The blockchain cross-chain is a significant technology for inter-chain interconnection and value transfer among different blockchain networks.Cross-chain overcomes the“information island”problem of the closed blockc...The blockchain cross-chain is a significant technology for inter-chain interconnection and value transfer among different blockchain networks.Cross-chain overcomes the“information island”problem of the closed blockchain network and is increasingly applied to multiple critical areas such as finance and the internet of things(IoT).Blockchain can be divided into three main categories of blockchain networks:public blockchains,private blockchains,and consortium blockchains.However,there are differences in block structures,consensus mechanisms,and complex working mechanisms among heterogeneous blockchains.The fragility of the cross-chain system itself makes the cross-chain system face some potential security and privacy threats.This paper discusses security defects on the cross-chain implementation mechanism,and discusses the impact of the structural features of blockchain networks on cross-chain security.In terms of cross-chain intercommunication,a cross-chain attack can be divided into a multi-chain combination attack,native chain attack,and inter-chain attack diffusion.Then various security threats and attack paths faced by the cross-chain system are analyzed.At last,the corresponding security defense methods of cross-chain security threats and future research directions for cross-chain applications are put forward.展开更多
Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application pro...Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application process,and the rapid development of quantum computing also brings the threat of quantum attack to blockchain.In this paper,we propose a lattice-based certificateless fully homomorphic encryption(LCFHE)algorithm based on approximate eigenvector firstly.And we use the lattice-based delegate algorithm and preimage sampling algorithm to extract part of the private key based on certificateless scheme,which is composed of the private key together with the secret value selected by the user,thus effectively avoiding the problems of certificate management and key escrow.Secondly,we propose a post-quantum blockchain transaction privacy protection scheme based on LCFHE algorithm,which uses the ciphertext calculation characteristic of homomorphic encryption to encrypt the account balance and transaction amount,effectively protecting the transaction privacy of users and having the ability to resist quantum attacks.Finally,we analyze the correctness and security of LCFHE algorithm,and the security of the algorithm reduces to the hardness of learning with errors(LWE)hypothesis.展开更多
In recent decades, log system management has been widely studied fordata security management. System abnormalities or illegal operations can befound in time by analyzing the log and provide evidence for intrusions. In...In recent decades, log system management has been widely studied fordata security management. System abnormalities or illegal operations can befound in time by analyzing the log and provide evidence for intrusions. In orderto ensure the integrity of the log in the current system, many researchers havedesigned it based on blockchain. However, the emerging blockchain is facing significant security challenges with the increment of quantum computers. An attackerequipped with a quantum computer can extract the user's private key from thepublic key to generate a forged signature, destroy the structure of the blockchain,and threaten the security of the log system. Thus, blind signature on the lattice inpost-quantum blockchain brings new security features for log systems. In ourpaper, to address these, firstly, we propose a novel log system based on post-quantum blockchain that can resist quantum computing attacks. Secondly, we utilize apost-quantum blind signature on the lattice to ensure both security and blindnessof log system, which makes the privacy of log information to a large extent.Lastly, we enhance the security level of lattice-based blind signature under therandom oracle model, and the signature size grows slowly compared with others.We also implement our protocol and conduct an extensive analysis to prove theideas. The results show that our scheme signature size edges up subtly comparedwith others with the improvement of security level.展开更多
The continuous increase of electric vehicles is being facilitating the large-scale distributed charging-pile deployment.It is crucial to guarantee normal operation of charging piles,resulting in the importance of diag...The continuous increase of electric vehicles is being facilitating the large-scale distributed charging-pile deployment.It is crucial to guarantee normal operation of charging piles,resulting in the importance of diagnosing charging-pile faults.The existing fault-diagnosis approaches were based on physical fault data like mechanical log data and sensor data streams.However,there are other types of fault data,which cannot be used for diagnosis by these existing approaches.This paper aims to fill this gap and consider 8 types of fault data for diagnosing,at least including physical installation error fault,charging-pile mechanical fault,charging-pile program fault,user personal fault,signal fault(offline),pile compatibility fault,charging platform fault,and other faults.We aim to find out how to combine existing feature-extraction and machine learning techniques to make the better diagnosis by conducting experiments on realistic dataset.4 word embedding models are investigated for feature extraction of fault data,including N-gram,GloVe,Word2vec,and BERT.Moreover,we classify the word embedding results using 10 machine learning classifiers,including Random Forest(RF),Support Vector Machine,K-Nearest Neighbor,Multilayer Perceptron,Recurrent Neural Network,AdaBoost,Gradient Boosted Decision Tree,Decision Tree,Extra Tree,and VOTE.Compared with original fault record dataset,we utilize paraphrasing-based data augmentation method to improve the classification accuracy up to 10.40%.Our extensive experiment results reveal that RF classifier combining the GloVe embedding model achieves the best accuracy with acceptable training time.In addition,we discuss the interpretability of RF and GloVe.展开更多
