Pub Date : 2024-12-16DOI: 10.1109/TIFS.2024.3516552
Xiaoping Liang;Zhenjun Tang;Xianquan Zhang;Xinpeng Zhang;Ching-Nung Yang
Copy detection is crucial for protecting image copyright. This paper proposes a robust image hashing approach via Weighted Saliency Map (WSM) and Laplacian Eigenmaps (LE) (hereafter WSM-LE approach). An important contribution is the WSM construction via the edge map and the saliency map. As the WSM can indicate the interest regions of image, hash calculation based on WSM can provide robustness of our WSM-LE approach. Another contribution is the low-dimensional feature learning by the LE technique. As the LE technique can effectively learn the internal geometric relationships of image, the extracted low-dimensional features can improve discrimination of our WSM-LE approach. In addition, the low-dimensional features are treated as vectors and the vector distances are used to create a compact and encrypted hash. Numerous experiments and comparisons are conducted to confirm the effectiveness and superiority of our WSM-LE approach. The results indicate that our WSM-LE approach has excellent classification and copy detection performances than some baseline approaches.
{"title":"Robust Image Hashing With Weighted Saliency Map and Laplacian Eigenmaps","authors":"Xiaoping Liang;Zhenjun Tang;Xianquan Zhang;Xinpeng Zhang;Ching-Nung Yang","doi":"10.1109/TIFS.2024.3516552","DOIUrl":"10.1109/TIFS.2024.3516552","url":null,"abstract":"Copy detection is crucial for protecting image copyright. This paper proposes a robust image hashing approach via Weighted Saliency Map (WSM) and Laplacian Eigenmaps (LE) (hereafter WSM-LE approach). An important contribution is the WSM construction via the edge map and the saliency map. As the WSM can indicate the interest regions of image, hash calculation based on WSM can provide robustness of our WSM-LE approach. Another contribution is the low-dimensional feature learning by the LE technique. As the LE technique can effectively learn the internal geometric relationships of image, the extracted low-dimensional features can improve discrimination of our WSM-LE approach. In addition, the low-dimensional features are treated as vectors and the vector distances are used to create a compact and encrypted hash. Numerous experiments and comparisons are conducted to confirm the effectiveness and superiority of our WSM-LE approach. The results indicate that our WSM-LE approach has excellent classification and copy detection performances than some baseline approaches.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"665-676"},"PeriodicalIF":6.3,"publicationDate":"2024-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10802924","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142832516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-16DOI: 10.1109/TIFS.2024.3518061
Xirong Zhuang;Lan Zhang;Chen Tang;Yaliang Li
Well-trained deep learning (DL) models are widely recognized as valuable intellectual property (IP) and have been extensively adopted. However, concerns regarding IP infringement emerge when these models are either privately sold to end-users or publicly released online. Unauthorized activities, such as redistributing privately purchased models or exploiting restricted open-source models for commercial gain, pose a significant threat to the interests of model owners. In this paper, we introduce D�eep�R�eg�, a trustworthy and privacy-friendly regulatory framework designed to address IP infringement within the realm of DL models, thereby nurturing a healthier development ecosystem. D�eep�R�eg� enables a designated third-party regulator to extract the fingerprint of the original model within a Trusted Execution Environment, as well as to verify suspect models utilizing solely the predicted label without probability. Specifically, we leverage the uniqueness of feature extractors in DL models to craft multiple synthetic inputs for a selected real input. The real input, along with its synthetic inputs, establishes a one-to-many relationship, thereby creating a unique fingerprint for the original model. Furthermore, we propose two distinct methods for suspect detection and piracy judgment. These methods analyze the responses from the model API upon feeding the fingerprint, ensuring a high level of confidence while preventing malicious accusations. Experimental results demonstrate that D�eep�R�eg� achieves 100% detection accuracy for pirated models, with zero false positives for irrelevant models.
