Biblio

Semantic image annotation is a field of paramount importance in which deep learning excels. However, some application domains, like security or medicine, may need an explanation of this annotation. Explainable Artificial Intelligence is an answer to this need. In this work, an explanation is a sentence in natural language that is dedicated to human users to provide them clues about the process that leads to the decision: the labels assignment to image parts. We focus on semantic image annotation with fuzzy logic that has proven to be a useful framework that captures both image segmentation imprecision and the vagueness of human spatial knowledge and vocabulary. In this paper, we present an algorithm for textual explanation generation of the semantic annotation of image regions.

The accessibility of the internet and mobile platforms has risen dramatically due to digital technology innovations. Web applications have opened up a variety of market possibilities by supplying consumers with a wide variety of digital technologies that benefit from high accessibility and functionality. Around the same time, web application protection continues to be an important challenge on the internet, and security must be taken seriously in order to secure confidential data. The threat is caused by inadequate validation of user input information, software developed without strict adherence to safety standards, vulnerability of reusable software libraries, software weakness, and so on. Through abusing a website's vulnerability, introduers are manipulating the user's information in order to exploit it for their own benefit. Then introduers inject their own malicious code, stealing passwords, manipulating user activities, and infringing on customers' privacy. As a result, information is leaked, applications malfunction, confidential data is accessed, etc. To mitigate the aforementioned issues, stacking ensemble based classifier model for Cross-site scripting (XSS) attack detection is proposed. Furthermore, the stacking ensembles technique is used in combination with different machine learning classification algorithms like k-Means, Random Forest and Decision Tree as base-learners to reliably detect XSS attack. Logistic Regression is used as meta-learner to predict the attack with greater accuracy. The classification algorithms in stacking model explore the problem in their own way and its results are given as input to the meta-learner to make final prediction, thus improving the overall detection accuracy of XSS attack in stacking than the individual models. The simulation findings demonstrate that the proposed model detects XSS attack successfully.

The widespread use of powerful mobile devices has deeply affected the mix of traffic traversing both the Internet and enterprise networks (with bring-your-own-device policies). Traffic encryption has become extremely common, and the quick proliferation of mobile apps and their simple distribution and update have created a specifically challenging scenario for traffic classification and its uses, especially network-security related ones. The recent rise of Deep Learning (DL) has responded to this challenge, by providing a solution to the time-consuming and human-limited handcrafted feature design, and better clas-sification performance. The counterpart of the advantages is the lack of interpretability of these black-box approaches, limiting or preventing their adoption in contexts where the reliability of results, or interpretability of polices is necessary. To cope with these limitations, eXplainable Artificial Intelligence (XAI) techniques have seen recent intensive research. Along these lines, our work applies XAI-based techniques (namely, Deep SHAP) to interpret the behavior of a state-of-the-art multimodal DL traffic classifier. As opposed to common results seen in XAI, we aim at a global interpretation, rather than sample-based ones. The results quantify the importance of each modality (payload- or header-based), and of specific subsets of inputs (e.g., TLS SNI and TCP Window Size) in determining the classification outcome, down to per-class (viz. application) level. The analysis is based on a publicly-released recent dataset focused on mobile app traffic.

The measurement of room acoustics plays a wide role in audio research, from physical acoustics modelling and virtual reality applications to speech enhancement. While vast literature exists on position-dependent room acoustics and coupling of rooms, little has explored the transition from one room to its neighbour. This paper presents the measurement and analysis of a dataset of spatial room impulse responses for the transition between four coupled room pairs. Each transition consists of 101 impulse responses recorded using a fourth-order spherical microphone array in 5 cm intervals, both with and without a continuous line-of-sight between the source and microphone. A numerical analysis of the room transitions is then presented, including direct-to-reverberant ratio and direction of arrival estimations, along with potential applications and uses of the dataset.

To reduce the risk of botnet malware, methods of detecting botnet malware using machine learning have received enormous attention in recent years. Most of the traditional methods are based on supervised learning that relies on static features with defined labels. However, recent studies show that supervised machine learning-based IoT malware botnet models are more vulnerable to intentional attacks, known as an adversarial attack. In this paper, we study the adversarial attack on PSI-graph based researches. To perform the efficient attack, we proposed a reinforcement learning based method with a trained target classifier to modify the structures of PSI-graphs. We show that PSI-graphs are vulnerable to such attack. We also discuss about defense method which uses adversarial training to train a defensive model. Experiment result achieves 94.1% accuracy on the adversarial dataset; thus, shows that our defensive model is much more robust than the previous target classifier.

With the rapid growth of the Internet of Things (IoT) applications in smart regions/cities, for example, smart healthcare, smart homes/offices, there is an increase in security threats and risks. The IoT devices solve real-world problems by providing real-time connections, data and information. Besides this, the attackers can tamper with sensors, add or remove them physically or remotely. In this study, we address the IoT security sensor tampering issue in an office environment. We collect data from real-life settings and apply machine learning to detect sensor tampering using two methods. First, a real-time view of the traffic patterns is considered to train our isolation forest-based unsupervised machine learning method for anomaly detection. Second, based on traffic patterns, labels are created, and the decision tree supervised method is used, within our novel Anomaly Detection using Machine Learning (AD-ML) system. The accuracy of the two proposed models is presented. We found 84% with silhouette metric accuracy of isolation forest. Moreover, the result based on 10 cross-validations for decision trees on the supervised machine learning model returned the highest classification accuracy of 91.62% with the lowest false positive rate.

The fabricated circuitries are getting massive and denser with every passing year due to which a normal automatic test pattern generation technique to detect only the single stuck-at faults will overlook the multiple stuck-at faults. But generating test patterns that can detect all possible multiple stuck-at fault is practically not possible. Hence, this paper proposes a method, where multiple faults can be detected by using test vectors for detecting single stuck-at faults. Here, the patterns for detecting single faults are generated and their ability to detect multiple stuck-at faults is also analyzed. From the experimental results it was observed that, the generated vectors for single faults cover maximum number of the multiple faults and then new test vectors are generated for the undetermined faults. The generated vectors are optimized for the compact test patterns in order to reduce the test power.

The performance prediction of user equipment (UE) metrics has many applications in the 5G era and beyond. For instance, throughput prediction can improve carrier selection, adaptive video streaming's quality of experience (QoE), and traffic latency. Many studies suggest distributed learning algorithms (e.g., federated learning (FL)) for this purpose. However, in a multi-tier design, features are measured in different tiers, e.g., UE tier, and gNodeB (gNB) tier. On one hand, neglecting the measurements in one tier results in inaccurate predictions. On the other hand, transmitting the data from one tier to another improves the prediction performance at the expense of increasing network overhead and privacy risks. In this paper, we propose cascaded FL to enhance UE throughput prediction with minimum network footprint and privacy ramifications (if any). The idea is to introduce feedback to conventional FL, in multi-tier architectures. Although we use cascaded FL for UE prediction tasks, the idea is rather general and can be used for many prediction problems in multi-tier architectures, such as cellular networks. We evaluate the performance of cascaded FL by detailed and 3GPP compliant simulations of London's city center. Our simulations show that the proposed cascaded FL can achieve up to 54% improvement over conventional FL in the normalized gain, at the cost of 1.8 MB (without quantization) and no cost with quantization.

There is an increasing trend in cloud adoption of enterprise applications in, for example, manufacturing, healthcare, and finance. Such applications are routinely subject to targeted cyberattacks, which result in significant loss of sensitive data (e.g., due to data exfiltration in advanced persistent threats) or valuable utilities (e.g., due to resource the exfiltration of power in cryptojacking). There is a critical need to train highly skilled cybersecurity professionals, who are capable of defending against such targeted attacks. In this article, we present the design, development, and evaluation of the Mizzou Cyber Range, an online platform to learn basic/advanced cyber defense concepts and perform training exercises to engender the next-generation cybersecurity workforce. Mizzou Cyber Range features flexibility, scalability, portability, and extendability in delivering cyberattack/defense learning modules to students. We detail our “research-inspired learning” and “learn-apply-create” three-phase pedagogy methodologies in the development of four learning modules that include laboratory exercises and self-study activities using realistic cloud-based application testbeds. The learning modules allow students to gain skills in using latest technologies (e.g., elastic capacity provisioning, software-defined everything infrastructure) to implement sophisticated “attack defense by pretense” techniques. Students can also use the learning modules to understand the attacker-defender game in order to create disincentives (i.e., pretense initiation) that make the attacker's tasks more difficult, costly, time consuming, and uncertain. Lastly, we show the benefits of our Mizzou Cyber Range through the evaluation of student learning using auto-grading, rank assessments with peer standing, and monitoring of students' performance via feedback from prelab evaluation surveys and postlab technical assessments.

The growing use of digital media has been accompanied by an increase of the risks associated with the use of information systems, notably cybersecurity risks. In turn, the increasing use of information systems has an impact on users' media and information literacy. This research aims to address the relationship between media and information literacy, and the adoption of risky cybersecurity behaviours. This approach will be carried out through the definition of a conceptual framework supported by a literature review, and a quantitative research of the relationships mentioned earlier considering a sample composed by students of a Higher Education Institution.

This work studies an energy-efficient jamming scheme for enhancing physical layer security in visible light communication (VLC). We consider a VLC system where multiple LED luminaries are deployed together with a legitimate user (i.e., Bob) and passive eavesdroppers (i.e., Eves). In such a scenario, the closest LED luminary to Bob serves as the transmitter while the rest of the luminaries act as jammers transmitting artificial noise (AN) to possibly degrade the quality of Eves' channels. A joint design of precoder and AN is then investigated to maximize the energy efficiency (EE) of the communication channel to Bob while ensuring a certain amount of AN power to confuse Eves. To solve the design problem, we make use of a combination of the Dinkelbach and convex-concave procedure (CCCP), which guarantees to converge to a local optimum.

This paper presents a high-level circuit obfuscation technique to prevent the theft of intellectual property (IP) of integrated circuits. In particular, our technique protects a class of circuits that relies on constant multiplications, such as neural networks and filters, where the constants themselves are the IP to be protected. By making use of decoy constants and a key-based scheme, a reverse engineer adversary at an untrusted foundry is rendered incapable of discerning true constants from decoys. The time-multiplexed constant multiplication (TMCM) block of such circuits, which realizes the multiplication of an input variable by a constant at a time, is considered as our case study for obfuscation. Furthermore, two TMCM design architectures are taken into account; an implementation using a multiplier and a multiplierless shift-adds implementation. Optimization methods are also applied to reduce the hardware complexity of these architectures. The well-known satisfiability (SAT) and automatic test pattern generation (ATPG) based attacks are used to determine the vulnerability of the obfuscated designs. It is observed that the proposed technique incurs small overheads in area, power, and delay that are comparable to the hardware complexity of prominent logic locking methods. Yet, the advantage of our approach is in the insight that constants - instead of arbitrary circuit nodes - become key-protected.

Convergence of operation technology (OT) and information technology (IT) in industrial automation is currently being adopted as an accelerating trend. The Industrial Internet of Things (IIoT) consists of heterogeneous sensing, computing and actuation nodes that are meshed through a layer of communication protocols, and represents a key enabler for this convergence. Experimental test beds are required to validate complex system designs in terms of scalability, latency, real-time operation and security. We use the open source Coaty - distributed industrial systems framework to present a smart industry application integrating field devices and controllers over the OPCUA and MQTT protocols. The experimental evaluation, using both proprietary automation components and open software modules, serves as a reference tool for building robust systems and provides practical insights for interoperability.

Microservices-based architectures gain more and more attention in industry and academia due to their tremendous advantages such as providing resiliency, scalability, composability, etc. To benefit from these advantages, a proper architectural design is very important. The decomposition model of services into microservices and the granularity of these microservices affect the different aspects of the system such as flexibility, maintainability, performance, and security. An inappropriate service decomposition into microservices (improper granularity) may increase the attack surface of the system and lower its security level. In this paper, first, we study the probability of compromising services before and after decomposition. Then we formulate the impacts of possible service decomposition models on confidentiality, integrity, and availability attributes of the system. To do so, we provide equations for measuring confidentiality, integrity, and availability risks of the decomposed services in the system. It is also shown that the number of entry points to the decomposed services and the size of the microservices affect the security attributes of the system. As a use case, we propose three different service decomposition models for the 5G NRF (Network Repository Function) and calculate the impacts of these decomposition models on the confidentiality, integrity, and availability of the system using the provided equations.

A conventional visible light communication system consists of a transmitter, a jammer that includes a few light emitting diodes, a legal listener and an eavesdropper. In this work, a similar system is designed with a collimating lens in order to create an extra layer of practical physical security measure. The use of a collimating lens makes it available to spatially limiting data transmission to an area under the lensed transmitter. Also focused data transmission through the optical lens, increases the secrecy rate. To investigate the applicability of the proposed design we designed a sample experimental setup using USRP and implemented in a laboratory environment. In the proposed set up, the receiver is in a fixed position. However, it is possible to implement an easy, practical and cheap hardware solution with respect to a beamforming type VLC that uses directional beam forming method to establish transmission to a dynamic target. In addition, it is achievable to control the size of the area where a receiver can access data by manipulating the distance between the optical lens and transmitter.

