyagi and Watanabe, 2020) and further demonstrate its generality. The strong converse theorems for several problems, such as hypothesis testing against independence over a noisy channel (Sreekumar and Gündüz, 2020) and hypothesis testing with communication and privacy constraints (Gilani et al., 2020), are established or recovered as special cases of our result.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Multihop Trust Evaluation Using Memory Integrity in Wireless Sensor
           Networks

    • Free pre-print version: Loading...

      Authors: S. Sundeep Desai;Manisha J. Nene;
      Pages: 4092 - 4100
      Abstract: Research efforts in trust evaluation has evolved to provide security in Wireless Sensor Networks (WSNs), while being dependent on external parameters and network topology. Existing node level trust evaluation in WSNs evaluate trust over 1-hop assuring trustworthiness of an immediate node. This paper proposes trust evaluation using the intrinsic property of a node memory over a multihop scenario which also evaluates the route. The work proposes a multihop trust evaluation protocol using TEAM and TEAP algorithms. Two proposed trust evaluation models each are proposed using normative and empirical methods in multihop algorithms. The proposed methodology establishes a trusted destination node along with trusted nodes in the route. The efficacy of the proposed work and its implementation is demonstrated using extensive experiments and the results illustrate consistency and resilience against node memory tampering.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Multi-Agent Reinforcement Learning-Based Buffer-Aided Relay Selection in
           IRS-Assisted Secure Cooperative Networks

    • Free pre-print version: Loading...

      Authors: Chong Huang;Gaojie Chen;Kai-Kit Wong;
      Pages: 4101 - 4112
      Abstract: This paper proposes a multi-agent deep reinforcement learning-based buffer-aided relay selection scheme for an intelligent reflecting surface (IRS)-assisted secure cooperative network in the presence of an eavesdropper. We consider a practical phase model where both phase shift and reflection amplitude are discrete variables to vary the reflection coefficients of the IRS. Furthermore, we introduce the buffer-aided relay to enhance the secrecy performance, but the use of the buffer leads to the cost of delay. Thus, we aim to maximize either the average secrecy rate with a delay constraint or the throughput with both delay and secrecy constraints, by jointly optimizing the buffer-aided relay selection and the IRS reflection coefficients. To obtain the solution of these two optimization problems, we divide each of the problems into two sub-tasks and then develop a distributed multi-agent reinforcement learning scheme for the two cooperative sub-tasks, each relay node represents an agent in the distributed learning. We apply the distributed reinforcement learning scheme to optimize the IRS reflection coefficients, and then utilize an agent on the source to learn the optimal relay selection based on the optimal IRS reflection coefficients in each iteration. Simulation results show that the proposed learning-based scheme uses an iterative approach to learn from the environment for approximating an optimal solution via the exploration of multiple agents, which outperforms the benchmark schemes.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Comments on “Efficient Public Verification of Data Integrity for Cloud
           Storage Systems From Indistinguishability Obfuscation”

    • Free pre-print version: Loading...

      Authors: Su Peng;Liang Zhao;Neeraj Kumar;
      Pages: 4113 - 4116
      Abstract: Recently, Zhang et al. proposed a novel public data integrity verification scheme for the cloud storage using indistinguishability obfuscation ( $iO$ ), and extend it to support batch verification and data dynamic operations (IEEE Transactions on Information Forensics and Security, vol. 12, no. 3, pp. 676–688, Mar. 2017). However, we find that the scheme has two flaws: (a) the self-checking of the uploaded blocks and tags in Store phase is not reliable, i.e., it is easy to generate invalid block-tag pairs without being detected; (b) the extended scheme for data dynamic operations suffers from a chosen message attack, i.e., if some uploaded blocks match a certain pattern, the cloud storage is able to replace any existing block by a forged one without being detected, which violates the scheme’s security model. Then, we provide solutions to these problems while preserving all the desirable features of the original scheme.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Text Backdoor Detection Using an Interpretable RNN Abstract Model

    • Free pre-print version: Loading...

      Authors: Ming Fan;Ziliang Si;Xiaofei Xie;Yang Liu;Ting Liu;
      Pages: 4117 - 4132
      Abstract: Deep neural networks (DNNs) are known to be inherently vulnerable to malicious attacks such as the adversarial attack and the backdoor attack. The former is crafted by adding small perturbations to benign inputs so as to fool a DNN. The latter generally embeds a hidden pattern in a DNN by poisoning the dataset during the training process, which causes the infected model to misbehave on predefined inputs with a specific trigger and normally perform for others. Much work has been conducted on defending against the adversarial samples, while the backdoor attack received much less attention, especially in recurrent neural networks (RNNs), which play an important role in the text processing field. Two main limitations make it hard to directly apply existing image backdoor detection approaches to RNN-based text classification systems. First, a layer in an RNN does not preserve the same feature latent space function for different inputs, making it impossible to map the inserted specific pattern with the neural activations. Second, the text data is inherently discrete, making it hard to optimize the text like image pixels. In this work, we propose a novel backdoor detection approach named InterRNN for RNN-based text classification systems from the interpretation perspective. Specifically, we first propose a novel RNN interpretation technique by constructing a nondeterministic finite automaton (NFA) based abstract model, which can effectively reduce the analysis complexity of an RNN while preserving its original logic rules. Then, based on the abstract model, we can obtain interpretation results that explain the fundamental reason behind the decision for each input. We then detect trigger words by leveraging the differences between the behaviors in the backdoor sentences and those in the normal sentences. The extensive experiment results on four benchmark datasets demonstrate that our approach can generate better interpretation results compared to state-of-the-art approache- and effectively detect backdoors in RNNs.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Detection of Message Injection Attacks Onto the CAN Bus Using Similarities
           of Successive Messages-Sequence Graphs

    • Free pre-print version: Loading...

      Authors: Mubark Jedh;Lotfi Ben Othmane;Noor Ahmed;Bharat Bhargava;
      Pages: 4133 - 4146
      Abstract: The smart features of modern cars are enabled by a number of Electronic Control Units (ECUs) components that communicate through an in-vehicle network, known as Controller Area Network (CAN) bus. The fundamental challenge is the security of the communication link where an attacker can inject messages (e.g., increase the speed) that may impact the safety of the driver. Most of existing practical IDS solutions rely on the knowledge of the identity of the ECUs, which is proprietary information. This paper proposes a message injection attack detection solution that is independent of the IDs of the ECUs. First, we represent the sequencing of the messages in a given time-interval as a direct graph and compute the similarities of the successive graphs using the cosine similarity and Pearson correlation. Then, we apply threshold, change point detection, and Long Short-Term Memory (LSTM)-Recurrent Neural Network (RNN) to detect and predict malicious message injections into the CAN bus. The evaluation of the methods using a dataset collected from a moving vehicle under malicious RPM and speed reading message injections show a detection accuracy of 97.32% and detection speed of 2.5 milliseconds when using a threshold method. The performance metrics makes the IDS suitable for real-time control mechanisms for vehicle resiliency to cyber-attacks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy–Enhancing Face Biometrics: A Comprehensive Survey

    • Free pre-print version: Loading...

      Authors: Blaž Meden;Peter Rot;Philipp Terhörst;Naser Damer;Arjan Kuijper;Walter J. Scheirer;Arun Ross;Peter Peer;Vitomir Štruc;
      Pages: 4147 - 4183
      Abstract: Biometric recognition technology has made significant advances over the last decade and is now used across a number of services and applications. However, this widespread deployment has also resulted in privacy concerns and evolving societal expectations about the appropriate use of the technology. For example, the ability to automatically extract age, gender, race, and health cues from biometric data has heightened concerns about privacy leakage. Face recognition technology, in particular, has been in the spotlight, and is now seen by many as posing a considerable risk to personal privacy. In response to these and similar concerns, researchers have intensified efforts towards developing techniques and computational models capable of ensuring privacy to individuals, while still facilitating the utility of face recognition technology in several application scenarios. These efforts have resulted in a multitude of privacy–enhancing techniques that aim at addressing privacy risks originating from biometric systems and providing technological solutions for legislative requirements set forth in privacy laws and regulations, such as GDPR. The goal of this overview paper is to provide a comprehensive introduction into privacy–related research in the area of biometrics and review existing work on Biometric Privacy–Enhancing Techniques (B–PETs) applied to face biometrics. To make this work useful for as wide of an audience as possible, several key topics are covered as well, including evaluation strategies used with B–PETs, existing datasets, relevant standards, and regulations and critical open issues that will have to be addressed in the future.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Inverting Binarizations of Facial Templates Produced by Deep Learning (and
           Its Implications)

    • Free pre-print version: Loading...

      Authors: Danny Keller;Margarita Osadchy;Orr Dunkelman;
      Pages: 4184 - 4196
      Abstract: We focus on attacks against a biometric authentication system aimed at reconstructing a biometric sample of the subject from the protected template. Such systems include three blocks: feature extraction, binarization, and protection. We propose a new white-box reversing attack on the binarization block that approximates a biometric template given the binary string obtained by the binarization block. The experiments show that the proposed attack reconstructs very accurate approximations that pass the verification threshold when compared to templates produced from the same and different samples of the subject. We then integrate this attack with known attacks on the other two blocks, namely, a variant of a guessing attack to extract the binary string and biometric inversion attack to reconstruct a sample from its template. We instantiate this end-to-end attack on a face authentication system using fuzzy commitments for protection. Facial images reconstructed by the end-to-end attack greatly resemble the original ones. In the simplest attack scenario, more than 83% of these reconstructed templates succeed in unlocking an account (when the system is configured to 0.1% FMR). Even in the “hardest” settings (in which we take a reconstructed image from one system and use it in a different system, with a different feature extraction process) the reconstructed image offers 170 to 210 times higher success rates than the system’s FMR.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Deep Collaborative Multi-Modal Learning for Unsupervised Kinship
           Estimation

    • Free pre-print version: Loading...

      Authors: Guan-Nan Dong;Chi-Man Pun;Zheng Zhang;
      Pages: 4197 - 4210
      Abstract: Kinship verification is a long-standing research challenge in computer vision. The visual differences presented to the face have a significant effect on the recognition capabilities of the kinship systems. We argue that aggregating multiple visual knowledge can better describe the characteristics of the subject for precise kinship identification. Typically, the age-invariant features can represent more natural facial details. Such age-related transformations are essential for face recognition due to the biological effects of aging. However, the existing methods mainly focus on employing the single-view image features for kinship identification, while more meaningful visual properties such as race and age are directly ignored in the feature learning step. To this end, we propose a novel deep collaborative multi-modal learning (DCML) to integrate the underlying information presented in facial properties in an adaptive manner to strengthen the facial details for effective unsupervised kinship verification. Specifically, we construct a well-designed adaptive feature fusion mechanism, which can jointly leverage the complementary properties from different visual perspectives to produce composite features and draw greater attention to the most informative components of spatial feature maps. Particularly, an adaptive weighting strategy is developed based on a novel attention mechanism, which can enhance the dependencies between different properties by decreasing the information redundancy in channels in a self-adaptive manner. Moreover, we propose to use self-supervised learning to further explore the intrinsic semantics embedded in raw data and enrich the diversity of samples. As such, we could further improve the representation capabilities of kinship feature learning and mitigate the multiple variations from original visual images. To validate the effectiveness of the proposed method, extensive experimental evaluations conducted on four widely-used datasets show that ou- DCML method is always superior to some state-of-the-art kinship verification methods.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • DeepSBD: A Deep Neural Network Model With Attention Mechanism for
           SocialBot Detection

    • Free pre-print version: Loading...

      Authors: Mohd Fazil;Amit Kumar Sah;Muhammad Abulaish;
      Pages: 4211 - 4223
      Abstract: Online Social Networks (OSNs) are witnessing sophisticated cyber threats, that are generally conducted using fake or compromised profiles. Automated agents (aka socialbots), a category of sophisticated and modern threat entities, are the native of the social media platforms and responsible for various modern weaponized information-related attacks, such as astroturfing, misinformation diffusion, and spamming. Detecting socialbots is a challenging and vital task due to their deceiving character of imitating human behavior. To this end, this paper presents an attention-aware deep neural network model, DeepSBD, for detecting socialbots on OSNs. The DeepSBD models users’ behavior using profile, temporal, activity, and content information. It jointly models OSN users’ behavior using Bidirectional Long Short Term Memory (BiLSTM) and Convolutional Neural Network (CNN) architectures. It models profile, temporal, and activity information as sequences, which are fed to a two-layers stacked BiLSTM, whereas content information is fed to a deep CNN. We have evaluated DeepSBD over five real-world benchmark datasets and found that it performs significantly better in comparison to the state-of-the-arts and baseline methods. We have also analyzed the efficacy of DeepSBD at different ratios of socialbots and benign users and found that an imbalanced dataset moderately affects the classification accuracy. Finally, we have analyzed the discrimination power of different behavioral components, and it is found that both profile characteristics and content behavior are most impactful, whereas diurnal temporal behavior is the least effective for detecting socialbots on OSNs.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Statistical Fault Analysis of the Simeck Lightweight Cipher in the
           Ubiquitous Sensor Networks

    • Free pre-print version: Loading...

      Authors: Wei Li;Jiayao Li;Dawu Gu;Chaoyun Li;Tianpei Cai;
      Pages: 4224 - 4233
      Abstract: With the development of wireless technology, the ubiquitous sensor networks have a profound effect on the way human interacts with computers, devices and environment. In order to reduce the potentially serious risks in the interaction, applying lightweight ciphers is effective to balance security, efficiency and convenience. Simeck is such a lightweight cipher that provides data confidentiality, authentication and integrity. It is significant to explore whether Simeck remains robust security. Up to now, the attacking assumptions of the previous security analysis of Simeck focus on the known-plaintext attack and the chosen-plaintext attack. There is no literature about Simeck against the ciphertext-only attack, which represents the weakest attacking capability of the attackers. On the assumption of the ciphertext-only attack, this paper proposes the security analysis of Simeck against the statistical fault analysis with a series of novel distinguishers of KDE, MME and MME-GF. The experimental results show that the proposed distinguishers can recover the secret key of Simeck in both decreasing faults and increasing reliability and accuracy. Thus, Simeck cannot resist against the statistical fault analysis with the proposed distinguishers. Furthermore, the good performance of these novel distinguishers can be applied on the PRESENT lightweight cipher. It offers the valuable reference for the design and analysis of the lightweight ciphers in the ubiquitous sensor networks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • MTD-Net: Learning to Detect Deepfakes Images by Multi-Scale Texture
           Difference

    • Free pre-print version: Loading...

      Authors: Jiachen Yang;Aiyun Li;Shuai Xiao;Wen Lu;Xinbo Gao;
      Pages: 4234 - 4245
      Abstract: With the rapid development of face manipulation technology, it is difficult for human eyes to distinguish fake face images. On the contrary, Convolutional Neural Network (CNN) discriminators can quickly reach high accuracy in identifying fake/real face images. In this study, we explore the behavior of CNN models in distinguish fake/real faces. We find multi-scale texture difference information plays an important role in face forgery detection. Motivated by the above observation, we propose a new Multi-scale Texture Difference model coined as MTD-Net for robust face forgery detection, which leverages central difference convolution (CDC) and atrous spatial pyramid pooling (ASPP). CDC combines the pixel intensity information and the pixel gradient information to give a stationary description of texture difference information. Simultaneously, based on the ASPP, multi-scale information fusion can keep the texture features from being destroyed. Experimental results on several databases, Faceforensics++, DeeperForensics-1.0, Celeb-DF and DFDC prove that our MTD-Net outperforms existing approaches. The MTD-Net is more robust to image distortion, e.g., JPEG compression and blur, which is urgently needed in the wild world.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Security Analysis of a Path Validation Scheme With Constant-Size Proof

    • Free pre-print version: Loading...

      Authors: Yangyang Wu;Changsong Jiang;Chunxiang Xu;Kefei Chen;
      Pages: 4246 - 4248
      Abstract: We analyze a path validation scheme with constant-size proof (published in IEEE Transactions on Information Forensics and Security) and demonstrate that this scheme fails to achieve unforgeability. An adversary can forge a valid proof with a non-negligible probability.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • TDOA Source-Localization Technique Robust to Time-Synchronization Attacks

    • Free pre-print version: Loading...

      Authors: Marguerite Delcourt;Jean-Yves Le Boudec;
      Pages: 4249 - 4264
      Abstract: In this paper, we focus on the localization of a passive source from time difference of arrival (TDOA) measurements. TDOA values are computed with respect to pairs of fixed sensors that are required to be accurately time-synchronized. This constitutes a weakness as all synchronization techniques are vulnerable to delay injections. Attackers are able either to spoof the signal or to inject asymmetric delays in the communication channel. By nature, TDOA measurements are highly sensitive to time-synchronization offsets between sensors. We first illustrate that time-synchronization attacks can severely affect the localization process. With a delay of a few microseconds injected on one sensor, the resulting estimate might be several kilometers away from the true location of the unknown source. We show that residual analysis does not enable the detection and identification of time-synchronization attacks. Our main contribution is then to propose a two-step TDOA-localization technique that is robust against time-synchronization attacks. It uses a known source to define a weight for each pair of sensors, reflecting the confidence in their time synchronization. Our solution then uses the weighted least-squares estimator with the newly created weights and the TDOA measurements received from the unknown source. As a result, our method either identifies the network as being too corrupt to localize, or gives a corrected estimate of the unknown position along with a confidence metric. Numerical results illustrate the performance of our technique.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Exploiting Channel Gain and Phase Noise for PHY-Layer Authentication in
           Massive MIMO Systems

    • Free pre-print version: Loading...

      Authors: Pinchang Zhang;Jun Liu;Yulong Shen;Xiaohong Jiang;
      Pages: 4265 - 4279
      Abstract: By exploiting two intrinsic physical (PHY)-layer features in terms of location-specific channel gain and transmitter-specific phase noise, this paper proposes a new PHY-layer authentication scheme for massive multiple-input multiple-output (MIMO) systems. In particular, we apply the linear minimum mean square error technique to estimate the time-varying channel gain and adopt extended Kalman filtering to track the time-varying phase noise. Based on the estimation error covariance matrices of channel gain and phase noise, we then formulate the PHY-layer authentication as a composite hypothesis testing problem. With the help of tools from statistical signal processing, matrix analysis, and composite hypothesis testing, we develop theoretical models to capture the false alarm and detection probability performances of the proposed scheme. Finally, we provide extensive numerical results to validate these theoretical models and to illustrate the efficiency of the proposed authentication scheme.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • From RGB to Depth: Domain Transfer Network for Face Anti-Spoofing

    • Free pre-print version: Loading...

      Authors: Yahang Wang;Xiaoning Song;Tianyang Xu;Zhenhua Feng;Xiao-Jun Wu;
      Pages: 4280 - 4290
      Abstract: With the rapid development in face recognition, most of the existing systems can perform very well in unconstrained scenarios. However, it is still a very challenging task to detect face spoofing attacks, thus face anti-spoofing has become one of the most important research topics in the community. Though various anti-spoofing models have been proposed, the generalisation capability of these models usually degrades for unseen attacks in the presence of challenging appearance variations, e.g., background, illumination, diverse spoofing materials and low image quality. To address this issue, we propose to use a Generative Adversarial Network (GAN) that transfers an input face image from the RGB domain to the depth domain. The generated depth clue enables biometric preservation against challenging appearance variations and diverse image qualities. To be more specific, the proposed method has two main stages. The first one is a GAN-based domain transfer module that converts an input image to its corresponding depth map. By design, a live face image should be transferred to a depth map whereas a spoofing face image should be transferred to a plain (black) image. The aim is to improve the discriminative capability of the proposed system. The second stage is a classification model that determines whether an input face image is live or spoofing. Benefit from the use of the GAN-based domain transfer module, the latent variables can effectively represent the depth information, complementarily enhancing the discrimination of the original RGB features. The experimental results obtained on several benchmarking datasets demonstrate the effectiveness of the proposed method, with superior performance over the state-of-the-art methods. The source code of the proposed method is publicly available at https://github.com/coderwangson/DFA.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • CRSA: A Cryptocurrency Recovery Scheme Based on Hidden Assistance
           Relationships

    • Free pre-print version: Loading...

      Authors: Weiqi Dai;Yan Lv;Kim-Kwang Raymond Choo;Zhongze Liu;Deqing Zou;Hai Jin;
      Pages: 4291 - 4305
      Abstract: As cryptocurrency and blockchain-related assets become more common in our digital society, there is a corresponding need to secure our digital assets, including the private keys used to secure access to such assets (e.g., due to loss or corruption of the data storage medium). However, there are limitations in existing blockchain-related asset management and recovery methods. Therefore, we use zero-knowledge proof to design a cryptocurrency recovery scheme based on hidden assisting relationships (hereafter referred to as the CRSA scheme) to facilitate the recovery of blockchain assets. Specifically, when the user’s private key is lost, and access to the assets cannot be obtained, the user leverages information such as the pre-defined list of assistants to authenticate himself/herself on the blockchain. Once the assistants have confirmed the legitimacy of the user’s authentication request, the asset will be transferred from the old address to the new address. During the (identity) proof process, the zero-knowledge proof is used to ensure that the identification of assistants is not leaked to other nodes, assistants, and the adversary. We provide the formal definition of the above scheme and the security proof of the construction. We also implement a prototype of the system and evaluate its performance. Evaluations indicate that the time required for the zero-knowledge proof is less than 10s, and the block verification time is less than 100ms.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • MCTSteg: A Monte Carlo Tree Search-Based Reinforcement Learning Framework
           for Universal Non-Additive Steganography

    • Free pre-print version: Loading...

      Authors: Xianbo Mo;Shunquan Tan;Bin Li;Jiwu Huang;
      Pages: 4306 - 4320
      Abstract: Recent research has shown that non-additive image steganographic frameworks effectively improve security performance through adjusting distortion distribution. However, as far as we know, all of the existing non-additive proposals are based on handcrafted policies, and can only be applied to a specific image domain, which heavily prevent non-additive steganography from releasing its full potentiality. In this paper, we propose an automatic non-additive steganographic distortion learning framework called MCTSteg to remove the above restrictions. Guided by the reinforcement learning paradigm, we combine Monte Carlo Tree Search (MCTS) and steganalyzer-based environmental model to build MCTSteg. MCTS makes sequential decisions to adjust distortion distribution without human intervention. Our proposed environmental model is used to obtain feedbacks from each decision. Due to its self-learning characteristic and domain-independent reward function, MCTSteg has become the first reported universal non-additive steganographic framework which can work in both spatial and JPEG domains. Extensive experimental results show that MCTSteg can effectively withstand the detection of both hand-crafted feature-based and deep-learning-based steganalyzers. In both spatial and JPEG domains, the security performance of MCTSteg steadily outperforms the state of the art by a clear margin under different scenarios.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • DOMREP–An Orthogonal Countermeasure for Arbitrary Order Side-Channel and
           Fault Attack Protection

    • Free pre-print version: Loading...

      Authors: Michael Gruber;Matthias Probst;Patrick Karl;Thomas Schamberger;Lars Tebelmann;Michael Tempelmeier;Georg Sigl;
      Pages: 4321 - 4335
      Abstract: Protection against physical attacks is a major requirement for cryptographic implementations on devices which can be accessed by attackers. Side-channel and fault injection attacks are the most common types of physical attacks. In this work we present a novel generic solution for simultaneous protection against side-channel and fault attacks with arbitrary order. We combine domain oriented masking and repetition codes in an orthogonal way and call this approach DOMREP. The resistance against side-channel attacks and fault attacks can be scaled independently of each other, for the protection against higher-order side-channel analysis and the injection of multiple faults including SIFA. We develop the generic concept of orthogonal protection, and implement the DOMREP concept on GIMLI, a round two NIST LWC competition candidate, on a Xilinx Artix-7 FPGA. Our implementation of GIMLI is verified to be resistant against univariate first-order side-channel attacks by TVLA. The resistance against SIFA is verified by means of fault emulation of single as well as multiple bit faults. Our implementation of GIMLI achieves the expected security level according to these measurements. We also provide numbers for the area overhead for our protected implementation of GIMLI.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Morphing Attack Detection-Database, Evaluation Platform, and Benchmarking

    • Free pre-print version: Loading...

      Authors: Kiran Raja;Matteo Ferrara;Annalisa Franco;Luuk Spreeuwers;Ilias Batskos;Florens de Wit;Marta Gomez-Barrero;Ulrich Scherhag;Daniel Fischer;Sushma Krupa Venkatesh;Jag Mohan Singh;Guoqiang Li;Loïc Bergeron;Sergey Isadskiy;Raghavendra Ramachandra;Christian Rathgeb;Dinusha Frings;Uwe Seidel;Fons Knopjes;Raymond Veldhuis;Davide Maltoni;Christoph Busch;
      Pages: 4336 - 4351
      Abstract: Morphing attacks have posed a severe threat to Face Recognition System (FRS). Despite the number of advancements reported in recent works, we note serious open issues such as independent benchmarking, generalizability challenges and considerations to age, gender, ethnicity that are inadequately addressed. Morphing Attack Detection (MAD) algorithms often are prone to generalization challenges as they are database dependent. The existing databases, mostly of semi-public nature, lack in diversity in terms of ethnicity, various morphing process and post-processing pipelines. Further, they do not reflect a realistic operational scenario for Automated Border Control (ABC) and do not provide a basis to test MAD on unseen data, in order to benchmark the robustness of algorithms. In this work, we present a new sequestered dataset for facilitating the advancements of MAD where the algorithms can be tested on unseen data in an effort to better generalize. The newly constructed dataset consists of facial images from 150 subjects from various ethnicities, age-groups and both genders. In order to challenge the existing MAD algorithms, the morphed images are with careful subject pre-selection created from the contributing images, and further post-processed to remove morphing artifacts. The images are also printed and scanned to remove all digital cues and to simulate a realistic challenge for MAD algorithms. Further, we present a new online evaluation platform to test algorithms on sequestered data. With the platform we can benchmark the morph detection performance and study the generalization ability. This work also presents a detailed analysis on various subsets of sequestered data and outlines open challenges for future directions in MAD research.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Random-Weight Privacy-Preserving Algorithm With Error Compensation for
           Microgrid Distributed Energy Management

    • Free pre-print version: Loading...

      Authors: Feng Ye;Zheyuan Cheng;Xianghui Cao;Mo-Yuen Chow;
      Pages: 4352 - 4362
      Abstract: Recently, collaborative distributed energy management systems (CoDEMS) have emerged as an effective solution to manage distributed energy resources in microgrid. In CoDEMS, devices collaborate in a distributive manner over communication networks to meet electrical loads and supply balance at minimum cost. However, mutual information exchanges among the devices in CoDEMS may leak important information about the devices states. In this paper, we investigate the challenging problem of how to achieve optimality while preserving the privacy of CoDEMS at relatively low cost. Unlike many previous works that preserve the privacy by using additive noises, we propose a novel random-weight privacy-preserving algorithm with error compensation, termed as REP-CoDEMS, for CoDEMS. In the proposal, each distributed device generates two random weights each time and it communicates with its neighbor conveying values based on the weights, incremental cost estimation and power imbalance estimation information along with a novel error compensation term to eliminate the error induced by the random weights. We theoretically prove that the proposed REP-CoDEMS algorithm converges and preserves the privacy of all devices. We also derive analytical expressions of the maximum privacy disclosure probability for initial and final states of the CoDEMS. In addition, we conduct extensive simulations and the results demonstrate the effectiveness of the proposed algorithm.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • TRACE: Enterprise-Wide Provenance Tracking for Real-Time APT Detection

    • Free pre-print version: Loading...

      Authors: Hassaan Irshad;Gabriela Ciocarlie;Ashish Gehani;Vinod Yegneswaran;Kyu Hyung Lee;Jignesh Patel;Somesh Jha;Yonghwi Kwon;Dongyan Xu;Xiangyu Zhang;
      Pages: 4363 - 4376
      Abstract: We present TRACE, a comprehensive provenance tracking system for scalable, real-time, enterprise-wide APT detection. TRACE uses static analysis to identify program unit structures and inter-unit dependences, such that the provenance of an output event includes the input events within the same unit. Provenance collected from individual hosts are integrated to facilitate construction of a distributed enterprise-wide causal graph. We describe the evolution of TRACE over a four-year period, during which our improvements to the system focused on performance, scalability, and fidelity. In this time span, the system call coverage increased (from 47 to 66) while the time and space overhead reduced by over one and two orders of magnitude, respectively. We also provide results from five adversarial engagements where an independent team of system evaluators conducted APT attacks and assessed system performance. The input from our system was used by three other teams to implement real-time APT detection logic. Retrospective analysis revealed that TRACE provided sufficient evidence to detect over 80% of the attack stages across all evaluations. By the last engagement, temporal and spatial overhead had been reduced significantly to 18% and 10%, respectively.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Stealing Neural Network Structure Through Remote FPGA Side-Channel
           Analysis

    • Free pre-print version: Loading...

      Authors: Yicheng Zhang;Rozhin Yasaei;Hao Chen;Zhou Li;Mohammad Abdullah Al Faruque;
      Pages: 4377 - 4388
      Abstract: Deep Neural Network (DNN) models have been extensively developed by companies for a wide range of applications. The development of a customized DNN model with great performance requires costly investments, and its structure (layers and hyper-parameters) is considered intellectual property and holds immense value. However, in this paper, we found the model secret is vulnerable when a cloud-based FPGA accelerator executes it. We demonstrate an end-to-end attack based on remote power side-channel analysis and machine-learning-based secret inference against different DNN models. The evaluation result shows that an attacker can reconstruct the layer and hyper-parameter sequence at over 90% accuracy using our method, which can significantly reduce her model development workload. We believe the threat presented by our attack is tangible, and new defense mechanisms should be developed against this threat.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Efficient Sorting of Homomorphic Encrypted Data With
           k-Way Sorting Network

    • Free pre-print version: Loading...

      Authors: Seungwan Hong;Seunghong Kim;Jiheon Choi;Younho Lee;Jung Hee Cheon;
      Pages: 4389 - 4404
      Abstract: In this study, we propose an efficient sorting method for encrypted data using fully homomorphic encryption (FHE). The proposed method extends the existing 2-way sorting method by applying the $k$ -way sorting network for any prime $k$ to reduce the depth in terms of comparison operation from $O(log _{2}^{2}~n)$ to $O(klog _{k}^{2}~n)$ , thereby improving performance for $k$ slightly larger than 2, such as $k=5$ . We apply this method to approximate FHE which is widely used due to its efficiency of homomorphic arithmetic operations. In order to build up the $k$ -way sorting network, the $k$ -sorter, which sorts $k$ -numbers with a minimal comparison depth, is used as a building block. The approximate homomorphic comparison, which is the only type of comparison working on approximate FHE, cannot be used for the construction of the $k$ -sorter as it is because the result of the comparison is not binary, unlike the comparison in conventional bit-wise FHEs. To overcome this problem, we propose an efficient $k$ -sorter construction utilizing the features of approximate homomorphic comparison. Also, we propose an efficient construction of a $k$ -way sorting network using cryptographic SIMD operations. To use the proposed method most efficiently, we propose an estimation formula that finds the appropriate $k$ that is expected to reduce the total time cost when the parameters of the approximating comparisons and the performance of the operations provided by the approximate FHE are given. We also show the implementation results of the proposed method, and it shows that sorting 56 = 15625 data using 5-way sorting network can be about 23.3% faster than sorting 214 = 16384 data using 2-way.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Transfer Learning Approach for Securing Resource-Constrained IoT Devices

    • Free pre-print version: Loading...

      Authors: Selim Yılmaz;Emre Aydogan;Sevil Sen;
      Pages: 4405 - 4418
      Abstract: In recent years, Internet of Things (IoT) security has attracted significant interest by researchers due to new characteristics of IoT such as heterogeneity of devices, resource constraints, and new types of attacks targeting IoT. Intrusion detection, which is an indispensable part of a security system, is also included in these studies. In order to explore the complex characteristics of IoT, machine learning methods, which rely on long training time to generate intrusion detection models, are proposed in the literature. Furthermore, these systems need to learn a new/fresh model from scratch when the environment changes. This study explores the use of transfer learning in order to generate intrusion detection algorithms for such dynamically changing IoT. Transfer learning is an approach that stores knowledge learned from a problem domain/task and applies that knowledge to another problem domain/task. Here, it is employed in the following two settings: transferring knowledge for generating suitable intrusion algorithms for new devices, transferring knowledge for detecting new types of attacks. In this study, Routing Protocol for Low-Power and Lossy Network (RPL), a routing protocol for resource-constrained wireless networks, is used as an exemplar protocol and specific attacks against RPL are targeted. The experimental results show that the transfer learning approach gives better performance than the traditional approach. Moreover, the proposed approach significantly reduces learning time, which is an important factor for putting devices/networks in operation in a timely manner. Even though transfer learning has been considered a potential candidate for improving IoT security, to the best of our knowledge, this is the first application of transfer learning under these two settings in RPL-based IoT networks.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Unsupervised and Self-Adaptative Techniques for Cross-Domain Person
           Re-Identification

    • Free pre-print version: Loading...

      Authors: Gabriel C. Bertocco;Fernanda Andaló;Anderson Rocha;
      Pages: 4419 - 4434
      Abstract: Person Re-Identification (ReID) across non-overlapping cameras is a challenging task, and most works in prior art rely on supervised feature learning from a labeled dataset to match the same person in different views. However, it demands the time-consuming task of labeling the acquired data, prohibiting its fast deployment in forensic scenarios. Unsupervised Domain Adaptation (UDA) emerges as a promising alternative, as it performs feature adaptation from a model trained on a source to a target domain without identity-label annotation. However, most UDA-based methods rely upon a complex loss function with several hyper-parameters, hindering the generalization to different scenarios. Moreover, as UDA depends on the translation between domains, it is crucial to select the most reliable data from the unseen domain, avoiding error propagation caused by noisy examples on the target data — an often overlooked problem. In this sense, we propose a novel UDA-based ReID method that optimizes a simple loss function with only one hyper-parameter and takes advantage of triplets of samples created by a new offline strategy based on the diversity of cameras within a cluster. This new strategy adapts and regularizes the model, avoiding overfitting the target domain. We also introduce a new self-ensembling approach, which aggregates weights from different iterations to create a final model, combining knowledge from distinct moments of the adaptation. For evaluation, we consider three well-known deep learning architectures and combine them for the final decision. The proposed method does not use person re-ranking nor any identity label on the target domain and outperforms state-of-the-art techniques, with a much simpler setup, on the Market to Duke, the challenging Market1501 to MSMT17, and Duke to MSMT17 adaptation scenarios.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A Generalizable Model-and-Data Driven Approach for Open-Set RFF
           Authentication

    • Free pre-print version: Loading...

      Authors: Renjie Xie;Wei Xu;Yanzhi Chen;Jiabao Yu;Aiqun Hu;Derrick Wing Kwan Ng;A. Lee Swindlehurst;
      Pages: 4435 - 4450
      Abstract: Radio-frequency fingerprints (RFFs) are promising solutions for realizing low-cost physical layer authentication. Machine learning-based methods have been proposed for RFF extraction and discrimination. However, most existing methods are designed for the closed-set scenario where the set of devices is remains unchanged. These methods cannot be generalized to the RFF discrimination of unknown devices. To enable the discrimination of RFF from both known and unknown devices, we propose a new end-to-end deep learning framework for extracting RFFs from raw received signals. The proposed framework comprises a novel preprocessing module, called neural synchronization (NS), which incorporates the data-driven learning with signal processing priors as an inductive bias from communication-model based processing. Compared to traditional carrier synchronization techniques, which are static, this module estimates offsets by two learnable deep neural networks jointly trained by the RFF extractor. Additionally, a hypersphere representation is proposed to further improve the discrimination of RFF. Theoretical analysis shows that such a data-and-model framework can better optimize the mutual information between device identity and the RFF, which naturally leads to better performance. Experimental results verify that the proposed RFF significantly outperforms purely data-driven DNN-design and existing handcrafted RFF methods in terms of both discrimination and network generalizability.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Analysis of Multiplicative Low Entropy Masking Schemes Against Correlation
           Power Attack

    • Free pre-print version: Loading...

      Authors: Yanbin Li;Zhe Liu;Sylvain Guilley;Ming Tang;
      Pages: 4466 - 4481
      Abstract: Low Entropy Masking Schemes (LEMS) had been proposed to mitigate the high-performance overhead results from the Full Entropy Masking Schemes (FEMS) while offering good protection against side-channel attacks. The masking schemes usually rely on Boolean masking, however, splitting sensitive variables in a multiplicative way is more amenable to non-linear functions and it had been applied to both software and hardware with a competitive alternative to state-of-the-art masked design. Compared to the comprehensive analysis done for Boolean LEMS, the specific leakage characteristics of Multiplicative LEMS have not yet been analyzed. In this paper, we introduce security models for LEMS to characterize the balance of the mask set. Based on the security model, we present an inherent weakness of Multiplicative LEMS. We prove that this defect of Multiplicative LEMS cannot be compensated by choosing a proper mask set, and the security of FEMS is guaranteed thanks to the Dirac function which is used to resist zero-value attack. Then, we exhibit the leakages in the implementation of Multiplicative LEMS. In particular, we propose a new attack against Multiplicative LEMS more efficient by utilizing the distribution of masked intermediate values. The feasibility of the attack is verified by both simulation and practical experiments.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • ICT: A Cryptanalysis Toolbox for Block Cipher Structure With Secret
           Components

    • Free pre-print version: Loading...

      Authors: Jiyan Zhang;Ting Cui;Chenhui Jin;
      Pages: 4482 - 4493
      Abstract: In this paper, we present a new technique for recovering the secret inner components of block cipher structures. This technique does not simply distinguish a block cipher structure from a random permutation but recovers the secret inner components. In addition, our technique is more general than ad hoc structural cryptanalysis for specific structures. A new tool, the Inequality Constraints Table ( $ICT$ ), is introduced to characterize the constraint relation of the secret inner components. If a complete $ICT$ can be constructed, the secret components will be determined by a recursive algorithm. Based on the fundamental structure, an iterative method is proposed to construct an equivalent structure to simplify the initial guess regarding the secret components. Finally, we apply the new technique to several block cipher structures and obtain the secret component recovery results for the 5-round MISTY structure, 23- and 25- round Skipjack structure. To the best of our knowledge, this is the first time to present the structural cryptanalysis against the 5-round MISTY structure, 23- and 25-round Skipjack structure.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Neyman’s Smoothness Test: A Trade-Off Between Moment-Based and
           Distribution-Based Leakage Detections

    • Free pre-print version: Loading...

      Authors: Si Gao;Elisabeth Oswald;Yan Yan;
      Pages: 4494 - 4506
      Abstract: Leakage detection tests have become an indispensable tool for testing implementations featuring side channel countermeasures such as masking. Whilst moment-based techniques such as the Welch’s $t$ -test are universally powerful if there is leakage in a central moment, they naturally fail if this is not the case. Distribution-based techniques such as the $chi ^{2}$ -test then come to the rescue, but they have shown not to be robust with regards to noise. In this paper, we propose a novel leakage detection technique based on Neyman’s smoothness test. We find that our new test is robust with respect to noise (similar to the merit of Welch’s $t$ -test), and can pick up on leakage that is not located in central moments (similar to the merit of the $chi ^{2}$ -test). We also find that there is a sweet-spot where Neyman’s test outperforms both the $t$ -test and the $chi ^{2}$ -test. Realistic measurements confirm that such a sweet-spot is relevant in practice for detecting implementation flaws.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • K-Time Modifiable and Epoch-Based Redactable Blockchain

    • Free pre-print version: Loading...

      Authors: Shengmin Xu;Jianting Ning;Jinhua Ma;Xinyi Huang;Robert H. Deng;
      Pages: 4507 - 4520
      Abstract: As an immutable append-only distributed ledger, blockchain allows a group of participants to reach a consensus in an untrustworthy ecosystem. Immutability is a blockchain feature that persists data forever, but it is no longer legal in reality. Blockchain has unchangeable improper contents that violate laws. Moreover, data regulation toward “the right to be forgotten” requires blockchain must be modifiable. To address this problem, redactable blockchain has been introduced to relax immutability in a controlled way. However, once a participant is authorized, she/he can rewrite any content and no penalty for the malicious behavior that hinders the wide deployment of redactable blockchain in practice. In this paper, we introduce a new notion, dubbed $k$ -time modifiable and epoch-based redactable blockchain (KERB) with a monetary penalty to control rewriting privileges and penalize malicious behaviors. Our solution is built up from simple building blocks: digital signatures and chameleon hashes. We give a formal definition and security models of KERB, and present a generic construction along with formal proofs. The extensive comparison and experimental analysis illustrate that our solution enjoys superior functionalities and performances than the state-of-the-art solutions.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Odyssey: Creation, Analysis and Detection of Trojan Models

    • Free pre-print version: Loading...

      Authors: Marzieh Edraki;Nazmul Karim;Nazanin Rahnavard;Ajmal Mian;Mubarak Shah;
      Pages: 4521 - 4533
      Abstract: Along with the success of deep neural network (DNN) models, rise the threats to the integrity of these models. A recent threat is the Trojan attack where an attacker interferes with the training pipeline by inserting triggers into some of the training samples and trains the model to act maliciously only for samples that contain the trigger. Since the knowledge of triggers is privy to the attacker, detection of Trojan networks is challenging. Existing Trojan detectors make strong assumptions about the types of triggers and attacks. We propose a detector that is based on the analysis of the intrinsic DNN properties; that are affected due to the Trojan insertion process. For a comprehensive analysis, we develop Odyssey, the most diverse dataset to date with over 3,000 clean and Trojan models. Odyssey covers a large spectrum of attacks; generated by leveraging the versatility in trigger designs and source to target class mappings. Our analysis results show that Trojan attacks affect the classifier margin and shape of decision boundary around the manifold of clean data. Exploiting these two factors, we propose an efficient Trojan detector that operates without any knowledge of the attack and significantly outperforms existing methods. Through a comprehensive set of experiments we demonstrate the efficacy of the detector on cross model architectures, unseen Triggers and regularized models.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • DSA-Face: Diverse and Sparse Attentions for Face Recognition Robust to
           Pose Variation and Occlusion

    • Free pre-print version: Loading...

      Authors: Qiangchang Wang;Guodong Guo;
      Pages: 4534 - 4543
      Abstract: Learning local representations is important for face recognition (FR). Recent attention-based networks emphasize few facial parts, while ignoring other potentially discriminative ones. This is more serious when there are large pose variations, occlusions (e.g. face masks), or other image quality changes. To address this, we propose Diverse and Sparse Attentions, called DSA-Face. First, a divergence loss is designed to explicitly encourage the diversity among multiple attention maps by maximizing the Euclidean distance between every pair attention maps. As a result, a Pairwise Self-Contrastive Attention (PSCA) is developed to locate diverse facial parts which provide comprehensive descriptions. Second, an Attention Sparsity Loss (ASL) is proposed to encourage sparse responses in attention maps where only discriminative parts are emphasized while distracted regions (e.g. background or face masks) are discouraged. Built upon the PSCA and ASL, the DSA-Face model is developed to learn diverse and sparse attentions, which can extract diverse discriminative local representations and suppress the focus on noisy regions. Due to the pandemic of the COVID-19, the task of masked face matching is now very important, and our model can handle this much better than previous methods, demonstrating its effectiveness and usefulness. Moreover, our model outperforms the state-of-the-art methods on several other FR benchmarks, showing that it is also general to address various challenges in FR.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Efficient JPEG Batch Steganography Using Intrinsic Energy of Image
           Contents

    • Free pre-print version: Loading...

      Authors: Xianglei Hu;Jiangqun Ni;Weizhe Zhang;Jiwu Huang;
      Pages: 4544 - 4558
      Abstract: Batch steganography aims at properly allocating a large payload to multiple covers, so as to keep the whole covert communication at a satisfactory level of security. JPEG is currently one of the most widely used formats for image storage and transmission. This paper presents an efficient JPEG batch steganographic scheme, which allocates the payload in a linear manner w.r.t. a new heuristic measure - the intrinsic energy of JPEG image contents, in which more concerns are with the high frequency components, and the proposed measure could also be easily generalized to cover selection in batch steganographic applications. And a calibration strategy is elaborately designed to balance the security level when JPEG covers of various QFs are involved in JPEG batch steganography. In this way, the proposed scheme can effectively resolve the problem that the statistical undetectability fluctuates dramatically w.r.t. the size and quality factor when the batch set is involved with various image parameters, and consequently maintains the overall security of the practical JPEG batch steganographic system. Experimental results show that the proposed method exhibits security performance superior or comparable to the state-of-the-art batch schemes while maintaining a low computational cost.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Sparse Trust Data Mining

    • Free pre-print version: Loading...

      Authors: Pengli Nie;Guangquan Xu;Litao Jiao;Shaoying Liu;Jian Liu;Weizhi Meng;Hongyue Wu;Meiqi Feng;Weizhe Wang;Zhengjun Jing;Xi Zheng;
      Pages: 4559 - 4573
      Abstract: As recommendation systems continue to evolve, researchers are using trust data to improve the accuracy of recommendation prediction and help users find relevant information. However, large recommendation systems with trust data suffer from the sparse trust problem, which leads to grade inflation and severely affects the reliability of trust propagation. This paper presents a novel research on sparse trust data mining, which includes the new concept of sparse trust, a sparse trust model, and a trust mining framework. It lays a foundation for the trust-related research in large recommended systems. The new trust mining framework is based on customized normalization functions and a novel transitive gossip trust model, which discovers potential trust information between entities in a large-scale user network and applies it to a recommendation system. We conducts a comprehensive performance evaluation on both real-world and synthetic datasets. The results confirm that our framework mines new trust and effectively ameliorates sparse trust problem.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Privacy-Enhanced Federated Learning Against Poisoning Adversaries

    • Free pre-print version: Loading...

      Authors: Xiaoyuan Liu;Hongwei Li;Guowen Xu;Zongqi Chen;Xiaoming Huang;Rongxing Lu;
      Pages: 4574 - 4588
      Abstract: Federated learning (FL), as a distributed machine learning setting, has received considerable attention in recent years. To alleviate privacy concerns, FL essentially promises that multiple parties jointly train the model by exchanging gradients rather than raw data. However, intrinsic privacy issue still exists in FL, e.g., user’s training samples could be revealed by solely inferring gradients. Moreover, the emerging poisoning attack also poses a crucial security threat to FL. In particular, due to the distributed nature of FL, malicious users may submit crafted gradients during the training process to undermine the integrity and availability of the model. Furthermore, there exists a contradiction in simultaneously addressing two issues, that is, privacy-preserving FL solutions are dedicated to ensuring gradients indistinguishability, whereas the defenses against poisoning attacks tend to remove outliers based on their similarity. To solve such a dilemma, in this paper, we aim to build a bridge between the two issues. Specifically, we present a privacy-enhanced FL (PEFL) framework that adopts homomorphic encryption as the underlying technology and provides the server with a channel to punish poisoners via the effective gradient data extraction of the logarithmic function. To the best of our knowledge, the PEFL is the first effort to efficiently detect the poisoning behaviors in FL under ciphertext. Detailed theoretical analyses illustrate the security and convergence properties of the scheme. Moreover, the experiments conducted on real-world datasets show that the PEFL can effectively defend against label-flipping and backdoor attacks, two representative poisoning attacks in FL.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Efficient and Privacy-Preserving Multi-Party Skyline Queries Over
           Encrypted Data

    • Free pre-print version: Loading...

      Authors: Xiaofeng Ding;Zuan Wang;Pan Zhou;Kim-Kwang Raymond Choo;Hai Jin;
      Pages: 4589 - 4604
      Abstract: One existing challenge associated with large scale skyline queries on cloud services, particularly when dealing with private information such as biomedical data, is supporting multi-party queries with curious-but-honest parties on encrypted data. In addition, existing solutions designed for performing secure skyline queries incur significant communication and computation costs due to ciphertext calculation. Thus, in this paper, we demonstrate the potential of supporting privacy-preserving multi-party skyline queries on encrypted data using additive homomorphic and proxy re-encryption cryptosystems. However, the secure computation based on these cryptosystems will further slow down query efficiency. To improve the efficiency of comparison on encrypted data, we redesign two lightweight secure comparison protocols. Meanwhile, we present an efficient method named “blind-reading” to securely obtain the skyline point. We also propose a novel method, Privacy Matrix, designed to reduce the scale of the dataset so that the computational cost is significantly decreased without privacy leakage. Then, we construct our secure skyline query protocol by integrating lightweight secure comparison protocols, “blind-reading” and Privacy Matrix techniques. Finally, we evaluate the security of our protocol, where we show it is secure without leaking information. The performance evaluation also shows that our proposed approach significantly improves the efficiency (at least $times 4.5$ faster) compared to the-state-of-art and has the scalability of query processing under large datasets.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Covert MIMO Communications Under Variational Distance Constraint

    • Free pre-print version: Loading...

      Authors: Shi-Yuan Wang;Matthieu R. Bloch;
      Pages: 4605 - 4620
      Abstract: The problem of covert communication over Multiple-Input Multiple-Output (MIMO) Additive White Gaussian Noise (AWGN) channels is investigated, in which a transmitter attempts to reliably communicate with a legitimate receiver while avoiding detection by a passive adversary. The covert capacity of the MIMO AWGN channel is characterized under a variational distance covertness constraint when the MIMO channel matrices are static and known. The characterization of the covert capacity is also extended to a class of channels in which the legitimate channel matrix is known but the adversary’s channel matrix is only known up to a rank and a spectral norm constraint.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • A New Adversarial Embedding Method for Enhancing Image Steganography

    • Free pre-print version: Loading...

      Authors: Minglin Liu;Weiqi Luo;Peijia Zheng;Jiwu Huang;
      Pages: 4621 - 4634
      Abstract: Image steganography aims to embed secret messages into cover images in an imperceptible manner. While steganalysis tries to identify stegos from covers, which is a special binary classification problem. Recently, some literatures show that the adversarial embedding can mislead the advanced steganalyzers based on convolutional neural network (CNN), and thus enhance the steganography security. Since adding perturbations to stegos may lead to messages extraction failure due to properties of syndrome-trellis codes (STC), the existing adversarial examples are derived from covers or their enhanced versions, while those stegos are not fully utilized. In this paper, we propose a new adversarial embedding scheme for image steganography. Unlike those related works, we first combine multiple gradients of cover and generated stegos to determine the directions of cost modifications. Next, instead of adjusting all or a random part of embedding costs in existing works, we carefully select the candidate costs according to the amplitudes of cover gradients and their costs. Extensive experimental results demonstrate that by adjusting a tiny part of embedding costs (less than 5% in most cases), the proposed method can significantly improve the security of five modern steganographic methods evaluated on both re-trained CNN-based and traditional steganalyzers, and achieve much better security performances compared with related methods. In addition, the security performances evaluated on different image database show that the generalization of the proposed method is good.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Matrix-Regularized One-Class Multiple Kernel Learning for Unseen Face
           Presentation Attack Detection

    • Free pre-print version: Loading...

      Authors: Shervin Rahimzadeh Arashloo;
      Pages: 4635 - 4647
      Abstract: The functionality of face biometric systems is severely challenged by presentation attacks (PA’s), and especially those attacks that have not been available during the training phase of a PA detection (PAD) subsystem. Among other alternatives, the one-class classification (OCC) paradigm is an applicable strategy that has been observed to provide good generalisation against unseen attacks. Following an OCC approach for the unseen face PAD from RGB images, this work advocates a matrix-regularised multiple kernel learning algorithm to make use of several sources of information each constituting a different view of the face PAD problem. In particular, drawing on the one-class null Fisher classification principle, we characterise different deep CNN representations as kernels and propose a multiple kernel learning (MKL) algorithm subject to an ( $r,p$ )-norm ( $1leq r,p$ ) matrix regularisation constraint. The propose MKL algorithm is formulated as a saddle point Lagrangian optimisation task for which we present an effective optimisation algorithm with guaranteed convergence. An evaluation of the proposed one-class MKL algorithm on both general object images in an OCC setting as well as on different face PAD datasets in an unseen zero-shot attack detection setting illustrates the merits of the proposed method compared to other one-class multiple kernel and deep end-to-end CNN-based methods.
      PubDate: 2021
      Issue No: Vol. 16 (2021)
       
  • Cooperative Assurance of Cache Data Integrity for Mobile Edge Computing

    • Free pre-print version: Loading...

      Authors: Bo Li;Qiang He;Feifei Chen;Haipeng Dai;Hai Jin;Yang Xiang;Yun Yang;
      Pages: 4648 - 4662
      Abstract: The new mobile edge computing (MEC) paradigm fundamentally changes the data caching technique by allowing data to be cached on edge servers attached to base stations within hundreds of meters from users. It provides a bounded latency guarantee for latency-sensitive applications, e.g., interactive AR/VR applications,