Python is widely used in web crawler, machine learning, data analysis and so on. However, there is no guarantee that Python scripts are trusted in their whole lifetime because of system insecurity. When the system is ...Python is widely used in web crawler, machine learning, data analysis and so on. However, there is no guarantee that Python scripts are trusted in their whole lifetime because of system insecurity. When the system is attacked, scripts in the computer are likely to be tampered with. Therefore, the trustworthiness of Python scripts needs to be checked through different configuration strategies, including integrity verification and vulnerability detection. In this paper, integrity verification and vulnerability detection are based on two Python scripts, an original Python script and a current Python script, and the original Python script is assumed to has no vulnerabilities. By comparing with the original script, we can find out whether the current script is integrity or not and detect whether there are vulnerabilities if the integrity of the current file is destroyed. Integrity verification with Hash functions is not applied in some cases. In this mode, any changes including blank lines added are considered illegal. So loose integrity verification by combining UNIX diff tool with abstract syntax trees is proposed. The vulnerability detection starts from the premise that the original Python script has no vulnerabilities, and taint analysis is applied on the vulnerability detection framework Bandit to find vulnerabilities. Besides, in order not to change the usage of Python, both integrity verification and vulnerability detection modules are embedded in Python interpreter. The experiments show that the performance of security analysis framework is good and Bandit with taint can greatly reduce the false positive results without affecting the performance.展开更多
Reinforcement learning as autonomous learning is greatly driving artificial intelligence(AI)development to practical applications.Having demonstrated the potential to significantly improve synchronously parallel learn...Reinforcement learning as autonomous learning is greatly driving artificial intelligence(AI)development to practical applications.Having demonstrated the potential to significantly improve synchronously parallel learning,the parallel computing based asynchronous advantage actor-critic(A3C)opens a new door for reinforcement learning.Unfortunately,the acceleration's influence on A3C robustness has been largely overlooked.In this paper,we perform the first robustness assessment of A3C based on parallel computing.By perceiving the policy's action,we construct a global matrix of action probability deviation and define two novel measures of skewness and sparseness to form an integral robustness measure.Based on such static assessment,we then develop a dynamic robustness assessing algorithm through situational whole-space state sampling of changing episodes.Extensive experiments with different combinations of agent number and learning rate are implemented on an A3C-based pathfinding application,demonstrating that our proposed robustness assessment can effectively measure the robustness of A3C,which can achieve an accuracy of 83.3%.展开更多
Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a relia...Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ever.However,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this direction.Hence,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security.Moreover,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.展开更多
Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL mod...Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models.However,the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion.Previously,the seq2seq model has been explored to augment system-call sequences.Following this work,we propose a gated convolutional neural network(GCNN)model to thoroughly extract the potential information of augmented sequences.Also,in order to enhance themodel’s robustness,we adopt adversarial training to reduce the impact of adversarial examples on the model.Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm.The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance.Furthermore,GCNN with adversarial training can enhance robustness significantly.展开更多
Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a relia...Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ever.However,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this direction.Hence,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security.Moreover,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.展开更多
Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL mod...Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models.However,the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion.Previously,the seq2seq model has been explored to augment system-call sequences.Following this work,we propose a gated convolutional neural network(GCNN)model to thoroughly extract the potential information of augmented sequences.Also,in order to enhance themodel’s robustness,we adopt adversarial training to reduce the impact of adversarial examples on the model.Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm.The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance.Furthermore,GCNN with adversarial training can enhance robustness significantly.展开更多
Empirical attacks on Federated Learning(FL)systems indicate that FL is fraught with numerous attack surfaces throughout the FL execution.These attacks can not only cause models to fail in specific tasks,but also infer...Empirical attacks on Federated Learning(FL)systems indicate that FL is fraught with numerous attack surfaces throughout the FL execution.These attacks can not only cause models to fail in specific tasks,but also infer private information.While previous surveys have identified the risks,listed the attack methods available in the literature or provided a basic taxonomy to classify them,they mainly focused on the risks in the training phase of FL.In this work,we survey the threats,attacks and defenses to FL throughout the whole process of FL in three phases,including Data and Behavior Auditing Phase,Training Phase and Predicting Phase.We further provide a comprehensive analysis of these threats,attacks and defenses,and summarize their issues and taxonomy.Our work considers security and privacy of FL based on the viewpoint of the execution process of FL.We highlight that establishing a trusted FL requires adequate measures to mitigate security and privacy threats at each phase.Finally,we discuss the limitations of current attacks and defense approaches and provide an outlook on promising future research directions in FL.展开更多
Password authentication is vulnerable to dictionary attacks.Password strength measurement helps users to choose hard-to-guess passwords and enhance the security of systems based on password authentication.Although the...Password authentication is vulnerable to dictionary attacks.Password strength measurement helps users to choose hard-to-guess passwords and enhance the security of systems based on password authentication.Although there are many password strength metrics and tools,none of them produces an objective measurement with inconsistent policies and different dictionaries.In this work,we analyzed the password policies and checkers of top 100 popular websites that are selected from Alexa rankings.The checkers are inconsistent and thus they may label the same password as different strength labels,because each checker is sensitive to its configuration,e.g.,the algorithm used and the training data.Attackers are empowered to exploit the above vulnerabilities to crack the protected systems more easily.As such,single metrics or local training data are not enough to build a robust and secure password checker.Based on these observations,we proposed Hybritus that integrates different websites'strategies and views into a global and robust model of the attackers with multiple layer perceptron(MLP)neural networks.Our data set is comprised of more than 3.3 million passwords taken from the leaked,transformed and randomly generated dictionaries.The data set were sent to 10 website checkers to get the feedbacks on the strength of passwords labeled as strong,medium and weak.Then we used the features of passwords generated by term frequency-inverse document frequency to train and test Hybritus.The experimental results show that the accuracy of passwords strength checking can be as high as 97.7%and over 94%even if it was trained with only ten thousand passwords.User study shows that Hybritus is usable as well as secure.展开更多
The domination of the Android operating system in the market share of smart terminals has engendered increasing threats of malicious applications (apps). Research on Android malware detection has received considerable...The domination of the Android operating system in the market share of smart terminals has engendered increasing threats of malicious applications (apps). Research on Android malware detection has received considerable attention in academia and the industry. In particular, studies on malware families have been beneficial to malware detection and behavior analysis. However, identifying the characteristics of malware families and the features that can describe a particular family have been less frequently discussed in existing work. In this paper, we are motivated to explore the key features that can classify and describe the behaviors of Android malware families to enable fingerprinting the malware families with these features. We present a framework for signature-based key feature construction. In addition, we propose a frequency-based feature elimination algorithm to select the key features. Finally, we construct the fingerprints of ten malware families, including twenty key features in three categories. Results of extensive experiments using Support Vector Machine demonstrate that the malware family classification achieves an accuracy of 92% to 99%. The typical behaviors of malware families are analyzed based on the selected key features. The results demonstrate the feasibility and efFectiveness of the presented algorithm and fingerprinting method.展开更多
Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers o...Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size 2128 or greater, making such attacks infeasible with current technology. Cache-based side channel attack is another way to get the cryptographic key of an encryption scheme, but there are random noises in side channel attack. In order to reduce random errors, it is advisable to repeat the key recovery process many times. This paper is focused on the way to improve the key recovery accuracy by dealing with the key sequences obtained from the repeated Cache-based side channel attacks. To get the real key, private key bits from side channel attack are collected firstly. And then the key sequences are aligned using sequence alignment algorithms based on dynamic programming. The provided method of key recovery is universal, which is not limited to any cryptographic algorithm. The experiment shows that the proposed method has a good performance and a high availability when the error rate of the collected key bit is within a reasonable range.展开更多
Reinforcement learning(RL),one of three branches of machine learning,aims for autonomous learning and is now greatly driving the artificial intelligence development,especially in autonomous distributed systems,such as...Reinforcement learning(RL),one of three branches of machine learning,aims for autonomous learning and is now greatly driving the artificial intelligence development,especially in autonomous distributed systems,such as cooperative Boston Dynamics robots.However,robust RL has been a challenging problem of reliable aspects due to the gap between laboratory simulation and real world.Existing efforts have been made to approach this problem,such as performing random environmental perturbations in the learning process.However,one cannot guarantee to train with a positive perturbation as bad ones might bring failures to RL.In this work,we treat robust RL as a multi-task RL problem,and propose a curricular robust RL approach.We first present a generative adversarial network(GAN)based task generation model to iteratively output new tasks at the appropriate level of difficulty for the current policy.Furthermore,with these progressive tasks,we can realize curricular learning and finally obtain a robust policy.Extensive experiments in multiple environments demonstrate that our method improves the training stability and is robust to differences in training/test conditions.展开更多
Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement....Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement.Generative Adversarial Network(GAN)is a kind of AME generation method,but the existing GAN-based AME generation methods have the issues of inadequate optimization,mode collapse and training instability.In this paper,we propose a novel approach(denote as LSGAN-AT)to enhance ML-based malware detector robustness against Adversarial Examples,which includes LSGAN module and AT module.LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square(LS)loss to optimize boundary samples.AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector(RMD).Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack.The results also verify the performance of the generated RMD in the recognition rate of AME.展开更多
Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement....Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement.Generative Adversarial Network(GAN)is a kind of AME generation method,but the existing GAN-based AME generation methods have the issues of inadequate optimization,mode collapse and training instability.In this paper,we propose a novel approach(denote as LSGAN-AT)to enhance ML-based malware detector robustness against Adversarial Examples,which includes LSGAN module and AT module.LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square(LS)loss to optimize boundary samples.AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector(RMD).Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack.The results also verify the performance of the generated RMD in the recognition rate of AME.展开更多
With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However...With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However,due to the openness of the air-to-ground channel,the device will face a series of security threats when accessing SIN,such as replay attacks,eavesdropping attacks,impersonation attacks,and man-in-the-middle attacks.These security threats will lead to illegal entity access and further endanger the reliability and availability of the system.Although scholars have proposed many enhanced security access authentication protocols,most of them have been proved to have security vulnerabilities.In addition,with the development of quantum computing,the previous authentication protocols based on some asymmetric cryptographic mechanisms such as discrete logarithm and elliptic curve cryptographic mechanisms may face new security challenges.In this context,this paper proposes a novel antiquantum access authentication protocol based on ring learning with errors(RLWE),which meets more security requirements and greatly reduces the authentication delay through prenegotiation.Through the security analysis and performance analysis,it is shown that our protocol can be more suitable for delaysensitive IoT devices to access SIN while ensuring higher security.展开更多
基金supported by the Beijing Natural Science Foundation(4212008)the National Natural Science Foundation of China(62272031)+2 种基金the Open Foundation of Information Security Evaluation Center of Civil Aviation,Civil Aviation University of China(ISECCA-202101)Guangxi Key Laboratory of Cryptography and Information Security(GCIS201915)supported in part by the National Natural Science Foundation of China(U21A20463,U22B2027)。
文摘The blockchain cross-chain is a significant technology for inter-chain interconnection and value transfer among different blockchain networks.Cross-chain overcomes the“information island”problem of the closed blockchain network and is increasingly applied to multiple critical areas such as finance and the internet of things(IoT).Blockchain can be divided into three main categories of blockchain networks:public blockchains,private blockchains,and consortium blockchains.However,there are differences in block structures,consensus mechanisms,and complex working mechanisms among heterogeneous blockchains.The fragility of the cross-chain system itself makes the cross-chain system face some potential security and privacy threats.This paper discusses security defects on the cross-chain implementation mechanism,and discusses the impact of the structural features of blockchain networks on cross-chain security.In terms of cross-chain intercommunication,a cross-chain attack can be divided into a multi-chain combination attack,native chain attack,and inter-chain attack diffusion.Then various security threats and attack paths faced by the cross-chain system are analyzed.At last,the corresponding security defense methods of cross-chain security threats and future research directions for cross-chain applications are put forward.
基金supported by NSFC(Grant Nos.92046001,61671087,61962009,61971021)the Fundamental Research Funds for Beijing Municipal Commission of Education,the Scientific Research Launch Funds of North China University of Technology,and Beijing Urban Governance Research Base of North China University of Technology.
文摘Blockchain has a profound impact on all areas of society by virtue of its immutability,decentralization and other characteristics.However,blockchain faces the problem of data privacy leakage during the application process,and the rapid development of quantum computing also brings the threat of quantum attack to blockchain.In this paper,we propose a lattice-based certificateless fully homomorphic encryption(LCFHE)algorithm based on approximate eigenvector firstly.And we use the lattice-based delegate algorithm and preimage sampling algorithm to extract part of the private key based on certificateless scheme,which is composed of the private key together with the secret value selected by the user,thus effectively avoiding the problems of certificate management and key escrow.Secondly,we propose a post-quantum blockchain transaction privacy protection scheme based on LCFHE algorithm,which uses the ciphertext calculation characteristic of homomorphic encryption to encrypt the account balance and transaction amount,effectively protecting the transaction privacy of users and having the ability to resist quantum attacks.Finally,we analyze the correctness and security of LCFHE algorithm,and the security of the algorithm reduces to the hardness of learning with errors(LWE)hypothesis.
基金supported by the NSFC(Grant Nos.92046001,61962009)JSPS KAKENHI Grant Number JP20F20080+3 种基金the Natural Science Foundation of Inner Mongolia(2021MS06006)Baotou Kundulun District Science and technology plan project(YF2020013)Inner Mongolia discipline inspection and supervision big data laboratory open project fund(IMDBD2020020)the Scientific Research Foundation of North China University of Technology.
文摘In recent decades, log system management has been widely studied fordata security management. System abnormalities or illegal operations can befound in time by analyzing the log and provide evidence for intrusions. In orderto ensure the integrity of the log in the current system, many researchers havedesigned it based on blockchain. However, the emerging blockchain is facing significant security challenges with the increment of quantum computers. An attackerequipped with a quantum computer can extract the user's private key from thepublic key to generate a forged signature, destroy the structure of the blockchain,and threaten the security of the log system. Thus, blind signature on the lattice inpost-quantum blockchain brings new security features for log systems. In ourpaper, to address these, firstly, we propose a novel log system based on post-quantum blockchain that can resist quantum computing attacks. Secondly, we utilize apost-quantum blind signature on the lattice to ensure both security and blindnessof log system, which makes the privacy of log information to a large extent.Lastly, we enhance the security level of lattice-based blind signature under therandom oracle model, and the signature size grows slowly compared with others.We also implement our protocol and conduct an extensive analysis to prove theideas. The results show that our scheme signature size edges up subtly comparedwith others with the improvement of security level.
基金This work was supported by the State Grid Technology Project“Research on Interaction between Large-scale Electric Vehicles and Power Grid and Charging Safety Protection Technology”(5418-202071490A-0-0-00)from State Grid Corporation of China..
文摘The continuous increase of electric vehicles is being facilitating the large-scale distributed charging-pile deployment.It is crucial to guarantee normal operation of charging piles,resulting in the importance of diagnosing charging-pile faults.The existing fault-diagnosis approaches were based on physical fault data like mechanical log data and sensor data streams.However,there are other types of fault data,which cannot be used for diagnosis by these existing approaches.This paper aims to fill this gap and consider 8 types of fault data for diagnosing,at least including physical installation error fault,charging-pile mechanical fault,charging-pile program fault,user personal fault,signal fault(offline),pile compatibility fault,charging platform fault,and other faults.We aim to find out how to combine existing feature-extraction and machine learning techniques to make the better diagnosis by conducting experiments on realistic dataset.4 word embedding models are investigated for feature extraction of fault data,including N-gram,GloVe,Word2vec,and BERT.Moreover,we classify the word embedding results using 10 machine learning classifiers,including Random Forest(RF),Support Vector Machine,K-Nearest Neighbor,Multilayer Perceptron,Recurrent Neural Network,AdaBoost,Gradient Boosted Decision Tree,Decision Tree,Extra Tree,and VOTE.Compared with original fault record dataset,we utilize paraphrasing-based data augmentation method to improve the classification accuracy up to 10.40%.Our extensive experiment results reveal that RF classifier combining the GloVe embedding model achieves the best accuracy with acceptable training time.In addition,we discuss the interpretability of RF and GloVe.
