查看更多>>摘要:Vulnerability reports are essential for improving software security since they record key information on vulnerabilities.In a report,CWE denotes the weakness of the vulnerability and thus helps quickly understand the cause of the vulner-ability.Therefore,CWE assignment is useful for categorizing newly discovered vulnerabilities.In this paper,we propose an automatic CWE assignment method with graph neural networks.First,we prepare a dataset that contains 3394 real world vulnerabilities from Linux,OpenSSL,Wireshark and many other software programs.Then,we extract state-ments with vulnerability syntax features from these vulnerabilities and use program slicing to slice them according to the categories of syntax features.On top of slices,we represent these slices with graphs that characterize the data dependency and control dependency between statements.Finally,we employ the graph neural networks to learn the hidden information from these graphs and leverage the Siamese network to compute the similarity between vulnerability functions,thereby assigning CWE IDs for these vulnerabilities.The experimental results show that the proposed method is effective compared to existing methods.
查看更多>>摘要:Ethereum's high attention,rich business,certain anonymity,and untraceability have attracted a group of attackers.Cybercrime on it has become increasingly rampant,among which scam behavior is convenient,cryptic,antagonistic and resulting in large economic losses.So we consider the scam behavior on Ethereum and investigate it at the node interaction level.Based on the life cycle and risk identification points we found,we propose an automatic detection model named Aparecium.First,a graph generation method which focus on the scam life cycle is adopted to mitigate the sparsity of the scam behaviors.Second,the life cycle patterns are delicate modeled because of the crypticity and antagonism of Ethereum scam behaviors.Conducting experiments in the wild Ethereum datasets,we prove Aparecium is effective which the precision,recall and F1-score achieve at 0.977,0.957 and 0.967 respectively.
查看更多>>摘要:Due to the importance of Critical Infrastructure(CI)in a nation's economy,they have been lucrative targets for cyber attackers.These critical infrastructures are usually Cyber-Physical Systems such as power grids,water,and sewage treatment facilities,oil and gas pipelines,etc.In recent times,these systems have suffered from cyber attacks numer-ous times.Researchers have been developing cyber security solutions for Cis to avoid lasting damages.According to standard frameworks,cyber security based on identification,protection,detection,response,and recovery are at the core of these research.Detection of an ongoing attack that escapes standard protection such as firewall,anti-virus,and host/network intrusion detection has gained importance as such attacks eventually affect the physical dynamics of the system.Therefore,anomaly detection in physical dynamics proves an effective means to implement defense-in-depth.PASAD is one example of anomaly detection in the sensor/actuator data,representing such systems'physical dynamics.We present EPASAD,which improves the detection technique used in PASAD to detect these micro-stealthy attacks,as our experiments show that PASAD's spherical boundary-based detection fails to detect.Our method EPASAD overcomes this by using Ellipsoid boundaries,thereby tightening the boundaries in various dimen-sions,whereas a spherical boundary treats all dimensions equally.We validate EPASAD using the dataset produced by theTE-process simulator and the C-town datasets.The results show that EPASAD improves PASAD's average recall by 5.8%and 9.5%for the two datasets,respectively.
查看更多>>摘要:Bitcoin is a decentralized P2P cryptocurrency.It supports users to use pseudonyms instead of network addresses to send and receive transactions at the data layer,hiding users'real network identities.Traditional transaction tracing attack cuts through the network layer to directly associate each transaction with the network address that issued it,thus revealing the sender's network identity.But this attack can be mitigated by Bitcoin's network layer privacy protections.Since Bitcoin protects the unlinkability of Bitcoin addresses and there may be a many-to-one relation-ship between addresses and nodes,transactions sent from the same node via different addresses are seen as com-ing from different nodes because attackers can only use addresses as node identifiers.In this paper,we proposed the evicting and filling attack to expose the correlations between addresses and cluster transactions sent from different addresses of the same node.The attack exploited the unisolation of Bitcoin's incoming connection processing mecha-nism.In particular,an attacker can utilize the shared connection pool and deterministic connection eviction strategy to infer the correlation between incoming and evicting connections,as well as the correlation between releasing and filling connections.Based on inferred results,different addresses of the same node with these connections can be linked together,whether they are of the some or different network types.We designed a multi-step attack procedure,and set reasonable attack parameters through analyzing the factors that affect the attack efficiency and accuracy.We mounted this attack on both our self-run nodes and multi-address nodes in real Bitcoin network,achieving an aver-age accuracy of 96.9%and 82%,respectively.Furthermore,we found that the attack is also applicable to Zcash,Litecoin,Dogecoin,Bitcoin Cash,and Dash.We analyzed the cost of network-wide attacks,the application scenario,and proposed countermeasures of this attack.
查看更多>>摘要:Small-state stream ciphers(SSCs),which violate the principle that the state size should exceed the key size by a factor of two,still demonstrate robust security properties while maintaining a lightweight design.These ciphers can be clas-sified into several constructions and their basic security requirement is to resist generic attacks,i.e.,the time-mem-ory-data tradeoff(TMDTO)attack.In this paper,we investigate the security of small-state constructions in the multi-user setting.Based on it,the TMDTO distinguishing attack and the TMDTO key recovery attack are developed for such a setting.It is shown that SSCs which continuously use the key can not resist the TMDTO distinguishing attack.Moreover,SSCs based on the continuous-Ⅳ-key-use construction cannot withstand the TMDTO key recovery attack when the key length is shorter than the Ⅳ length,no matter whether the keystream length is limited or not.Finally,we apply these two generic attacks to TinyJAMBU and DRACO in the multi-user setting.The TMDTO distinguish-ing attack on TinyJAMBU with a 128-bit key can be mounted with time,memory,and data complexities of 264,248,and 232,respectively.This attack is comparable with a recent work on ToSC 2022,where partial key bits of TinyJAMBU are recovered with more than 250 users(or keys).As DRACO's Ⅳ length is smaller than its key length,it is vulnerable to the TMDTO key recovery attack.The resulting attack has a time and memory complexity of both 2112,which means DRACO does not provide 128-bit security in the multi-user setting.
查看更多>>摘要:Blockchain technology has gained widespread adoption in recent years due to its ability to enable secure and trans-parent record-keeping and data transfer.A critical aspect of blockchain technology is the use of consensus algorithms,which allow distributed nodes in the network to agree on the state of the blockchain.In this review paper,we exam-ine various consensus algorithms that are used in blockchain systems,including proof-of-work,proof-of-stake,and hybrid approaches.We go over the trade-offs and factors to think about when choosing a consensus algorithm,such as energy efficiency,decentralization,and security.We also look at the strengths and weaknesses of each algorithm as well as their potential impact on the scalability and adoption of blockchain technology.
查看更多>>摘要:Unique shortest vector problem(uSVP)plays an important role in lattice based cryptography.Many cryptographic schemes based their security on it.For the cofidence of those applications,it is essential to clarify the complex-ity of uSVP with different parameters.However,proving the NP-hardness of uSVP appears quite hard.To the state of the art,we are even not able to prove the NP-hardness of uSVP with constant parameters.In this work,we gave a lower bound for the hardness of uSVP with constant parameters,i.e.we proved that uSVP is at least as hard as gap shortest vector problem(GapSVP)with gap of O(√n/log(n)),which is in NP ∩ coAM.Unlike previous works,our reduction works for paramters in a bigger range,especially when the constant hidden by the big-O in GapSVP is smaller than 1.
查看更多>>摘要:Adversarial attack for time-series classification model is widely explored and many attack methods are proposed.But there is not a method of attack based on the data itself.In this paper,we innovatively proposed a black-box sparse attack method based on data location.Our method directly attack the sensitive points in the time-series data accord-ing to statistical features extract from the dataset.At first,we have validated the transferability of sensitive points among DNNs with different structures.Secondly,we use the statistical features extract from the dataset and the sensi-tive rate of each point as the training set to train the predictive model.Then,predicting the sensitive rate of test set by predictive model.Finally,perturbing according to the sensitive rate.The attack is limited by constraining the L0 norm to achieve one-point attack.We conduct experiments on several datasets to validate the effectiveness of this method.
NETL
NSTL
万方数据