Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888883
Haiyue Yuan, Shujun Li
The main aim of this paper is to provide useful insights to researchers, practitioners and policy makers about cyber security risks of the so-called “net zero technologies”, technologies that can help achieve the “net zero” greenhouse gas (GHG) emission goal set by many countries and the United Nations. The paper first reviews the general background about the NZ goal and selected sectors with important NZ-related technologies, and then focuses on a broad analysis of cyber security risks of NZ-related technologies and relevant solutions, from both technological and socio-technical aspects. This paper concludes with a list of identified open challenges that require more future research and development and some recommendations to different stakeholders of NZ-related technologies.
{"title":"Cyber Security Risks of Net Zero Technologies","authors":"Haiyue Yuan, Shujun Li","doi":"10.1109/DSC54232.2022.9888883","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888883","url":null,"abstract":"The main aim of this paper is to provide useful insights to researchers, practitioners and policy makers about cyber security risks of the so-called “net zero technologies”, technologies that can help achieve the “net zero” greenhouse gas (GHG) emission goal set by many countries and the United Nations. The paper first reviews the general background about the NZ goal and selected sectors with important NZ-related technologies, and then focuses on a broad analysis of cyber security risks of NZ-related technologies and relevant solutions, from both technological and socio-technical aspects. This paper concludes with a list of identified open challenges that require more future research and development and some recommendations to different stakeholders of NZ-related technologies.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124245975","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cyber Physical Systems (CPS) security has gained a lot of interest in recent years. Different approaches have been proposed to tackle the security challenges. Intrusion detection has been of most interest so far, involving design-based and data-based approaches. Design-based approaches require domain expertise and are not scalable, on the other hand, data-based approaches suffer from the lack of real-world datasets available for specific critical physical processes. In this work, a data collection effort is made on a realistic Water Distribution (WADI) test-bed. Collected data consists of both the normal operation as well as a range of attack scenarios. Next, machine learning-based system-modeling techniques are considered using the data from WADI. It is shown that the accuracy of system model-based intrusion detectors depends on the model accuracy and for non-linear processes, it is non-trivial to obtain accurate system models. Moreover, an operational invariants-based attack detection technique is proposed using the system design parameters. It is shown that using a simple rule-based anomaly detector performs better than the complex black-box data-based techniques.
{"title":"Curse of System Complexity and Virtue of Operational Invariants: Machine Learning based System Modeling and Attack Detection in CPS","authors":"Muhammad Omer Shahid, Chuadhry Mujeeb Ahmed, Venkata Reddy Palleti, Jianying Zhou","doi":"10.1109/DSC54232.2022.9888940","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888940","url":null,"abstract":"Cyber Physical Systems (CPS) security has gained a lot of interest in recent years. Different approaches have been proposed to tackle the security challenges. Intrusion detection has been of most interest so far, involving design-based and data-based approaches. Design-based approaches require domain expertise and are not scalable, on the other hand, data-based approaches suffer from the lack of real-world datasets available for specific critical physical processes. In this work, a data collection effort is made on a realistic Water Distribution (WADI) test-bed. Collected data consists of both the normal operation as well as a range of attack scenarios. Next, machine learning-based system-modeling techniques are considered using the data from WADI. It is shown that the accuracy of system model-based intrusion detectors depends on the model accuracy and for non-linear processes, it is non-trivial to obtain accurate system models. Moreover, an operational invariants-based attack detection technique is proposed using the system design parameters. It is shown that using a simple rule-based anomaly detector performs better than the complex black-box data-based techniques.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126432011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888845
Nanjiang Xie, Zheng Gong, Yufeng Tang, Lei Wang, Yamin Wen
All along, white-box cryptography researchers focus on the design and implementation of certain primitives but less to the practice of the cipher working modes. For example, the Galois/Counter Mode (GCM) requires block ciphers to perform only the encrypting operations, which inevitably facing code-lifting attacks under the white-box security model. In this paper, a code-lifting resisted GCM (which is named WBGCM) is proposed to mitigate this security drawbacks in the white-box context. The basic idea is to combining external encodings with exclusive-or operations in GCM, and therefore two different schemes are designed with external encodings (WBGCM-EE) and maskings (WBGCM-Maksing), respectively. Furthermore, WBGCM is instantiated with Chow et al.'s white-box AES, and the experiments show that the processing speeds of WBGCM-EE and WBGCM-Masking achieves about 5 MBytes/Second with a marginal storage overhead.
{"title":"Protecting White-Box Block Ciphers with Galois/Counter Mode","authors":"Nanjiang Xie, Zheng Gong, Yufeng Tang, Lei Wang, Yamin Wen","doi":"10.1109/DSC54232.2022.9888845","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888845","url":null,"abstract":"All along, white-box cryptography researchers focus on the design and implementation of certain primitives but less to the practice of the cipher working modes. For example, the Galois/Counter Mode (GCM) requires block ciphers to perform only the encrypting operations, which inevitably facing code-lifting attacks under the white-box security model. In this paper, a code-lifting resisted GCM (which is named WBGCM) is proposed to mitigate this security drawbacks in the white-box context. The basic idea is to combining external encodings with exclusive-or operations in GCM, and therefore two different schemes are designed with external encodings (WBGCM-EE) and maskings (WBGCM-Maksing), respectively. Furthermore, WBGCM is instantiated with Chow et al.'s white-box AES, and the experiments show that the processing speeds of WBGCM-EE and WBGCM-Masking achieves about 5 MBytes/Second with a marginal storage overhead.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"31 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131958551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888796
Wei-Loon Mow, Shih-Kun Huang, H. Hsiao
Address space layout randomization (ASLR) is a binary protection technique that randomizes a binary's loaded base addresses in every execution. It hardens binaries against exploitation by preventing attackers from reusing identified resources (e.g., code gadgets or stack buffers found at specific memory locations) in subsequent executions. As most modern compilers and operating systems enable ASLR by default, an effective automated exploit generation (AEG) system should be resilient to ASLR when constructing exploits. However, previ-ously proposed AEG systems either assume the absence of ASLR or only bypass it under limited circumstances, and thus cannot reliably exploit binaries running on modern operating systems. With the aim of improving AEG's practicality by developing an ASLR-resilient AEG system, we designed and implemented leak-based AEG (LAEG), a system that can recover randomized base addresses by leaking additional information at runtime. Specifically, given a proof-of-crash input, LAEG uses dynamic taint analysis to analyze the black-box binary, and identifies the input and output states relevant to the base address information. By doing so, LAEG can efficiently recover base addresses from uninitialized buffers and use them to construct an exploit that is resilient to ASLR. Moreover, our tests established that LAEG could successfully construct exploits that bypass state-of-the-art types of binary protection, including not only ASLR but PIE, NX, and stack canary. Besides that, LAEG exhibited better performance than an open-source AEG solution, Zeratool; and was between 6.46x and 45.15x faster at exploit generation than human experts were.
{"title":"LAEG: Leak-based AEG using Dynamic Binary Analysis to Defeat ASLR","authors":"Wei-Loon Mow, Shih-Kun Huang, H. Hsiao","doi":"10.1109/DSC54232.2022.9888796","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888796","url":null,"abstract":"Address space layout randomization (ASLR) is a binary protection technique that randomizes a binary's loaded base addresses in every execution. It hardens binaries against exploitation by preventing attackers from reusing identified resources (e.g., code gadgets or stack buffers found at specific memory locations) in subsequent executions. As most modern compilers and operating systems enable ASLR by default, an effective automated exploit generation (AEG) system should be resilient to ASLR when constructing exploits. However, previ-ously proposed AEG systems either assume the absence of ASLR or only bypass it under limited circumstances, and thus cannot reliably exploit binaries running on modern operating systems. With the aim of improving AEG's practicality by developing an ASLR-resilient AEG system, we designed and implemented leak-based AEG (LAEG), a system that can recover randomized base addresses by leaking additional information at runtime. Specifically, given a proof-of-crash input, LAEG uses dynamic taint analysis to analyze the black-box binary, and identifies the input and output states relevant to the base address information. By doing so, LAEG can efficiently recover base addresses from uninitialized buffers and use them to construct an exploit that is resilient to ASLR. Moreover, our tests established that LAEG could successfully construct exploits that bypass state-of-the-art types of binary protection, including not only ASLR but PIE, NX, and stack canary. Besides that, LAEG exhibited better performance than an open-source AEG solution, Zeratool; and was between 6.46x and 45.15x faster at exploit generation than human experts were.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115480383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888820
Alexander Köberl, H. Bock, C. Steger
Distributed Ledger Technology is a powerful tool to support direct collaboration between organisations, without requiring full trust into a centralised infrastructure. By defining a program logic and access policies with smart contracts, all interactions are verified in the distributed network and the history of the data is recorded on the ledger. Blockchain implementations targeting enterprise use cases also provide means for private transactions, where the content of the transaction is only readable by authorized participants. Direct access to the ledger requires a node with reliable connection to the network and sufficient computational resources, which usually cannot be fulfilled with lightweight Internet of Things devices and mobile applications. We present an advanced system for accessing an enterprise Blockchain through dedicated gateway nodes, while preserving the functionality of private transactions. A hybrid approach is used to allow computation- and storage restricted clients to send private transactions through a central gateway, and use Light Ethereum Subprotocol to verify the data integrity based on proofs from distributed nodes. To increase the client-side security level, we introduce a dedicated Hardware Security Module for key management and efficient execution of the cryptographic primitives. A proof-of-concept implementation, using the Quorum Blockchain client and an extension for the Tessera transaction manager, validates the feasibility of the approach and can be used for further research in this field.
{"title":"A Novel Approach for Providing Client-Verifiable and Efficient Access to Private Smart Contracts","authors":"Alexander Köberl, H. Bock, C. Steger","doi":"10.1109/DSC54232.2022.9888820","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888820","url":null,"abstract":"Distributed Ledger Technology is a powerful tool to support direct collaboration between organisations, without requiring full trust into a centralised infrastructure. By defining a program logic and access policies with smart contracts, all interactions are verified in the distributed network and the history of the data is recorded on the ledger. Blockchain implementations targeting enterprise use cases also provide means for private transactions, where the content of the transaction is only readable by authorized participants. Direct access to the ledger requires a node with reliable connection to the network and sufficient computational resources, which usually cannot be fulfilled with lightweight Internet of Things devices and mobile applications. We present an advanced system for accessing an enterprise Blockchain through dedicated gateway nodes, while preserving the functionality of private transactions. A hybrid approach is used to allow computation- and storage restricted clients to send private transactions through a central gateway, and use Light Ethereum Subprotocol to verify the data integrity based on proofs from distributed nodes. To increase the client-side security level, we introduce a dedicated Hardware Security Module for key management and efficient execution of the cryptographic primitives. A proof-of-concept implementation, using the Quorum Blockchain client and an extension for the Tessera transaction manager, validates the feasibility of the approach and can be used for further research in this field.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124679206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888906
Leigh Turnbull, Zhiyuan Tan, Kehinde O. Babaagba
Malicious software trends show a persistent yearly increase in volume and cost impact. More than 350,000 new malicious or unwanted programs that target various technologies were registered daily over the past year. Metamorphic malware is a specifically dangerous group of malicious software that perturbs its structure between generations. Detecting these types of malware, thus, appear to be more challenging. Recent research demonstrates that Machine Learning (ML) techniques outper-form traditional methods in detecting known and uncategorised malware variants. Hence, this research aims to investigate the use of ML, a Generative Neural Network specifically, for enhancing metamorphic malware detection in Android (the most popular mobile operating system) via augmenting training data. The results show the augmented training data, containing novel samples derived from Deep Convolutional Generative Adversarial Network (DCGAN) and features from metamorphic malware samples, improves the detection performance of unseen meta-morphic malware.
{"title":"A Generative Neural Network for Enhancing Android Metamorphic Malware Detection based on Behaviour Profiling","authors":"Leigh Turnbull, Zhiyuan Tan, Kehinde O. Babaagba","doi":"10.1109/DSC54232.2022.9888906","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888906","url":null,"abstract":"Malicious software trends show a persistent yearly increase in volume and cost impact. More than 350,000 new malicious or unwanted programs that target various technologies were registered daily over the past year. Metamorphic malware is a specifically dangerous group of malicious software that perturbs its structure between generations. Detecting these types of malware, thus, appear to be more challenging. Recent research demonstrates that Machine Learning (ML) techniques outper-form traditional methods in detecting known and uncategorised malware variants. Hence, this research aims to investigate the use of ML, a Generative Neural Network specifically, for enhancing metamorphic malware detection in Android (the most popular mobile operating system) via augmenting training data. The results show the augmented training data, containing novel samples derived from Deep Convolutional Generative Adversarial Network (DCGAN) and features from metamorphic malware samples, improves the detection performance of unseen meta-morphic malware.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130411148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888942
Eva Papadogiannaki, Giorgos Tsirantonakis, S. Ioannidis
Traditional signature-based intrusion detection systems inspect packet headers and payloads to report any malicious or abnormal traffic behavior that is observed in the network. With the advent and rapid adoption of network encryption mechanisms, typical deep packet inspection systems that focus only on the processing of network packet payload contents are gradually becoming obsolete. Advancing intrusion detection tools to be also effective in encrypted networks is crucial. In this work, we propose a signature language indicating packet sequences. Signatures detect events of possible intrusions and malicious actions in encrypted networks using packet metadata. We demonstrate the effectiveness of this methodology using different tools for penetrating vulnerable web servers and a public dataset with traffic that originates from IoT malware. We implement the signature language and we integrate it into an intrusion detection system. Using our proposed methodology, the generated signatures can effectively and efficiently report intrusion attempts.
{"title":"Network Intrusion Detection in Encrypted Traffic","authors":"Eva Papadogiannaki, Giorgos Tsirantonakis, S. Ioannidis","doi":"10.1109/DSC54232.2022.9888942","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888942","url":null,"abstract":"Traditional signature-based intrusion detection systems inspect packet headers and payloads to report any malicious or abnormal traffic behavior that is observed in the network. With the advent and rapid adoption of network encryption mechanisms, typical deep packet inspection systems that focus only on the processing of network packet payload contents are gradually becoming obsolete. Advancing intrusion detection tools to be also effective in encrypted networks is crucial. In this work, we propose a signature language indicating packet sequences. Signatures detect events of possible intrusions and malicious actions in encrypted networks using packet metadata. We demonstrate the effectiveness of this methodology using different tools for penetrating vulnerable web servers and a public dataset with traffic that originates from IoT malware. We implement the signature language and we integrate it into an intrusion detection system. Using our proposed methodology, the generated signatures can effectively and efficiently report intrusion attempts.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"184 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116040997","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888911
Warren Z. Cabral, L. Sikos, C. Valli
Conpot is a low-interaction SCADA honeypot system that mimics a Siemens S7-200 proprietary device on default deployments. Honeypots operating using standard configurations can be easily detected by adversaries using scanning tools such as Shodan. This study focuses on the capabilities of the Conpot honeypot, and how these competences can be used to lure attackers. In addition, the presented research establishes a framework that enables for the customized configuration, thereby enhancing its functionality to achieve a high degree of deceptiveness and realism when presented to the Shodan scanners. A comparison between the default and configured deployments is further conducted to prove the modified deployments' effectiveness. The resulting annotations can assist cybersecurity personnel to better acknowledge the effectiveness of the honeypot's artifacts and how they can be used deceptively. Lastly, it informs and educates cybersecurity audiences on how important it is to deploy honeypots with advanced deceptive configurations to bait cybercriminals.
{"title":"Shodan Indicators Used to Detect Standard Conpot Implementations and Their Improvement Through Sophisticated Customization","authors":"Warren Z. Cabral, L. Sikos, C. Valli","doi":"10.1109/DSC54232.2022.9888911","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888911","url":null,"abstract":"Conpot is a low-interaction SCADA honeypot system that mimics a Siemens S7-200 proprietary device on default deployments. Honeypots operating using standard configurations can be easily detected by adversaries using scanning tools such as Shodan. This study focuses on the capabilities of the Conpot honeypot, and how these competences can be used to lure attackers. In addition, the presented research establishes a framework that enables for the customized configuration, thereby enhancing its functionality to achieve a high degree of deceptiveness and realism when presented to the Shodan scanners. A comparison between the default and configured deployments is further conducted to prove the modified deployments' effectiveness. The resulting annotations can assist cybersecurity personnel to better acknowledge the effectiveness of the honeypot's artifacts and how they can be used deceptively. Lastly, it informs and educates cybersecurity audiences on how important it is to deploy honeypots with advanced deceptive configurations to bait cybercriminals.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122674704","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-06-22DOI: 10.1109/DSC54232.2022.9888836
Sudhir Kumar Rai, Ashish R. Mittal, Sparsh Mittal
As the malware menace exacerbates, dynamic malware detection (DMD) has become even more critical. In this paper, we present a machine-learning-based DMD technique. We propose generating node embedding features (NEFs) from process execution chains. We use NEFs and other features based on the command line, file path, and action taken by a process and feed them to our machine learning (ML) classification algorithms. We evaluated two ML classifiers, viz., light gradient boosting machine (LGBM) and XGBoost. We perform experiments on a real-world dataset provided by a leading anti-virus company. Our technique achieves high accuracy, and the use of NEFs improves the predictive performance of ML classification algorithms. Also, NEFs are found to be highly important in both these algorithms.
{"title":"A Node-Embedding Features Based Machine Learning Technique for Dynamic Malware Detection","authors":"Sudhir Kumar Rai, Ashish R. Mittal, Sparsh Mittal","doi":"10.1109/DSC54232.2022.9888836","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888836","url":null,"abstract":"As the malware menace exacerbates, dynamic malware detection (DMD) has become even more critical. In this paper, we present a machine-learning-based DMD technique. We propose generating node embedding features (NEFs) from process execution chains. We use NEFs and other features based on the command line, file path, and action taken by a process and feed them to our machine learning (ML) classification algorithms. We evaluated two ML classifiers, viz., light gradient boosting machine (LGBM) and XGBoost. We perform experiments on a real-world dataset provided by a leading anti-virus company. Our technique achieves high accuracy, and the use of NEFs improves the predictive performance of ML classification algorithms. Also, NEFs are found to be highly important in both these algorithms.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126813105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-02-11DOI: 10.1109/DSC54232.2022.9888823
A. Shah, Ahsan Adeel, Jawad Ahmad, A. Al-Dubai, M. Gogate, A. Bishnu, Muhammad Diyan, Tassadaq Hussain, K. Dashtipour, T. Ratnarajah, Amir Hussain
Multimodal hearing aids (HAs) aim to deliver more intelligible audio in noisy environments by contextually sensing and processing data in the form of not only audio but also visual information (e.g. lip reading). Machine learning techniques can play a pivotal role for the contextual processing of multimodal data, however, due to the low computational power of the HA devices, the data must be processed either on the edge or cloud which, in turn, poses privacy concerns for the users' sensitive data. Existing literature proposes several techniques for data encryption but their computational complexity is a major bottleneck to meet strict latency requirements for the development of future multi-modal hearing aids. To overcome this problem, this paper proposes a novel real-time audio/visual data encryption scheme based on chaos-based encryption using the Tangent-Delay Ellipse Reflecting Cavity-Map System (TD-ERCS) and Non-linear Chaotic (NCA) Algorithms. The results achieved against different security analysis parameters such as Correlation Coefficient, Unified Averaged Changed Intensity (UACI), Key Sensitivity Analysis, Number of Changing Pixel Rate (NPCR), Mean-Square Error (MSE), Peak Signal to Noise Ratio (PSNR), Entropy test, and Chi-test, indicate that the proposed scheme is more secure with increased key-space against modern brute-force attacks and lightweight as compared to existing schemes.
{"title":"A Novel Chaos-based Light-weight Image Encryption Scheme for Multi-modal Hearing Aids","authors":"A. Shah, Ahsan Adeel, Jawad Ahmad, A. Al-Dubai, M. Gogate, A. Bishnu, Muhammad Diyan, Tassadaq Hussain, K. Dashtipour, T. Ratnarajah, Amir Hussain","doi":"10.1109/DSC54232.2022.9888823","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888823","url":null,"abstract":"Multimodal hearing aids (HAs) aim to deliver more intelligible audio in noisy environments by contextually sensing and processing data in the form of not only audio but also visual information (e.g. lip reading). Machine learning techniques can play a pivotal role for the contextual processing of multimodal data, however, due to the low computational power of the HA devices, the data must be processed either on the edge or cloud which, in turn, poses privacy concerns for the users' sensitive data. Existing literature proposes several techniques for data encryption but their computational complexity is a major bottleneck to meet strict latency requirements for the development of future multi-modal hearing aids. To overcome this problem, this paper proposes a novel real-time audio/visual data encryption scheme based on chaos-based encryption using the Tangent-Delay Ellipse Reflecting Cavity-Map System (TD-ERCS) and Non-linear Chaotic (NCA) Algorithms. The results achieved against different security analysis parameters such as Correlation Coefficient, Unified Averaged Changed Intensity (UACI), Key Sensitivity Analysis, Number of Changing Pixel Rate (NPCR), Mean-Square Error (MSE), Peak Signal to Noise Ratio (PSNR), Entropy test, and Chi-test, indicate that the proposed scheme is more secure with increased key-space against modern brute-force attacks and lightweight as compared to existing schemes.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"135 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121579492","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: