Attacks Against Cross-Chain Systems and Defense Approaches:A Contemporary Survey

The blockchain cross-chain is a significant technology for inter-chain interconnection and value transfer among different blockchain networks.Cross-chain overcomes the“information island”problem of the closed blockchain network and is increasingly applied to multiple critical areas such as finance and the internet of things(IoT).Blockchain can be divided into three main categories of blockchain networks:public blockchains,private blockchains,and consortium blockchains.However,there are differences in block structures,consensus mechanisms,and complex working mechanisms among heterogeneous blockchains.The fragility of the cross-chain system itself makes the cross-chain system face some potential security and privacy threats.This paper discusses security defects on the cross-chain implementation mechanism,and discusses the impact of the structural features of blockchain networks on cross-chain security.In terms of cross-chain intercommunication,a cross-chain attack can be divided into a multi-chain combination attack,native chain attack,and inter-chain attack diffusion.Then various security threats and attack paths faced by the cross-chain system are analyzed.At last,the corresponding security defense methods of cross-chain security threats and future research directions for cross-chain applications are put forward.

A Certificateless Homomorphic Encryption Scheme for Protecting Transaction Data Privacy of Post-Quantum Blockchain

Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application process,and the rapid development of quantum computing also brings the threat of quantum attack to blockchain.In this paper,we propose a lattice-based certificateless fully homomorphic encryption(LCFHE)algorithm based on approximate eigenvector firstly.And we use the lattice-based delegate algorithm and preimage sampling algorithm to extract part of the private key based on certificateless scheme,which is composed of the private key together with the secret value selected by the user,thus effectively avoiding the problems of certificate management and key escrow.Secondly,we propose a post-quantum blockchain transaction privacy protection scheme based on LCFHE algorithm,which uses the ciphertext calculation characteristic of homomorphic encryption to encrypt the account balance and transaction amount,effectively protecting the transaction privacy of users and having the ability to resist quantum attacks.Finally,we analyze the correctness and security of LCFHE algorithm,and the security of the algorithm reduces to the hardness of learning with errors(LWE)hypothesis.

A Novel Post-Quantum Blind Signature for Log System in Blockchain

In recent decades, log system management has been widely studied fordata security management. System abnormalities or illegal operations can befound in time by analyzing the log and provide evidence for intrusions. In orderto ensure the integrity of the log in the current system, many researchers havedesigned it based on blockchain. However, the emerging blockchain is facing significant security challenges with the increment of quantum computers. An attackerequipped with a quantum computer can extract the user's private key from thepublic key to generate a forged signature, destroy the structure of the blockchain,and threaten the security of the log system. Thus, blind signature on the lattice inpost-quantum blockchain brings new security features for log systems. In ourpaper, to address these, firstly, we propose a novel log system based on post-quantum blockchain that can resist quantum computing attacks. Secondly, we utilize apost-quantum blind signature on the lattice to ensure both security and blindnessof log system, which makes the privacy of log information to a large extent.Lastly, we enhance the security level of lattice-based blind signature under therandom oracle model, and the signature size grows slowly compared with others.We also implement our protocol and conduct an extensive analysis to prove theideas. The results show that our scheme signature size edges up subtly comparedwith others with the improvement of security level.

Exploring best‑matched embedding model and classifier for charging‑pile fault diagnosis

The continuous increase of electric vehicles is being facilitating the large-scale distributed charging-pile deployment.It is crucial to guarantee normal operation of charging piles,resulting in the importance of diagnosing charging-pile faults.The existing fault-diagnosis approaches were based on physical fault data like mechanical log data and sensor data streams.However,there are other types of fault data,which cannot be used for diagnosis by these existing approaches.This paper aims to fill this gap and consider 8 types of fault data for diagnosing,at least including physical installation error fault,charging-pile mechanical fault,charging-pile program fault,user personal fault,signal fault(offline),pile compatibility fault,charging platform fault,and other faults.We aim to find out how to combine existing feature-extraction and machine learning techniques to make the better diagnosis by conducting experiments on realistic dataset.4 word embedding models are investigated for feature extraction of fault data,including N-gram,GloVe,Word2vec,and BERT.Moreover,we classify the word embedding results using 10 machine learning classifiers,including Random Forest(RF),Support Vector Machine,K-Nearest Neighbor,Multilayer Perceptron,Recurrent Neural Network,AdaBoost,Gradient Boosted Decision Tree,Decision Tree,Extra Tree,and VOTE.Compared with original fault record dataset,we utilize paraphrasing-based data augmentation method to improve the classification accuracy up to 10.40%.Our extensive experiment results reveal that RF classifier combining the GloVe embedding model achieves the best accuracy with acceptable training time.In addition,we discuss the interpretability of RF and GloVe.

