The proliferation of Android malware poses a substantial security threat to mobile devices. Thus, achieving efficient and accurate malware detection and malware family identification is crucial for safeguarding users’ individual property and privacy. Graph-based approaches have demonstrated remarkable detection performance in the realm of intelligent Android malware detection methods. This is attributed to the robust representation capabilities of graphs and the rich semantic information. The function call graph (FCG) is the most widely used graph in intelligent Android malware detection. However, existing FCG-based malware detection methods face challenges, such as the enormous computational and storage costs of modeling large graphs. Additionally, the ignorance of code semantics also makes them susceptible to structured attacks. In this paper, we proposed AndroAnalyzer, which embeds abstract syntax tree (AST) code semantics while focusing on sensitive behavior chains. It leverages FCGs to represent the macroscopic behavior of the application, and employs structured code semantics to represent the microscopic behavior of functions. Furthermore, we proposed the sensitive function call graph (SFCG) generation algorithm to narrow down the analysis scope to sensitive function calls, and the AST vectorization algorithm (AST2Vec) to capture structured code semantics. Experimental results demonstrate that the proposed SFCG generation algorithm noticeably reduces graph size while ensuring robust detection performance. AndroAnalyzer outperforms the baseline methods in binary and multiclass classification tasks, achieving F1-scores of 99.21% and 98.45% respectively. Moreover, AndroAnalyzer (trained with samples of 2010-2018) exhibits good generalization capabilities in detecting samples of 2019-2022.
{"title":"Sensitive Behavioral Chain-Focused Android Malware Detection Fused With AST Semantics","authors":"Jiacheng Gong;Weina Niu;Song Li;Mingxue Zhang;Xiaosong Zhang","doi":"10.1109/TIFS.2024.3468891","DOIUrl":"10.1109/TIFS.2024.3468891","url":null,"abstract":"The proliferation of Android malware poses a substantial security threat to mobile devices. Thus, achieving efficient and accurate malware detection and malware family identification is crucial for safeguarding users’ individual property and privacy. Graph-based approaches have demonstrated remarkable detection performance in the realm of intelligent Android malware detection methods. This is attributed to the robust representation capabilities of graphs and the rich semantic information. The function call graph (FCG) is the most widely used graph in intelligent Android malware detection. However, existing FCG-based malware detection methods face challenges, such as the enormous computational and storage costs of modeling large graphs. Additionally, the ignorance of code semantics also makes them susceptible to structured attacks. In this paper, we proposed AndroAnalyzer, which embeds abstract syntax tree (AST) code semantics while focusing on sensitive behavior chains. It leverages FCGs to represent the macroscopic behavior of the application, and employs structured code semantics to represent the microscopic behavior of functions. Furthermore, we proposed the sensitive function call graph (SFCG) generation algorithm to narrow down the analysis scope to sensitive function calls, and the AST vectorization algorithm (AST2Vec) to capture structured code semantics. Experimental results demonstrate that the proposed SFCG generation algorithm noticeably reduces graph size while ensuring robust detection performance. AndroAnalyzer outperforms the baseline methods in binary and multiclass classification tasks, achieving F1-scores of 99.21% and 98.45% respectively. Moreover, AndroAnalyzer (trained with samples of 2010-2018) exhibits good generalization capabilities in detecting samples of 2019-2022.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9216-9229"},"PeriodicalIF":6.3,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142325582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-26DOI: 10.1109/TIFS.2024.3468908
Wenyi Tan;Yang Li;Chenxing Zhao;Zhunga Liu;Quan Pan
Object detection is a fundamental task in various applications ranging from autonomous driving to intelligent security systems. However, recognition of a person can be hindered when their clothing is decorated with carefully designed graffiti patterns, leading to the failure of object detection. To achieve greater attack potential against unknown black-box models, adversarial patches capable of affecting the outputs of multiple-object detection models are required. While ensemble models have proven effective, current research in the field of object detection typically focuses on the simple fusion of the outputs of all models, with limited attention being given to developing general adversarial patches that can function effectively in the physical world. In this paper, we introduce the concept of energy and treat the adversarial patches generation process as an optimization of the adversarial patches to minimize the total energy of the “person” category. Additionally, by adopting adversarial training, we construct a dynamically optimized ensemble model. During training, the weight parameters of the attacked target models are adjusted to find the balance point at which the generated adversarial patches can effectively attack all target models. We carried out six sets of comparative experiments and tested our algorithm on five mainstream object detection models. The adversarial patches generated by our algorithm can reduce the recognition accuracy of YOLOv2 and YOLOv3 to 13.19% and 29.20%, respectively. In addition, we conducted experiments to test the effectiveness of T-shirts covered with our adversarial patches in the physical world and could achieve that people are not recognized by the object detection model. Finally, leveraging the Grad-CAM tool, we explored the attack mechanism of adversarial patches from an energetic perspective.
