Pub Date : 2024-11-14DOI: 10.1109/tifs.2024.3498464
Yige Liu, Che Wang, Yiwei Lou, Yongzhi Cao, Hanpin Wang
{"title":"Attackers Are Not the Same! Unveiling the Impact of Feature Distribution on Label Inference Attacks","authors":"Yige Liu, Che Wang, Yiwei Lou, Yongzhi Cao, Hanpin Wang","doi":"10.1109/tifs.2024.3498464","DOIUrl":"https://doi.org/10.1109/tifs.2024.3498464","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"17 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142637250","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-13DOI: 10.1109/tifs.2024.3497806
Weihan Li, Zongyang Zhang, Yanpei Guo, Sherman S. M. Chow, Zhiguo Wan
{"title":"Succinct Hash-based Arbitrary-Range Proofs","authors":"Weihan Li, Zongyang Zhang, Yanpei Guo, Sherman S. M. Chow, Zhiguo Wan","doi":"10.1109/tifs.2024.3497806","DOIUrl":"https://doi.org/10.1109/tifs.2024.3497806","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"89 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142610715","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-13DOI: 10.1109/TIFS.2024.3488517
Chengyu Jia;Jinyin Chen;Shouling Ji;Yao Cheng;Haibin Zheng;Qi Xuan
The backdoor attacks have posed a severe threat to deep neural networks (DNNs). Online training platforms and third-party model training providers are more vulnerable to backdoor attacks due to uncontrollable data sources, untrusted developers or unmonitorable training processes. Researchers have proposed to detect the backdoor in the well-trained models, and then remove them by some mitigation techniques, e.g., retraining and pruning. However, they are still limited from two aspects: (i) real-time - they cannot detect in time at the beginning of training due to their reliance on well-trained models; (ii) mitigation effect - the later discovery of backdoors usually leads to 1) deeper backdoors, 2) less effective mitigation, and 3) greater costs. To address these challenges, we rethink the evolution of the backdoor, and intend to cope with backdoors along with the online training process, that is to detect the backdoors sooner rather than later. We propose BackdoorTracer, a novel framework that detects the backdoor in the training phase. BackdoorTracer constructs the model into an equivalent graph based on the activated neural path during training, thereby detecting the backdoor through multiple graph metrics. BackdoorTracer can incorporate any existing backdoor mitigation approaches that require accessing training to stop the impact of backdoors as soon as possible. It differs from previous works in several key aspects: (i) lightweight - BackdoorTracer is independent of the training process, and thus it has little negative impact on the training efficiency and testing accuracy; (ii) generalizable - it works different modalities of data, models and different backdoor attacks. BackdoorTracer outperforms the state-of-the-art (SOTA) detection approaches in experiments on 5 modes, 10 models and 9 backdoor attack scenarios. Compared with the existing 5 backdoor detection methods, our method can detect backdoors earlier (�$sim ~1.5$ � epochs) and higher detection rate (~ +10%), effectively improving the effectiveness of backdoor defense (ASR. ~ -78%, ACC. +47%). Finally, we make BackdoorTracer a plug-and-play backdoor detector, which enables real-time backdoor tracing in the training phase.
{"title":"Backdoor Online Tracing With Evolving Graphs","authors":"Chengyu Jia;Jinyin Chen;Shouling Ji;Yao Cheng;Haibin Zheng;Qi Xuan","doi":"10.1109/TIFS.2024.3488517","DOIUrl":"10.1109/TIFS.2024.3488517","url":null,"abstract":"The backdoor attacks have posed a severe threat to deep neural networks (DNNs). Online training platforms and third-party model training providers are more vulnerable to backdoor attacks due to uncontrollable data sources, untrusted developers or unmonitorable training processes. Researchers have proposed to detect the backdoor in the well-trained models, and then remove them by some mitigation techniques, e.g., retraining and pruning. However, they are still limited from two aspects: (i) real-time - they cannot detect in time at the beginning of training due to their reliance on well-trained models; (ii) mitigation effect - the later discovery of backdoors usually leads to 1) deeper backdoors, 2) less effective mitigation, and 3) greater costs. To address these challenges, we rethink the evolution of the backdoor, and intend to cope with backdoors along with the online training process, that is to detect the backdoors sooner rather than later. We propose BackdoorTracer, a novel framework that detects the backdoor in the training phase. BackdoorTracer constructs the model into an equivalent graph based on the activated neural path during training, thereby detecting the backdoor through multiple graph metrics. BackdoorTracer can incorporate any existing backdoor mitigation approaches that require accessing training to stop the impact of backdoors as soon as possible. It differs from previous works in several key aspects: (i) lightweight - BackdoorTracer is independent of the training process, and thus it has little negative impact on the training efficiency and testing accuracy; (ii) generalizable - it works different modalities of data, models and different backdoor attacks. BackdoorTracer outperforms the state-of-the-art (SOTA) detection approaches in experiments on 5 modes, 10 models and 9 backdoor attack scenarios. Compared with the existing 5 backdoor detection methods, our method can detect backdoors earlier (\u0000<inline-formula> <tex-math>$sim ~1.5$ </tex-math></inline-formula>\u0000 epochs) and higher detection rate (~ +10%), effectively improving the effectiveness of backdoor defense (ASR. ~ -78%, ACC. +47%). Finally, we make BackdoorTracer a plug-and-play backdoor detector, which enables real-time backdoor tracing in the training phase.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"10314-10327"},"PeriodicalIF":6.3,"publicationDate":"2024-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142610711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-13DOI: 10.1109/tifs.2024.3497808
Jiachen Yang, Jipeng Zhang
{"title":"LHADRO: A Robust Control Framework for Autonomous Vehicles Under Cyber-Physical Attacks","authors":"Jiachen Yang, Jipeng Zhang","doi":"10.1109/tifs.2024.3497808","DOIUrl":"https://doi.org/10.1109/tifs.2024.3497808","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"38 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142610713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-13DOI: 10.1109/tifs.2024.3497805
Shuping Zhao, Lunke Fei, Bob Zhang, Jie Wen, Jinrong Cui
{"title":"Towards Mobile Palmprint Recognition via Multi-view Hierarchical Graph Learning","authors":"Shuping Zhao, Lunke Fei, Bob Zhang, Jie Wen, Jinrong Cui","doi":"10.1109/tifs.2024.3497805","DOIUrl":"https://doi.org/10.1109/tifs.2024.3497805","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142610714","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Binary Code Similarity Detection (BCSD) is significant for software security as it can address binary tasks such as malicious code snippets identification and binary patch analysis by comparing code patterns. Recently, there has been a growing focus on artificial intelligence-based approaches in BCSD due to their scalability and generalization. Because binaries are compiled with different compilation configurations, existing approaches still face notable limitations when comparing binary similarity. First, BCSD requires analysis on code behavior, and existing work claims to extract semantic, but actually still makes analysis in terms of syntax. Second, directly extracting features from assembly sequences, existing work cannot address the issues of instruction reordering and different syntax expressions caused by various compilation configurations. In this paper, we propose STRTUNE, which slices binary code based on data dependence and perform slice-level fine-tuning. To address the first limitation, STRTUNE performs backward slicing based on data dependence to capture how a value is computed along the execution. Each slice reflects the collecting semantics of the code, which is stable across different compilation configurations. STRTUNE introduces flow types to emphasize the independence of computations between slices, forming a graph representation. To overcome the second limitation, based on slices corresponding to the same value computation but having different syntax representation, STRTUNE utilizes a Siamese Network to fine-tune such pairs, making their representations closer in the feature space. This allows the cross-graph attention to focus more on the matching of similar slices based on slice contents and flow types involved. Our evaluation results demonstrate the effectiveness and practicality of STRTUNE. We show that STRTUNE outperforms the state-of-the-art methods for BCSD, achieving a Recall@1 that is 25.3% and 22.2% higher than jTrans and GMN in the task of function retrieval cross optimization in x64.
{"title":"Strtune: Data Dependence-Based Code Slicing for Binary Similarity Detection With Fine-Tuned Representation","authors":"Kaiyan He;Yikun Hu;Xuehui Li;Yunhao Song;Yubo Zhao;Dawu Gu","doi":"10.1109/TIFS.2024.3484944","DOIUrl":"https://doi.org/10.1109/TIFS.2024.3484944","url":null,"abstract":"Binary Code Similarity Detection (BCSD) is significant for software security as it can address binary tasks such as malicious code snippets identification and binary patch analysis by comparing code patterns. Recently, there has been a growing focus on artificial intelligence-based approaches in BCSD due to their scalability and generalization. Because binaries are compiled with different compilation configurations, existing approaches still face notable limitations when comparing binary similarity. First, BCSD requires analysis on code behavior, and existing work claims to extract semantic, but actually still makes analysis in terms of syntax. Second, directly extracting features from assembly sequences, existing work cannot address the issues of instruction reordering and different syntax expressions caused by various compilation configurations. In this paper, we propose STRTUNE, which slices binary code based on data dependence and perform slice-level fine-tuning. To address the first limitation, STRTUNE performs backward slicing based on data dependence to capture how a value is computed along the execution. Each slice reflects the collecting semantics of the code, which is stable across different compilation configurations. STRTUNE introduces flow types to emphasize the independence of computations between slices, forming a graph representation. To overcome the second limitation, based on slices corresponding to the same value computation but having different syntax representation, STRTUNE utilizes a Siamese Network to fine-tune such pairs, making their representations closer in the feature space. This allows the cross-graph attention to focus more on the matching of similar slices based on slice contents and flow types involved. Our evaluation results demonstrate the effectiveness and practicality of STRTUNE. We show that STRTUNE outperforms the state-of-the-art methods for BCSD, achieving a Recall@1 that is 25.3% and 22.2% higher than jTrans and GMN in the task of function retrieval cross optimization in x64.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"10233-10245"},"PeriodicalIF":6.3,"publicationDate":"2024-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142600438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This work studies secure inference on Binary Neural Networks (BNNs), which have binary weights and activations as a desirable feature. Although previous works have developed secure methodologies for BNNs, they still have performance limitations and significant gaps in efficiency when applied in practice. We present SecBNN, an efficient secure two-party inference framework on BNNs. SecBNN exploits appropriate underlying primitives and contributes efficient protocols for the non-linear and linear layers of BNNs. Specifically, for non-linear layers, we introduce a secure sign protocol with an innovative adder logic and customized evaluation algorithms. For linear layers, we propose a new binary matrix multiplication protocol, where a divide-and-conquer strategy is provided to recursively break down the matrix multiplication problem into multiple sub-problems. Building on top of these efficient ingredients, we implement and evaluate SecBNN over two real-world datasets and various model architectures under LAN and WAN. Experimental results show that SecBNN substantially improves the communication and computation performance of existing secure BNN inference works by up to �$29 times $ � and �$14 times $ �, respectively.
{"title":"SecBNN: Efficient Secure Inference on Binary Neural Networks","authors":"Hanxiao Chen;Hongwei Li;Meng Hao;Jia Hu;Guowen Xu;Xilin Zhang;Tianwei Zhang","doi":"10.1109/TIFS.2024.3484936","DOIUrl":"https://doi.org/10.1109/TIFS.2024.3484936","url":null,"abstract":"This work studies secure inference on Binary Neural Networks (BNNs), which have binary weights and activations as a desirable feature. Although previous works have developed secure methodologies for BNNs, they still have performance limitations and significant gaps in efficiency when applied in practice. We present SecBNN, an efficient secure two-party inference framework on BNNs. SecBNN exploits appropriate underlying primitives and contributes efficient protocols for the non-linear and linear layers of BNNs. Specifically, for non-linear layers, we introduce a secure sign protocol with an innovative adder logic and customized evaluation algorithms. For linear layers, we propose a new binary matrix multiplication protocol, where a divide-and-conquer strategy is provided to recursively break down the matrix multiplication problem into multiple sub-problems. Building on top of these efficient ingredients, we implement and evaluate SecBNN over two real-world datasets and various model architectures under LAN and WAN. Experimental results show that SecBNN substantially improves the communication and computation performance of existing secure BNN inference works by up to \u0000<inline-formula> <tex-math>$29 times $ </tex-math></inline-formula>\u0000 and \u0000<inline-formula> <tex-math>$14 times $ </tex-math></inline-formula>\u0000, respectively.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"10273-10286"},"PeriodicalIF":6.3,"publicationDate":"2024-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142600181","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-11DOI: 10.1109/tifs.2024.3495234
Xue Gong, Fan Zhang, Xinjie Zhao, Jie Xiao, Shize Guo
{"title":"Key Schedule Guided Persistent Fault Attack","authors":"Xue Gong, Fan Zhang, Xinjie Zhao, Jie Xiao, Shize Guo","doi":"10.1109/tifs.2024.3495234","DOIUrl":"https://doi.org/10.1109/tifs.2024.3495234","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"95 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142599373","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-11-08DOI: 10.1109/tifs.2024.3494547
Yibiao Lu, Bingsheng Zhang, Kui Ren
{"title":"Load-Balanced Server-Aided MPC in Heterogeneous Computing","authors":"Yibiao Lu, Bingsheng Zhang, Kui Ren","doi":"10.1109/tifs.2024.3494547","DOIUrl":"https://doi.org/10.1109/tifs.2024.3494547","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"95 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142597398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: