The rapid advancement of quantum technology poses significant security risks to blockchain systems.However,quantum technology can also provide solutions for enhancing blockchain security.In this paper,we propose a qua...The rapid advancement of quantum technology poses significant security risks to blockchain systems.However,quantum technology can also provide solutions for enhancing blockchain security.In this paper,we propose a quantum-enhanced blockchain scheme to achieve a high level of security against quantum computing attacks.We first discuss quantum computing attacks on classic blockchains,including attacks on hash functions,digital signatures,and consensus mechanisms.We then introduce quantum technologies,such as a quantum hash function(QHF),a quantum digital signature(QDS),and proof of authority(PoA)consensus mechanism,into our scheme to improve the security of the blockchain system.Our security analysis demonstrates that our scheme offers superior security against quantum and classic attacks.Finally,we compare our scheme with previous works,showing that our scheme has achieved a perfect balance in terms of practicality,reliability,scalability,and efficiency.Overall,this work contributes to the ongoing research on quantum blockchain in the quantum era.展开更多
Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement i...Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.展开更多
Rumor detection has become an emerging and active research field in recent years.At the core is to model the rumor characteristics inherent in rich information,such as propagation patterns in social network and semant...Rumor detection has become an emerging and active research field in recent years.At the core is to model the rumor characteristics inherent in rich information,such as propagation patterns in social network and semantic patterns in post content,and differentiate them from the truth.However,existing works on rumor detection fall short in modeling heterogeneous information,either using one single information source only(e.g.,social network,or post content)or ignoring the relations among multiple sources(e.g.,fusing social and content features via simple concatenation).Therefore,they possibly have drawbacks in comprehensively understanding the rumors,and detecting them accurately.In this work,we explore contrastive self-supervised learning on heterogeneous information sources,so as to reveal their relations and characterize rumors better.Technically,we supplement the main supervised task of detection with an auxiliary self-supervised task,which enriches post representations via post self-discrimination.Specifically,given two heterogeneous views of a post(i.e.,representations encoding social patterns and semantic patterns),the discrimination is done by maximizing the mutual information between different views of the same post compared to that of other posts.We devise cluster-wise and instance-wise approaches to generate the views and conduct the discrimination,considering different relations of information sources.We term this framework as self-supervised rumor detection(SRD).Extensive experiments on three real-world datasets validate the effectiveness of SRD for automatic rumor detection on social media.展开更多
TTPs (Tactics, Techniques, and Procedures), which represent an attacker’s goals and methods, are the long period and essential feature of the attacker. Defenders can use TTP intelligence to perform the penetration te...TTPs (Tactics, Techniques, and Procedures), which represent an attacker’s goals and methods, are the long period and essential feature of the attacker. Defenders can use TTP intelligence to perform the penetration test and compensate for defense deficiency. However, most TTP intelligence is described in unstructured threat data, such as APT analysis reports. Manually converting natural language TTPs descriptions to standard TTP names, such as ATT&CK TTP names and IDs, is time-consuming and requires deep expertise. In this paper, we define the TTP classification task as a sentence classification task. We annotate a new sentence-level TTP dataset with 6 categories and 6061 TTP descriptions from 10761 security analysis reports. We construct a threat context-enhanced TTP intelligence mining (TIM) framework to mine TTP intelligence from unstructured threat data. The TIM framework uses TCENet (Threat Context Enhanced Network) to find and classify TTP descriptions, which we define as three continuous sentences, from textual data. Meanwhile, we use the element features of TTP in the descriptions to enhance the TTPs classification accuracy of TCENet. The evaluation result shows that the average classification accuracy of our proposed method on the 6 TTP categories reaches 0.941. The evaluation results also show that adding TTP element features can improve our classification accuracy compared to using only text features. TCENet also achieved the best results compared to the previous document-level TTP classification works and other popular text classification methods, even in the case of few-shot training samples. Finally, the TIM framework organizes TTP descriptions and TTP elements into STIX 2.1 format as final TTP intelligence for sharing the long-period and essential attack behavior characteristics of attackers. In addition, we transform TTP intelligence into sigma detection rules for attack behavior detection. Such TTP intelligence and rules can help defenders deploy long-term effective threat detection and perform more realistic attack simulations to strengthen defense.展开更多
基金supported byResearch on SatelliteQuantumKeyNetwork Security Architecture(No.AHY180500)This work was supported by the Research on Digital Identity Trust System for Massive Heterogeneous Terminals in Road Traffic System(No.2022YFB3104402)+2 种基金This work was supported in part by National Key RD Program of China(No.2018YFB0803401)in part by the China Postdoctoral Science Foundation under Grant 2019M650606in part by First-class Discipline Construction Project of Beijing Electronic Science and Technology Institute(No.3201012).
文摘The rapid advancement of quantum technology poses significant security risks to blockchain systems.However,quantum technology can also provide solutions for enhancing blockchain security.In this paper,we propose a quantum-enhanced blockchain scheme to achieve a high level of security against quantum computing attacks.We first discuss quantum computing attacks on classic blockchains,including attacks on hash functions,digital signatures,and consensus mechanisms.We then introduce quantum technologies,such as a quantum hash function(QHF),a quantum digital signature(QDS),and proof of authority(PoA)consensus mechanism,into our scheme to improve the security of the blockchain system.Our security analysis demonstrates that our scheme offers superior security against quantum and classic attacks.Finally,we compare our scheme with previous works,showing that our scheme has achieved a perfect balance in terms of practicality,reliability,scalability,and efficiency.Overall,this work contributes to the ongoing research on quantum blockchain in the quantum era.
文摘Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.
基金supported by the National Key Research and Development Program of China(2020AAA0106000)the National Natural Science Foundation of China(Grant Nos.U21B2026,62121002)the CCCD Key Lab of Ministry of Culture and Tourism.
文摘Rumor detection has become an emerging and active research field in recent years.At the core is to model the rumor characteristics inherent in rich information,such as propagation patterns in social network and semantic patterns in post content,and differentiate them from the truth.However,existing works on rumor detection fall short in modeling heterogeneous information,either using one single information source only(e.g.,social network,or post content)or ignoring the relations among multiple sources(e.g.,fusing social and content features via simple concatenation).Therefore,they possibly have drawbacks in comprehensively understanding the rumors,and detecting them accurately.In this work,we explore contrastive self-supervised learning on heterogeneous information sources,so as to reveal their relations and characterize rumors better.Technically,we supplement the main supervised task of detection with an auxiliary self-supervised task,which enriches post representations via post self-discrimination.Specifically,given two heterogeneous views of a post(i.e.,representations encoding social patterns and semantic patterns),the discrimination is done by maximizing the mutual information between different views of the same post compared to that of other posts.We devise cluster-wise and instance-wise approaches to generate the views and conduct the discrimination,considering different relations of information sources.We term this framework as self-supervised rumor detection(SRD).Extensive experiments on three real-world datasets validate the effectiveness of SRD for automatic rumor detection on social media.
基金Our research was supported by the National Key Research and Development Program of China(Grant No.2018YFC0824801,No.2019QY1302)the National Natural Science Foundation of China(No.61802404).
文摘TTPs (Tactics, Techniques, and Procedures), which represent an attacker’s goals and methods, are the long period and essential feature of the attacker. Defenders can use TTP intelligence to perform the penetration test and compensate for defense deficiency. However, most TTP intelligence is described in unstructured threat data, such as APT analysis reports. Manually converting natural language TTPs descriptions to standard TTP names, such as ATT&CK TTP names and IDs, is time-consuming and requires deep expertise. In this paper, we define the TTP classification task as a sentence classification task. We annotate a new sentence-level TTP dataset with 6 categories and 6061 TTP descriptions from 10761 security analysis reports. We construct a threat context-enhanced TTP intelligence mining (TIM) framework to mine TTP intelligence from unstructured threat data. The TIM framework uses TCENet (Threat Context Enhanced Network) to find and classify TTP descriptions, which we define as three continuous sentences, from textual data. Meanwhile, we use the element features of TTP in the descriptions to enhance the TTPs classification accuracy of TCENet. The evaluation result shows that the average classification accuracy of our proposed method on the 6 TTP categories reaches 0.941. The evaluation results also show that adding TTP element features can improve our classification accuracy compared to using only text features. TCENet also achieved the best results compared to the previous document-level TTP classification works and other popular text classification methods, even in the case of few-shot training samples. Finally, the TIM framework organizes TTP descriptions and TTP elements into STIX 2.1 format as final TTP intelligence for sharing the long-period and essential attack behavior characteristics of attackers. In addition, we transform TTP intelligence into sigma detection rules for attack behavior detection. Such TTP intelligence and rules can help defenders deploy long-term effective threat detection and perform more realistic attack simulations to strengthen defense.