A Python Security Analysis Framework in Integrity Verification and Vulnerability Detection

Python is widely used in web crawler, machine learning, data analysis and so on. However, there is no guarantee that Python scripts are trusted in their whole lifetime because of system insecurity. When the system is attacked, scripts in the computer are likely to be tampered with. Therefore, the trustworthiness of Python scripts needs to be checked through different configuration strategies, including integrity verification and vulnerability detection. In this paper, integrity verification and vulnerability detection are based on two Python scripts, an original Python script and a current Python script, and the original Python script is assumed to has no vulnerabilities. By comparing with the original script, we can find out whether the current script is integrity or not and detect whether there are vulnerabilities if the integrity of the current file is destroyed. Integrity verification with Hash functions is not applied in some cases. In this mode, any changes including blank lines added are considered illegal. So loose integrity verification by combining UNIX diff tool with abstract syntax trees is proposed. The vulnerability detection starts from the premise that the original Python script has no vulnerabilities, and taint analysis is applied on the vulnerability detection framework Bandit to find vulnerabilities. Besides, in order not to change the usage of Python, both integrity verification and vulnerability detection modules are embedded in Python interpreter. The experiments show that the performance of security analysis framework is good and Bandit with taint can greatly reduce the false positive results without affecting the performance.

Robustness Assessment of Asynchronous Advantage Actor-Critic Based on Dynamic Skewness and Sparseness Computation: A Parallel Computing View

Reinforcement learning as autonomous learning is greatly driving artificial intelligence(AI)development to practical applications.Having demonstrated the potential to significantly improve synchronously parallel learning,the parallel computing based asynchronous advantage actor-critic(A3C)opens a new door for reinforcement learning.Unfortunately,the acceleration's influence on A3C robustness has been largely overlooked.In this paper,we perform the first robustness assessment of A3C based on parallel computing.By perceiving the policy's action,we construct a global matrix of action probability deviation and define two novel measures of skewness and sparseness to form an integral robustness measure.Based on such static assessment,we then develop a dynamic robustness assessing algorithm through situational whole-space state sampling of changing episodes.Extensive experiments with different combinations of agent number and learning rate are implemented on an A3C-based pathfinding application,demonstrating that our proposed robustness assessment can effectively measure the robustness of A3C,which can achieve an accuracy of 83.3%.

Adversarial attack and defense in reinforcement learning-from AI security view

Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ever.However,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this direction.Hence,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security.Moreover,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.

On the combination of data augmentation method and gated convolution model for building effective and robust intrusion detection

Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models.However,the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion.Previously,the seq2seq model has been explored to augment system-call sequences.Following this work,we propose a gated convolutional neural network(GCNN)model to thoroughly extract the potential information of augmented sequences.Also,in order to enhance themodel’s robustness,we adopt adversarial training to reduce the impact of adversarial examples on the model.Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm.The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance.Furthermore,GCNN with adversarial training can enhance robustness significantly.

Adversarial attack and defense in reinforcement learning-from AI security view

Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ever.However,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this direction.Hence,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security.Moreover,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.

On the combination of data augmentation method and gated convolution model for building effective and robust intrusion detection

Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models.However,the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion.Previously,the seq2seq model has been explored to augment system-call sequences.Following this work,we propose a gated convolutional neural network(GCNN)model to thoroughly extract the potential information of augmented sequences.Also,in order to enhance themodel’s robustness,we adopt adversarial training to reduce the impact of adversarial examples on the model.Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm.The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance.Furthermore,GCNN with adversarial training can enhance robustness significantly.

Threats,attacks and defenses to federated learning:issues,taxonomy and perspectives

Empirical attacks on Federated Learning(FL)systems indicate that FL is fraught with numerous attack surfaces throughout the FL execution.These attacks can not only cause models to fail in specific tasks,but also infer private information.While previous surveys have identified the risks,listed the attack methods available in the literature or provided a basic taxonomy to classify them,they mainly focused on the risks in the training phase of FL.In this work,we survey the threats,attacks and defenses to FL throughout the whole process of FL in three phases,including Data and Behavior Auditing Phase,Training Phase and Predicting Phase.We further provide a comprehensive analysis of these threats,attacks and defenses,and summarize their issues and taxonomy.Our work considers security and privacy of FL based on the viewpoint of the execution process of FL.We highlight that establishing a trusted FL requires adequate measures to mitigate security and privacy threats at each phase.Finally,we discuss the limitations of current attacks and defense approaches and provide an outlook on promising future research directions in FL.

Hybritus:a password strength checker by ensemble learning from the query feedbacks of websites

Password authentication is vulnerable to dictionary attacks.Password strength measurement helps users to choose hard-to-guess passwords and enhance the security of systems based on password authentication.Although there are many password strength metrics and tools,none of them produces an objective measurement with inconsistent policies and different dictionaries.In this work,we analyzed the password policies and checkers of top 100 popular websites that are selected from Alexa rankings.The checkers are inconsistent and thus they may label the same password as different strength labels,because each checker is sensitive to its configuration,e.g.,the algorithm used and the training data.Attackers are empowered to exploit the above vulnerabilities to crack the protected systems more easily.As such,single metrics or local training data are not enough to build a robust and secure password checker.Based on these observations,we proposed Hybritus that integrates different websites'strategies and views into a global and robust model of the attackers with multiple layer perceptron(MLP)neural networks.Our data set is comprised of more than 3.3 million passwords taken from the leaked,transformed and randomly generated dictionaries.The data set were sent to 10 website checkers to get the feedbacks on the strength of passwords labeled as strong,medium and weak.Then we used the features of passwords generated by term frequency-inverse document frequency to train and test Hybritus.The experimental results show that the accuracy of passwords strength checking can be as high as 97.7%and over 94%even if it was trained with only ten thousand passwords.User study shows that Hybritus is usable as well as secure.

Fingerprinting Android malware families

The domination of the Android operating system in the market share of smart terminals has engendered increasing threats of malicious applications (apps). Research on Android malware detection has received considerable attention in academia and the industry. In particular, studies on malware families have been beneficial to malware detection and behavior analysis. However, identifying the characteristics of malware families and the features that can describe a particular family have been less frequently discussed in existing work. In this paper, we are motivated to explore the key features that can classify and describe the behaviors of Android malware families to enable fingerprinting the malware families with these features. We present a framework for signature-based key feature construction. In addition, we propose a frequency-based feature elimination algorithm to select the key features. Finally, we construct the fingerprints of ten malware families, including twenty key features in three categories. Results of extensive experiments using Support Vector Machine demonstrate that the malware family classification achieves an accuracy of 92% to 99%. The typical behaviors of malware families are analyzed based on the selected key features. The results demonstrate the feasibility and efFectiveness of the presented algorithm and fingerprinting method.

A Way to Improve the Key Recovery Accuracy Based on Dynamic Programming

Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size 2128 or greater, making such attacks infeasible with current technology. Cache-based side channel attack is another way to get the cryptographic key of an encryption scheme, but there are random noises in side channel attack. In order to reduce random errors, it is advisable to repeat the key recovery process many times. This paper is focused on the way to improve the key recovery accuracy by dealing with the key sequences obtained from the repeated Cache-based side channel attacks. To get the real key, private key bits from side channel attack are collected firstly. And then the key sequences are aligned using sequence alignment algorithms based on dynamic programming. The provided method of key recovery is universal, which is not limited to any cryptographic algorithm. The experiment shows that the proposed method has a good performance and a high availability when the error rate of the collected key bit is within a reasonable range.

Curricular Robust Reinforcement Learning via GAN-Based Perturbation Through Continuously Scheduled Task Sequence

Reinforcement learning(RL),one of three branches of machine learning,aims for autonomous learning and is now greatly driving the artificial intelligence development,especially in autonomous distributed systems,such as cooperative Boston Dynamics robots.However,robust RL has been a challenging problem of reliable aspects due to the gap between laboratory simulation and real world.Existing efforts have been made to approach this problem,such as performing random environmental perturbations in the learning process.However,one cannot guarantee to train with a positive perturbation as bad ones might bring failures to RL.In this work,we treat robust RL as a multi-task RL problem,and propose a curricular robust RL approach.We first present a generative adversarial network(GAN)based task generation model to iteratively output new tasks at the appropriate level of difficulty for the current policy.Furthermore,with these progressive tasks,we can realize curricular learning and finally obtain a robust policy.Extensive experiments in multiple environments demonstrate that our method improves the training stability and is robust to differences in training/test conditions.

LSGAN-AT:enhancing malware detector robustness against adversarial examples

Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement.Generative Adversarial Network(GAN)is a kind of AME generation method,but the existing GAN-based AME generation methods have the issues of inadequate optimization,mode collapse and training instability.In this paper,we propose a novel approach(denote as LSGAN-AT)to enhance ML-based malware detector robustness against Adversarial Examples,which includes LSGAN module and AT module.LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square(LS)loss to optimize boundary samples.AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector(RMD).Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack.The results also verify the performance of the generated RMD in the recognition rate of AME.

LSGAN‑AT:enhancing malware detector robustness against adversarial examples

Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement.Generative Adversarial Network(GAN)is a kind of AME generation method,but the existing GAN-based AME generation methods have the issues of inadequate optimization,mode collapse and training instability.In this paper,we propose a novel approach(denote as LSGAN-AT)to enhance ML-based malware detector robustness against Adversarial Examples,which includes LSGAN module and AT module.LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square(LS)loss to optimize boundary samples.AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector(RMD).Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack.The results also verify the performance of the generated RMD in the recognition rate of AME.

An Anti-Quantum Authentication Protocol for Space Information Networks Based on Ring Learning with Errors

With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However,due to the openness of the air-to-ground channel,the device will face a series of security threats when accessing SIN,such as replay attacks,eavesdropping attacks,impersonation attacks,and man-in-the-middle attacks.These security threats will lead to illegal entity access and further endanger the reliability and availability of the system.Although scholars have proposed many enhanced security access authentication protocols,most of them have been proved to have security vulnerabilities.In addition,with the development of quantum computing,the previous authentication protocols based on some asymmetric cryptographic mechanisms such as discrete logarithm and elliptic curve cryptographic mechanisms may face new security challenges.In this context,this paper proposes a novel antiquantum access authentication protocol based on ring learning with errors(RLWE),which meets more security requirements and greatly reduces the authentication delay through prenegotiation.Through the security analysis and performance analysis,it is shown that our protocol can be more suitable for delaysensitive IoT devices to access SIN while ensuring higher security.