Pub Date : 2021-04-01DOI: 10.1186/s13635-023-00141-4
Feifei Hu, Situo Zhang, Xubin Lin, Liu Wu, N. Liao, Yanqi Song
{"title":"Network traffic classification model based on attention mechanism and spatiotemporal features","authors":"Feifei Hu, Situo Zhang, Xubin Lin, Liu Wu, N. Liao, Yanqi Song","doi":"10.1186/s13635-023-00141-4","DOIUrl":"https://doi.org/10.1186/s13635-023-00141-4","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":" ","pages":""},"PeriodicalIF":3.6,"publicationDate":"2021-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48521784","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1186/s13635-021-00119-0
B. Tondi, Andrea Costanzo, Dequ Huang, Bin Li
{"title":"Boosting CNN-based primary quantization matrix estimation of double JPEG images via a classification-like architecture","authors":"B. Tondi, Andrea Costanzo, Dequ Huang, Bin Li","doi":"10.1186/s13635-021-00119-0","DOIUrl":"https://doi.org/10.1186/s13635-021-00119-0","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"2021 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-021-00119-0","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45033690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper investigates the visual quality of the adversarial examples. Recent papers propose to smooth the perturbations to get rid of high frequency artifacts. In this work, smoothing has a different meaning as it perceptually shapes the perturbation according to the visual content of the image to be attacked. The perturbation becomes locally smooth on the flat areas of the input image, but it may be noisy on its textured areas and sharp across its edges.This operation relies on Laplacian smoothing, well-known in graph signal processing, which we integrate in the attack pipeline. We benchmark several attacks with and without smoothing under a white box scenario and evaluate their transferability. Despite the additional constraint of smoothness, our attack has the same probability of success at lower distortion.
{"title":"Smooth adversarial examples","authors":"Hanwei Zhang, Yannis Avrithis, Teddy Furon, Laurent Amsaleg","doi":"10.1186/s13635-020-00112-z","DOIUrl":"https://doi.org/10.1186/s13635-020-00112-z","url":null,"abstract":"This paper investigates the visual quality of the adversarial examples. Recent papers propose to smooth the perturbations to get rid of high frequency artifacts. In this work, smoothing has a different meaning as it perceptually shapes the perturbation according to the visual content of the image to be attacked. The perturbation becomes locally smooth on the flat areas of the input image, but it may be noisy on its textured areas and sharp across its edges.This operation relies on Laplacian smoothing, well-known in graph signal processing, which we integrate in the attack pipeline. We benchmark several attacks with and without smoothing under a white box scenario and evaluate their transferability. Despite the additional constraint of smoothness, our attack has the same probability of success at lower distortion.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"94 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138536945","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-08-18DOI: 10.1186/s13635-020-00113-y
Oluwakemi Christiana Abikoye, Abdullahi Abubakar, Ahmed Haruna Dokoro, Oluwatobi Noah Akande, Aderonke Anthonia Kayode
Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user’s input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks
{"title":"A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm","authors":"Oluwakemi Christiana Abikoye, Abdullahi Abubakar, Ahmed Haruna Dokoro, Oluwatobi Noah Akande, Aderonke Anthonia Kayode","doi":"10.1186/s13635-020-00113-y","DOIUrl":"https://doi.org/10.1186/s13635-020-00113-y","url":null,"abstract":"Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user’s input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"19 3-4 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138536911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The rapid development of IoT technology has led to the usage of various devices in our daily life. Along with the ever-increasing rise of the Internet of Things, the use of appropriate methods for establishing secure communications in health care systems is vital. The adoption of high-security optimal mechanisms for this purpose has been more effective regarding the efficiency of medical information systems; hence, many studies are being conducted in this field today. One of the most important components is the RFID cards that can be used for communication between entities in the environment. In healthcare systems, patient information is critical and nobody should have access to this information. Thus, providing security for these networks is essential. Recently, good researches have been done in the area of authentication for medical information systems, using RFID technology, which has a low computational cost. In this paper, we propose a novel method based on elliptic curve cryptography for vital and efficient and scalable authentication between RFID cards, card readers, and servers. This proposed method maintains security and has less computational cost and low elliptic curve point multiplication running time compared to similar recent methods.
{"title":"Scalable, efficient, and secure RFID with elliptic curve cryptosystem for Internet of Things in healthcare environment","authors":"Davood Noori, Hassan Shakeri, Masood Niazi Torshiz","doi":"10.1186/s13635-020-00114-x","DOIUrl":"https://doi.org/10.1186/s13635-020-00114-x","url":null,"abstract":"The rapid development of IoT technology has led to the usage of various devices in our daily life. Along with the ever-increasing rise of the Internet of Things, the use of appropriate methods for establishing secure communications in health care systems is vital. The adoption of high-security optimal mechanisms for this purpose has been more effective regarding the efficiency of medical information systems; hence, many studies are being conducted in this field today. One of the most important components is the RFID cards that can be used for communication between entities in the environment. In healthcare systems, patient information is critical and nobody should have access to this information. Thus, providing security for these networks is essential. Recently, good researches have been done in the area of authentication for medical information systems, using RFID technology, which has a low computational cost. In this paper, we propose a novel method based on elliptic curve cryptography for vital and efficient and scalable authentication between RFID cards, card readers, and servers. This proposed method maintains security and has less computational cost and low elliptic curve point multiplication running time compared to similar recent methods.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"1 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138543382","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-07-16DOI: 10.1186/s13635-020-00115-w
R. Schmitz
{"title":"Use of SHDM in commutative watermarking encryption","authors":"R. Schmitz","doi":"10.1186/s13635-020-00115-w","DOIUrl":"https://doi.org/10.1186/s13635-020-00115-w","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":" ","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-020-00115-w","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49640514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-06-23DOI: 10.1186/s13635-020-00104-z
Cecilia Pasquini, Rainer Böhme
Backdoor attacks against supervised machine learning methods seek to modify the training samples in such a way that, at inference time, the presence of a specific pattern (trigger) in the input data causes misclassifications to a target class chosen by the adversary. Successful backdoor attacks have been presented in particular for face recognition systems based on deep neural networks (DNNs). These attacks were evaluated for identical triggers at training and inference time. However, the vulnerability to backdoor attacks in practice crucially depends on the sensitivity of the backdoored classifier to approximate trigger inputs. To assess this, we study the response of a backdoored DNN for face recognition to trigger signals that have been transformed with typical image processing operators of varying strength. Results for different kinds of geometric and color transformations suggest that in particular geometric misplacements and partial occlusions of the trigger limit the effectiveness of the backdoor attacks considered. Moreover, our analysis reveals that the spatial interaction of the trigger with the subject’s face affects the success of the attack. Experiments with physical triggers inserted in live acquisitions validate the observed response of the DNN when triggers are inserted digitally.
{"title":"Trembling triggers: exploring the sensitivity of backdoors in DNN-based face recognition","authors":"Cecilia Pasquini, Rainer Böhme","doi":"10.1186/s13635-020-00104-z","DOIUrl":"https://doi.org/10.1186/s13635-020-00104-z","url":null,"abstract":"Backdoor attacks against supervised machine learning methods seek to modify the training samples in such a way that, at inference time, the presence of a specific pattern (trigger) in the input data causes misclassifications to a target class chosen by the adversary. Successful backdoor attacks have been presented in particular for face recognition systems based on deep neural networks (DNNs). These attacks were evaluated for identical triggers at training and inference time. However, the vulnerability to backdoor attacks in practice crucially depends on the sensitivity of the backdoored classifier to approximate trigger inputs. To assess this, we study the response of a backdoored DNN for face recognition to trigger signals that have been transformed with typical image processing operators of varying strength. Results for different kinds of geometric and color transformations suggest that in particular geometric misplacements and partial occlusions of the trigger limit the effectiveness of the backdoor attacks considered. Moreover, our analysis reveals that the spatial interaction of the trigger with the subject’s face affects the success of the attack. Experiments with physical triggers inserted in live acquisitions validate the observed response of the DNN when triggers are inserted digitally.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"142 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138536910","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-06-01DOI: 10.1186/s13635-020-00107-w
Keming Dong, Hyoung-Joong Kim, Xiaohan Yu, Xiaoqing Feng
{"title":"Reversible data hiding for binary images based on adaptive overlapping pattern","authors":"Keming Dong, Hyoung-Joong Kim, Xiaohan Yu, Xiaoqing Feng","doi":"10.1186/s13635-020-00107-w","DOIUrl":"https://doi.org/10.1186/s13635-020-00107-w","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":" ","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-020-00107-w","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45598438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-05-26DOI: 10.1186/s13635-020-00111-0
K. Kandasamy, Sethuraman Srinivas, K. Achuthan, Venkat Rangan
{"title":"IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process","authors":"K. Kandasamy, Sethuraman Srinivas, K. Achuthan, Venkat Rangan","doi":"10.1186/s13635-020-00111-0","DOIUrl":"https://doi.org/10.1186/s13635-020-00111-0","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"2020 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-020-00111-0","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"65684052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-05-24DOI: 10.1186/s13635-020-00110-1
Junfeng Tian, Zilong Wang, Zhen Li
{"title":"Low-cost data partitioning and encrypted backup scheme for defending against co-resident attacks","authors":"Junfeng Tian, Zilong Wang, Zhen Li","doi":"10.1186/s13635-020-00110-1","DOIUrl":"https://doi.org/10.1186/s13635-020-00110-1","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":" ","pages":""},"PeriodicalIF":3.6,"publicationDate":"2020-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-020-00110-1","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47391237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}