{"title":"DOEPatch: Dynamically Optimized Ensemble Model for Adversarial Patches Generation","authors":"Wenyi Tan;Yang Li;Chenxing Zhao;Zhunga Liu;Quan Pan","doi":"10.1109/TIFS.2024.3468908","DOIUrl":"10.1109/TIFS.2024.3468908","url":null,"abstract":"Object detection is a fundamental task in various applications ranging from autonomous driving to intelligent security systems. However, recognition of a person can be hindered when their clothing is decorated with carefully designed graffiti patterns, leading to the failure of object detection. To achieve greater attack potential against unknown black-box models, adversarial patches capable of affecting the outputs of multiple-object detection models are required. While ensemble models have proven effective, current research in the field of object detection typically focuses on the simple fusion of the outputs of all models, with limited attention being given to developing general adversarial patches that can function effectively in the physical world. In this paper, we introduce the concept of energy and treat the adversarial patches generation process as an optimization of the adversarial patches to minimize the total energy of the “person” category. Additionally, by adopting adversarial training, we construct a dynamically optimized ensemble model. During training, the weight parameters of the attacked target models are adjusted to find the balance point at which the generated adversarial patches can effectively attack all target models. We carried out six sets of comparative experiments and tested our algorithm on five mainstream object detection models. The adversarial patches generated by our algorithm can reduce the recognition accuracy of YOLOv2 and YOLOv3 to 13.19% and 29.20%, respectively. In addition, we conducted experiments to test the effectiveness of T-shirts covered with our adversarial patches in the physical world and could achieve that people are not recognized by the object detection model. Finally, leveraging the Grad-CAM tool, we explored the attack mechanism of adversarial patches from an energetic perspective.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9039-9054"},"PeriodicalIF":6.3,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142325264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-26DOI: 10.1109/TIFS.2024.3468902
Yicheng Liu;Zhao Li;Kang G. Shin;Zheng Yan;Jia Liu
With the rapid development of wireless communication technologies, interference management (IM) and security/privacy in data transmission have become critically important. On one hand, due to the broadcast nature of wireless medium, the interference superimposed on the desired signal can destroy the integrity of data transmission. On the other hand, malicious receivers (Rxs) may eavesdrop a legitimate user’s transmission and thus breach the confidentiality of communication. To counter these threats, we propose a novel encoding method, called immunizing coding (iCoding), which handles both IM and physical-layer security simultaneously. By exploiting both channel state information (CSI) and data carried in the interference, an iCoded signal is generated and sent by the legitimate transmitter (Tx). The iCoded signal interacts with the interference at the desired/legitimate Rx, so that the intended data can be recovered without the influence of disturbance, i.e., immunity to interference. In addition, since the data carried in the iCoded signal which is obtained via encoding the desired data and interference cooperatively, is different from the original desired data, the eavesdropper cannot access unauthorized information by wiretapping the desired signal, thus achieving immunity to eavesdropping. Our theoretical analysis, experimental and numerical evaluation have shown iCoding to effectively manage interference while preventing potential eavesdropping, hence enhancing the legitimate user’s transmission and secrecy thereof.
{"title":"iCoding: Countermeasure Against Interference and Eavesdropping in Wireless Communications","authors":"Yicheng Liu;Zhao Li;Kang G. Shin;Zheng Yan;Jia Liu","doi":"10.1109/TIFS.2024.3468902","DOIUrl":"10.1109/TIFS.2024.3468902","url":null,"abstract":"With the rapid development of wireless communication technologies, interference management (IM) and security/privacy in data transmission have become critically important. On one hand, due to the broadcast nature of wireless medium, the interference superimposed on the desired signal can destroy the integrity of data transmission. On the other hand, malicious receivers (Rxs) may eavesdrop a legitimate user’s transmission and thus breach the confidentiality of communication. To counter these threats, we propose a novel encoding method, called immunizing coding (iCoding), which handles both IM and physical-layer security simultaneously. By exploiting both channel state information (CSI) and data carried in the interference, an iCoded signal is generated and sent by the legitimate transmitter (Tx). The iCoded signal interacts with the interference at the desired/legitimate Rx, so that the intended data can be recovered without the influence of disturbance, i.e., immunity to interference. In addition, since the data carried in the iCoded signal which is obtained via encoding the desired data and interference cooperatively, is different from the original desired data, the eavesdropper cannot access unauthorized information by wiretapping the desired signal, thus achieving immunity to eavesdropping. Our theoretical analysis, experimental and numerical evaluation have shown iCoding to effectively manage interference while preventing potential eavesdropping, hence enhancing the legitimate user’s transmission and secrecy thereof.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9188-9203"},"PeriodicalIF":6.3,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142325267","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-26DOI: 10.1109/TIFS.2024.3468632
Nadia Niknami;Avinash Srinivasan;Jie Wu
By decoupling the control plane and data plane in the software-defined network (SDN), the controller gains a comprehensive global view of the network. The SDN controller samples traffic from all switches to effectively manage data plane traffic. The sampling rate of flow traffic significantly impacts the accuracy of the controller’s decisions. While increasing the sampling rate is desirable for improved detection accuracy, it also escalates resource consumption on both switches and the controller. Hence, it is crucial to carefully manage sampling on switches to fine-tune anomaly detection accuracy. Existing flow sampling solutions often struggle to strike a balance between detection accuracy, sampling rate, and overhead. To address this challenge, we propose a robust cybersecurity framework for anomaly detection on SDNs through traffic flow inspection. Our proposed framework, Cyber-AnDe, integrates adaptive distributed sampling (ADS) with a Reinforcement Learning (RL) agent to enhance anomaly detection accuracy while minimizing the increase in controller overhead. In our framework, the controller leverages information gathered from each sampled traffic flow to determine whether the flow’s state is malicious, suspicious, or benign based on underlying anomaly detection algorithms. Once the flow state is determined, the controller takes the appropriate action with the help of the RL agent. Through extensive simulations and SDN test-bed experiments, we confirm a significant improvement of up to 93% in network traffic-based anomaly detection compared to existing solutions.
在软件定义网络(SDN)中,通过解耦控制平面和数据平面,控制器可获得全面的全局网络视图。SDN 控制器对所有交换机的流量进行采样,以有效管理数据平面流量。流量采样率会极大地影响控制器决策的准确性。虽然提高采样率可以提高检测精度,但同时也会增加交换机和控制器的资源消耗。因此,仔细管理交换机上的采样以微调异常检测的准确性至关重要。现有的流量采样解决方案往往难以在检测精度、采样率和开销之间取得平衡。为了应对这一挑战,我们提出了一个稳健的网络安全框架,通过流量检测在 SDN 上进行异常检测。我们提出的框架 Cyber-AnDe 将自适应分布式采样 (ADS) 与强化学习 (RL) 代理集成在一起,以提高异常检测的准确性,同时最大限度地减少控制器开销的增加。在我们的框架中,控制器利用从每个采样流量中收集到的信息,根据底层异常检测算法确定流量的状态是恶意、可疑还是良性。一旦确定了流量状态,控制器就会在 RL 代理的帮助下采取适当的行动。通过大量的模拟和 SDN 测试平台实验,我们证实,与现有解决方案相比,基于网络流量的异常检测能力显著提高了 93%。
{"title":"Cyber-AnDe: Cybersecurity Framework With Adaptive Distributed Sampling for Anomaly Detection on SDNs","authors":"Nadia Niknami;Avinash Srinivasan;Jie Wu","doi":"10.1109/TIFS.2024.3468632","DOIUrl":"10.1109/TIFS.2024.3468632","url":null,"abstract":"By decoupling the control plane and data plane in the software-defined network (SDN), the controller gains a comprehensive global view of the network. The SDN controller samples traffic from all switches to effectively manage data plane traffic. The sampling rate of flow traffic significantly impacts the accuracy of the controller’s decisions. While increasing the sampling rate is desirable for improved detection accuracy, it also escalates resource consumption on both switches and the controller. Hence, it is crucial to carefully manage sampling on switches to fine-tune anomaly detection accuracy. Existing flow sampling solutions often struggle to strike a balance between detection accuracy, sampling rate, and overhead. To address this challenge, we propose a robust cybersecurity framework for anomaly detection on SDNs through traffic flow inspection. Our proposed framework, Cyber-AnDe, integrates adaptive distributed sampling (ADS) with a Reinforcement Learning (RL) agent to enhance anomaly detection accuracy while minimizing the increase in controller overhead. In our framework, the controller leverages information gathered from each sampled traffic flow to determine whether the flow’s state is malicious, suspicious, or benign based on underlying anomaly detection algorithms. Once the flow state is determined, the controller takes the appropriate action with the help of the RL agent. Through extensive simulations and SDN test-bed experiments, we confirm a significant improvement of up to 93% in network traffic-based anomaly detection compared to existing solutions.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9245-9257"},"PeriodicalIF":6.3,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142325265","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-26DOI: 10.1109/TIFS.2024.3468624
Hong Yen Tran;Jiankun Hu;Wen Hu
Existing fuzzy extractor and similar methods provide an effective way for extracting a secret key from a user’s biometric data, but are susceptible to impersonation attack: once a valid biometric sample is captured, the scheme is no longer secure. We propose a novel multi-factor fuzzy extractor that integrates both a user’s secret (e.g., a password) and a user’s biometrics in the generation and reconstruction process of a cryptographic key. We then employ this multi-factor fuzzy extractor to construct personal identity credentials, which can be used in a new multi-factor authenticated key exchange protocol that possesses multiple important features. First, the protocol provides mutual authentication. Second, the user and service provider can authenticate each other without the involvement of the identity authority. Third, the protocol can prevent user impersonation from a compromised identity authority. Finally, even when both a biometric sample and the secret are captured, the user can re-register to create a new credential using a new secret (renewable biometrics-based identity credentials). Most existing works on multi-factor authenticated key exchange only have a subset of these features. We formally prove that the proposed protocol is semantically secure. Our experiments carried out on the finger vein dataset SDUMLA achieved a low equal error rate (EER) of 0.04%, a reasonable computation time of 0.93 seconds for the user and service provider to authenticate and establish a shared session key, and a small communication overhead of 448 bytes.
{"title":"Biometrics-Based Authenticated Key Exchange With Multi-Factor Fuzzy Extractor","authors":"Hong Yen Tran;Jiankun Hu;Wen Hu","doi":"10.1109/TIFS.2024.3468624","DOIUrl":"10.1109/TIFS.2024.3468624","url":null,"abstract":"Existing fuzzy extractor and similar methods provide an effective way for extracting a secret key from a user’s biometric data, but are susceptible to impersonation attack: once a valid biometric sample is captured, the scheme is no longer secure. We propose a novel multi-factor fuzzy extractor that integrates both a user’s secret (e.g., a password) and a user’s biometrics in the generation and reconstruction process of a cryptographic key. We then employ this multi-factor fuzzy extractor to construct personal identity credentials, which can be used in a new multi-factor authenticated key exchange protocol that possesses multiple important features. First, the protocol provides mutual authentication. Second, the user and service provider can authenticate each other without the involvement of the identity authority. Third, the protocol can prevent user impersonation from a compromised identity authority. Finally, even when both a biometric sample and the secret are captured, the user can re-register to create a new credential using a new secret (renewable biometrics-based identity credentials). Most existing works on multi-factor authenticated key exchange only have a subset of these features. We formally prove that the proposed protocol is semantically secure. Our experiments carried out on the finger vein dataset SDUMLA achieved a low equal error rate (EER) of 0.04%, a reasonable computation time of 0.93 seconds for the user and service provider to authenticate and establish a shared session key, and a small communication overhead of 448 bytes.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9344-9358"},"PeriodicalIF":6.3,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142325262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-25DOI: 10.1109/TIFS.2024.3468150
Zakia Zaman;Wanli Xue;Praveen Gauravaram;Wen Hu;Jiaojiao Jiang;Sanjay K. Jha
The widespread integration of the Internet of Things (IoT) is crucial in advancing sustainable development. IoT service providers actively collect user data for analysis using sophisticated Deep Learning (DL) algorithms. This enables the extraction of valuable insights for business intelligence and improving service quality. However, as these datasets contain sensitive personal information, there is a risk of privacy breaches when DL models are employed. This vulnerability may result in Membership Inference Attacks (MIA), potentially leading to the unauthorized disclosure of highly sensitive data. Therefore, developing an efficient and privacy-preserving data analysis system for IoT is imperative. Recent research has highlighted the effectiveness of utilizing Bloom Filter (BF)-encoding in conjunction with Differential Privacy (DP) for safeguarding privacy during data analysis. Given its attributes of low complexity and high utility, this approach proves effective, particularly in resource-constrained IoT domains. With this in mind, we propose a novel framework for privacy-preserving IoT data analysis based on BF-encoded data. Our research introduces an innovative BF-encoding technique combined with Local Differential Privacy (LDP), capable of efficiently encoding various types of IoT data (such as facial images and smart-meter data) while maintaining privacy when integrated into DL algorithms for downstream analysis. Experimental results demonstrate that our BF-encoded data surpasses the utility of standard BF-encoded data when utilized in DL algorithms for downstream tasks, showcasing an approximate 30% improvement in classification accuracy. Furthermore, we assess the privacy of these DL models against MIA, revealing that attackers can only make random guesses with an accuracy of approximately 50%.
{"title":"Privacy-Preserving Probabilistic Data Encoding for IoT Data Analysis","authors":"Zakia Zaman;Wanli Xue;Praveen Gauravaram;Wen Hu;Jiaojiao Jiang;Sanjay K. Jha","doi":"10.1109/TIFS.2024.3468150","DOIUrl":"10.1109/TIFS.2024.3468150","url":null,"abstract":"The widespread integration of the Internet of Things (IoT) is crucial in advancing sustainable development. IoT service providers actively collect user data for analysis using sophisticated Deep Learning (DL) algorithms. This enables the extraction of valuable insights for business intelligence and improving service quality. However, as these datasets contain sensitive personal information, there is a risk of privacy breaches when DL models are employed. This vulnerability may result in Membership Inference Attacks (MIA), potentially leading to the unauthorized disclosure of highly sensitive data. Therefore, developing an efficient and privacy-preserving data analysis system for IoT is imperative. Recent research has highlighted the effectiveness of utilizing Bloom Filter (BF)-encoding in conjunction with Differential Privacy (DP) for safeguarding privacy during data analysis. Given its attributes of low complexity and high utility, this approach proves effective, particularly in resource-constrained IoT domains. With this in mind, we propose a novel framework for privacy-preserving IoT data analysis based on BF-encoded data. Our research introduces an innovative BF-encoding technique combined with Local Differential Privacy (LDP), capable of efficiently encoding various types of IoT data (such as facial images and smart-meter data) while maintaining privacy when integrated into DL algorithms for downstream analysis. Experimental results demonstrate that our BF-encoded data surpasses the utility of standard BF-encoded data when utilized in DL algorithms for downstream tasks, showcasing an approximate 30% improvement in classification accuracy. Furthermore, we assess the privacy of these DL models against MIA, revealing that attackers can only make random guesses with an accuracy of approximately 50%.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9173-9187"},"PeriodicalIF":6.3,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142321753","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-25DOI: 10.1109/TIFS.2024.3468170
Ehsan Olyaei Torshizi;Werner Henkel
Physical-layer secret key generation (PSKG) stands as a promising privacy protection technique, establishing shared encryption keys through the analysis of highly correlated wireless channel measurements. This approach relies on exploiting reciprocal channel characteristics between uplink and downlink transmissions. Nonetheless, the distinct carrier frequencies employed for uplink and downlink in frequency-division duplexing (FDD) systems pose a challenge in identifying common features. This paper presents a novel approach that exploits the inherent reciprocity between scattering parameters of passive two-port networks within same frequency ranges to overcome this obstacle. By capitalizing this reciprocity and considering closely situated FDD bands, a seamless continuity is anticipated in phase differences extracted form the corresponding S-parameters, between neighboring antennas of an antenna array from both uplink and downlink directions. This continuity, thereby ensures consistency in the generated keys from both transmission ends. Furthermore, a two-stage pre-processing method is proposed to enhance performance effectively. Additionally, the paper suggests the utilization of polynomial curve-fitting through measurement data to improve reciprocity and proposes a non-linear framework for quantizing the merging points of the two FDD bands. A statistical analysis employing multiple linear regression is provided to determine the error probability associated with the generated keys. Empirical results validate the feasibility and effectiveness of the proposed key generation scheme, affirming its attributes in terms of randomness, efficiency, key distribution uniformity, and key disagreement ratio (KDR).
物理层密钥生成(PSKG)是一种前景广阔的隐私保护技术,它通过分析高度相关的无线信道测量结果来建立共享加密密钥。这种方法依赖于利用上行链路和下行链路传输之间的互惠信道特性。然而,在频分双工(FDD)系统中,上行链路和下行链路采用不同的载波频率,这给识别共同特征带来了挑战。本文提出了一种新方法,利用相同频率范围内无源双端口网络散射参数之间固有的互易性来克服这一障碍。通过利用这种互易性,并考虑到紧邻的 FDD 频段,从上行链路和下行链路两个方向上的天线阵列相邻天线之间的相应 S 参数中提取的相位差预计将具有无缝的连续性。这种连续性确保了从两个传输端生成的密钥的一致性。此外,本文还提出了一种两阶段预处理方法,以有效提高性能。此外,论文还建议通过测量数据利用多项式曲线拟合来提高互易性,并提出了量化两个 FDD 频段合并点的非线性框架。采用多元线性回归进行统计分析,以确定与生成密钥相关的错误概率。实证结果验证了拟议密钥生成方案的可行性和有效性,肯定了其在随机性、效率、密钥分布均匀性和密钥分歧率 (KDR) 方面的属性。
{"title":"Pairwise Physical Layer Secret Key Generation for FDD Systems","authors":"Ehsan Olyaei Torshizi;Werner Henkel","doi":"10.1109/TIFS.2024.3468170","DOIUrl":"10.1109/TIFS.2024.3468170","url":null,"abstract":"Physical-layer secret key generation (PSKG) stands as a promising privacy protection technique, establishing shared encryption keys through the analysis of highly correlated wireless channel measurements. This approach relies on exploiting reciprocal channel characteristics between uplink and downlink transmissions. Nonetheless, the distinct carrier frequencies employed for uplink and downlink in frequency-division duplexing (FDD) systems pose a challenge in identifying common features. This paper presents a novel approach that exploits the inherent reciprocity between scattering parameters of passive two-port networks within same frequency ranges to overcome this obstacle. By capitalizing this reciprocity and considering closely situated FDD bands, a seamless continuity is anticipated in phase differences extracted form the corresponding S-parameters, between neighboring antennas of an antenna array from both uplink and downlink directions. This continuity, thereby ensures consistency in the generated keys from both transmission ends. Furthermore, a two-stage pre-processing method is proposed to enhance performance effectively. Additionally, the paper suggests the utilization of polynomial curve-fitting through measurement data to improve reciprocity and proposes a non-linear framework for quantizing the merging points of the two FDD bands. A statistical analysis employing multiple linear regression is provided to determine the error probability associated with the generated keys. Empirical results validate the feasibility and effectiveness of the proposed key generation scheme, affirming its attributes in terms of randomness, efficiency, key distribution uniformity, and key disagreement ratio (KDR).","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9518-9533"},"PeriodicalIF":6.3,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10693595","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142321596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-25DOI: 10.1109/TIFS.2024.3468156
Yuni Lai;Marcin Waniek;Liying Li;Jingwen Wu;Yulin Zhu;Tomasz P. Michalak;Talal Rahwan;Kai Zhou
Random Walks-based Anomaly Detection (RWAD) is commonly used to identify anomalous patterns in various applications. An intriguing characteristic of RWAD is that the input graph can either be pre-existing graphs or feature-derived graphs constructed from raw features. Consequently, there are two potential attack surfaces against RWAD: graph-space attacks and feature-space attacks. In this paper, we explore this vulnerability by designing practical coupled-space (interdependent feature-space and graph-space) attacks, investigating the interplay between graph-space and feature-space attacks. To this end, we conduct a thorough complexity analysis, proving that attacking RWAD is NP-hard. Then, we proceed to formulate the graph-space attack as a bi-level optimization problem and propose two strategies to solve it: alternative iteration (alterI-attack) or utilizing the closed-form solution of the random walk model (cf-attack). Finally, we utilize the results from the graph-space attacks as guidance to design more powerful feature-space attacks (i.e., graph-guided attacks). Comprehensive experiments demonstrate that our proposed attacks are effective in enabling the target nodes to evade the detection from RWAD with a limited attack budget. In addition, we conduct transfer attack experiments in a black-box setting, which show that our feature attack significantly decreases the anomaly scores of target nodes. Our study opens the door to studying the coupled-space attack against graph anomaly detection in which the graph space relies on the feature space.
{"title":"Coupled-Space Attacks Against Random-Walk-Based Anomaly Detection","authors":"Yuni Lai;Marcin Waniek;Liying Li;Jingwen Wu;Yulin Zhu;Tomasz P. Michalak;Talal Rahwan;Kai Zhou","doi":"10.1109/TIFS.2024.3468156","DOIUrl":"10.1109/TIFS.2024.3468156","url":null,"abstract":"Random Walks-based Anomaly Detection (RWAD) is commonly used to identify anomalous patterns in various applications. An intriguing characteristic of RWAD is that the input graph can either be pre-existing graphs or feature-derived graphs constructed from raw features. Consequently, there are two potential attack surfaces against RWAD: graph-space attacks and feature-space attacks. In this paper, we explore this vulnerability by designing practical coupled-space (interdependent feature-space and graph-space) attacks, investigating the interplay between graph-space and feature-space attacks. To this end, we conduct a thorough complexity analysis, proving that attacking RWAD is NP-hard. Then, we proceed to formulate the graph-space attack as a bi-level optimization problem and propose two strategies to solve it: alternative iteration (alterI-attack) or utilizing the closed-form solution of the random walk model (cf-attack). Finally, we utilize the results from the graph-space attacks as guidance to design more powerful feature-space attacks (i.e., graph-guided attacks). Comprehensive experiments demonstrate that our proposed attacks are effective in enabling the target nodes to evade the detection from RWAD with a limited attack budget. In addition, we conduct transfer attack experiments in a black-box setting, which show that our feature attack significantly decreases the anomaly scores of target nodes. Our study opens the door to studying the coupled-space attack against graph anomaly detection in which the graph space relies on the feature space.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9315-9329"},"PeriodicalIF":6.3,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142321752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-25DOI: 10.1109/TIFS.2024.3468171
Nate Mathews;James K. Holland;Nicholas Hopper;Matthew Wright
In this paper, we present Laserbeak, a new state-of-the-art website fingerprinting attack for Tor that achieves nearly 96% accuracy against FRONT-defended traffic by combining two innovations: 1) multi-channel traffic representations and 2) advanced techniques adapted from state-of-the-art computer vision models. Our work is the first to explore a range of different ways to represent traffic data for a classifier. We find a multi-channel input format that provides richer contextual information, enabling the model to learn robust representations even in the presence of heavy traffic obfuscation. We are also the first to examine how recent advances in transformer models can take advantage of these representations. Our novel model architecture utilizing multi-headed attention layers enhances the capture of both local and global patterns. By combining these innovations, Laserbeak demonstrates absolute performance improvements of up to 36.2% (e.g., from 27.6% to 63.8%) compared with prior attacks against defended traffic. Experiments highlight Laserbeak’s capabilities in multiple scenarios, including a large open-world dataset where it achieves over 80% recall at 99% precision on traffic obfuscated with padding defenses. These advances reduce the remaining anonymity in Tor against fingerprinting threats, underscoring the need for stronger defenses.
在本文中,我们介绍了 Laserbeak,这是一种针对 Tor 的全新先进网站指纹识别攻击,通过结合两种创新技术,该攻击对 FRONT 防御流量的准确率接近 96%:1)多通道流量表示法;2)从最先进的计算机视觉模型中改编而来的先进技术。我们的工作首次为分类器探索了一系列不同的流量数据表示方法。我们发现一种多通道输入格式能提供更丰富的上下文信息,使模型即使在严重交通混淆的情况下也能学习稳健的表示。我们还首次研究了变换器模型的最新进展如何利用这些表征。我们新颖的模型架构利用多头注意力层增强了对局部和全局模式的捕捉。通过结合这些创新,Laserbeak 的绝对性能比以前针对防御流量的攻击提高了 36.2%(例如,从 27.6% 提高到 63.8%)。实验凸显了 Laserbeak 在多种场景下的能力,包括在一个大型开放世界数据集上,Laserbeak 以 99% 的精确度对经过填充防御混淆处理的流量实现了 80% 以上的召回率。这些进步降低了 Tor 中剩余的匿名性,使其无法抵御指纹识别威胁,从而突出了加强防御的必要性。
{"title":"Laserbeak: Evolving Website Fingerprinting Attacks With Attention and Multi-Channel Feature Representation","authors":"Nate Mathews;James K. Holland;Nicholas Hopper;Matthew Wright","doi":"10.1109/TIFS.2024.3468171","DOIUrl":"10.1109/TIFS.2024.3468171","url":null,"abstract":"In this paper, we present Laserbeak, a new state-of-the-art website fingerprinting attack for Tor that achieves nearly 96% accuracy against FRONT-defended traffic by combining two innovations: 1) multi-channel traffic representations and 2) advanced techniques adapted from state-of-the-art computer vision models. Our work is the first to explore a range of different ways to represent traffic data for a classifier. We find a multi-channel input format that provides richer contextual information, enabling the model to learn robust representations even in the presence of heavy traffic obfuscation. We are also the first to examine how recent advances in transformer models can take advantage of these representations. Our novel model architecture utilizing multi-headed attention layers enhances the capture of both local and global patterns. By combining these innovations, Laserbeak demonstrates absolute performance improvements of up to 36.2% (e.g., from 27.6% to 63.8%) compared with prior attacks against defended traffic. Experiments highlight Laserbeak’s capabilities in multiple scenarios, including a large open-world dataset where it achieves over 80% recall at 99% precision on traffic obfuscated with padding defenses. These advances reduce the remaining anonymity in Tor against fingerprinting threats, underscoring the need for stronger defenses.