Biblio

Training deep neural networks is a computationally expensive task. Furthermore, models are often derived from proprietary datasets that have been carefully prepared and labelled. Hence, creators of deep learning models want to protect their models against intellectual property theft. However, this is not always possible, since the model may, e.g., be embedded in a mobile app for fast response times. As a countermeasure watermarks for deep neural networks have been developed that embed secret information into the model. This information can later be retrieved by the creator to prove ownership. Uchida et al. proposed the first such watermarking method. The advantage of their scheme is that it does not compromise the accuracy of the model prediction. However, in this paper we show that their technique modifies the statistical distribution of the model. Using this modification we can not only detect the presence of a watermark, but even derive its embedding length and use this information to remove the watermark by overwriting it. We show analytically that our detection algorithm follows consequentially from their embedding algorithm and propose a possible countermeasure. Our findings shall help to refine the definition of undetectability of watermarks for deep neural networks.

Ramsey theory assures us that in any graph there is a clique or independent set of a certain size, roughly logarithmic in the graph size. But how difficult is it to find the clique or independent set? If the graph is given explicitly, then it is possible to do so while examining a linear number of edges. If the graph is given by a black-box, where to figure out whether a certain edge exists the box should be queried, then a large number of queries must be issued. But what if one is given a program or circuit for computing the existence of an edge? This problem was raised by Buss and Goldberg and Papadimitriou in the context of TFNP, search problems with a guaranteed solution. We examine the relationship between black-box complexity and white-box complexity for search problems with guaranteed solution such as the above Ramsey problem. We show that under the assumption that collision resistant hash function exist (which follows from the hardness of problems such as factoring, discrete-log and learning with errors) the white-box Ramsey problem is hard and this is true even if one is looking for a much smaller clique or independent set than the theorem guarantees. In general, one cannot hope to translate all black-box hardness for TFNP into white-box hardness: we show this by adapting results concerning the random oracle methodology and the impossibility of instantiating it. Another model we consider is the succinct black-box, where there is a known upper bound on the size of the black-box (but no limit on the computation time). In this case we show that for all TFNP problems there is an upper bound on the number of queries proportional to the description size of the box times the solution size. On the other hand, for promise problems this is not the case. Finally, we consider the complexity of graph property testing in the white-box model. We show a property which is hard to test even when one is given the program for computing the graph. The hard property is whether the graph is a two-source extractor.

This paper presents a computational model for managing an Embodied Conversational Agent's first impressions of warmth and competence towards the user. These impressions are important to manage because they can impact users' perception of the agent and their willingness to continue the interaction with the agent. The model aims at detecting user's impression of the agent and producing appropriate agent's verbal and nonverbal behaviours in order to maintain a positive impression of warmth and competence. User's impressions are recognized using a machine learning approach with facial expressions (action units) which are important indicators of users' affective states and intentions. The agent adapts in real-time its verbal and nonverbal behaviour, with a reinforcement learning algorithm that takes user's impressions as reward to select the most appropriate combination of verbal and non-verbal behaviour to perform. A user study to test the model in a contextualized interaction with users is also presented. Our hypotheses are that users' ratings differs when the agents adapts its behaviour according to our reinforcement learning algorithm, compared to when the agent does not adapt its behaviour to user's reactions (i.e., when it randomly selects its behaviours). The study shows a general tendency for the agent to perform better when using our model than in the random condition. Significant results shows that user's ratings about agent's warmth are influenced by their a-priori about virtual characters, as well as that users' judged the agent as more competent when it adapted its behaviour compared to random condition.

The dependability of Cyber Physical Systems (CPS) solely lies in the secure and reliable functionality of their backbone, the computing platform. Security of this platform is not only threatened by the vulnerabilities in the software peripherals, but also by the vulnerabilities in the hardware internals. Such threats can arise from malicious modifications to the integrated circuits (IC) based computing hardware, which can disable the system, leak information or produce malfunctions. Such modifications to computing hardware are made possible by the globalization of the IC industry, where a computing chip can be manufactured anywhere in the world. In the complex computing environment of CPS such modifications can be stealthier and undetectable. Under such circumstances, design of these malicious modifications, and eventually their detection, will be tied to the functionality and operation of the CPS. So it is imperative to address such threats by incorporating security awareness in the computing hardware design in a comprehensive manner taking the entire system into consideration. In this paper, we present a study in the influence of hardware Trojans on closed-loop systems, which form the basis of CPS, and establish threat models. Using these models, we perform a case study on a critical CPS application, gas pipeline based SCADA system. Through this process, we establish a completely virtual simulation platform along with a hardware-in-the-loop based simulation platform for implementation and testing.

Cyber physical system (CPS) is often deployed at safety-critical key infrastructures and fields, fault tolerance policies are extensively applied in CPS systems to improve its credibility; the same physical backup of hardware redundancy (SPB) technology is frequently used for its simple and reliable implementation. To resolve challenges faced with in simulation test of SPB-CPS, this paper dynamically determines the test resources matched with the CPS scale by using the adaptive allocation policies, establishes the hierarchical models and inter-layer message transmission mechanism. Meanwhile, the collaborative simulation time sequence push strategy and the node activity test mechanism based on the sliding window are designed in this paper to improve execution efficiency of the simulation test. In order to validate effectiveness of the method proposed in this paper, we successfully built up a fault-tolerant CPS simulation platform. Experiments showed that it can improve the SPB-CPS simulation test efficiency.

Cyber-physical systems (CPS) research leverages the expertise of researchers from multiple domains to engineer complex systems of interacting physical and computational components. An approach called co-simulation is often used in CPS conceptual design to integrate the specialized tools and simulators from each of these domains into a joint simulation for the evaluation of design decisions. Many co-simulation platforms are being developed to expedite CPS conceptualization and realization, but most use intrusive modeling and communication libraries that require researchers to either abandon their existing models or spend considerable effort to integrate them into the platform. A significant number of these co-simulation platforms use the High Level Architecture (HLA) standard that provides a rich set of services to facilitate distributed simulation. This paper introduces a simple gateway that can be readily implemented without co-simulation expertise to adapt existing models and research infrastructure for use in HLA. An open-source implementation of the gateway has been developed for the National Institute of Standards and Technology (NIST) co-simulation platform called the Universal CPS Environment for Federation (UCEF).

Secure logging is essential for the integrity and accountability of cyber-physical systems (CPS). To prevent modification of log files the integrity of data must be ensured. In this work, we propose a solution for secure event in cyberphysical systems logging based on the blockchain technology, by encapsulating event data in blocks. The proposed solution considers the real-time application constraints that are inherent in CPS monitoring and control functions by optimizing the heterogeneous resources governing blockchain computations. In doing so, the proposed blockchain mechanism manages to deliver events in hard-to-tamper ledger blocks that can be accessed and utilized by the various functions and components of the system. Performance analysis of the proposed solution is conducted through extensive simulation, demonstrating the effectiveness of the proposed approach in delivering blocks of events on time using the minimum computational resources.

CPS is generally complex to study, analyze, and design, as an important means to ensure the correctness of design and implementation of CPS system, simulation test is difficult to fully test, verify and evaluate the components or subsystems in the CPS system due to the inconsistent development progress of the com-ponents or subsystems in the CPS system. To address this prob-lem, we designed a hybrid P2P based collaborative simulation test framework composed of full physical nodes, hardware in the loop(HIL) nodes and full digital nodes to simulate the compo-nents or subsystems in the CPS system of different development progress, based on the framework, we then proposed collabora-tive simulation control strategy comprising sliding window based clock synchronization, dynamic adaptive time advancement and multi-priority task scheduling with preemptive time threshold. Experiments showed that the hybrid collaborative simulation testing method proposed in this paper can fully test CPS more effectively.

As Vehicular Ad hoc Network (VANET) features random topology and accommodates freely connected nodes, it is important that the cooperation among the nodes exists. This paper proposes a trust model called Implicit Web of Trust in VANET (IWOT-V) to reason out the trustworthiness of vehicles. Such that untrusted nodes can be identified and avoided when we make a decision regarding whom to follow or cooperate with. Furthermore, the performance of Cooperative Intelligent Transport System (C-ITS) applications improves. The idea of IWOT-V is mainly inspired by web page ranking algorithms such as PageRank. Although there does not exist explicit link structure in VANET because of random topology and dynamic connections, social trust relationship among vehicles exists and an implicit web of trust can be derived. To accomplish the derivation, two algorithms are presented, i.e., BayesTrust and VehicleRank. They are responsible for deriving the local and global trust relationships, respectively. The simulation results show that IWOT-V can accurately identify trusted and untrusted nodes if enough local trust information is collected. The performance of IWOT-V affected by five threat models is demonstrated, and the related discussions are also given.

The disclosure of an important yet sensitive link may cause serious privacy crisis between two users of a social graph. Only deleting the sensitive link referred to as a target link which is often the attacked target of adversaries is not enough, because the adversarial link prediction can deeply forecast the existence of the missing target link. Thus, to defend some specific adversarial link prediction, a budget limited number of other non-target links should be optimally removed. We first propose a path-based dissimilarity function as the optimizing objective and prove that the greedy link deletion to preserve target link privacy referred to as the GLD2Privacy which has monotonicity and submodularity properties can achieve a near optimal solution. However, emulating all length limited paths between any pair of nodes for GLD2Privacy mechanism is impossible in large scale social graphs. Secondly, we propose a Walk2Privacy mechanism that uses self-avoiding random walk which can efficiently run in large scale graphs to sample the paths of given lengths between the two ends of any missing target link, and based on the sampled paths we select the alternative non-target links being deleted for privacy purpose. Finally, we compose experiments to demonstrate that the Walk2Privacy algorithm can remarkably reduce the time consumption and achieve a very near solution that is achieved by the GLD2Privacy.

Cyber adversaries employ a variety of malware and exploits to attack computer systems, usually via sequential or “chained” attacks, that take advantage of vulnerability dependencies. In this paper, we introduce a formalism to model such attacks. We show that the determination of the set of capabilities gained by an attacker, which also translates to extent to which the system is compromised, corresponds with the convergence of a simple fixed-point operator. We then address the problem of determining the optimal/most-dangerous strategy for a cyber-adversary with respect to this model and find it to be an NP-Complete problem. To address this complexity we utilize an A*-based approach with an admissible heuristic, that incorporates the result of the fixed-point operator and uses memoization for greater efficiency. We provide an implementation and show through a suite of experiments, using both simulated and actual vulnerability data, that this method performs well in practice for identifying adversarial courses of action in this domain. On average, we found that our techniques decrease runtime by 82%.

This paper presents a general model to assess the mixed-degradation profiles of critical components in a Cyber-Physical System (CPS) based on the reliability of its critical physical and software components. In the proposed assessment, the cyber aspect of a CPS was approached from a software reliability perspective. Although extensive research has been done on physical components degradation and software reliability separately, research for the combined physical-software systems is still scarce. The non-homogeneous Poisson Processes (NHPP) software reliability models are deemed to fit well with the real data and have descriptive and predictive abilities, which could make them appropriate to estimate software components reliability. To show the feasibility of the proposed approach, a case study for mixed-degradation profiles assessment is presented with n physical components and one major software component forming a critical subsystem in CPS. Two physical components were assumed to have different degradation paths with the dependency between them. Series and parallel structures were investigated for physical components. The software component failure data was taken from a wireless network switching center and fitted into a Weibull software reliability model. The case study results revealed that mix-degradation profiles of physical components, combined with software component profile, produced a different CPS reliability profile.

The article considers some aspects of modeling information security circuits for information and communication systems used in Smart City. As a basic research paradigm, the postulates of game theory and mathematical dependencies based on Markov processes were used. Thus, it is possible to sufficiently substantively describe the procedure for selecting rational variants of cyber security systems used to protect information technologies in Smart City. At the same time, using the model proposed by us, we can calculate the probability of cyber threats for the Smart City systems, as well as the cybernetic risks of diverse threats. Further, on the basis of the described indicators, rational contour options are chosen to protect the information systems used in Smart City.

Cloud Computing is the most promising paradigm in recent times. It offers a cost-efficient service to individual and industries. However, outsourcing sensitive data to entrusted Cloud servers presents a brake to Cloud migration. Consequently, improving the security of data access is the most critical task. As an efficient cryptographic technique, Ciphertext Policy Attribute Based Encryption(CP-ABE) develops and implements fine-grained, flexible and scalable access control model. However, existing CP-ABE based approaches suffer from some limitations namely revocation, data owner overhead and computational cost. In this paper, we propose a sliced revocable solution resolving the aforementioned issues abbreviated RS-CPABE. We applied splitting algorithm. We execute symmetric encryption with Advanced Encryption Standard (AES)in large data size and asymmetric encryption with CP-ABE in constant key length. We re-encrypt in case of revocation one single slice. To prove the proposed model, we expose security and performance evaluation.

We consider the problem of reinforcing federated learning with formal privacy guarantees. We propose to employ Bayesian differential privacy, a relaxation of differential privacy for similarly distributed data, to provide sharper privacy loss bounds. We adapt the Bayesian privacy accounting method to the federated setting and suggest multiple improvements for more efficient privacy budgeting at different levels. Our experiments show significant advantage over the state-of-the-art differential privacy bounds for federated learning on image classification tasks, including a medical application, bringing the privacy budget below ε = 1 at the client level, and below ε = 0.1 at the instance level. Lower amounts of noise also benefit the model accuracy and reduce the number of communication rounds.

Security challenges present in Machine-to-Machine Communication (M2M-C) and big data paradigm are fundamentally different from conventional network security challenges. In M2M-C paradigms, “Trust” is a vital constituent of security solutions that address security threats and for such solutions,it is important to quantify and evaluate the amount of trust in the information and its source. In this work, we focus on Machine Learning (ML) Based Trust (MLBT) evaluation model for detecting malicious activities in a vehicular Based M2M-C (VBM2M-C) network. In particular, we present an Entropy Based Feature Engineering (EBFE) coupled Extreme Gradient Boosting (XGBoost) model which is optimized with Binary Particle Swarm optimization technique. Based on three performance metrics, i.e., Accuracy Rate (AR), True Positive Rate (TPR), False Positive Rate (FPR), the effectiveness of the proposed method is evaluated in comparison to the state-of-the-art ensemble models, such as XGBoost and Random Forest. The simulation results demonstrates the superiority of the proposed model with approximately 10% improvement in accuracy, TPR and FPR, with reference to the attacker density of 30% compared with the start-of-the-art algorithms.

For multiple embedded computers working together, the functional failure resulting from the underlying hardware or system crash will cause a sudden abort of applications. Different types of applications may have security requirements for data isolation and access control. Therefore, we propose a scheme to implement multi-level security domain dynamic management oriented embedded computers based on MILS architecture. Firstly, the scheme builds local security policy items and access control lists according to type, function and security level. After that, security domain of all applications is constructed to achieve the safety purpose that applications can perform migration cross partitions and cross platforms. Our experiments and analysis show that the proposed scheme is feasible and correct.

The internet of things (IoT) is the popular wireless network for data collection applications. The IoT networks are deployed in dense or sparse architectures, out of which the dense networks are vastly popular as these are capable of gathering the huge volumes of data. The collected data is analyzed using the historical or continuous analytical systems, which uses the back testing or time-series analytics to observe the desired patterns from the target data. The lost or bad interval data always carries the high probability to misguide the analysis reports. The data is lost due to a variety of reasons, out of which the most popular ones are associated with the node failures and connectivity holes, which occurs due to physical damage, software malfunctioning, blackhole/wormhole attacks, route poisoning, etc. In this paper, the work is carried on the new routing scheme for the IoTs to avoid the connectivity holes, which analyzes the activity of wireless nodes and takes the appropriate actions when required.

Shamir's Secret Sharing Scheme is well established and widely used. It allows a so-called Dealer to split and share a secret k among n Participants such that at least t shares are needed to reconstruct k, where 0 \textbackslashtextbackslashtextless; t ≤ n. Nothing about the secret can be learned from less than t shares. To split secret k, the Dealer generates a polynomial f, whose independent term is k and the coefficients are randomly selected using a uniform distribution. A share is a pair (x, f(x)) where x is also chosen randomly using a uniform distribution. This scheme is useful, for example, to distribute cryptographic keys among different cloud providers and to create multi-factor authentication. The security of Shamir's Secret Sharing Scheme is usually analyzed using a threat model where the Dealer is trusted to split and share secrets as described above. In this paper, we demonstrate that there exists a different threat model where a malicious Dealer can compute shares such that a subset of less than t shares is allowed to reconstruct the secret. We refer to such subsets as hidden sets. We formally define hidden sets and prove lower bounds on the number of possible hidden sets for polynomials of degree t - 1. Yet, we show how to detect hidden sets given a set of n shares and describe how to create hidden sets while sharing a secret using a modification of Shamir's scheme.

With the increasing interest in studying Automated Driving System (ADS)-equipped vehicles through simulation, there is a growing need for comprehensive and agile middleware to provide novel Virtual Analysis (VA) functions of ADS-equipped vehicles towards enabling a reliable representation for pre-deployment test. The National Institute of Standards and Technology (NIST) Universal Cyber-physical systems Environment for Federation (UCEF) is such a VA environment. It provides Application Programming Interfaces (APIs) capable of ensuring synchronized interactions across multiple simulation platforms such as LabVIEW, OMNeT++, Ricardo IGNITE, and Internet of Things (IoT) platforms. UCEF can aid engineers and researchers in understanding the impact of different constraints associated with complex cyber-physical systems (CPS). In this work UCEF is used to produce a simulated Operational Domain Design (ODD) for ADS-equipped vehicles where control (drive cycle/speed pattern), sensing (obstacle detection, traffic signs and lights), and threats (unusual signals, hacked sources) are represented as UCEF federates to simulate a drive cycle and to feed it to vehicle dynamics simulators (e.g. OpenModelica or Ricardo IGNITE) through the Functional Mock-up Interface (FMI). In this way we can subject the vehicle to a wide range of scenarios, collect data on the resulting interactions, and analyze those interactions using metrics to understand trustworthiness impact. Trustworthiness is defined here as in the NIST Framework for Cyber-Physical Systems, and is comprised of system reliability, resiliency, safety, security, and privacy. The goal of this work is to provide an example of an experimental design strategy using Fractional Factorial Design for statistically assessing the most important safety metrics in ADS-equipped vehicles.

Statistics suggests, proceeding towards IoT generation, is increasing IoT devices at a drastic rate. This will be very challenging for our present-day network infrastructure to manage, this much of data. This may risk, both security and traffic collapsing. We have proposed an infrastructure with Fog Computing. The Fog layer consists two layers, using the concepts of Service oriented Architecture (SOA) and the Agent based composition model which ensures the traffic usage reduction. In order to have a robust and secured system, we have modified the Fog based agent model by replacing the SOA with secured Named Data Network (NDN) protocol. Knowing the fact that NDN has the caching layer, we are combining NDN and with Fog, as it can overcome the forwarding strategy limitation and memory constraints of NDN by the Agent Society, in the Middle layer along with Trust management.

We propose a novel application of coded computing to the problem of the nearest neighbor estimation using MatDot Codes (Fahim et al., Allerton'17) that are known to be optimal for matrix multiplication in terms of recovery threshold under storage constraints. In approximate nearest neighbor algorithms, it is common to construct efficient in-memory indexes to improve query response time. One such strategy is Multiple Random Projection Trees (MRPT), which reduces the set of candidate points over which Euclidean distance calculations are performed. However, this may result in a high memory footprint and possibly paging penalties for large or high-dimensional data. Here we propose two techniques to parallelize MRPT that exploit data and model parallelism respectively by dividing both the data storage and the computation efforts among different nodes in a distributed computing cluster. This is especially critical when a single compute node cannot hold the complete dataset in memory. We also propose a novel coded computation strategy based on MatDot codes for the model-parallel architecture that, in a straggler-prone environment, achieves the storage-optimal recovery threshold, i.e., the number of nodes that are required to serve a query. We experimentally demonstrate that, in the absence of straggling, our distributed approaches require less query time than execution on a single processing node, providing near-linear speedups with respect to the number of worker nodes. Our experiments on real systems with simulated straggling, we also show that in a straggler-prone environment, our strategy achieves a faster query execution than the uncoded strategy.

Cloud service has the computing characteristics of self-organizing strain on demand, which is prone to failure or loss of responsibility in its extensive application. In the prediction or accountability of this, the modeling of cloud service structure becomes an insurmountable priority. This paper reviews the modeling of cloud service network architecture. It mainly includes: Firstly, the research status of cloud service structure modeling is analyzed and reviewed. Secondly, the classification of time-varying structure of cloud services and the classification of time-varying structure modeling methods are summarized as a whole. Thirdly, it points out the existing problems. Finally, for cloud service accountability, research approach of time-varying structure modeling is proposed.

The exponential growth of the Internet and its users and the emergence of Web 2.0 have caused a large volume of textual data to be created. Automatic analysis of such data can be used in making decisions. As online text is created by different producers with different styles of writing, pre-processing is a necessity prior to any processes related to natural language tasks. An essential part of textual preprocessing prior to the recognition of the word vocabulary is normalization, which includes the correction of spaces that particularly in the Persian language this includes both full-spaces between words and half-spaces. Through the review of user comments within social media services, it can be seen that in many cases users do not adhere to grammatical rules of inserting both forms of spaces, which increases the complexity of the identification of words and henceforth, reducing the accuracy of further processing on the text. In this study, current issues in the normalization and tokenization of preprocessing tools within the Persian language and essentially identifying and correcting the separation of words are and the correction of spaces are proposed. The results obtained and compared to leading preprocessing tools highlight the significance of the proposed methodology.

In various natural language processing applications, PART-OF-SPEECH (POS) tagging is performed as a preprocessing step. For making POS tagging accurate, various techniques have been explored. But in Indian languages, not much work has been done. This paper describes the methods to build a Part of speech tagger by using hidden markov model. Supervised learning approach is implemented in which, already tagged sentences in malayalam is used to build hidden markov model.