Biblio

Filters: Author is Guo, H.  [Clear All Filters]
2021-03-04
Guo, H., Wang, Z., Wang, B., Li, X., Shila, D. M..  2020.  Fooling A Deep-Learning Based Gait Behavioral Biometric System. 2020 IEEE Security and Privacy Workshops (SPW). :221—227.

We leverage deep learning algorithms on various user behavioral information gathered from end-user devices to classify a subject of interest. In spite of the ability of these techniques to counter spoofing threats, they are vulnerable to adversarial learning attacks, where an attacker adds adversarial noise to the input samples to fool the classifier into false acceptance. Recently, a handful of mature techniques like Fast Gradient Sign Method (FGSM) have been proposed to aid white-box attacks, where an attacker has a complete knowledge of the machine learning model. On the contrary, we exploit a black-box attack to a behavioral biometric system based on gait patterns, by using FGSM and training a shadow model that mimics the target system. The attacker has limited knowledge on the target model and no knowledge of the real user being authenticated, but induces a false acceptance in authentication. Our goal is to understand the feasibility of a black-box attack and to what extent FGSM on shadow models would contribute to its success. Our results manifest that the performance of FGSM highly depends on the quality of the shadow model, which is in turn impacted by key factors including the number of queries allowed by the target system in order to train the shadow model. Our experimentation results have revealed strong relationships between the shadow model and FGSM performance, as well as the effect of the number of FGSM iterations used to create an attack instance. These insights also shed light on deep-learning algorithms' model shareability that can be exploited to launch a successful attack.

2020-11-23
Guo, H., Shen, X., Goh, W. L., Zhou, L..  2018.  Data Analysis for Anomaly Detection to Secure Rail Network. 2018 International Conference on Intelligent Rail Transportation (ICIRT). :1–5.
The security, safety and reliability of rail systems are of the utmost importance. In order to better detect and prevent anomalies, it is necessary to accurately study and analyze the network traffic and abnormal behaviors, as well as to detect and alert any anomalies if happened. This paper focuses on data analysis for anomaly detection with Wireshark and packet analysis system. An alert function is also developed to provide an alert when abnormality happens. Rail network traffic data have been captured and analyzed so that their network features are obtained and used to detect the abnormality. To improve efficiency, a packet analysis system is introduced to receive the network flow and analyze data automatically. The provision of two detection methods, i.e., the Wireshark detection and the packet analysis system together with the alert function will facilitate the timely detection of abnormality and triggering of alert in the rail network.