The increased use of Convolutional Neural Networks (CNN) in mission-critical systems has increased the need for robust and resilient networks in the face of both naturally occurring faults as well as security attacks. The lack of robustness and resiliency can lead to unreliable inference results. Current methods that address CNN robustness require hardware modification, network modification, or network duplication. This paper proposes MILR a software-based CNN error detection and error correction system that enables recovery from single and multi-bit errors. The recovery capabilities are based on mathematical relationships between the inputs, outputs, and parameters(weights) of the layers; exploiting these relationships allows the recovery of erroneous parameters (iveights) throughout a layer and the network. MILR is suitable for plaintext-space error correction (PSEC) given its ability to correct whole-weight and even whole-layer errors in CNNs.

Observational non-interference (ONI) is a generic information-flow policy for side-channel leakage. Informally, a program is ONI-secure if observing program leakage during execution does not reveal any information about secrets. Formally, ONI is parametrized by a leakage function l, and different instances of ONI can be recovered through different instantiations of l. One popular instance of ONI is the cryptographic constant-time (CCT) policy, which is widely used in cryptographic libraries to protect against timing and cache attacks. Informally, a program is CCT-secure if it does not branch on secrets and does not perform secret-dependent memory accesses. Another instance of ONI is the constant-resource (CR) policy, a relaxation of the CCT policy which is used in Amazon's s2n implementation of TLS and in several other security applications. Informally, a program is CR-secure if its cost (modelled by a tick operator over an arbitrary semi-group) does not depend on secrets.In this paper, we consider the problem of preserving ONI by compilation. Prior work on the preservation of the CCT policy develops proof techniques for showing that main compiler optimisations preserve the CCT policy. However, these proof techniques critically rely on the fact that the semi-group used for modelling leakage satisfies the property: l1+ l1' = l2+l2'$\Rightarrow$l1=l2$\wedge$ l1' = l2' Unfortunately, this non-cancelling property fails for the CR policy, because its underlying semi-group is ($\backslash$mathbbN, +) and it is currently not known how to extend existing techniques to policies that do not satisfy non-cancellation.We propose a methodology for proving the preservation of the CR policy during a program transformation. We present an implementation of some elementary compiler passes, and apply the methodology to prove the preservation of these passes. Our results have been mechanically verified using the Coq proof assistant.

The results of evaluating explanations of the black-box model for prediction are presented. The XAI evaluation is realized through the different principles and characteristics between black-box model explanations and XAI labels. In the field of high-dimensional prediction, the black-box model represented by neural network and ensemble models can predict complex data sets more accurately than traditional linear regression and white-box models such as the decision tree model. However, an unexplainable characteristic not only hinders developers from debugging but also causes users mistrust. In the XAI field dedicated to ``opening'' the black box model, effective evaluation methods are still being developed. Within the established XAI evaluation framework (MDMC) in this paper, explanation methods for the prediction can be effectively tested, and the identified explanation method with relatively higher quality can improve the accuracy, transparency, and reliability of prediction.

Connected smart cars enable new attacks that may have serious consequences. Thus, the development of new cars must follow a cybersecurity engineering process as defined for example in ISO/SAE 21434. A central part of such a process is the threat and risk assessment including an attack feasibility rating. In this paper, we present an attack surface assessment with focus on the attack feasibility rating compliant to ISO/SAE 21434. We introduce a reference architecture with assets constituting the attack surface, the attack feasibility rating for these assets, and the application of this rating on typical use cases. The attack feasibility rating assigns attacks and assets to an evaluation of the attacker dimensions such as the required knowledge and the feasibility of attacks derived from it. Our application of sample use cases shows how this rating can be used to assess the feasibility of an entire attack path. The attack feasibility rating can be used as a building block in a threat and risk assessment according to ISO/SAE 21434.

There is an increasing concern about possible hostile modification done to ICs, which are used in various critical applications. Such malicious modifications are referred to as Hardware Trojan. A novel procedure to detect these malicious Trojans using Genetic algorithm along with the logical masking technique which masks the Trojan module when embedded is presented in this paper. The circuit features such as transition probability and SCOAP are used as suitable parameters to identify the rare nodes which are more susceptible for Trojan insertion. A set of test patterns called optimal test patterns are generated using Genetic algorithm to claim that these test vectors are more feasible to detect the presence of Trojan in the circuit under test. The proposed methodologies are validated in accordance with ISCAS '85 and ISCAS '89 benchmark circuits. The experimental results proven that it achieves maximum Trigger coverage, Trojan coverage and is also able to successfully mask the inserted Trojan when it is triggered by the optimal test patterns.

The development of autonomous connected vehicles, in particular, moving as a platoon formation, has received great attention in recent years. The autonomous movement allows to increase the efficiency of the transportation infrastructure usage, reduce the fuel consumption, improve road safety, decrease traffic congestion, and others. To maintain an optimal spacing policy in a platoon formation, it is necessary to exchange information between vehicles. The Vehicular ad hoc Network (VANET) is the key component to establish wireless vehicle-to-vehicle communications. However, vehicular communications can be affected by different security threats. In this paper, we consider the third-order consensus approach as a control strategy for the vehicle platoon. We investigate several types of malicious attacks (spoofing, message falsification) and propose an anomaly detection algorithm that allows us to detect the malicious vehicle and enhance the security of the vehicle platoon. The experimental study of the proposed approach is conducted using Plexe, a vehicular network simulator that permits the realistic simulation of platooning systems.

Over the past decade, cyber-attack events on the electricity grid are on the rise and have proven to result in severe consequences in grid operation. These attacks are becoming more intelligent and can bypass existing protection protocols, resulting in economic losses due to system operating in a falsified and non-optimal condition over a prolonged period. Hence, it is crucial to develop defense tools to detect and mitigate the attack to minimize the cost of malicious operation. This paper aims to develop a novel command verification strategy to detect and mitigate False Data Injection Attacks (FDIAs) targeting the system centralized Economic Dispatch (ED) control signals. Firstly, we describe the ED problem in Singapore's deregulated market. We then perform a risk assessment and formulate two FDIA vectors - Man in the Middle (MITM) and Stealth attack on the ED control process. Subsequently, we propose a novel verification technique based on Multi-Agent System (MAS) to validate the control commands. This algorithm has been tested on the IEEE 6-Bus 3-generator test system, and experimental results verified that the proposed algorithm can detect and mitigate the FDIA vectors.

This paper presents the application of Compressive Sampling (CS) to the realization of a wideband receiver for distributed spectrum monitoring. The proposed prototype performs the non-uniform sampling CS-based technique, while the signal reconstruction is realized by the Orthogonal Matching Pursuit (OMP) algorithm on a personal computer. A first experimental analysis has been conducted on the prototype by assessing several figures of merit, thus characterizing its performance in the time, frequency and modulation domains. The obtained results demonstrate that the proposed prototype can achieve good performance in all specified domains with Compression Ratios (CRs) up to 10 for a 4-QAM (Quadrature Amplitude Modulation) signal having carrier frequency of 350 MHz and working at a symbol rate of 46 MSym/s.

Cryptographic (crypto) algorithms are the essential ingredients of all secure systems: crypto hash functions and encryption algorithms, for example, can guarantee properties such as integrity and confidentiality. Developers, however, can misuse the application programming interfaces (API) of such algorithms by using constant keys and weak passwords. This paper presents CRYLOGGER, the first open-source tool to detect crypto misuses dynamically. CRYLOGGER logs the parameters that are passed to the crypto APIs during the execution and checks their legitimacy offline by using a list of crypto rules. We compared CRYLOGGER with CryptoGuard, one of the most effective static tools to detect crypto misuses. We show that our tool complements the results of CryptoGuard, making the case for combining static and dynamic approaches. We analyzed 1780 popular Android apps downloaded from the Google Play Store to show that CRYLOGGER can detect crypto misuses on thousands of apps dynamically and automatically. We reverse-engineered 28 Android apps and confirmed the issues flagged by CRYLOGGER. We also disclosed the most critical vulnerabilities to app developers and collected their feedback.

Industrial Control Systems (ICS) are complex systems made up of many components with different tasks. For a safe and secure operation, each device needs to carry out its tasks correctly. To monitor a system and ensure the correct behavior of systems, anomaly detection is used.Models of expected behavior often rely only on cyber or physical features for anomaly detection. We propose an anomaly detection system that combines both types of features to create a dynamic fingerprint of an ICS. We present how a cyber-physical anomaly detection using sound on the physical layer can be designed, and which challenges need to be overcome for a successful implementation. We perform an initial evaluation for identifying actions of a 3D printer.