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9285-9300"},"PeriodicalIF":6.3,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142321597","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-09-24DOI: 10.1109/TIFS.2024.3463528
Jose A. Gutierrez del Arroyo;Brett J. Borghetti;Michael A. Temple
Radio Frequency Fingerprinting (RFF) is the attribution of uniquely identifiable signal distortions to emitters via Machine Learning (ML) classifiers. RFF approaches relying on pre-determined expert features lack generalizability, and state-of-the-art approaches based on Convolutional Neural Networks (CNNs) can be too demanding for endpoint devices to train. This work presents Fingerprint Extraction through Distortion Reconstruction (FEDR), a best-of-both-worlds technique which employs a pre-trained CNN to identify and extract a small, salient set of unique features, amenable for use in lightweight machine learning models. Given a received distorted signal, the FEDR network encodes signal distortions into “fingerprints,” which can be used by lightweight ML classifiers to perform RFF with minimal resource consumption at the endpoint. FEDR learns by transforming generated signals into reconstructions of received signals, relying solely on the fingerprints as representations of the distortions – as the reconstructions improve, the fingerprints better encode the distortions. The FEDR technique was evaluated on synthetic IQ-imbalanced IEEE 802.11a/g data, where FEDR fingerprints were shown to encode actual IQ imbalance parameters, signifying successful isolation of distortion information and validating the FEDR technique. FEDR was further evaluated on a representative real-world WiFi dataset, where extracted fingerprints were coupled with a lightweight two-layer dense network. When compared against two common RFF techniques, the FEDR-based approach achieved state-of-the-art performance with Matthews Correlation Coefficient ranging from 0.984 (5 classes) to 0.851 (100 classes), using nearly 73% fewer training parameters than the next-best technique.
{"title":"Fingerprint Extraction Through Distortion Reconstruction (FEDR): A CNN-Based Approach to RF Fingerprinting","authors":"Jose A. Gutierrez del Arroyo;Brett J. Borghetti;Michael A. Temple","doi":"10.1109/TIFS.2024.3463528","DOIUrl":"10.1109/TIFS.2024.3463528","url":null,"abstract":"Radio Frequency Fingerprinting (RFF) is the attribution of uniquely identifiable signal distortions to emitters via Machine Learning (ML) classifiers. RFF approaches relying on pre-determined expert features lack generalizability, and state-of-the-art approaches based on Convolutional Neural Networks (CNNs) can be too demanding for endpoint devices to train. This work presents Fingerprint Extraction through Distortion Reconstruction (FEDR), a best-of-both-worlds technique which employs a pre-trained CNN to identify and extract a small, salient set of unique features, amenable for use in lightweight machine learning models. Given a received distorted signal, the FEDR network encodes signal distortions into “fingerprints,” which can be used by lightweight ML classifiers to perform RFF with minimal resource consumption at the endpoint. FEDR learns by transforming generated signals into reconstructions of received signals, relying solely on the fingerprints as representations of the distortions – as the reconstructions improve, the fingerprints better encode the distortions. The FEDR technique was evaluated on synthetic IQ-imbalanced IEEE 802.11a/g data, where FEDR fingerprints were shown to encode actual IQ imbalance parameters, signifying successful isolation of distortion information and validating the FEDR technique. FEDR was further evaluated on a representative real-world WiFi dataset, where extracted fingerprints were coupled with a lightweight two-layer dense network. When compared against two common RFF techniques, the FEDR-based approach achieved state-of-the-art performance with Matthews Correlation Coefficient ranging from 0.984 (5 classes) to 0.851 (100 classes), using nearly 73% fewer training parameters than the next-best technique.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9258-9269"},"PeriodicalIF":6.3,"publicationDate":"2024-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142317659","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: