Your search keyword '"Computer Science - Cryptography and Security"' showing total 87,575 results

1. Forget to Flourish: Leveraging Machine-Unlearning on Pretrained Language Models for Privacy Leakage

Author

Rashid, Md Rafi Ur, Liu, Jing, Koike-Akino, Toshiaki, Mehnaz, Shagufta, and Wang, Ye

Subjects

Computer Science - Machine Learning, Computer Science - Artificial Intelligence, Computer Science - Cryptography and Security

Abstract

Fine-tuning large language models on private data for downstream applications poses significant privacy risks in potentially exposing sensitive information. Several popular community platforms now offer convenient distribution of a large variety of pre-trained models, allowing anyone to publish without rigorous verification. This scenario creates a privacy threat, as pre-trained models can be intentionally crafted to compromise the privacy of fine-tuning datasets. In this study, we introduce a novel poisoning technique that uses model-unlearning as an attack tool. This approach manipulates a pre-trained language model to increase the leakage of private data during the fine-tuning process. Our method enhances both membership inference and data extraction attacks while preserving model utility. Experimental results across different models, datasets, and fine-tuning setups demonstrate that our attacks significantly surpass baseline performance. This work serves as a cautionary note for users who download pre-trained models from unverified sources, highlighting the potential risks involved.

Published

2024

2. C-RADAR: A Centralized Deep Learning System for Intrusion Detection in Software Defined Networks

Author

Mustafa, Osama, Ali, Khizer, and Naqash, Talha

Subjects

Computer Science - Machine Learning, Computer Science - Artificial Intelligence, Computer Science - Cryptography and Security

Abstract

The popularity of Software Defined Networks (SDNs) has grown in recent years, mainly because of their ability to simplify network management and improve network flexibility. However, this also makes them vulnerable to various types of cyber attacks. SDNs work on a centralized control plane which makes them more prone to network attacks. Research has demonstrated that deep learning (DL) methods can be successful in identifying intrusions in conventional networks, but their application in SDNs is still an open research area. In this research, we propose the use of DL techniques for intrusion detection in SDNs. We measure the effectiveness of our method by experimentation on a dataset of network traffic and comparing it to existing techniques. Our results show that the DL-based approach outperforms traditional methods in terms of detection accuracy and computational efficiency. The deep learning architecture that has been used in this research is a Long Short Term Memory Network and Self-Attention based architecture i.e. LSTM-Attn which achieves an Fl-score of 0.9721. Furthermore, this technique can be trained to detect new attack patterns and improve the overall security of SDNs.

Published

2024

3. On Computational Indistinguishability and Logical Relations

Author

Lago, Ugo Dal, Galal, Zeinab, and Giusti, Giulia

Subjects

Computer Science - Programming Languages, Computer Science - Cryptography and Security

Abstract

A $\lambda$-calculus is introduced in which all programs can be evaluated in probabilistic polynomial time and in which there is sufficient structure to represent sequential cryptographic constructions and adversaries for them, even when the latter are oracle-based. A notion of observational equivalence capturing computational indistinguishability and a class of approximate logical relations are then presented, showing that the latter represent a sound proof technique for the former. The work concludes with the presentation of an example of a security proof in which the encryption scheme induced by a pseudorandom function is proven secure against active adversaries in a purely equational style.

Published

2024

4. Hybridizing Base-Line 2D-CNN Model with Cat Swarm Optimization for Enhanced Advanced Persistent Threat Detection

Author

Bakhiet, Ali M. and Aly, Salah A.

Subjects

Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Machine Learning, Computer Science - Networking and Internet Architecture

Abstract

In the realm of cyber-security, detecting Advanced Persistent Threats (APTs) remains a formidable challenge due to their stealthy and sophisticated nature. This research paper presents an innovative approach that leverages Convolutional Neural Networks (CNNs) with a 2D baseline model, enhanced by the cutting-edge Cat Swarm Optimization (CSO) algorithm, to significantly improve APT detection accuracy. By seamlessly integrating the 2D-CNN baseline model with CSO, we unlock the potential for unprecedented accuracy and efficiency in APT detection. The results unveil an impressive accuracy score of $98.4\%$, marking a significant enhancement in APT detection across various attack stages, illuminating a path forward in combating these relentless and sophisticated threats., Comment: 6 pages, 5 figures

Published

2024

5. Image-Perfect Imperfections: Safety, Bias, and Authenticity in the Shadow of Text-To-Image Model Evolution

Author

Wu, Yixin, Shen, Yun, Backes, Michael, and Zhang, Yang

Subjects

Computer Science - Cryptography and Security, Computer Science - Machine Learning

Abstract

Text-to-image models, such as Stable Diffusion (SD), undergo iterative updates to improve image quality and address concerns such as safety. Improvements in image quality are straightforward to assess. However, how model updates resolve existing concerns and whether they raise new questions remain unexplored. This study takes an initial step in investigating the evolution of text-to-image models from the perspectives of safety, bias, and authenticity. Our findings, centered on Stable Diffusion, indicate that model updates paint a mixed picture. While updates progressively reduce the generation of unsafe images, the bias issue, particularly in gender, intensifies. We also find that negative stereotypes either persist within the same Non-White race group or shift towards other Non-White race groups through SD updates, yet with minimal association of these traits with the White race group. Additionally, our evaluation reveals a new concern stemming from SD updates: State-of-the-art fake image detectors, initially trained for earlier SD versions, struggle to identify fake images generated by updated versions. We show that fine-tuning these detectors on fake images generated by updated versions achieves at least 96.6\% accuracy across various SD versions, addressing this issue. Our insights highlight the importance of continued efforts to mitigate biases and vulnerabilities in evolving text-to-image models., Comment: To Appear in the ACM Conference on Computer and Communications Security, October 14-18, 2024

Published

2024

6. Further Investigation on Differential Properties of the Generalized Ness-Helleseth Function

Author

Xia, Yongbo, Li, Chunlei, Bao, Furong, Chen, Shaoping, and Helleseth, Tor

Subjects

Computer Science - Cryptography and Security, Computer Science - Discrete Mathematics, Computer Science - Information Theory, Mathematics - Number Theory, 94A60, 11T71, 11T06, 05-08

Abstract

Let $n$ be an odd positive integer, $p$ be a prime with $p\equiv3\pmod4$, $d_{1} = {{p^{n}-1}\over {2}} -1 $ and $d_{2} =p^{n}-2$. The function defined by $f_u(x)=ux^{d_{1}}+x^{d_{2}}$ is called the generalized Ness-Helleseth function over $\mathbb{F}_{p^n}$, where $u\in\mathbb{F}_{p^n}$. It was initially studied by Ness and Helleseth in the ternary case. In this paper, for $p^n \equiv 3 \pmod 4$ and $p^n \ge7$, we provide the necessary and sufficient condition for $f_u(x)$ to be an APN function. In addition, for each $u$ satisfying $\chi(u+1) = \chi(u-1)$, the differential spectrum of $f_u(x)$ is investigated, and it is expressed in terms of some quadratic character sums of cubic polynomials, where $\chi(\cdot)$ denotes the quadratic character of $\mathbb{F}_{p^n}$., Comment: 34 pages

Published

2024

7. Privacy-Preserving Set-Based Estimation Using Differential Privacy and Zonotopes

Author

Dawoud, Mohammed M., Liu, Changxin, Johansson, Karl H., and Alanwar, Amr

Subjects

Computer Science - Cryptography and Security

Abstract

For large-scale cyber-physical systems, the collaboration of spatially distributed sensors is often needed to perform the state estimation process. Privacy concerns arise from disclosing sensitive measurements to a cloud estimator. To solve this issue, we propose a differentially private set-based estimation protocol that guarantees true state containment in the estimated set and differential privacy for the sensitive measurements throughout the set-based state estimation process within the central and local differential privacy models. Zonotopes are employed in the proposed differentially private set-based estimator, offering computational advantages in set operations. We consider a plant of a non-linear discrete-time dynamical system with bounded modeling uncertainties, sensors that provide sensitive measurements with bounded measurement uncertainties, and a cloud estimator that predicts the system's state. The privacy-preserving noise perturbs the centers of measurement zonotopes, thereby concealing the precise position of these zonotopes, i.e., ensuring privacy preservation for the sets containing sensitive measurements. Compared to existing research, our approach achieves less privacy loss and utility loss through the central and local differential privacy models by leveraging a numerically optimized truncated noise distribution. The proposed estimator is perturbed by weaker noise than the analytical approaches in the literature to guarantee the same level of privacy, therefore improving the estimation utility. Numerical and comparison experiments with truncated Laplace noise are presented to support our approach., Comment: This article is the journal submission of "Differentially Private Set-Based Estimation Using Zonotopes", presented at the 2023 European Control Conference (ECC), https://ieeexplore.ieee.org/document/10178269. arXiv admin note: text overlap with arXiv:2305.07407