基金Supported by the National Natural Science Foundation of China(61572066)
文摘Python is widely used in web crawler, machine learning, data analysis and so on. However, there is no guarantee that Python scripts are trusted in their whole lifetime because of system insecurity. When the system is attacked, scripts in the computer are likely to be tampered with. Therefore, the trustworthiness of Python scripts needs to be checked through different configuration strategies, including integrity verification and vulnerability detection. In this paper, integrity verification and vulnerability detection are based on two Python scripts, an original Python script and a current Python script, and the original Python script is assumed to has no vulnerabilities. By comparing with the original script, we can find out whether the current script is integrity or not and detect whether there are vulnerabilities if the integrity of the current file is destroyed. Integrity verification with Hash functions is not applied in some cases. In this mode, any changes including blank lines added are considered illegal. So loose integrity verification by combining UNIX diff tool with abstract syntax trees is proposed. The vulnerability detection starts from the premise that the original Python script has no vulnerabilities, and taint analysis is applied on the vulnerability detection framework Bandit to find vulnerabilities. Besides, in order not to change the usage of Python, both integrity verification and vulnerability detection modules are embedded in Python interpreter. The experiments show that the performance of security analysis framework is good and Bandit with taint can greatly reduce the false positive results without affecting the performance.
基金supported by the National Natural Science Foundation of China under Grant Nos.61972025,61802389,61672092,U1811264,and 61966009the National Key Research and Development Program of China under Grant Nos.2020YFB1005604 and 2020YFB2103802Guangxi Key Laboratory of Trusted Software under Grant No.KX201902.
文摘Reinforcement learning as autonomous learning is greatly driving artificial intelligence(AI)development to practical applications.Having demonstrated the potential to significantly improve synchronously parallel learning,the parallel computing based asynchronous advantage actor-critic(A3C)opens a new door for reinforcement learning.Unfortunately,the acceleration's influence on A3C robustness has been largely overlooked.In this paper,we perform the first robustness assessment of A3C based on parallel computing.By perceiving the policy's action,we construct a global matrix of action probability deviation and define two novel measures of skewness and sparseness to form an integral robustness measure.Based on such static assessment,we then develop a dynamic robustness assessing algorithm through situational whole-space state sampling of changing episodes.Extensive experiments with different combinations of agent number and learning rate are implemented on an A3C-based pathfinding application,demonstrating that our proposed robustness assessment can effectively measure the robustness of A3C,which can achieve an accuracy of 83.3%.
基金This research is supported by the National Natural Science Foundation of China(No.61672092)Science and Technology on Information Assurance Laboratory(No.614200103011711)+2 种基金the Project(No.BMK2017B02-2)Beijing Excellent Talent Training Project,the Fundamental Research Funds for the Central Universities(No.2017RC016)the Foundation of China Scholarship Council,the Fundamental Research Funds for the Central Universities of China under Grants 2018JBZ103.
文摘Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ever.However,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this direction.Hence,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security.Moreover,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.
基金This work was supported in part by the Fundamental Research Funds for the Central Universities of China under Grants 2019YJS049。
文摘Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models.However,the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion.Previously,the seq2seq model has been explored to augment system-call sequences.Following this work,we propose a gated convolutional neural network(GCNN)model to thoroughly extract the potential information of augmented sequences.Also,in order to enhance themodel’s robustness,we adopt adversarial training to reduce the impact of adversarial examples on the model.Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm.The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance.Furthermore,GCNN with adversarial training can enhance robustness significantly.
基金supported by the National Natural Science Foundation of China(No.61672092)Science and Technology on Information Assurance Laboratory(No.614200103011711)+4 种基金the Project(No.BMK2017B02-2)Beijing Excellent Talent Training Projectthe Fundamental Research Funds for the Central Universities(No.2017RC016)the Foundation of China Scholarship Councilthe Fundamental Research Funds for the Central Universities of China under Grants 2018JBZ103.
文摘Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ever.However,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this direction.Hence,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI security.Moreover,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.
基金supported in part by the Fundamental Research Funds for the Central Universities of China under Grants 2019YJS049。
文摘Deep learning(DL)has exhibited its exceptional performance in fields like intrusion detection.Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models.However,the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion.Previously,the seq2seq model has been explored to augment system-call sequences.Following this work,we propose a gated convolutional neural network(GCNN)model to thoroughly extract the potential information of augmented sequences.Also,in order to enhance themodel’s robustness,we adopt adversarial training to reduce the impact of adversarial examples on the model.Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm.The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance.Furthermore,GCNN with adversarial training can enhance robustness significantly.
基金This work was supported in part by National Key R&D Program of China,under Grant 2020YFB2103802in part by the National Natural Science Foundation of China,uder grant U21A20463in part by the Fundamental Research Funds for the Central Universities of China under Grant KKJB320001536.
文摘Empirical attacks on Federated Learning(FL)systems indicate that FL is fraught with numerous attack surfaces throughout the FL execution.These attacks can not only cause models to fail in specific tasks,but also infer private information.While previous surveys have identified the risks,listed the attack methods available in the literature or provided a basic taxonomy to classify them,they mainly focused on the risks in the training phase of FL.In this work,we survey the threats,attacks and defenses to FL throughout the whole process of FL in three phases,including Data and Behavior Auditing Phase,Training Phase and Predicting Phase.We further provide a comprehensive analysis of these threats,attacks and defenses,and summarize their issues and taxonomy.Our work considers security and privacy of FL based on the viewpoint of the execution process of FL.We highlight that establishing a trusted FL requires adequate measures to mitigate security and privacy threats at each phase.Finally,we discuss the limitations of current attacks and defense approaches and provide an outlook on promising future research directions in FL.
基金supported in part by National Key R&D Program of China(2017YFC0820100.2017YFB0802805)in part by the National Natural Science Foundation of China(Grant No.U1736114).
文摘Password authentication is vulnerable to dictionary attacks.Password strength measurement helps users to choose hard-to-guess passwords and enhance the security of systems based on password authentication.Although there are many password strength metrics and tools,none of them produces an objective measurement with inconsistent policies and different dictionaries.In this work,we analyzed the password policies and checkers of top 100 popular websites that are selected from Alexa rankings.The checkers are inconsistent and thus they may label the same password as different strength labels,because each checker is sensitive to its configuration,e.g.,the algorithm used and the training data.Attackers are empowered to exploit the above vulnerabilities to crack the protected systems more easily.As such,single metrics or local training data are not enough to build a robust and secure password checker.Based on these observations,we proposed Hybritus that integrates different websites'strategies and views into a global and robust model of the attackers with multiple layer perceptron(MLP)neural networks.Our data set is comprised of more than 3.3 million passwords taken from the leaked,transformed and randomly generated dictionaries.The data set were sent to 10 website checkers to get the feedbacks on the strength of passwords labeled as strong,medium and weak.Then we used the features of passwords generated by term frequency-inverse document frequency to train and test Hybritus.The experimental results show that the accuracy of passwords strength checking can be as high as 97.7%and over 94%even if it was trained with only ten thousand passwords.User study shows that Hybritus is usable as well as secure.
基金the Scientific Research Foundation through the Returned Overseas Chinese Scholars, Ministry of Education of China (K14C300020)in part by Shanghai Key Laboratory of Integrated Administration Technologies for Information Security (AGK2015002)in part by ZTE Corporation Foundation, and in part by the National Natural Science Foundation of China (Grant No. 61672092).
文摘The domination of the Android operating system in the market share of smart terminals has engendered increasing threats of malicious applications (apps). Research on Android malware detection has received considerable attention in academia and the industry. In particular, studies on malware families have been beneficial to malware detection and behavior analysis. However, identifying the characteristics of malware families and the features that can describe a particular family have been less frequently discussed in existing work. In this paper, we are motivated to explore the key features that can classify and describe the behaviors of Android malware families to enable fingerprinting the malware families with these features. We present a framework for signature-based key feature construction. In addition, we propose a frequency-based feature elimination algorithm to select the key features. Finally, we construct the fingerprints of ten malware families, including twenty key features in three categories. Results of extensive experiments using Support Vector Machine demonstrate that the malware family classification achieves an accuracy of 92% to 99%. The typical behaviors of malware families are analyzed based on the selected key features. The results demonstrate the feasibility and efFectiveness of the presented algorithm and fingerprinting method.
基金Supported in part by the Fundamental Research Funds for the Central Universities of China(2015JBM034)
文摘Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size 2128 or greater, making such attacks infeasible with current technology. Cache-based side channel attack is another way to get the cryptographic key of an encryption scheme, but there are random noises in side channel attack. In order to reduce random errors, it is advisable to repeat the key recovery process many times. This paper is focused on the way to improve the key recovery accuracy by dealing with the key sequences obtained from the repeated Cache-based side channel attacks. To get the real key, private key bits from side channel attack are collected firstly. And then the key sequences are aligned using sequence alignment algorithms based on dynamic programming. The provided method of key recovery is universal, which is not limited to any cryptographic algorithm. The experiment shows that the proposed method has a good performance and a high availability when the error rate of the collected key bit is within a reasonable range.
基金supported by the National Natural Science Foundation of China (Nos.61972025,61802389,61672092,U1811264,and 61966009)the National Key R&D Program of China (Nos.2020YFB1005604 and 2020YFB2103802).
文摘Reinforcement learning(RL),one of three branches of machine learning,aims for autonomous learning and is now greatly driving the artificial intelligence development,especially in autonomous distributed systems,such as cooperative Boston Dynamics robots.However,robust RL has been a challenging problem of reliable aspects due to the gap between laboratory simulation and real world.Existing efforts have been made to approach this problem,such as performing random environmental perturbations in the learning process.However,one cannot guarantee to train with a positive perturbation as bad ones might bring failures to RL.In this work,we treat robust RL as a multi-task RL problem,and propose a curricular robust RL approach.We first present a generative adversarial network(GAN)based task generation model to iteratively output new tasks at the appropriate level of difficulty for the current policy.Furthermore,with these progressive tasks,we can realize curricular learning and finally obtain a robust policy.Extensive experiments in multiple environments demonstrate that our method improves the training stability and is robust to differences in training/test conditions.
基金The research of J.Wang,X.Chang,Y.Wang and J.Zhang was supported in part by Project supported by Chinese National Key Laboratory of Science and Technology on Information System Security and National Natural Science Foundation of China under Grant No.U1836105The research of R.J.Rodriguez and X.Chang has been supported in part by the University of Zaragoza and the Fundacion Ibercaja under Grant JIUZ-2020-TIC-08The research of R.J.Rodriguez has also been supported in part by the University,Industry and Innovation Department of the Aragonese Government under Programa de Proyectos Estrategicos de Grupos de Investigacidn(DisCo research group,ref.T21-20R).
文摘Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement.Generative Adversarial Network(GAN)is a kind of AME generation method,but the existing GAN-based AME generation methods have the issues of inadequate optimization,mode collapse and training instability.In this paper,we propose a novel approach(denote as LSGAN-AT)to enhance ML-based malware detector robustness against Adversarial Examples,which includes LSGAN module and AT module.LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square(LS)loss to optimize boundary samples.AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector(RMD).Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack.The results also verify the performance of the generated RMD in the recognition rate of AME.
基金Chinese National Key Laboratory of Science and Technology on Information System Security and National Natural Science Foundation of China under Grant No.U1836105The research of R.J.Rodríguez and X.Chang has been supported in part by the University of Zaragoza and the Fundación Ibercaja under Grant JIUZ-2020-TIC-08The research of R.J.Rodríguez has also been supported in part by the University,Industry and Innovation Department of the Aragonese Government under Programa de Proyectos Estratégicos de Grupos de Investigación(DisCo research group,ref.T21-20R).
文摘Adversarial Malware Example(AME)-based adversarial training can effectively enhance the robustness of Machine Learning(ML)-based malware detectors against AME.AME quality is a key factor to the robustness enhancement.Generative Adversarial Network(GAN)is a kind of AME generation method,but the existing GAN-based AME generation methods have the issues of inadequate optimization,mode collapse and training instability.In this paper,we propose a novel approach(denote as LSGAN-AT)to enhance ML-based malware detector robustness against Adversarial Examples,which includes LSGAN module and AT module.LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square(LS)loss to optimize boundary samples.AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector(RMD).Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack.The results also verify the performance of the generated RMD in the recognition rate of AME.
基金supported by the National Natural Science Foundation of China under Grant 61672092.
文摘With the continuous development of satellite communication and Internet of things technology,more and more devices can access space information networks(SIN)and enjoy satellite services everywhere in the world.However,due to the openness of the air-to-ground channel,the device will face a series of security threats when accessing SIN,such as replay attacks,eavesdropping attacks,impersonation attacks,and man-in-the-middle attacks.These security threats will lead to illegal entity access and further endanger the reliability and availability of the system.Although scholars have proposed many enhanced security access authentication protocols,most of them have been proved to have security vulnerabilities.In addition,with the development of quantum computing,the previous authentication protocols based on some asymmetric cryptographic mechanisms such as discrete logarithm and elliptic curve cryptographic mechanisms may face new security challenges.In this context,this paper proposes a novel antiquantum access authentication protocol based on ring learning with errors(RLWE),which meets more security requirements and greatly reduces the authentication delay through prenegotiation.Through the security analysis and performance analysis,it is shown that our protocol can be more suitable for delaysensitive IoT devices to access SIN while ensuring higher security.