查看更多>>摘要:Domain name generation algorithm(DGA)classification is an essential but challenging problem.Both feature-extract-ing machine learning(ML)methods and deep learning(DL)models such as convolutional neural networks and long short-term memory have been developed.However,the performance of these approaches varies with different types of DGAs.Most features in the ML methods can characterize random-looking DGAs better than word-looking DGAs.To improve the classification performance on word-looking DGAs,subword tokenization is employed for the DL mod-els.Our experimental results proved that the subword tokenization can provide excellent classification performance on the word-looking DGAs.We then propose an integrated scheme that chooses an appropriate method for DGA classification depending on the nature of the DGAs.Results show that the integrated scheme outperformed existing ML and DL methods,and also the subword DL methods.
查看更多>>摘要:In recent years,many researchers focused on unsupervised learning for network anomaly detection in edge devices to identify attacks.The deployment of the unsupervised autoencoder model is computationally expensive in resource-constrained edge devices.This study proposes quantized autoencoder(QAE)model for intrusion detec-tion systems to detect anomalies.QAE is an optimization model derived from autoencoders that incorporate pruning,clustering,and integer quantization techniques.Quantized autoencoder uint8(QAE-u8)and quantized autoencoder float 16(QAE-f 16)are two variants of QAE built to deploy computationally expensive Al models into Edge devices.First,we have generated a Real-Time Internet of Things 2022 dataset for normal and attack traffic.The autoencoder model operates on normal traffic during the training phase.The same model is then used to reconstruct anomaly traffic under the assumption that the reconstruction error(RE)of the anomaly will be high,which helps to identify the attacks.Furthermore,we study the performance of the autoencoders,QAE-u8,and QAE-f1 6 using accuracy,preci-sion,recall,and F1 score through an extensive experimental study.We showed that QAE-u8 outperforms all other models with a reduction of 70.01%in average memory utilization,92.23%in memory size compression,and 27.94%in peak CPU utilization.Thus,the proposed QAE-u8 model is more suitable for deployment on resource-constrained loT edge devices.
查看更多>>摘要:Buffer overflow poses a serious threat to the memory security of modern operating systems.It overwrites the con-tents of other memory areas by breaking through the buffer capacity limit,destroys the system execution environ-ment,and provides implementation space for various system attacks such as program control flow hijacking.That makes it a wide range of harms.A variety of security technologies have been proposed to deal with system security problems including buffer overflow.For example,No eXecute(NX for short)is a memory management technology commonly used in Harvard architecture.It can refuse the execution of code which residing in a specific memory,and can effectively suppress the abnormal impact of buffer overflow on control flow.Therefore,in recent years,it has also been used in the field of system security,deriving a series of solutions based on NX technology,such as ExecShield,DEP,StackGuard,etc.However,these security solutions often rely too much on the processor archi-tecture so that the protection coverage is insufficient and the accuracy is limited.Especially in the emerging system architecture field represented by RISC-V,there is still a lack of effective solutions for buffer overflow vulnerabilities.With the continuous rapid development of the system architecture,it is urgent to develop defense methods that are applicable to different system application environments and oriented to all executable memory spaces to meet the needs of system security development.Therefore,we propose BOP,A new system memory security design method based on RISC-V extended instructions,to build a RISC-V buffer overflow detection and defense system and deal with the buffer overflow threat in RISC-V.According to this method,NX technology can be combined with program control flow analysis,and NX bit mechanism can be used to manage the executability of memory space,so as to achieve a more granular detection and defense of buffer overflow attacks that may occur in RISC-V system environment.In addition,The memory management and control function of BOP is not only very suitable for solving the security problems in the existing single architecture system,but also widely applicable to the combina-tion of multiple heterogeneous systems.
查看更多>>摘要:It is not uncommon for malicious sellers to collude with fake reviewers(also called spammers)to write fake reviews for multiple products to either demote competitors or promote their products'reputations,forming a gray industry chain.To detect spammer groups in a heterogeneous network with rich semantic information from both buyers and sellers,researchers have conducted extensive research using Frequent Item Mining-based and graph-based meth-ods.However,these methods cannot detect spammer groups with cross-product attacks and do not jointly consider structural and attribute features,and structure-attribute correlation,resulting in poorer detection performance.There-fore,we propose a collaborative training-based spammer group detection algorithm by constructing a heterogene-ous induced sub-network based on the target product set to detect cross-product attack spammer groups.To jointly consider all available features,we use the collaborative training method to learn the feature representations of nodes.In addition,we use the DBSCAN clustering method to generate candidate groups,exclude innocent ones,and rank them to obtain spammer groups.The experimental results on real-world datasets indicate that the overall detection performance of the proposed method is better than that of the baseline methods.
查看更多>>摘要:Non-malleable code is an encoding scheme that is useful in situations where traditional error correction or detection is impossible to achieve.It ensures with high probability that decoded message is either completely unrelated or the original one,when tampering has no effect.Usually,standard version of non-malleable codes provide security against one time tampering attack.Block ciphers are successfully employed in the construction of non-malleable codes.Such construction fails to provide security when an adversary tampers the codeword more than once.Continuously non-malleable codes further allow an attacker to tamper the message for polynomial number of times.In this work,we propose continuous version of non-malleable codes from block ciphers in split-state model.Our construction provides security against polynomial number of tampering attacks and it preserves non-malleability.When the tam-pering experiment triggers self-destruct,the security of continuously non-malleable code reduces to security of the underlying leakage resilient storage.
查看更多>>摘要:Network Intrusion Detection Systems(NIDS)are utilized to find hostile network connections.This can be accom-plished by looking at traffic network activity,but it takes a lot of work.The NIDS heavily utilizes approaches for data extraction and machine learning to find anomalies.In terms of feature selection,NIDS is far more effective.This is accurate since anomaly identification uses a number of time-consuming features.Because of this,the feature selec-tion method influences how long it takes to analyze movement patterns and how clear it is.The goal of the study is to provide NIDS with an attribute selection approach.PSO has been used for that purpose.The Network Intrusion Detection System that is being developed will be able to identify any malicious activity in the network or any unusual behavior in the network,allowing the identification of the illegal activities and safeguarding the enormous amounts of confidential data belonging to the customers from being compromised.In the research,datasets were produced utilising both a network infrastructure and a simulation network.Wireshark is used to gather data packets whereas Cisco Packet Tracer is used to build a network in a simulated environment.Additionally,a physical network consisting of six node MCUs connected to a laptop and a mobile hotspot,has been built and communication packets are being recorded using the Wireshark tool.To train several machine learning models,all the datasets that were gathered—cre-ated datasets from our own studies as well as some common datasets like NSDL and UNSW acquired from Kaggle—were employed.Additionally,PSO,which is an optimization method,has been used with these ML algorithms for feature selection.In the research,KNN,decision trees,and ANN have all been combined with PSO for a specific case study.And it was found demonstrated the classification methods PSO+ANN outperformed PSO+KNN and PSO+DT in this case study.
查看更多>>摘要:Vertical Federated Learning(VFL)has many applications in the field of smart healthcare with excellent performance.However,current VFL systems usually primarily focus on the privacy protection during model training,while the preparation of training data receives little attention.In real-world applications,like smart healthcare,the process of the training data preparation may involve some participant's intention which could be privacy information for this partici-pant.To protect the privacy of the model training intention,we describe the idea of Intention-Hiding Vertical Feder-ated Learning(IHVFL)and illustrate a framework to achieve this privacy-preserving goal.First,we construct two secure screening protocols to enhance the privacy protection in feature engineering.Second,we implement the work of sample alignment bases on a novel private set intersection protocol.Finally,we use the logistic regression algorithm to demonstrate the process of IHVFL.Experiments show that our model can perform better efficiency(less than 5min)and accuracy(97%)on Breast Cancer medical dataset while maintaining the intention-hiding goal.
Mir NazishM.Tariq BandayInsha SyedSheena Banday...
113-130页
查看更多>>摘要:It is challenging to devise lightweight cryptographic primitives efficient in both hardware and software that can provide an optimum level of security to diverse Internet of Things applications running on low-end constrained devices.Therefore,an efficient hardware design approach that requires some specific hardware resource may not be efficient if implemented in software.Substitution bit Permutation Network based ciphers such as PRESENT and GIFT are efficient,lightweight cryptographic hardware design approaches.These ciphers introduce confusion and diffu-sion by employing a 4x4 static substitution box and bit permutations.The bit-wise permutation is realised by sim-ple rerouting,which is most cost-effective to implement in hardware,resulting in negligible power consumption.However,this method is highly resource-consuming in software,particularly for large block-sized ciphers,with each single-bit permutation requiring multiple sub-operations.This paper proposes a novel software-based design approach for permutation operation in Substitution bit Permutation Network based ciphers using a bit-banding fea-ture.The conventional permutation using bit rotation and the proposed approach have been implemented,analysed and compared for GIFT and PRESENT ciphers on ARM Cortex-M3-based LPC1768 development platform with KEIL MDK used as an Integrated Development Environment.The real-time performance comparison between conven-tional and the proposed approaches in terms of memory(RAM/ROM)footprint,power,energy and execution time has been carried out using ULINKpro and ULINKplus debug adapters for various code and speed optimisation sce-narios.The proposed approach substantially reduces execution time,energy and power consumption for both PRE-SENT and GIFT ciphers,thus demonstrating the efficiency of the proposed method for Substitution bit Permutation Network based symmetric block ciphers.
万方数据
维普