Published

2024

8. DeTRAP: RISC-V Return Address Protection With Debug Triggers

Author

Richter, Isaac, Zhou, Jie, and Criswell, John

Subjects

Computer Science - Cryptography and Security

Abstract

Modern microcontroller software is often written in C/C++ and suffers from control-flow hijacking vulnerabilities. Previous mitigations suffer from high performance and memory overheads and require either the presence of memory protection hardware or sophisticated program analysis in the compiler. This paper presents DeTRAP (Debug Trigger Return Address Protection). DeTRAP utilizes a full implementation of the RISC-V debug hardware specification to provide a write-protected shadow stack for return addresses. Unlike previous work, DeTRAP requires no memory protection hardware and only minor changes to the compiler toolchain. We tested DeTRAP on an FPGA running a 32-bit RISC-V microcontroller core and found average execution time overheads to be between 0.5% and 1.9% on evaluated benchmark suites with code size overheads averaging 7.9% or less., Comment: To appear at IEEE Secure Development Conference 2024

Published

2024

9. AI-Driven Intrusion Detection Systems (IDS) on the ROAD dataset: A Comparative Analysis for automotive Controller Area Network (CAN)

Author

Guerra, Lorenzo, Xu, Linhan, Mozharovskyi, Pavlo, Bellavista, Paolo, Chapuis, Thomas, Duc, Guillaume, and Nguyen, Van-Tam

Subjects

Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Machine Learning

Abstract

The integration of digital devices in modern vehicles has revolutionized automotive technology, enhancing safety and the overall driving experience. The Controller Area Network (CAN) bus is a central system for managing in-vehicle communication between the electronic control units (ECUs). However, the CAN protocol poses security challenges due to inherent vulnerabilities, lacking encryption and authentication, which, combined with an expanding attack surface, necessitates robust security measures. In response to this challenge, numerous Intrusion Detection Systems (IDS) have been developed and deployed. Nonetheless, an open, comprehensive, and realistic dataset to test the effectiveness of such IDSs remains absent in the existing literature. This paper addresses this gap by considering the latest ROAD dataset, containing stealthy and sophisticated injections. The methodology involves dataset labelling and the implementation of both state-of-the-art deep learning models and traditional machine learning models to show the discrepancy in performance between the datasets most commonly used in the literature and the ROAD dataset, a more realistic alternative.

Published

2024

10. Secure Ownership Management and Transfer of Consumer Internet of Things Devices with Self-sovereign Identity

Author

Sakib, Nazmus, Ali, Md Yeasin, Momo, Nuran Mubashshira, Mumu, Marzia Islam, Nahid, Masum Al, Chowdhury, Fairuz Rahaman, and Ferdous, Md Sadek

Subjects

Computer Science - Cryptography and Security, Computer Science - Emerging Technologies

Abstract

The popularity of the Internet of Things (IoT) has driven its usage in our homes and industries over the past 10-12 years. However, there have been some major issues related to identity management and ownership transfer involving IoT devices, particularly for consumer IoT devices, e. g. smart appliances such as smart TVs, smart refrigerators, and so on. There have been a few attempts to address this issue; however, user-centric and effective ownership and identity management of IoT devices have not been very successful so far. Recently, blockchain technology has been used to address these issues with limited success. This article presents a Self-sovereign Identity (SSI) based system that facilitates a secure and user-centric ownership management and transfer of consumer IoT devices. The system leverages a number of emerging technologies, such as blockchain and decentralized identifiers (DID), verifiable credentials (VC), under the umbrella of SSI. We present the architecture of the system based on a threat model and requirement analysis, discuss the implementation of a Proof-of-Concept based on the proposed system and illustrate a number of use-cases with their detailed protocol flows. Furthermore, we analyse its security using ProVerif, a state-of-the art protocol verification tool and examine its performance.

Published

2024

11. Investigating Privacy Leakage in Dimensionality Reduction Methods via Reconstruction Attack

Author

Lumbut, Chayadon and Ponnoprat, Donlapark

Subjects

Computer Science - Cryptography and Security, Computer Science - Machine Learning

Abstract

This study investigates privacy leakage in dimensionality reduction methods through a novel machine learning-based reconstruction attack. Employing an \emph{informed adversary} threat model, we develop a neural network capable of reconstructing high-dimensional data from low-dimensional embeddings. We evaluate six popular dimensionality reduction techniques: PCA, sparse random projection (SRP), multidimensional scaling (MDS), Isomap, $t$-SNE, and UMAP. Using both MNIST and NIH Chest X-ray datasets, we perform a qualitative analysis to identify key factors affecting reconstruction quality. Furthermore, we assess the effectiveness of an additive noise mechanism in mitigating these reconstruction attacks.

Published

2024

12. Leveraging Digital Twin Technologies for Public Space Protection and Vulnerability Assessment

Author

Stefanidou, Artemis, Cani, Jorgen, Papadopoulos, Thomas, Radoglou-Grammatikis, Panagiotis, Sarigiannidis, Panagiotis, Varlamis, Iraklis, and Papadopoulos, Georgios Th.

Subjects

Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence

Abstract

Over the recent years, the protection of the so-called `soft-targets', i.e. locations easily accessible by the general public with relatively low, though, security measures, has emerged as a rather challenging and increasingly important issue. The complexity and seriousness of this security threat growths nowadays exponentially, due to the emergence of new advanced technologies (e.g. Artificial Intelligence (AI), Autonomous Vehicles (AVs), 3D printing, etc.); especially when it comes to large-scale, popular and diverse public spaces. In this paper, a novel Digital Twin-as-a-Security-Service (DTaaSS) architecture is introduced for holistically and significantly enhancing the protection of public spaces (e.g. metro stations, leisure sites, urban squares, etc.). The proposed framework combines a Digital Twin (DT) conceptualization with additional cutting-edge technologies, including Internet of Things (IoT), cloud computing, Big Data analytics and AI. In particular, DTaaSS comprises a holistic, real-time, large-scale, comprehensive and data-driven security solution for the efficient/robust protection of public spaces, supporting: a) data collection and analytics, b) area monitoring/control and proactive threat detection, c) incident/attack prediction, and d) quantitative and data-driven vulnerability assessment. Overall, the designed architecture exhibits increased potential in handling complex, hybrid and combined threats over large, critical and popular soft-targets. The applicability and robustness of DTaaSS is discussed in detail against representative and diverse real-world application scenarios, including complex attacks to: a) a metro station, b) a leisure site, and c) a cathedral square.

Published

2024

13. Traceable AI-driven Avatars Using Multi-factors of Physical World and Metaverse

Author

Yang, Kedi, Zhang, Zhenyong, and Tian, Youliang

Subjects

Computer Science - Cryptography and Security

Abstract

Metaverse allows users to delegate their AI models to an AI engine, which builds corresponding AI-driven avatars to provide immersive experience for other users. Since current authentication methods mainly focus on human-driven avatars and ignore the traceability of AI-driven avatars, attackers may delegate the AI models of a target user to an AI proxy program to perform impersonation attacks without worrying about being detected. In this paper, we propose an authentication method using multi-factors to guarantee the traceability of AI-driven avatars. Firstly, we construct a user's identity model combining the manipulator's iris feature and the AI proxy's public key to ensure that an AI-driven avatar is associated with its original manipulator. Secondly, we propose a chameleon proxy signature scheme that supports the original manipulator to delegate his/her signing ability to an AI proxy. Finally, we design three authentication protocols for avatars based on the identity model and the chameleon proxy signature to guarantee the virtual-to-physical traceability including both the human-driven and AI-driven avatars. Security analysis shows that the proposed signature scheme is unforgeability and the authentication method is able to defend against false accusation. Extensive evaluations show that the designed authentication protocols complete user login, avatar delegation, mutual authentication, and avatar tracing in about 1s, meeting the actual application needs and helping to mitigate impersonation attacks by AI-driven avatars., Comment: 15 pages, 21 figures

Published

2024

14. Wireless Integrated Authenticated Communication System (WIA-Comm)

Author

Bharadwaj, Amith N, Adarsh, G, N, Gurusatwik Bhatta, K, Karan, and T, Vijay B

Subjects

Computer Science - Cryptography and Security, Electrical Engineering and Systems Science - Systems and Control

Abstract

The exponential increase in the number of devices connected to the internet globally has led to the requirement for the introduction of better and improved security measures for maintaining data integrity. The development of a wireless and authenticated communication system is required to overcome the safety threats and illegal access to the application system/data. The WIA-Comm System is the one that provides a bridge to control the devices at the application side. It has been designed to provide security by giving control rights only to the device whose MAC (physical) address has already been registered, so only authorized users can control the system. LoRa WAN technology has been used for wireless communication and Arduino IDE to develop the code for the required functionality., Comment: 6 pages, 10 figures, 3 tables

Published

2024

15. Dual JPEG Compatibility: a Reliable and Explainable Tool for Image Forensics

Author

Levecque, Etienne, Butora, Jan, and Bas, Patrick

Subjects

Computer Science - Cryptography and Security, Electrical Engineering and Systems Science - Image and Video Processing

Abstract

Given a JPEG pipeline (compression or decompression), this paper shows how to find the antecedent of a 8 x 8 block. If it exists, the block is compatible with the pipeline. For unaltered images, all blocks are always compatible with the original pipeline; however, for manipulated images, this is not always the case. This article demonstrates the potential of compatibility concepts for JPEG image forensics. It presents a solution to the main challenge of finding a block antecedent in a high-dimensional space. This solution relies on a local search algorithm with restrictions on the search space. We show that inpainting, copy-move, or splicing applied after a JPEG compression can be turned into three different mismatch problems and be detected. In particular, when the image is re-compressed after the modification, we can detect the manipulation if the quality factor of the second compression is higher than the first one. Our method can pinpoint forgeries down to the JPEG block with great detection power and without False Positive. We compare our method with two state-of-the-art models on localizing inpainted forgeries after a simple or a double compression. We show that under our working assumptions, it outperforms those models for most experiments.

Published

2024

16. SIMD-Aware Homomorphic Compression and Application to Private Database Query

Author

Cheon, Jung Hee, Lee, Keewoo, Park, Jai Hyun, and Yeo, Yongdong

Subjects

Computer Science - Cryptography and Security

Abstract

In a private database query scheme (PDQ), a server maintains a database, and users send queries to retrieve records of interest from the server while keeping their queries private. A crucial step in PDQ protocols based on homomorphic encryption is homomorphic compression, which compresses encrypted sparse vectors consisting of query results. In this work, we propose a new homomorphic compression scheme with PDQ as its main application. Unlike existing approaches, our scheme (i) can be efficiently implemented by fully exploiting homomorphic SIMD technique and (ii) enjoys both asymptotically optimal compression rate and asymptotically good decompression complexity. Experimental results show that our approach is 4.7x to 33.2x faster than the previous best results.

Published

2024

17. Secure Integrated Sensing and Communication Under Correlated Rayleigh Fading

Author

Mittelbach, Martin, Schaefer, Rafael F., Bloch, Matthieu, Yener, Aylin, and Günlü, Onur

Subjects

Computer Science - Information Theory, Computer Science - Cryptography and Security, Electrical Engineering and Systems Science - Signal Processing, Electrical Engineering and Systems Science - Systems and Control

Abstract

We consider a secure integrated sensing and communication (ISAC) scenario, in which a signal is transmitted through a state-dependent wiretap channel with one legitimate receiver with which the transmitter communicates and one honest-but-curious target that the transmitter wants to sense. The secure ISAC channel is modeled as two state-dependent fast-fading channels with correlated Rayleigh fading coefficients and independent additive Gaussian noise components. Delayed channel outputs are fed back to the transmitter to improve the communication performance and to estimate the channel state sequence. We establish and illustrate an achievable secrecy-distortion region for degraded secure ISAC channels under correlated Rayleigh fading. We also evaluate the inner bound for a large set of parameters to derive practical design insights for secure ISAC methods. The presented results include in particular parameter ranges for which the secrecy capacity of a classical wiretap channel setup is surpassed and for which the channel capacity is approached.

Published

2024

18. SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection

Author

Finke, Moritz, Dmitrienko, Alexandra, and Stang, Jasper

Subjects

Computer Science - Cryptography and Security

Abstract

Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing.

Published

2024

19. Colaboot: A Cloud-based Diskless PC Booting Mechanism

Author

Mitra, Aditya, Ghosh, Anisha, Sethuraman, Sibi Chakkaravarthy, and S, Devi Priya V

Subjects

Computer Science - Cryptography and Security, Computer Science - Emerging Technologies

Abstract

Recent increases in endpoint-based security events and threats compelled enterprise operations to switch to virtual desktop infrastructure and web-based applications. In addition to reducing potential hazards, this has guaranteed a consistent desktop environment for every user. On the other hand, the attack surface is greatly increased because all endpoints are connected to the company network, which could harbor malware and other advanced persistent threats. This results in a considerable loss of system resources on each individual endpoint. Hence our work proposes a standard called Colaboot that enables machines throughout a company to boot from a single operating system in order to address these problems and guarantee a consistent operating system environment that could be easily updated to the most recent security patches across all work stations.

Published

2024

20. Meta-UAD: A Meta-Learning Scheme for User-level Network Traffic Anomaly Detection

Author

Feng, Tongtong, Qi, Qi, Guo, Lingqi, and Wang, Jingyu

Subjects

Computer Science - Cryptography and Security

Abstract

Accuracy anomaly detection in user-level network traffic is crucial for network security. Compared with existing models that passively detect specific anomaly classes with large labeled training samples, user-level network traffic contains sizeable new anomaly classes with few labeled samples and has an imbalance, self-similar, and data-hungry nature. Motivation on those limitations, in this paper, we propose \textit{Meta-UAD}, a Meta-learning scheme for User-level network traffic Anomaly Detection. Meta-UAD uses the CICFlowMeter to extract 81 flow-level statistical features and remove some invalid ones using cumulative importance ranking. Meta-UAD adopts a meta-learning training structure and learns from the collection of K-way-M-shot classification tasks, which can use a pre-trained model to adapt any new class with few samples by few iteration steps. We evaluate our scheme on two public datasets. Compared with existing models, the results further demonstrate the superiority of Meta-UAD with 15{\%} - 43{\%} gains in F1-score., Comment: Under reviewing. arXiv admin note: substantial text overlap with arXiv:2408.14884

Published

2024

21. Safety Layers of Aligned Large Language Models: The Key to LLM Security

Author

Li, Shen, Yao, Liuyi, Zhang, Lan, and Li, Yaliang

Subjects

Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence

Abstract

Aligned LLMs are highly secure, capable of recognizing and refusing to answer malicious questions. However, the role of internal parameters in maintaining this security is not well understood, further these models are vulnerable to security degradation when fine-tuned with non-malicious backdoor data or normal data. To address these challenges, our work uncovers the mechanism behind security in aligned LLMs at the parameter level, identifying a small set of contiguous layers in the middle of the model that are crucial for distinguishing malicious queries from normal ones, referred to as "safety layers." We first confirm the existence of these safety layers by analyzing variations in input vectors within the model's internal layers. Additionally, we leverage the over-rejection phenomenon and parameters scaling analysis to precisely locate the safety layers. Building on this understanding, we propose a novel fine-tuning approach, Safely Partial-Parameter Fine-Tuning (SPPFT), that fixes the gradient of the safety layers during fine-tuning to address the security degradation. Our experiments demonstrate that this approach significantly preserves model security while maintaining performance and reducing computational resources compared to full fine-tuning.

Published

2024

22. RLCP: A Reinforcement Learning-based Copyright Protection Method for Text-to-Image Diffusion Model

Author

Shi, Zhuan, Yan, Jing, Tang, Xiaoli, Lyu, Lingjuan, and Faltings, Boi

Subjects

Computer Science - Computers and Society, Computer Science - Artificial Intelligence, Computer Science - Cryptography and Security

Abstract

The increasing sophistication of text-to-image generative models has led to complex challenges in defining and enforcing copyright infringement criteria and protection. Existing methods, such as watermarking and dataset deduplication, fail to provide comprehensive solutions due to the lack of standardized metrics and the inherent complexity of addressing copyright infringement in diffusion models. To deal with these challenges, we propose a Reinforcement Learning-based Copyright Protection(RLCP) method for Text-to-Image Diffusion Model, which minimizes the generation of copyright-infringing content while maintaining the quality of the model-generated dataset. Our approach begins with the introduction of a novel copyright metric grounded in copyright law and court precedents on infringement. We then utilize the Denoising Diffusion Policy Optimization (DDPO) framework to guide the model through a multi-step decision-making process, optimizing it using a reward function that incorporates our proposed copyright metric. Additionally, we employ KL divergence as a regularization term to mitigate some failure modes and stabilize RL fine-tuning. Experiments conducted on 3 mixed datasets of copyright and non-copyright images demonstrate that our approach significantly reduces copyright infringement risk while maintaining image quality., Comment: arXiv admin note: text overlap with arXiv:2403.12052 by other authors

Published

2024

23. FastForensics: Efficient Two-Stream Design for Real-Time Image Manipulation Detection

Author

Zhang, Yangxiang, Li, Yuezun, Luo, Ao, Zhou, Jiaran, and Dong, Junyu

Subjects

Computer Science - Computer Vision and Pattern Recognition, Computer Science - Cryptography and Security

Abstract

With the rise in popularity of portable devices, the spread of falsified media on social platforms has become rampant. This necessitates the timely identification of authentic content. However, most advanced detection methods are computationally heavy, hindering their real-time application. In this paper, we describe an efficient two-stream architecture for real-time image manipulation detection. Our method consists of two-stream branches targeting the cognitive and inspective perspectives. In the cognitive branch, we propose efficient wavelet-guided Transformer blocks to capture the global manipulation traces related to frequency. This block contains an interactive wavelet-guided self-attention module that integrates wavelet transformation with efficient attention design, interacting with the knowledge from the inspective branch. The inspective branch consists of simple convolutions that capture fine-grained traces and interact bidirectionally with Transformer blocks to provide mutual support. Our method is lightweight ($\sim$ 8M) but achieves competitive performance compared to many other counterparts, demonstrating its efficacy in image manipulation detection and its potential for portable integration., Comment: BMVC 2024

Published

2024

24. Android Malware Detection Based on RGB Images and Multi-feature Fusion

Author

Wang, Zhiqiang, Yu, Qiulong, and Yuan, Sicheng

Subjects

Computer Science - Cryptography and Security, Computer Science - Machine Learning

Abstract

With the widespread adoption of smartphones, Android malware has become a significant challenge in the field of mobile device security. Current Android malware detection methods often rely on feature engineering to construct dynamic or static features, which are then used for learning. However, static feature-based methods struggle to counter code obfuscation, packing, and signing techniques, while dynamic feature-based methods involve time-consuming feature extraction. Image-based methods for Android malware detection offer better resilience against malware variants and polymorphic malware. This paper proposes an end-to-end Android malware detection technique based on RGB images and multi-feature fusion. The approach involves extracting Dalvik Executable (DEX) files, AndroidManifest.xml files, and API calls from APK files, converting them into grayscale images, and enhancing their texture features using Canny edge detection, histogram equalization, and adaptive thresholding techniques. These grayscale images are then combined into an RGB image containing multi-feature fusion information, which is analyzed using mainstream image classification models for Android malware detection. Extensive experiments demonstrate that the proposed method effectively captures Android malware characteristics, achieving an accuracy of up to 97.25%, outperforming existing detection methods that rely solely on DEX files as classification features. Additionally, ablation experiments confirm the effectiveness of using the three key files for feature representation in the proposed approach., Comment: 9 pages,10 figures

Published

2024

25. S3C2 Summit 2023-11: Industry Secure Supply Chain Summit

Author

Zahan, Nusrat, Acar, Yasemin, Cukier, Michel, Enck, William, Kästner, Christian, Kapravelos, Alexandros, Wermke, Dominik, and Williams, Laurie

Subjects

Computer Science - Cryptography and Security

Abstract

Cyber attacks leveraging or targeting the software supply chain, such as the SolarWinds and the Log4j incidents, affected thousands of businesses and their customers, drawing attention from both industry and government stakeholders. To foster open dialogue, facilitate mutual sharing, and discuss shared challenges encountered by stakeholders in securing their software supply chain, researchers from the NSF-supported Secure Software Supply Chain Center (S3C2) organize Secure Supply Chain Summits with stakeholders. This paper summarizes the Industry Secure Supply Chain Summit held on November 16, 2023, which consisted of \panels{} panel discussions with a diverse set of \participants{} practitioners from the industry. The individual panels were framed with open-ended questions and included the topics of Software Bills of Materials (SBOMs), vulnerable dependencies, malicious commits, build and deploy infrastructure, reducing entire classes of vulnerabilities at scale, and supporting a company culture conductive to securing the software supply chain. The goal of this summit was to enable open discussions, mutual sharing, and shedding light on common challenges that industry practitioners with practical experience face when securing their software supply chain., Comment: 8 pages, 1 figure

Published

2024

26. CanCal: Towards Real-time and Lightweight Ransomware Detection and Response in Industrial Environments

Author

Wang, Shenao, Dong, Feng, Yang, Hangfeng, Xu, Jingheng, and Wang, Haoyu

Subjects

Computer Science - Cryptography and Security

Abstract

Ransomware attacks have emerged as one of the most significant cybersecurity threats. Despite numerous proposed detection and defense methods, existing approaches face two fundamental limitations in large-scale industrial applications: intolerable system overheads and notorious alert fatigue. To address these challenges, we propose CanCal, a real-time and lightweight ransomware detection system. Specifically, CanCal selectively filters suspicious processes by the monitoring layers and then performs in-depth behavioral analysis to isolate ransomware activities from benign operations, minimizing alert fatigue while ensuring lightweight computational and storage overhead. The experimental results on a large-scale industrial environment~(1,761 ransomware, ~3 million events, continuous test over 5 months) indicate that CanCal is as effective as state-of-the-art techniques while enabling rapid inference within 30ms and real-time response within a maximum of 3 seconds. CanCal dramatically reduces average CPU utilization by 91.04% (from 6.7% to 0.6%) and peak CPU utilization by 76.69% (from 26.6% to 6.2%), while avoiding 76.50% (from 3,192 to 750) of the inspection efforts from security analysts. By the time of this writing, CanCal has been integrated into a commercial product and successfully deployed on 3.32 million endpoints for over a year. From March 2023 to April 2024, CanCal successfully detected and thwarted 61 ransomware attacks, demonstrating the effectiveness of CanCal in combating sophisticated ransomware threats in real-world scenarios., Comment: To appear in the 2024 ACM SIGSAC Conference on Computer and Communications Security (CCS'24), October 14--18, 2024, Salt Lake City

Published

2024

27. Branch-and-cut algorithms for colorful components problems

Author

Archetti, Claudia, Cerulli, Martina, and Sorgente, Carmine

Subjects

Mathematics - Combinatorics, Computer Science - Cryptography and Security, Computer Science - Social and Information Networks

Abstract

We tackle three optimization problems in which a colored graph, where each node is assigned a color, must be partitioned into colorful connected components. A component is defined as colorful if each color appears at most once. The problems differ in the objective function, which determines which partition is the best one. These problems have applications in community detection, cybersecurity, and bioinformatics. We present integer non-linear formulations, which are then linearized using standard techniques. To solve these formulations, we develop exact branch-and-cut algorithms, embedding various improving techniques, such as valid inequalities, bounds limiting the number of variables, and warm-start and preprocessing techniques. Extensive computational tests on benchmark instances demonstrate the effectiveness of the proposed procedures. The branch-and-cut algorithms can solve reasonably sized instances efficiently. To the best of our knowledge, we are the first to propose an exact algorithm for solving these problems.

Published

2024

28. Quantum Sieving for Code-Based Cryptanalysis and Its Limitations for ISD

Author

Engelberts, Lynn, Etinski, Simona, and Loyer, Johanna

Subjects

Quantum Physics, Computer Science - Cryptography and Security

Abstract

Sieving using near-neighbor search techniques is a well-known method in lattice-based cryptanalysis, yielding the current best runtime for the shortest vector problem in both the classical [BDGL16] and quantum [BCSS23] setting. Recently, sieving has also become an important tool in code-based cryptanalysis. Specifically, using a sieving subroutine, [GJN23, DEEK24] presented a variant of the information-set decoding (ISD) framework, which is commonly used for attacking cryptographically relevant instances of the decoding problem. The resulting sieving-based ISD framework yields complexities close to the best-performing classical algorithms for the decoding problem such as [BJMM12, BM18]. It is therefore natural to ask how well quantum versions perform. In this work, we introduce the first quantum algorithms for code sieving by designing quantum variants of the aforementioned sieving subroutine. In particular, using quantum-walk techniques, we provide a speed-up over the best known classical algorithm from [DEEK24] and over a variant using Grover's algorithm [Gro96]. Our quantum-walk algorithm exploits the structure of the underlying search problem by adding a layer of locality-sensitive filtering, inspired by the quantum-walk algorithm for lattice sieving from [CL21]. We complement our asymptotic analysis of the quantum algorithms with numerical results, and observe that our quantum speed-ups for code sieving behave similarly as those observed in lattice sieving. In addition, we show that a natural quantum analog of the sieving-based ISD framework does not provide any speed-up over the first presented quantum ISD algorithm [Ber10]. Our analysis highlights that the framework should be adapted in order to outperform the state-of-the-art of quantum ISD algorithms [KT17, Kir18].

Published

2024

29. Outside the Comfort Zone: Analysing LLM Capabilities in Software Vulnerability Detection

Author

Guo, Yuejun, Patsakis, Constantinos, Hu, Qiang, Tang, Qiang, and Casino, Fran

Subjects

Computer Science - Cryptography and Security

Abstract

The significant increase in software production driven by automation and faster development lifecycles has resulted in a corresponding surge in software vulnerabilities. In parallel, the evolving landscape of software vulnerability detection, highlighting the shift from traditional methods to machine learning and large language models (LLMs), provides massive opportunities at the cost of resource-demanding computations. This paper thoroughly analyses LLMs' capabilities in detecting vulnerabilities within source code by testing models beyond their usual applications to study their potential in cybersecurity tasks. We evaluate the performance of six open-source models that are specifically trained for vulnerability detection against six general-purpose LLMs, three of which were further fine-tuned on a dataset that we compiled. Our dataset, alongside five state-of-the-art benchmark datasets, were used to create a pipeline to leverage a binary classification task, namely classifying code into vulnerable and non-vulnerable. The findings highlight significant variations in classification accuracy across benchmarks, revealing the critical influence of fine-tuning in enhancing the detection capabilities of small LLMs over their larger counterparts, yet only in the specific scenarios in which they were trained. Further experiments and analysis also underscore the issues with current benchmark datasets, particularly around mislabeling and their impact on model training and performance, which raises concerns about the current state of practice. We also discuss the road ahead in the field suggesting strategies for improved model training and dataset curation., Comment: Accepted to ESORICS 2024

Published

2024

30. Enhancing MOTION2NX for Efficient, Scalable and Secure Image Inference using Convolutional Neural Networks

Author

K, Haritha, Burra, Ramya, Mittal, Srishti, Sharma, Sarthak, Venkatesh, Abhilash, and Tandon, Anshoo

Subjects

Computer Science - Cryptography and Security

Abstract

This work contributes towards the development of an efficient and scalable open-source Secure Multi-Party Computation (SMPC) protocol on machines with moderate computational resources. We use the ABY2.0 SMPC protocol implemented on the C++ based MOTION2NX framework for secure convolutional neural network (CNN) inference application with semi-honest security. Our list of contributions are as follows. Firstly, we enhance MOTION2NX by providing a tensorized version of several primitive functions including the Hadamard product, indicator function and argmax function. Our design of secure indicator function based on a novel approach that uses secure Relu function available in the baseline MOTION2NX implementation. The secure indicator function is used, in turn, as a building block for a novel implementation of secure argmax. Secondly, we also develop a novel splitting of the computations at each CNN layer into multiple configurable chunks thereby resulting in significant reduction in RAM usage. Thirdly, we adapt an existing Helper node algorithm, working in tandem with the ABY2.0 protocol, for efficient convolution computation. This algorithm not only reduces execution time but also reduces the RAM usage required to execute CNN models, but comes at a cost of an additional compute server. Moreover, the ideas presented in this paper can also be applied to secure neural network training., Comment: 20 pages, 1 figure. arXiv admin note: text overlap with arXiv:2310.10133

Published

2024

31. DetectBERT: Towards Full App-Level Representation Learning to Detect Android Malware

Author

Sun, Tiezhu, Daoudi, Nadia, Kim, Kisub, Allix, Kevin, Bissyandé, Tegawendé F., and Klein, Jacques

Subjects

Computer Science - Software Engineering, Computer Science - Artificial Intelligence, Computer Science - Cryptography and Security

Abstract

Recent advancements in ML and DL have significantly improved Android malware detection, yet many methodologies still rely on basic static analysis, bytecode, or function call graphs that often fail to capture complex malicious behaviors. DexBERT, a pre-trained BERT-like model tailored for Android representation learning, enriches class-level representations by analyzing Smali code extracted from APKs. However, its functionality is constrained by its inability to process multiple Smali classes simultaneously. This paper introduces DetectBERT, which integrates correlated Multiple Instance Learning (c-MIL) with DexBERT to handle the high dimensionality and variability of Android malware, enabling effective app-level detection. By treating class-level features as instances within MIL bags, DetectBERT aggregates these into a comprehensive app-level representation. Our evaluation demonstrates that DetectBERT not only surpasses existing state-of-the-art detection methods but also adapts to evolving malware threats. Moreover, the versatility of the DetectBERT framework holds promising potential for broader applications in app-level analysis and other software engineering tasks, offering new avenues for research and development., Comment: Accepted at ESEM 2024

Published

2024

32. Understanding Privacy Norms through Web Forms

Author

Cui, Hao, Trimananda, Rahmadi, and Markopoulou, Athina

Subjects

Computer Science - Cryptography and Security

Abstract

Web forms are one of the primary ways to collect personal information online, yet they are relatively under-studied. Unlike web tracking, data collection through web forms is explicit and contextualized. Users (i) are asked to input specific personal information types, and (ii) know the specific context (i.e., on which website and for what purpose). For web forms to be trusted by users, they must meet the common sense standards of appropriate data collection practices within a particular context (i.e., privacy norms). In this paper, we extract the privacy norms embedded within web forms through a measurement study. First, we build a specialized crawler to discover web forms on websites. We run it on 11,500 popular websites, and we create a dataset of 293K web forms. Second, to process data of this scale, we develop a cost-efficient way to annotate web forms with form types and personal information types, using text classifiers trained with assistance of large language models (LLMs). Third, by analyzing the annotated dataset, we reveal common patterns of data collection practices. We find that (i) these patterns are explained by functional necessities and legal obligations, thus reflecting privacy norms, and that (ii) deviations from the observed norms often signal unnecessary data collection. In addition, we analyze the privacy policies that accompany web forms. We show that, despite their wide adoption and use, there is a disconnect between privacy policy disclosures and the observed privacy norms., Comment: 18 pages, 7 figures, to be published in the Proceedings on Privacy Enhancing Technologies (PoPETs) 2025.1

Published

2024

33. A Persistent Hierarchical Bloom Filter-based Framework for Authentication and Tracking of ICs

Author

Rizvee, Md Mashfiq, Hossain, Tanvir, Hoque, Tamzidul, Forte, Domenic, and Shomaji, Sumaiya

Subjects

Computer Science - Cryptography and Security, Computer Science - Data Structures and Algorithms

Abstract

Detecting counterfeit integrated circuits (ICs) in unreliable supply chains demands robust tracking and authentication. Physical Unclonable Functions (PUFs) offer unique IC identifiers, but noise undermines their utility. This study introduces the Persistent Hierarchical Bloom Filter (PHBF) framework, ensuring swift and accurate IC authentication with an accuracy rate of 100% across the supply chain even with noisy PUF-generated signatures.

Published

2024

34. Different Victims, Same Layout: Email Visual Similarity Detection for Enhanced Email Protection

Author

Shukla, Sachin and Mirzaei, Omid

Subjects

Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer Science - Machine Learning

Abstract

In the pursuit of an effective spam detection system, the focus has often been on identifying known spam patterns either through rule-based detection systems or machine learning (ML) solutions. However, both systems are susceptible to evasion techniques and zero-day attacks that can be achieved at low cost. Therefore, an email that bypassed the defense system once can do it again in the following days, even though rules are updated or the ML models are retrained. The recurrence of failures to detect emails that exhibit layout similarities to previously undetected spam is concerning for customers and can erode their trust in a company. Our observations show that threat actors reuse email kits extensively and can bypass detection with little effort, for example, by making changes to the content of emails. In this work, we propose an email visual similarity detection approach, named Pisco, to improve the detection capabilities of an email threat defense system. We apply our proof of concept to some real-world samples received from different sources. Our results show that email kits are being reused extensively and visually similar emails are sent to our customers at various time intervals. Therefore, this method could be very helpful in situations where detection features that rely on contextual information and keywords are bypassed, an occurrence our observations show happens frequently., Comment: To be published in the proceedings of the ACM Conference on Computer and Communications Security (ACM CCS 2024)

Published

2024

35. Manipulating OpenFlow Link Discovery Packet Forwarding for Topology Poisoning

Author

Chen, Mingming, La Porta, Thomas, Taylor, Teryl, Araujo, Frederico, and Jaeger, Trent

Subjects

Computer Science - Cryptography and Security, Computer Science - Networking and Internet Architecture, C.2.1

Abstract

Software-defined networking (SDN) is a centralized, dynamic, and programmable network management technology that enables flexible traffic control and scalability. SDN facilitates network administration through a centralized view of the underlying physical topology; tampering with this topology view can result in catastrophic damage to network management and security. To underscore this issue, we introduce Marionette, a new topology poisoning technique that manipulates OpenFlow link discovery packet forwarding to alter topology information. Our approach exposes an overlooked yet widespread attack vector, distinguishing itself from traditional link fabrication attacks that tamper, spoof, or relay discovery packets at the data plane. Unlike localized attacks observed in existing methods, our technique introduces a globalized topology poisoning attack that leverages control privileges. Marionette implements a reinforcement learning algorithm to compute a poisoned topology target, and injects flow entries to achieve a long-lived stealthy attack. Our evaluation shows that Marionette successfully attacks five open-source controllers and nine OpenFlow-based discovery protocols. Marionette overcomes the state-of-the-art topology poisoning defenses, showcasing a new class of topology poisoning that initiates on the control plane. This security vulnerability was ethically disclosed to OpenDaylight, and CVE-2024-37018 has been assigned., Comment: 17 pages, 12 figures, CCS 2024

Published

2024

36. Analyzing Inference Privacy Risks Through Gradients in Machine Learning

Author

Li, Zhuohang, Lowy, Andrew, Liu, Jing, Koike-Akino, Toshiaki, Parsons, Kieran, Malin, Bradley, and Wang, Ye

Subjects

Computer Science - Machine Learning, Computer Science - Artificial Intelligence, Computer Science - Cryptography and Security, Statistics - Machine Learning

Abstract

In distributed learning settings, models are iteratively updated with shared gradients computed from potentially sensitive user data. While previous work has studied various privacy risks of sharing gradients, our paper aims to provide a systematic approach to analyze private information leakage from gradients. We present a unified game-based framework that encompasses a broad range of attacks including attribute, property, distributional, and user disclosures. We investigate how different uncertainties of the adversary affect their inferential power via extensive experiments on five datasets across various data modalities. Our results demonstrate the inefficacy of solely relying on data aggregation to achieve privacy against inference attacks in distributed learning. We further evaluate five types of defenses, namely, gradient pruning, signed gradient descent, adversarial perturbations, variational information bottleneck, and differential privacy, under both static and adaptive adversary settings. We provide an information-theoretic view for analyzing the effectiveness of these defenses against inference from gradients. Finally, we introduce a method for auditing attribute inference privacy, improving the empirical estimation of worst-case privacy through crafting adversarial canary records.

Published

2024

37. A Prototype Model of Zero-Trust Architecture Blockchain with EigenTrust-Based Practical Byzantine Fault Tolerance Protocol to Manage Decentralized Clinical Trials

Author

Peepliwall, Ashok Kumar, Pandey, Hari Mohan, Prakash, Surya, Mahajan, Anand A, Chowhan, Sudhinder Singh, Kumar, Vinesh, and Sharma, Rahul

Subjects

Computer Science - Cryptography and Security, Computer Science - Emerging Technologies, Computer Science - Information Retrieval

Abstract

The COVID-19 pandemic necessitated the emergence of decentralized Clinical Trials (DCTs) due to patient retention, accelerate trials, improve data accessibility, enable virtual care, and facilitate seamless communication through integrated systems. However, integrating systems in DCTs exposes clinical data to potential security threats, making them susceptible to theft at any stage, a high risk of protocol deviations, and monitoring issues. To mitigate these challenges, blockchain technology serves as a secure framework, acting as a decentralized ledger, creating an immutable environment by establishing a zero-trust architecture, where data are deemed untrusted until verified. In combination with Internet of Things (IoT)-enabled wearable devices, blockchain secures the transfer of clinical trial data on private blockchains during DCT automation and operations. This paper proposes a prototype model of the Zero-Trust Architecture Blockchain (z-TAB) to integrate patient-generated clinical trial data during DCT operation management. The EigenTrust-based Practical Byzantine Fault Tolerance (T-PBFT) algorithm has been incorporated as a consensus protocol, leveraging Hyperledger Fabric. Furthermore, the Internet of Things (IoT) has been integrated to streamline data processing among stakeholders within the blockchain platforms. Rigorous evaluation has been done to evaluate the quality of the system., Comment: NA

Published

2024

38. Cyber Risk Assessment for Cyber-Physical Systems: A Review of Methodologies and Recommendations for Improved Assessment Effectiveness

Author

AlHarmali, Asila, Ali, Saqib, Aman, Waqas, and Hussain, Omar

Subjects

Computer Science - Cryptography and Security

Abstract

Cyber-Physical Systems (CPS) integrate physical and embedded systems with information and communication technology systems, monitoring and controlling physical processes with minimal human intervention. The connection to information and communication technology exposes CPS to cyber risks. It is crucial to assess these risks to manage them effectively. This paper reviews scholarly contributions to cyber risk assessment for CPS, analyzing how the assessment approaches were evaluated and investigating to what extent they meet the requirements of effective risk assessment. We identify gaps limiting the effectiveness of the assessment and recommend real-time learning from cybersecurity incidents. Our review covers twenty-eight papers published between 2014 and 2023, selected based on a three-step search. Our findings show that the reviewed cyber risk assessment methodologies revealed limited effectiveness due to multiple factors. These findings provide a foundation for further research to explore and address other factors impacting the quality of cyber risk assessment in CPS., Comment: 18 pages, 2 Figures, 4 Tables

Published

2024

39. Secure Integration of 5G in Industrial Networks: State of the Art, Challenges and Opportunities

Author

Michaelides, Sotiris, Vogt, Thomas, and Henze, Martin

Subjects

Computer Science - Cryptography and Security, Computer Science - Networking and Internet Architecture

Abstract

The industrial landscape is undergoing a significant transformation, moving away from traditional wired fieldbus networks to cutting-edge 5G mobile networks. This transition, extending from local applications to company-wide use and spanning multiple factories, is driven by the promise of low-latency communication and seamless connectivity for various devices in industrial settings. However, besides these tremendous benefits, the integration of 5G as the communication infrastructure in industrial networks introduces a new set of risks and threats to the security of industrial systems. The inherent complexity of 5G systems poses unique challenges for ensuring a secure integration, surpassing those encountered with any technology previously utilized in industrial networks. Most importantly, the distinct characteristics of industrial networks, such as real-time operation, required safety guarantees, and high availability requirements, further complicate this task. As the industrial transition from wired to wireless networks is a relatively new concept, a lack of guidance and recommendations on securely integrating 5G renders many industrial systems vulnerable and exposed to threats associated with 5G. To address this situation, in this paper, we summarize the state-of-the-art and derive a set of recommendations for the secure integration of 5G into industrial networks based on a thorough analysis of the research landscape. Furthermore, we identify opportunities to utilize 5G to further enhance security and indicate remaining challenges, potentially identifying future academic potential, Comment: 15 pages, 5 figures

Published

2024

40. PromptSmooth: Certifying Robustness of Medical Vision-Language Models via Prompt Learning

Author

Hussein, Noor, Shamshad, Fahad, Naseer, Muzammal, and Nandakumar, Karthik

Subjects

Computer Science - Computer Vision and Pattern Recognition, Computer Science - Cryptography and Security

Abstract

Medical vision-language models (Med-VLMs) trained on large datasets of medical image-text pairs and later fine-tuned for specific tasks have emerged as a mainstream paradigm in medical image analysis. However, recent studies have highlighted the susceptibility of these Med-VLMs to adversarial attacks, raising concerns about their safety and robustness. Randomized smoothing is a well-known technique for turning any classifier into a model that is certifiably robust to adversarial perturbations. However, this approach requires retraining the Med-VLM-based classifier so that it classifies well under Gaussian noise, which is often infeasible in practice. In this paper, we propose a novel framework called PromptSmooth to achieve efficient certified robustness of Med-VLMs by leveraging the concept of prompt learning. Given any pre-trained Med-VLM, PromptSmooth adapts it to handle Gaussian noise by learning textual prompts in a zero-shot or few-shot manner, achieving a delicate balance between accuracy and robustness, while minimizing the computational overhead. Moreover, PromptSmooth requires only a single model to handle multiple noise levels, which substantially reduces the computational cost compared to traditional methods that rely on training a separate model for each noise level. Comprehensive experiments based on three Med-VLMs and across six downstream datasets of various imaging modalities demonstrate the efficacy of PromptSmooth. Our code and models are available at https://github.com/nhussein/promptsmooth., Comment: Accepted to MICCAI 2024

Published

2024

41. ARINC 429 Cyber-vulnerabilities and Voltage Data in a Hardware-in-the-Loop Simulator

Author

Trask, Connor, Movit, Steve, Clutter, Justace, Clark, Rosene, Herrera, Mark, and Tran, Kelly

Subjects

Computer Science - Cryptography and Security

Abstract

ARINC 429 is a ubiquitous data bus for civil avionics, enabling reliable communication between devices from disparate manufacturers. However, ARINC 429 lacks any form of encryption or authentication, making it an inherently insecure communication protocol and rendering any connected avionics vulnerable to a range of attacks. We constructed a hardware-in-the-loop simulator with ARINC 429 buses, explored these vulnerabilities, and identified their potential to deny, degrade, or disrupt aircraft capabilities. We performed a denial-of-service attack against a multi-function display via a compromised ARINC 429 bus using commercially available tools, which succeeded in disabling important navigational aids. This proven attack on physical avionics illustrates the risk inherent in ARINC 429 and the need for the ability to detect these attacks. One potential mitigation is an intrusion detection system (IDS) trained on data collected from the electrical properties of the physical bus. Although previous research has demonstrated the feasibility of an IDS on an ARINC 429 bus, no IDS has been trained on data generated by avionics hardware. To facilitate this, we recorded voltage traces and message history generated by avionics and adversarial devices on the ARINC 429 bus. To the best of our knowledge, this is the first publicly available collection of hardware-generated ARINC 429 signal data., Comment: 7 pages, 3 figures. Intended for publication in IEEE Transactions on Aerospace and Electronic Systems

Published

2024

42. Red Team Redemption: A Structured Comparison of Open-Source Tools for Adversary Emulation

Author

Landauer, Max, Mayer, Klaus, Skopik, Florian, Wurzenberger, Markus, and Kern, Manuel

Subjects

Computer Science - Cryptography and Security

Abstract

Red teams simulate adversaries and conduct sophisticated attacks against defenders without informing them about used tactics in advance. These interactive cyber exercises are highly beneficial to assess and improve the security posture of organizations, detect vulnerabilities, and train employees. Unfortunately, they are also time-consuming and expensive, which often limits their scale or prevents them entirely. To address this situation, adversary emulation tools partially automate attacker behavior and enable fast, continuous, and repeatable security testing even when involved personnel lacks red teaming experience. Currently, a wide range of tools designed for specific use-cases and requirements exist. To obtain an overview of these solutions, we conduct a review and structured comparison of nine open-source adversary emulation tools. To this end, we assemble a questionnaire with 80 questions addressing relevant aspects, including setup, support, documentation, usability, and technical features. In addition, we conduct a user study with domain experts to investigate the importance of these aspects for distinct user roles. Based on the evaluation and user feedback, we rank the tools and find MITRE Caldera, Metasploit, and Atomic Red Team on top.

Published

2024

43. Convergent Differential Privacy Analysis for General Federated Learning: the f-DP Perspective

Author

Sun, Yan, Shen, Li, and Tao, Dacheng

Subjects

Computer Science - Machine Learning, Computer Science - Cryptography and Security

Abstract

Federated learning (FL) is an efficient collaborative training paradigm extensively developed with a focus on local privacy protection, and differential privacy (DP) is a classical approach to capture and ensure the reliability of local privacy. The powerful cooperation of FL and DP provides a promising learning framework for large-scale private clients, juggling both privacy securing and trustworthy learning. As the predominant algorithm of DP, the noisy perturbation has been widely studied and incorporated into various federated algorithms, theoretically proven to offer significant privacy protections. However, existing analyses in noisy FL-DP mostly rely on the composition theorem and cannot tightly quantify the privacy leakage challenges, which is nearly tight for small numbers of communication rounds but yields an arbitrarily loose and divergent bound under the large communication rounds. This implies a counterintuitive judgment, suggesting that FL may not provide adequate privacy protection during long-term training. To further investigate the convergent privacy and reliability of the FL-DP framework, in this paper, we comprehensively evaluate the worst privacy of two classical methods under the non-convex and smooth objectives based on the f-DP analysis, i.e. Noisy-FedAvg and Noisy-FedProx methods. With the aid of the shifted-interpolation technique, we successfully prove that the worst privacy of the Noisy-FedAvg method achieves a tight convergent lower bound. Moreover, in the Noisy-FedProx method, with the regularization of the proxy term, the worst privacy has a stable constant lower bound. Our analysis further provides a solid theoretical foundation for the reliability of privacy protection in FL-DP. Meanwhile, our conclusions can also be losslessly converted to other classical DP analytical frameworks, e.g. $(\epsilon,\delta)$-DP and R$\acute{\text{e}}$nyi-DP (RDP).

Published

2024

44. LightSLH: Provable and Low-Overhead Spectre v1 Mitigation through Targeted Instruction Hardening

Author

Zhu, Yiming, Huang, Wenchao, and Xiong, Yan

Subjects

Computer Science - Cryptography and Security

Abstract

Several software mitigations have been proposed to defend against Spectre vulnerabilities. However, these countermeasures often suffer from high performance overhead, largely due to unnecessary protections. We propose LightSLH, designed to mitigate this overhead by hardening instructions only when they are under threat from Spectre vulnerabilities. LightSLH leverages program analysis techniques based on abstract interpretation to identify all instructions that could potentially lead to Spectre vulnerabilities and provides provable protection. To enhance analysis efficiency and precision, LightSLH employs novel taint and value domains. The taint domain enables bit-level taint tracking, while the value domain allows LightSLH to analyze complex program structures such as pointers and structures. Furthermore, LightSLH uses a two-stage abstract interpretation approach to circumvent potential analysis paralysis issues. We demonstrate the security guarantees of LightSLH and evaluate its performance on cryptographic algorithm implementations from OpenSSL. LightSLH significantly reduces the overhead associated with speculative-load-hardening techniques. Our results show that LightSLH introduces no protection and thus no overhead on 4 out of the 7 studied algorithms, which contrasts with existing countermeasures that introduce additional overhead due to unnecessary hardening. Additionally, LightSLH performs, for the first time, a rigorous analysis of the security guarantees of RSA against Spectre v1, highlighting that the memory access patterns generated by the scatter-gather algorithm depend on secrets, even for observers at the cache line granularity, necessitating protection for such accesses.

Published

2024

45. SoK: Identifying Limitations and Bridging Gaps of Cybersecurity Capability Maturity Models (CCMMs)

Author

Liyanage, Lasini, Arachchilage, Nalin Asanka Gamagedara, and Russello, Giovanni

Subjects

Computer Science - Cryptography and Security

Abstract

In the rapidly evolving digital landscape, where organisations are increasingly vulnerable to cybersecurity threats, Cybersecurity Capability Maturity Models (CCMMs) emerge as pivotal tools in enhancing organisational cybersecurity posture. CCMMs provide a structured framework to guide organisations in assessing their current cybersecurity capabilities, identifying critical gaps, and prioritising improvements. However, the full potential of CCMMs is often not realised due to inherent limitations within the models and challenges encountered during their implementation and adoption processes. These limitations and challenges can significantly hamper the efficacy of CCMMs in improving cybersecurity. As a result, organisations remain vulnerable to cyber threats as they may fail to identify and address critical security gaps, implement necessary improvements or allocate resources effectively. To address these limitations and challenges, conducting a thorough investigation into existing models is essential. Therefore, we conducted a Systematic Literature Review (SLR) analysing 43 publications to identify existing CCMMs, their limitations, and the challenges organisations face when implementing and adopting them. By understanding these barriers, we aim to explore avenues for enhancing the efficacy of CCMMs, ensuring they more effectively meet the cybersecurity needs of organisational entities.

Published

2024

46. Trustless Distributed Symmetric-key Encryption

Author

Mouël, Florian Le, Godon, Maxime, Brien, Renaud, Beurier, Erwan, Boulahia-Cuppens, Nora, and Cuppens, Frédéric

Subjects

Computer Science - Cryptography and Security, E.3

Abstract

Threshold cryptography has gained momentum in the last decades as a mechanism to protect long term secret keys. Rather than having a single secret key, this allows to distribute the ability to perform a cryptographic operation such as signing or encrypting. Threshold cryptographic operations are shared among different parties such that a threshold number of them must participate in order to run the operation. This makes the job of an attacker strictly more difficult in the sense that they would have to corrupt at least a threshold number of parties to breach the security. Most works in this field focus on asymmetric-key schemes that allow threshold signing or decrypting. We focus on the symmetric-key setting, allowing both threshold encryption and threshold decryption. Previous work relies on the presence of a trusted third party. Such a party may not exist in some use cases, and it represents a single point of failure. We propose to remove the requirement of a trusted third party by designing a dealer-free setup in which no entity can at any point obtain full knowledge of the secret keys. We implement a proof of concept of our construction in Python. We evaluate the proof of concept with timing metrics to compare to theoretical expectations and assess the cost in complexity of not relying on a trusted third party. While the setup phase suffers moderate additional cost, the encryption and decryption phases perform the same as the original algorithm., Comment: 13 pages, Submitted to IEEE Transactions on Information Forensics & Security

Published

2024

47. Development of a cyber risk assessment tool for Irish small business owners

Author

Curtin, Miriam, Sheehan, Brian, Gruben, Melanie, Kozma, Nikoletta, O'Carroll, Gillian, and Murray, Hazel

Subjects

Computer Science - Cryptography and Security

Abstract

Small and medium enterprises (SMEs) are increasingly vulnerable to cyber threats due to limited resources and cybersecurity expertise, in addition to an increasingly hostile cyber threat environment at national and international levels. This study aims to improve the cyber resilience amongst SMEs by developing a national risk assessment tool. This research is guided by three key questions: 1. What current international SME risk assessment tools are available and supported or endorsed by national cybersecurity centres? 2. How can a risk assessment tool be created that is accessible to SME owners with little to no cybersecurity knowledge? 3. What are the key areas of cybersecurity risks for SMEs? To answer these questions, a comprehensive review of existing risk assessment tools was carried out. Through iterative collaboration with SMEs, the development of a user-friendly tool that simplifies risk for non-expert users was made possible.

Published

2024

48. Improving Lagarias-Odlyzko Algorithm For Average-Case Subset Sum: Modular Arithmetic Approach

Author

Joux, Antoine and Węgrzycki, Karol

Subjects

Computer Science - Data Structures and Algorithms, Computer Science - Cryptography and Security

Abstract

Lagarias and Odlyzko (J.~ACM~1985) proposed a polynomial time algorithm for solving ``\emph{almost all}'' instances of the Subset Sum problem with $n$ integers of size $\Omega(\Gamma_{\text{LO}})$, where $\log_2(\Gamma_{\text{LO}}) > n^2 \log_2(\gamma)$ and $\gamma$ is a parameter of the lattice basis reduction ($\gamma > \sqrt{4/3}$ for LLL). The algorithm of Lagarias and Odlyzko is a cornerstone result in cryptography. However, the theoretical guarantee on the density of feasible instances has remained unimproved for almost 40 years. In this paper, we propose an algorithm to solve ``almost all'' instances of Subset Sum with integers of size $\Omega(\sqrt{\Gamma_{\text{LO}}})$ after a single call to the lattice reduction. Additionally, our argument allows us to solve the Subset Sum problem for multiple targets while the previous approach could only answer one target per call to lattice basis reduction. We introduce a modular arithmetic approach to the Subset Sum problem. The idea is to use the lattice reduction to solve a linear system modulo a suitably large prime. We show that density guarantees can be improved, by analysing the lengths of the LLL reduced basis vectors, of both the primal and the dual lattices simultaneously., Comment: 19 pages

Published

2024

49. LLMSecCode: Evaluating Large Language Models for Secure Coding

Author

Rydén, Anton, Näslund, Erik, Schiller, Elad Michael, and Almgren, Magnus

Subjects

Computer Science - Cryptography and Security, Computer Science - Distributed, Parallel, and Cluster Computing

Abstract

The rapid deployment of Large Language Models (LLMs) requires careful consideration of their effect on cybersecurity. Our work aims to improve the selection process of LLMs that are suitable for facilitating Secure Coding (SC). This raises challenging research questions, such as (RQ1) Which functionality can streamline the LLM evaluation? (RQ2) What should the evaluation measure? (RQ3) How to attest that the evaluation process is impartial? To address these questions, we introduce LLMSecCode, an open-source evaluation framework designed to assess LLM SC capabilities objectively. We validate the LLMSecCode implementation through experiments. When varying parameters and prompts, we find a 10% and 9% difference in performance, respectively. We also compare some results to reliable external actors, where our results show a 5% difference. We strive to ensure the ease of use of our open-source framework and encourage further development by external actors. With LLMSecCode, we hope to encourage the standardization and benchmarking of LLMs' capabilities in security-oriented code and tasks., Comment: This manuscript serves as a complementary technical report to the proceedings version, which will be presented at the International Symposium on Cyber Security, Cryptography, and Machine Learning (CSCML) 2024

Published

2024

50. Systematic Evaluation of Synthetic Data Augmentation for Multi-class NetFlow Traffic

Author

Wolf, Maximilian, Landes, Dieter, Hotho, Andreas, and Schlör, Daniel

Subjects

Computer Science - Cryptography and Security, Computer Science - Machine Learning

Abstract

The detection of cyber-attacks in computer networks is a crucial and ongoing research challenge. Machine learning-based attack classification offers a promising solution, as these models can be continuously updated with new data, enhancing the effectiveness of network intrusion detection systems (NIDS). Unlike binary classification models that simply indicate the presence of an attack, multi-class models can identify specific types of attacks, allowing for more targeted and effective incident responses. However, a significant drawback of these classification models is their sensitivity to imbalanced training data. Recent advances suggest that generative models can assist in data augmentation, claiming to offer superior solutions for imbalanced datasets. Classical balancing methods, although less novel, also provide potential remedies for this issue. Despite these claims, a comprehensive comparison of these methods within the NIDS domain is lacking. Most existing studies focus narrowly on individual methods, making it difficult to compare results due to varying experimental setups. To close this gap, we designed a systematic framework to compare classical and generative resampling methods for class balancing across multiple popular classification models in the NIDS domain, evaluated on several NIDS benchmark datasets. Our experiments indicate that resampling methods for balancing training data do not reliably improve classification performance. Although some instances show performance improvements, the majority of results indicate decreased performance, with no consistent trend in favor of a specific resampling technique enhancing a particular classifier., Comment: 16 pages, 3 figures, submitted to Machine Learning for CyberSecurity @ ECML PKDD

Published

2024