{"title":"DeepReg: A Trustworthy and Privacy-Friendly Ownership Regulatory Framework for Deep Learning Models","authors":"Xirong Zhuang;Lan Zhang;Chen Tang;Yaliang Li","doi":"10.1109/TIFS.2024.3518061","DOIUrl":"10.1109/TIFS.2024.3518061","url":null,"abstract":"Well-trained deep learning (DL) models are widely recognized as valuable intellectual property (IP) and have been extensively adopted. However, concerns regarding IP infringement emerge when these models are either privately sold to end-users or publicly released online. Unauthorized activities, such as redistributing privately purchased models or exploiting restricted open-source models for commercial gain, pose a significant threat to the interests of model owners. In this paper, we introduce D\u0000<sc>eep</small>\u0000R\u0000<sc>eg</small>\u0000, a trustworthy and privacy-friendly regulatory framework designed to address IP infringement within the realm of DL models, thereby nurturing a healthier development ecosystem. D\u0000<sc>eep</small>\u0000R\u0000<sc>eg</small>\u0000 enables a designated third-party regulator to extract the fingerprint of the original model within a Trusted Execution Environment, as well as to verify suspect models utilizing solely the predicted label without probability. Specifically, we leverage the uniqueness of feature extractors in DL models to craft multiple synthetic inputs for a selected real input. The real input, along with its synthetic inputs, establishes a one-to-many relationship, thereby creating a unique fingerprint for the original model. Furthermore, we propose two distinct methods for suspect detection and piracy judgment. These methods analyze the responses from the model API upon feeding the fingerprint, ensuring a high level of confidence while preventing malicious accusations. Experimental results demonstrate that D\u0000<sc>eep</small>\u0000R\u0000<sc>eg</small>\u0000 achieves 100% detection accuracy for pirated models, with zero false positives for irrelevant models.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"854-870"},"PeriodicalIF":6.3,"publicationDate":"2024-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142832518","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-13DOI: 10.1109/TIFS.2024.3515855
Tanzim Mahfuz;Swarup Bhunia;Prabuddha Chakraborty
Design and manufacturing of integrated circuits predominantly use a globally distributed semiconductor supply chain involving diverse entities. The modern semiconductor supply chain has been designed to boost production efficiency, but is filled with major security concerns such as malicious modifications (hardware Trojans), reverse engineering (RE), and cloning. While being deployed, digital systems are also subject to a plethora of threats such as power, timing, and electromagnetic (EM) side channel attacks. Many Design-for-Security (DFS) solutions have been proposed to deal with these vulnerabilities, and such solutions (DFS) relays on strategic modifications (e.g., logic locking, side channel resilient masking, and dummy logic insertion) of the digital designs for ensuring a higher level of security. However, most of these DFS strategies lack robust formalism, are often not human-understandable, and require an extensive amount of human expert effort during their development/use. All of these factors make it difficult to keep up with the ever growing number of microelectronic vulnerabilities. In this work, we propose X-DFS, an explainable Artificial Intelligence (AI) guided DFS isolution-space exploration approach that can dramatically cut down the mitigation strategy development/use time while enriching our understanding of the vulnerability by providing human-understandable decision rationale. We implement X-DFS and comprehensively evaluate it for reverse engineering threats (SAIL, SWEEP, and OMLA) and formalize a generalized mechanism for applying X-DFS to defend against other threats such as hardware Trojans, fault attacks, and side channel attacks for seamless future extensions.
{"title":"X-DFS: Explainable Artificial Intelligence Guided Design-for-Security Solution Space Exploration","authors":"Tanzim Mahfuz;Swarup Bhunia;Prabuddha Chakraborty","doi":"10.1109/TIFS.2024.3515855","DOIUrl":"10.1109/TIFS.2024.3515855","url":null,"abstract":"Design and manufacturing of integrated circuits predominantly use a globally distributed semiconductor supply chain involving diverse entities. The modern semiconductor supply chain has been designed to boost production efficiency, but is filled with major security concerns such as malicious modifications (hardware Trojans), reverse engineering (RE), and cloning. While being deployed, digital systems are also subject to a plethora of threats such as power, timing, and electromagnetic (EM) side channel attacks. Many Design-for-Security (DFS) solutions have been proposed to deal with these vulnerabilities, and such solutions (DFS) relays on strategic modifications (e.g., logic locking, side channel resilient masking, and dummy logic insertion) of the digital designs for ensuring a higher level of security. However, most of these DFS strategies lack robust formalism, are often not human-understandable, and require an extensive amount of human expert effort during their development/use. All of these factors make it difficult to keep up with the ever growing number of microelectronic vulnerabilities. In this work, we propose X-DFS, an explainable Artificial Intelligence (AI) guided DFS isolution-space exploration approach that can dramatically cut down the mitigation strategy development/use time while enriching our understanding of the vulnerability by providing human-understandable decision rationale. We implement X-DFS and comprehensively evaluate it for reverse engineering threats (SAIL, SWEEP, and OMLA) and formalize a generalized mechanism for applying X-DFS to defend against other threats such as hardware Trojans, fault attacks, and side channel attacks for seamless future extensions.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"753-766"},"PeriodicalIF":6.3,"publicationDate":"2024-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142820922","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-13DOI: 10.1109/TIFS.2024.3515834
Yinan Hu;Juntao Chen;Quanyan Zhu
The security in networked systems depends greatly on recognizing and identifying adversarial behaviors. Traditional detection methods target specific categories of attacks and have become inadequate against increasingly stealthy and deceptive attacks that are designed to bypass detection strategically. This work proposes game-theoretical frameworks to recognize and combat such evasive attacks. We focus on extending a fundamental class of statistical-based detection methods based on Neyman-Pearson’s (NP) hypothesis testing formulation. We capture the conflicting relationship between a strategic evasive attacker and an evasion-aware NP detector. By analyzing both the equilibrium behaviors of the attacker and the NP detector, we characterize their performance using Equilibrium Receiver-Operational-Characteristic (EROC) curves. We show that the evasion-aware NP detectors outperform the non-strategic ones by allowing them to take advantage of the attacker’s messages to adaptively modify their decision rules to enhance their success rate in detecting anomalies. In addition, we extend our framework to a sequential setting where the user sends out identically distributed messages. We corroborate the analytical results with a case study of an intrusion detection evasion problem.
{"title":"Game-Theoretic Neyman-Pearson Detection to Combat Strategic Evasion","authors":"Yinan Hu;Juntao Chen;Quanyan Zhu","doi":"10.1109/TIFS.2024.3515834","DOIUrl":"10.1109/TIFS.2024.3515834","url":null,"abstract":"The security in networked systems depends greatly on recognizing and identifying adversarial behaviors. Traditional detection methods target specific categories of attacks and have become inadequate against increasingly stealthy and deceptive attacks that are designed to bypass detection strategically. This work proposes game-theoretical frameworks to recognize and combat such evasive attacks. We focus on extending a fundamental class of statistical-based detection methods based on Neyman-Pearson’s (NP) hypothesis testing formulation. We capture the conflicting relationship between a strategic evasive attacker and an evasion-aware NP detector. By analyzing both the equilibrium behaviors of the attacker and the NP detector, we characterize their performance using Equilibrium Receiver-Operational-Characteristic (EROC) curves. We show that the evasion-aware NP detectors outperform the non-strategic ones by allowing them to take advantage of the attacker’s messages to adaptively modify their decision rules to enhance their success rate in detecting anomalies. In addition, we extend our framework to a sequential setting where the user sends out identically distributed messages. We corroborate the analytical results with a case study of an intrusion detection evasion problem.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"516-530"},"PeriodicalIF":6.3,"publicationDate":"2024-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142820923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-13DOI: 10.1109/TIFS.2024.3515808
Rujia Li;Yuanzhao Li;Qin Wang;Sisi Duan;Qi Wang;Mark Ryan
With the increasing scale and complexity of online activities, accountability, as an after-the-fact mechanism, has become an effective complementary approach to ensure system security. Decades of research have delved into the connotation of accountability. They fail, however, to achieve practical accountability of decryption. This paper seeks to address this gap. We consider the scenario where a client (called encryptor, her) encrypts her data and then chooses a delegate (a.k.a. decryptor, him) that stores data for her. If the decryptor initiates an illegitimate decryption on the encrypted data, there is a non-negligible probability that this behavior will be detected, thereby holding the decryptor accountable for his decryption. We make three contributions. First, we review key definitions of accountability known so far. Based on extensive investigations, we formalize new definitions of accountability specifically targeting the decryption process, denoted as accountable decryption, and discuss the (im)possibilities when capturing this concept. We also define the security goals in correspondence. Second, we present a novel Trusted Execution Environment(TEE)-assisted solution aligning with definitions. Instead of fully trusting TEE, we take a further step, making TEE work in the “trust, but verify” model where we trust TEE and use its service, but empower users (i.e., decryptors) to detect the potentially compromised state of TEEs. Third, we implement a full-fledged system and conduct a series of evaluations. The results demonstrate that our solution is efficient. Even in a scenario involving �$300,000$ � log entries, the decryption process concludes in approximately 5.5ms, and malicious decryptors can be identified within 69ms.
{"title":"Accountable Decryption Made Formal and Practical","authors":"Rujia Li;Yuanzhao Li;Qin Wang;Sisi Duan;Qi Wang;Mark Ryan","doi":"10.1109/TIFS.2024.3515808","DOIUrl":"10.1109/TIFS.2024.3515808","url":null,"abstract":"With the increasing scale and complexity of online activities, accountability, as an after-the-fact mechanism, has become an effective complementary approach to ensure system security. Decades of research have delved into the connotation of accountability. They fail, however, to achieve practical accountability of decryption. This paper seeks to address this gap. We consider the scenario where a client (called encryptor, her) encrypts her data and then chooses a delegate (a.k.a. decryptor, him) that stores data for her. If the decryptor initiates an illegitimate decryption on the encrypted data, there is a non-negligible probability that this behavior will be detected, thereby holding the decryptor accountable for his decryption. We make three contributions. First, we review key definitions of accountability known so far. Based on extensive investigations, we formalize new definitions of accountability specifically targeting the decryption process, denoted as accountable decryption, and discuss the (im)possibilities when capturing this concept. We also define the security goals in correspondence. Second, we present a novel Trusted Execution Environment(TEE)-assisted solution aligning with definitions. Instead of fully trusting TEE, we take a further step, making TEE work in the “trust, but verify” model where we trust TEE and use its service, but empower users (i.e., decryptors) to detect the potentially compromised state of TEEs. Third, we implement a full-fledged system and conduct a series of evaluations. The results demonstrate that our solution is efficient. Even in a scenario involving \u0000<inline-formula> <tex-math>$300,000$ </tex-math></inline-formula>\u0000 log entries, the decryption process concludes in approximately 5.5ms, and malicious decryptors can be identified within 69ms.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"620-635"},"PeriodicalIF":6.3,"publicationDate":"2024-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142820926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-12DOI: 10.1109/TIFS.2024.3516539
Tingting Chai;Xin Wang;Ru Li;Wei Jia;Xiangqian Wu
Cooperative palmprint recognition, pivotal for civilian and commercial uses, stands as the most essential and broadly demanded branch in biometrics. These applications, often tied to financial transactions, require high accuracy in recognition. Currently, research in palmprint recognition primarily aims to enhance accuracy, with relatively few studies addressing the automatic and flexible palm region of interest (ROI) extraction (PROIE) suitable for complex scenes. Particularly, the intricate conditions of open environment, alongside the constraint of human finger skeletal extension limiting the visibility of Finger Valley Points (FVPs), render conventional FVPs-based PROIE methods ineffective. In response to this challenge, we propose an FVPs-Free Adaptive ROI Detection (FFARD) approach, which utilizes cross-dataset hand shape semantic transfer (CHSST) combined with the constrained palm inscribed circle search, delivering exceptional hand segmentation and precise PROIE. Furthermore, a Recurrent Layer Aggregation-based Neural Network (RLANN) is proposed to learn discriminative feature representation for high recognition accuracy in both open-set and closed-set modes. The Angular Center Proximity Loss (ACPLoss) is designed to enhance intra-class compactness and inter-class discrepancy between learned palmprint features. Overall, the combined FFARD and RLANN methods are proposed to address the challenges of palmprint recognition in open environment, collectively referred to as RDRLA. Experimental results on four palmprint benchmarks HIT-NIST-V1, IITD, MPD and BJTU_PalmV2 show the superiority of the proposed method RDRLA over the state-of-the-art (SOTA) competitors. The code of the proposed method is available at �https://github.com/godfatherwang2/� RDRLA.
{"title":"Joint Finger Valley Points-Free ROI Detection and Recurrent Layer Aggregation for Palmprint Recognition in Open Environment","authors":"Tingting Chai;Xin Wang;Ru Li;Wei Jia;Xiangqian Wu","doi":"10.1109/TIFS.2024.3516539","DOIUrl":"10.1109/TIFS.2024.3516539","url":null,"abstract":"Cooperative palmprint recognition, pivotal for civilian and commercial uses, stands as the most essential and broadly demanded branch in biometrics. These applications, often tied to financial transactions, require high accuracy in recognition. Currently, research in palmprint recognition primarily aims to enhance accuracy, with relatively few studies addressing the automatic and flexible palm region of interest (ROI) extraction (PROIE) suitable for complex scenes. Particularly, the intricate conditions of open environment, alongside the constraint of human finger skeletal extension limiting the visibility of Finger Valley Points (FVPs), render conventional FVPs-based PROIE methods ineffective. In response to this challenge, we propose an FVPs-Free Adaptive ROI Detection (FFARD) approach, which utilizes cross-dataset hand shape semantic transfer (CHSST) combined with the constrained palm inscribed circle search, delivering exceptional hand segmentation and precise PROIE. Furthermore, a Recurrent Layer Aggregation-based Neural Network (RLANN) is proposed to learn discriminative feature representation for high recognition accuracy in both open-set and closed-set modes. The Angular Center Proximity Loss (ACPLoss) is designed to enhance intra-class compactness and inter-class discrepancy between learned palmprint features. Overall, the combined FFARD and RLANN methods are proposed to address the challenges of palmprint recognition in open environment, collectively referred to as RDRLA. Experimental results on four palmprint benchmarks HIT-NIST-V1, IITD, MPD and BJTU_PalmV2 show the superiority of the proposed method RDRLA over the state-of-the-art (SOTA) competitors. The code of the proposed method is available at \u0000<uri>https://github.com/godfatherwang2/</uri>\u0000 RDRLA.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"421-435"},"PeriodicalIF":6.3,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142815910","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-12DOI: 10.1109/TIFS.2024.3516541
Yue Huang;Huizhong Li;Yi Sun;Sisi Duan
Conventional Byzantine fault tolerance (BFT) requires replicated state machines to execute deterministic operations only. In practice, numerous applications and scenarios, especially in the era of blockchains, contain various sources of non-determinism. Meanwhile, it is even sometimes desirable to support non-determinism, and replicas still agree on the execution results. Despite decades of research on BFT, we still lack an efficient and easy-to-deploy solution for BFT with non-determinism—BFT-ND, especially in the asynchronous setting. We revisit the problem of BFT-ND and provide a formal and asynchronous treatment of BFT-ND. In particular, we design and implement Block-ND that insightfully separates the task of agreeing on the order of transactions from the task of agreement on the state: Block-ND allows reusing existing BFT implementations; on top of BFT, we reduce the agreement on the state to multivalued Byzantine agreement (MBA), a somewhat neglected primitive by practical systems. Block-ND is completely asynchronous as long as the underlying BFT is asynchronous. We provide a new MBA construction that is significantly faster than existing MBA constructions. We instantiate Block-ND in both the partially synchronous setting (with PBFT, OSDI 1999) and the purely asynchronous setting (with PACE, CCS 2022). Via a 91-instance WAN deployment on Amazon EC2, we show that Block-ND has only marginal performance degradation compared to conventional BFT.
{"title":"Byzantine Fault Tolerance With Non-Determinism, Revisited","authors":"Yue Huang;Huizhong Li;Yi Sun;Sisi Duan","doi":"10.1109/TIFS.2024.3516541","DOIUrl":"10.1109/TIFS.2024.3516541","url":null,"abstract":"Conventional Byzantine fault tolerance (BFT) requires replicated state machines to execute deterministic operations only. In practice, numerous applications and scenarios, especially in the era of blockchains, contain various sources of non-determinism. Meanwhile, it is even sometimes desirable to support non-determinism, and replicas still agree on the execution results. Despite decades of research on BFT, we still lack an efficient and easy-to-deploy solution for BFT with non-determinism—BFT-ND, especially in the asynchronous setting. We revisit the problem of BFT-ND and provide a formal and asynchronous treatment of BFT-ND. In particular, we design and implement Block-ND that insightfully separates the task of agreeing on the order of transactions from the task of agreement on the state: Block-ND allows reusing existing BFT implementations; on top of BFT, we reduce the agreement on the state to multivalued Byzantine agreement (MBA), a somewhat neglected primitive by practical systems. Block-ND is completely asynchronous as long as the underlying BFT is asynchronous. We provide a new MBA construction that is significantly faster than existing MBA constructions. We instantiate Block-ND in both the partially synchronous setting (with PBFT, OSDI 1999) and the purely asynchronous setting (with PACE, CCS 2022). Via a 91-instance WAN deployment on Amazon EC2, we show that Block-ND has only marginal performance degradation compared to conventional BFT.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"309-322"},"PeriodicalIF":6.3,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142815905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-12DOI: 10.1109/TIFS.2024.3516570
Liang Xi;Runze Li;Menghan Li;Dehua Miao;Ruidong Wang;Zygmunt J. Haas
As a widely adopted protocol for anomaly detection in attributed networks, reconstruction error prioritizes comprehensive feature extraction to detect anomalies over interrogating the differential representation between normal and abnormal nodes. Intuitively, in attributed networks, normal nodes and their neighbors often exhibit similarities, whereas abnormal nodes demonstrate behaviors distinct from their neighbors. Hence, normal nodes can be accurately represented through their neighbors and effectively reconstructed. As opposed to normal nodes, abnormal nodes represented by their neighbors may be erroneously reconstructed as normal, resulting in increased reconstruction error. Leveraging from this observation, we propose a novel anomaly detection protocol called Neighbor-aware Mask-Filling Anomaly Detection (NMFAD) for attributed networks, aiming to maximize the variability between original and reconstructed features of abnormal nodes filled with information from their neighbors. Specifically, we utilize random-mask on nodes and integrate them into the backbone Graph Neural Networks (GNNs) to map nodes into a latent space. Subsequently, we fill the masked nodes with embeddings from their neighbors and smooth the abnormal nodes closer to the distribution of normal nodes. This optimization improves the likelihood of the decoder to reconstructing abnormal nodes as normal, thereby maximizing the reconstruction error of abnormal nodes. Experimental results demonstrate that, compared to the existing models, NMFAD exhibits superior performance.in attributed networks.
{"title":"NMFAD: Neighbor-Aware Mask-Filling Attributed Network Anomaly Detection","authors":"Liang Xi;Runze Li;Menghan Li;Dehua Miao;Ruidong Wang;Zygmunt J. Haas","doi":"10.1109/TIFS.2024.3516570","DOIUrl":"10.1109/TIFS.2024.3516570","url":null,"abstract":"As a widely adopted protocol for anomaly detection in attributed networks, reconstruction error prioritizes comprehensive feature extraction to detect anomalies over interrogating the differential representation between normal and abnormal nodes. Intuitively, in attributed networks, normal nodes and their neighbors often exhibit similarities, whereas abnormal nodes demonstrate behaviors distinct from their neighbors. Hence, normal nodes can be accurately represented through their neighbors and effectively reconstructed. As opposed to normal nodes, abnormal nodes represented by their neighbors may be erroneously reconstructed as normal, resulting in increased reconstruction error. Leveraging from this observation, we propose a novel anomaly detection protocol called Neighbor-aware Mask-Filling Anomaly Detection (NMFAD) for attributed networks, aiming to maximize the variability between original and reconstructed features of abnormal nodes filled with information from their neighbors. Specifically, we utilize random-mask on nodes and integrate them into the backbone Graph Neural Networks (GNNs) to map nodes into a latent space. Subsequently, we fill the masked nodes with embeddings from their neighbors and smooth the abnormal nodes closer to the distribution of normal nodes. This optimization improves the likelihood of the decoder to reconstructing abnormal nodes as normal, thereby maximizing the reconstruction error of abnormal nodes. Experimental results demonstrate that, compared to the existing models, NMFAD exhibits superior performance.in attributed networks.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"364-374"},"PeriodicalIF":6.3,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142815898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-12DOI: 10.1109/TIFS.2024.3516548
Haorui Yan;Xi Lin;Shenghong Li;Hao Peng;Bo Zhang
With the increasing size of Internet of Things (IoT) devices, cyber threats to IoT systems have increased. Federated learning (FL) has been implemented in an anomaly-based intrusion detection system (NIDS) to detect malicious traffic in IoT devices and counter the threat. However, current FL-based NIDS mainly focuses on global model performance and lacks personalized performance improvement for local data. To address this issue, we propose a novel personalized federated meta-learning intrusion detection approach (PerFLID), which allows multiple participants to personalize their local detection models for local adaptation. PerFLID shifts the goal of the personalized detection task to training a local model suitable for the client’s specific data, rather than a global model. To meet the real-time requirements of NIDS, PerFLID further refines the client selection strategy by clustering the local gradient similarities to find the nodes that contribute the most to the global model per global round. PerFLID can select the nodes that accelerate the convergence of the model, and we theoretically analyze the improvement in the convergence speed of this strategy over the personalized federated learning algorithm. We experimentally evaluate six existing FL-NIDS approaches on three real network traffic datasets and show that our PerFLID approach outperforms all baselines in detecting local adaptation accuracy by 10.11% over the state-of-the-art scheme, accelerating the convergence speed under various parameter combinations.
{"title":"Global or Local Adaptation? Client-Sampled Federated Meta-Learning for Personalized IoT Intrusion Detection","authors":"Haorui Yan;Xi Lin;Shenghong Li;Hao Peng;Bo Zhang","doi":"10.1109/TIFS.2024.3516548","DOIUrl":"10.1109/TIFS.2024.3516548","url":null,"abstract":"With the increasing size of Internet of Things (IoT) devices, cyber threats to IoT systems have increased. Federated learning (FL) has been implemented in an anomaly-based intrusion detection system (NIDS) to detect malicious traffic in IoT devices and counter the threat. However, current FL-based NIDS mainly focuses on global model performance and lacks personalized performance improvement for local data. To address this issue, we propose a novel personalized federated meta-learning intrusion detection approach (PerFLID), which allows multiple participants to personalize their local detection models for local adaptation. PerFLID shifts the goal of the personalized detection task to training a local model suitable for the client’s specific data, rather than a global model. To meet the real-time requirements of NIDS, PerFLID further refines the client selection strategy by clustering the local gradient similarities to find the nodes that contribute the most to the global model per global round. PerFLID can select the nodes that accelerate the convergence of the model, and we theoretically analyze the improvement in the convergence speed of this strategy over the personalized federated learning algorithm. We experimentally evaluate six existing FL-NIDS approaches on three real network traffic datasets and show that our PerFLID approach outperforms all baselines in detecting local adaptation accuracy by 10.11% over the state-of-the-art scheme, accelerating the convergence speed under various parameter combinations.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"279-293"},"PeriodicalIF":6.3,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142815915","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-12-12DOI: 10.1109/TIFS.2024.3516557
Chaowei Sun;Qingyu Su;Jian Li
In this article, the problems of attack detection and secure tracking control for the power cyber-physical system are investigated. Considering the critical role of cyber networks in influencing decision-making for power grid optimization, a multiobjective optimization problem is introduced to determine the output power of generators. This optimization problem is solved based on the improved particle swarm optimization algorithm. The power system is modelled with dynamic characteristics taken into account. Furthermore, a resilient state-feedback tracking control strategy, that exploits a sliding mode observer, is introduced to ensure the reference value generated by the cyber network is tracked even under attacks. In addition, by using the reconstructed attack signals, an attack detection scheme is proposed. Some sufficient conditions are then obtained for the solvability of the tracking control problem. Finally, a simulation example and the experimental validation built into the StarSim hardware-in-the-loop simulation platform are introduced to illustrate the effectiveness of the proposed method.
{"title":"Secure Tracking Control and Attack Detection for Power Cyber-Physical Systems Based on Integrated Control Decision","authors":"Chaowei Sun;Qingyu Su;Jian Li","doi":"10.1109/TIFS.2024.3516557","DOIUrl":"10.1109/TIFS.2024.3516557","url":null,"abstract":"In this article, the problems of attack detection and secure tracking control for the power cyber-physical system are investigated. Considering the critical role of cyber networks in influencing decision-making for power grid optimization, a multiobjective optimization problem is introduced to determine the output power of generators. This optimization problem is solved based on the improved particle swarm optimization algorithm. The power system is modelled with dynamic characteristics taken into account. Furthermore, a resilient state-feedback tracking control strategy, that exploits a sliding mode observer, is introduced to ensure the reference value generated by the cyber network is tracked even under attacks. In addition, by using the reconstructed attack signals, an attack detection scheme is proposed. Some sufficient conditions are then obtained for the solvability of the tracking control problem. Finally, a simulation example and the experimental validation built into the StarSim hardware-in-the-loop simulation platform are introduced to illustrate the effectiveness of the proposed method.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"968-979"},"PeriodicalIF":6.3,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142815912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: