Visible to the public Biblio

Found 373 results

Filters: Keyword is telecommunication traffic  [Clear All Filters]
2023-09-20
Salsabila, Hanifah, Mardhiyah, Syafira, Budiarto Hadiprakoso, Raden.  2022.  Flubot Malware Hybrid Analysis on Android Operating System. 2022 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS). :202—206.
The rising use of smartphones each year is matched by the development of the smartphone's operating system, Android. Due to the immense popularity of the Android operating system, many unauthorized users (in this case, the attackers) wish to exploit this vulnerability to get sensitive data from every Android user. The flubot malware assault, which happened in 2021 and targeted Android devices practically globally, is one of the attacks on Android smartphones. It was known at the time that the flubot virus stole information, particularly from banking applications installed on the victim's device. To prevent this from happening again, we research the signature and behavior of flubot malware. In this study, a hybrid analysis will be conducted on three samples of flubot malware that are available on the open-source Hatching Triage platform. Using the Android Virtual Device (AVD) as the primary environment for malware installation, the analysis was conducted with the Android Debug Bridge (ADB) and Burpsuite as supporting tools for dynamic analysis. During the static analysis, the Mobile Security Framework (MobSF) and the Bytecode Viewer were used to examine the source code of the three malware samples. Analysis of the flubot virus revealed that it extracts or drops dex files on the victim's device, where the file is the primary malware. The Flubot virus will clone the messaging application or Short Message Service (SMS) on the default device. Additionally, we discovered a form of flubot malware that operates as a Domain Generation Algorithm (DGA) and communicates with its Command and Control (C&C) server.
2023-09-18
Warmsley, Dana, Waagen, Alex, Xu, Jiejun, Liu, Zhining, Tong, Hanghang.  2022.  A Survey of Explainable Graph Neural Networks for Cyber Malware Analysis. 2022 IEEE International Conference on Big Data (Big Data). :2932—2939.
Malicious cybersecurity activities have become increasingly worrisome for individuals and companies alike. While machine learning methods like Graph Neural Networks (GNNs) have proven successful on the malware detection task, their output is often difficult to understand. Explainable malware detection methods are needed to automatically identify malicious programs and present results to malware analysts in a way that is human interpretable. In this survey, we outline a number of GNN explainability methods and compare their performance on a real-world malware detection dataset. Specifically, we formulated the detection problem as a graph classification problem on the malware Control Flow Graphs (CFGs). We find that gradient-based methods outperform perturbation-based methods in terms of computational expense and performance on explainer-specific metrics (e.g., Fidelity and Sparsity). Our results provide insights into designing new GNN-based models for cyber malware detection and attribution.
2023-08-25
Zhang, Xue, Wei, Liang, Jing, Shan, Zhao, Chuan, Chen, Zhenxiang.  2022.  SDN-Based Load Balancing Solution for Deterministic Backbone Networks. 2022 5th International Conference on Hot Information-Centric Networking (HotICN). :119–124.
Traffic in a backbone network has high forwarding rate requirements, and as the network gets larger, traffic increases and forwarding rates decrease. In a Software Defined Network (SDN), the controller can manage a global view of the network and control the forwarding of network traffic. A deterministic network has different forwarding requirements for the traffic of different priority levels. Static traffic load balancing is not flexible enough to meet the needs of users and may lead to the overloading of individual links and even network collapse. In this paper, we propose a new backbone network load balancing architecture - EDQN (Edge Deep Q-learning Network), which implements queue-based gate-shaping algorithms at the edge devices and load balancing of traffic on the backbone links. With the advantages of SDN, the link utilization of the backbone network can be improved, the delay in traffic transmission can be reduced and the throughput of traffic during transmission can be increased.
ISSN: 2831-4395
2023-08-16
Liu, Lisa, Engelen, Gints, Lynar, Timothy, Essam, Daryl, Joosen, Wouter.  2022.  Error Prevalence in NIDS datasets: A Case Study on CIC-IDS-2017 and CSE-CIC-IDS-2018. 2022 IEEE Conference on Communications and Network Security (CNS). :254—262.
Benchmark datasets are heavily depended upon by the research community to validate theoretical findings and track progression in the state-of-the-art. NIDS dataset creation presents numerous challenges on account of the volume, heterogeneity, and complexity of network traffic, making the process labor intensive, and thus, prone to error. This paper provides a critical review of CIC-IDS-2017 and CIC-CSE-IDS-2018, datasets which have seen extensive usage in the NIDS literature, and are currently considered primary benchmarking datasets for NIDS. We report a large number of previously undocumented errors throughout the dataset creation lifecycle, including in attack orchestration, feature generation, documentation, and labeling. The errors destabilize the results and challenge the findings of numerous publications that have relied on it as a benchmark. We demonstrate the implications of these errors through several experiments. We provide comprehensive documentation to summarize the discovery of these issues, as well as a fully-recreated dataset, with labeling logic that has been reverse-engineered, corrected, and made publicly available for the first time. We demonstrate the implications of dataset errors through a series of experiments. The findings serve to remind the research community of common pitfalls with dataset creation processes, and of the need to be vigilant when adopting new datasets. Lastly, we strongly recommend the release of labeling logic for any dataset released, to ensure full transparency.
2023-07-12
Xiang, Peng, Peng, ChengWei, Li, Qingshan.  2022.  Hierarchical Association Features Learning for Network Traffic Recognition. 2022 International Conference on Information Processing and Network Provisioning (ICIPNP). :129—133.
With the development of network technology, identifying specific traffic has become important in network monitoring and security. However, designing feature sets that can accurately describe network traffic is still an urgent problem. Most of existing researches cannot realize effectively the identification of targets, and don't perform well in the complex and dynamic network environment. Aiming at these problems, we propose a novel method in this paper, which learns correlation features of network traffic based on the hierarchical structure. Firstly, the method learns the spatial-temporal features using convolutional neural networks (CNNs) and the bidirectional long short-term memory networks (Bi-LSTMs), then builds network topology to capture dependency characteristics between sessions and learns the context-related features through the graph attention networks (GATs). Finally, the network traffic session is classified using a fully connected network. The experimental results show that our method can effectively improve the detection ability and achieve a better classification performance overall.
2023-06-23
Deri, Luca, Cardigliano, Alfredo.  2022.  Using CyberScore for Network Traffic Monitoring. 2022 IEEE International Conference on Cyber Security and Resilience (CSR). :56–61.
The growing number of cybersecurity incidents and the always increasing complexity of cybersecurity attacks is forcing the industry and the research community to develop robust and effective methods to detect and respond to network attacks. Many tools are either built upon a large number of rules and signatures which only large third-party vendors can afford to create and maintain, or are based on complex artificial intelligence engines which, in most cases, still require personalization and fine-tuning using costly service contracts offered by the vendors.This paper introduces an open-source network traffic monitoring system based on the concept of cyberscore, a numerical value that represents how a network activity is considered relevant for spotting cybersecurity-related events. We describe how this technique has been applied in real-life networks and present the result of this evaluation.
Doroud, Hossein, Alaswad, Ahmad, Dressler, Falko.  2022.  Encrypted Traffic Detection: Beyond the Port Number Era. 2022 IEEE 47th Conference on Local Computer Networks (LCN). :198–204.
Internet service providers (ISP) rely on network traffic classifiers to provide secure and reliable connectivity for their users. Encrypted traffic introduces a challenge as attacks are no longer viable using classic Deep Packet Inspection (DPI) techniques. Distinguishing encrypted from non-encrypted traffic is the first step in addressing this challenge. Several attempts have been conducted to identify encrypted traffic. In this work, we compare the detection performance of DPI, traffic pattern, and randomness tests to identify encrypted traffic in different levels of granularity. In an experimental study, we evaluate these candidates and show that a traffic pattern-based classifier outperforms others for encryption detection.
ISSN: 0742-1303
Angiulli, Fabrizio, Furfaro, Angelo, Saccá, Domenico, Sacco, Ludovica.  2022.  Evaluating Deep Packet Inspection in Large-scale Data Processing. 2022 9th International Conference on Future Internet of Things and Cloud (FiCloud). :16–23.
The Internet has evolved to the point that gigabytes and even terabytes of data are generated and processed on a daily basis. Such a stream of data is characterised by high volume, velocity and variety and is referred to as Big Data. Traditional data processing tools can no longer be used to process big data, because they were not designed to handle such a massive amount of data. This problem concerns also cyber security, where tools like intrusion detection systems employ classification algorithms to analyse the network traffic. Achieving a high accuracy attack detection becomes harder when the amount of data increases and the algorithms must be efficient enough to keep up with the throughput of a huge data stream. Due to the challenges posed by a big data environment, some monitoring systems have already shifted from deep packet inspection to flow-level inspection. The goal of this paper is to evaluate the applicability of an existing intrusion detection technique that performs deep packet inspection in a big data setting. We have conducted several experiments with Apache Spark to assess the performance of the technique when classifying anomalous packets, showing that it benefits from the use of Spark.
2023-06-22
Ho, Samson, Reddy, Achyut, Venkatesan, Sridhar, Izmailov, Rauf, Chadha, Ritu, Oprea, Alina.  2022.  Data Sanitization Approach to Mitigate Clean-Label Attacks Against Malware Detection Systems. MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM). :993–998.
Machine learning (ML) models are increasingly being used in the development of Malware Detection Systems. Existing research in this area primarily focuses on developing new architectures and feature representation techniques to improve the accuracy of the model. However, recent studies have shown that existing state-of-the art techniques are vulnerable to adversarial machine learning (AML) attacks. Among those, data poisoning attacks have been identified as a top concern for ML practitioners. A recent study on clean-label poisoning attacks in which an adversary intentionally crafts training samples in order for the model to learn a backdoor watermark was shown to degrade the performance of state-of-the-art classifiers. Defenses against such poisoning attacks have been largely under-explored. We investigate a recently proposed clean-label poisoning attack and leverage an ensemble-based Nested Training technique to remove most of the poisoned samples from a poisoned training dataset. Our technique leverages the relatively large sensitivity of poisoned samples to feature noise that disproportionately affects the accuracy of a backdoored model. In particular, we show that for two state-of-the art architectures trained on the EMBER dataset affected by the clean-label attack, the Nested Training approach improves the accuracy of backdoor malware samples from 3.42% to 93.2%. We also show that samples produced by the clean-label attack often successfully evade malware classification even when the classifier is not poisoned during training. However, even in such scenarios, our Nested Training technique can mitigate the effect of such clean-label-based evasion attacks by recovering the model's accuracy of malware detection from 3.57% to 93.2%.
ISSN: 2155-7586
Kivalov, Serhii, Strelkovskaya, Irina.  2022.  Detection and prediction of DDoS cyber attacks using spline functions. 2022 IEEE 16th International Conference on Advanced Trends in Radioelectronics, Telecommunications and Computer Engineering (TCSET). :710–713.
The issues of development and legal regulation of cybersecurity in Ukraine are considered. The expediency of further improvement of the regulatory framework, its implementation and development of cybersecurity systems is substantiated. Further development of the theoretical base of cyber defense using spline functions is proposed. The characteristics of network traffic are considered from the point of view of detecting DDoS cyber attacks (SYN-Flood, ICMP-Flood, UDP-Flood) and predicting DDoS cyber-attacks using spline functions. The spline extrapolation method makes it possible to predict DDoS cyber attacks with great accuracy.
Li, Mengxue, Zhang, Binxin, Wang, Guangchang, ZhuGe, Bin, Jiang, Xian, Dong, Ligang.  2022.  A DDoS attack detection method based on deep learning two-level model CNN-LSTM in SDN network. 2022 International Conference on Cloud Computing, Big Data Applications and Software Engineering (CBASE). :282–287.
This paper mainly explores the detection and defense of DDoS attacks in the SDN architecture of the 5G environment, and proposes a DDoS attack detection method based on the deep learning two-level model CNN-LSTM in the SDN network. Not only can it greatly improve the accuracy of attack detection, but it can also reduce the time for classifying and detecting network traffic, so that the transmission of DDoS attack traffic can be blocked in time to ensure the availability of network services.
Fenil, E., Kumar, P. Mohan.  2022.  Towards a secure Software Defined Network with Adaptive Mitigation of DDoS attacks by Machine Learning Approaches. 2022 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI). :1–13.
DDoS attacks produce a lot of traffic on the network. DDoS attacks may be fought in a novel method thanks to the rise of Software Defined Networking (SDN). DDoS detection and data gathering may lead to larger system load utilization among SDN as well as systems, much expense of SDN, slow reaction period to DDoS if they are conducted at regular intervals. Using the Identification Retrieval algorithm, we offer a new DDoS detection framework for detecting resource scarcity type DDoS attacks. In designed to check low-density DDoS attacks, we employ a combination of network traffic characteristics. The KSVD technique is used to generate a dictionary of network traffic parameters. In addition to providing legitimate and attack traffic models for dictionary construction, the suggested technique may be used to network traffic as well. Matching Pursuit and Wavelet-based DDoS detection algorithms are also implemented and compared using two separate data sets. Despite the difficulties in identifying LR-DoS attacks, the results of the study show that our technique has a detection accuracy of 89%. DDoS attacks are explained for each type of DDoS, and how SDN weaknesses may be exploited. We conclude that machine learning-based DDoS detection mechanisms and cutoff point DDoS detection techniques are the two most prevalent methods used to identify DDoS attacks in SDN. More significantly, the generational process, benefits, and limitations of each DDoS detection system are explained. This is the case in our testing environment, where the intrusion detection system (IDS) is able to block all previously identified threats
Kukreti, Sambhavi, Modgil, Sumit Kumar, Gehlot, Neha, Kumar, Vinod.  2022.  DDoS Attack using SYN Flooding: A Case Study. 2022 9th International Conference on Computing for Sustainable Global Development (INDIACom). :323–329.
Undoubtedly, technology has not only transformed our world of work and lifestyle, but it also carries with it a lot of security challenges. The Distributed Denial-of-Service (DDoS) attack is one of the most prominent attacks witnessed by cyberspace of the current era. This paper outlines several DDoS attacks, their mitigation stages, propagation of attacks, malicious codes, and finally provides redemptions of exhibiting normal and DDoS attacked scenarios. A case study of a SYN flooding attack has been exploited by using Metasploit. The utilization of CPU frame length and rate have been observed in normal and attacked phases. Preliminary results clearly show that in a normal scenario, CPU usage is about 20%. However, in attacked phases with the same CPU load, CPU execution overhead is nearly 90% or 100%. Thus, through this research, the major difference was found in CPU usage, frame length, and degree of data flow. Wireshark tool has been used for network traffic analyzer.
Žádník, Martin.  2022.  Towards Inference of DDoS Mitigation Rules. NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium. :1–5.
DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions and subsequent management. In this paper, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is converted into the filtering rules. We evaluate our approach with various setups of hyperparameters. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules.
ISSN: 2374-9709
Verma, Amandeep, Saha, Rahul.  2022.  Performance Analysis of DDoS Mitigation in Heterogeneous Environments. 2022 Second International Conference on Interdisciplinary Cyber Physical Systems (ICPS). :222–230.
Computer and Vehicular networks, both are prone to multiple information security breaches because of many reasons like lack of standard protocols for secure communication and authentication. Distributed Denial of Service (DDoS) is a threat that disrupts the communication in networks. Detection and prevention of DDoS attacks with accuracy is a necessity to make networks safe.In this paper, we have experimented two machine learning-based techniques one each for attack detection and attack prevention. These detection & prevention techniques are implemented in different environments including vehicular network environments and computer network environments. Three different datasets connected to heterogeneous environments are adopted for experimentation. The first dataset is the NSL-KDD dataset based on the traffic of the computer network. The second dataset is based on a simulation-based vehicular environment, and the third CIC-DDoS 2019 dataset is a computer network-based dataset. These datasets contain different number of attributes and instances of network traffic. For the purpose of attack detection AdaBoostM1 classification algorithm is used in WEKA and for attack prevention Logit Model is used in STATA. Results show that an accuracy of more than 99.9% is obtained from the simulation-based vehicular dataset. This is the highest accuracy rate among the three datasets and it is obtained within a very short period of time i.e., 0.5 seconds. In the same way, we use a Logit regression-based model to classify packets. This model shows an accuracy of 100%.
Lei, Gang, Wu, Junyi, Gu, Keyang, Ji, Lejun, Cao, Yuanlong, Shao, Xun.  2022.  An QUIC Traffic Anomaly Detection Model Based on Empirical Mode Decomposition. 2022 IEEE 23rd International Conference on High Performance Switching and Routing (HPSR). :76–80.
With the advent of the 5G era, high-speed and secure network access services have become a common pursuit. The QUIC (Quick UDP Internet Connection) protocol proposed by Google has been studied by many scholars due to its high speed, robustness, and low latency. However, the research on the security of the QUIC protocol by domestic and foreign scholars is insufficient. Therefore, based on the self-similarity of QUIC network traffic, combined with traffic characteristics and signal processing methods, a QUIC-based network traffic anomaly detection model is proposed in this paper. The model decomposes and reconstructs the collected QUIC network traffic data through the Empirical Mode Decomposition (EMD) method. In order to judge the occurrence of abnormality, this paper also intercepts overlapping traffic segments through sliding windows to calculate Hurst parameters and analyzes the obtained parameters to check abnormal traffic. The simulation results show that in the network environment based on the QUIC protocol, the Hurst parameter after being attacked fluctuates violently and exceeds the normal range. It also shows that the anomaly detection of QUIC network traffic can use the EMD method.
ISSN: 2325-5609
2023-05-12
Verma, Kunaal, Girdhar, Mansi, Hafeez, Azeem, Awad, Selim S..  2022.  ECU Identification using Neural Network Classification and Hyperparameter Tuning. 2022 IEEE International Workshop on Information Forensics and Security (WIFS). :1–6.
Intrusion detection for Controller Area Network (CAN) protocol requires modern methods in order to compete with other electrical architectures. Fingerprint Intrusion Detection Systems (IDS) provide a promising new approach to solve this problem. By characterizing network traffic from known ECUs, hazardous messages can be discriminated. In this article, a modified version of Fingerprint IDS is employed utilizing both step response and spectral characterization of network traffic via neural network training. With the addition of feature set reduction and hyperparameter tuning, this method accomplishes a 99.4% detection rate of trusted ECU traffic.
ISSN: 2157-4774
2023-04-28
Hu, Zhihui, Liu, Caiming.  2022.  Quantitative matching method for network traffic features. 2022 18th International Conference on Computational Intelligence and Security (CIS). :394–398.
The heterogeneity of network traffic features brings quantitative calculation problems to the matching between network data. In order to solve the above fuzzy matching problem between the heterogeneous network feature data, a quantitative matching method for network traffic features is proposed in this paper. By constructing the numerical expression method of network traffic features, the numerical expression of key features of network data is realized. By constructing the suitable section calculation methods for the similarity of different network traffic features, the personalized quantitative matching for heterogeneous network data features is realized according to the actual meaning of different features. By defining the weight of network traffic features, the quantitative importance value of different features is realized. The weighted sum mathematical method is used to accurately calculate the overall similarity value between network data. The effectiveness of the proposed method through experiments is verified. The experimental results show that the proposed matching method can be used to calculate the similarity value between network data, and the quantitative calculation purpose of network traffic feature matching with heterogeneous features is realized.
2023-04-27
Rafique, Wajid, Hafid, Abdelhakim Senhaji, Cherkaoui, Soumaya.  2022.  Complementing IoT Services Using Software-Defined Information Centric Networks: A Comprehensive Survey. IEEE Internet of Things Journal. 9:23545–23569.
IoT connects a large number of physical objects with the Internet that capture and exchange real-time information for service provisioning. Traditional network management schemes face challenges to manage vast amounts of network traffic generated by IoT services. Software-defined networking (SDN) and information-centric networking (ICN) are two complementary technologies that could be integrated to solve the challenges of different aspects of IoT service provisioning. ICN offers a clean-slate design to accommodate continuously increasing network traffic by considering content as a network primitive. It provides a novel solution for information propagation and delivery for large-scale IoT services. On the other hand, SDN allocates overall network management responsibilities to a central controller, where network elements act merely as traffic forwarding components. An SDN-enabled network supports ICN without deploying ICN-capable hardware. Therefore, the integration of SDN and ICN provides benefits for large-scale IoT services. This article provides a comprehensive survey on software-defined information-centric Internet of Things (SDIC-IoT) for IoT service provisioning. We present critical enabling technologies of SDIC-IoT, discuss its architecture, and describe its benefits for IoT service provisioning. We elaborate on key IoT service provisioning requirements and discuss how SDIC-IoT supports different aspects of IoT services. We define different taxonomies of SDIC-IoT literature based on various performance parameters. Furthermore, we extensively discuss different use cases, synergies, and advances to realize the SDIC-IoT concept. Finally, we present current challenges and future research directions of IoT service provisioning using SDIC-IoT.
Conference Name: IEEE Internet of Things Journal
2023-04-14
Saurabh, Kumar, Singh, Ayush, Singh, Uphar, Vyas, O.P., Khondoker, Rahamatullah.  2022.  GANIBOT: A Network Flow Based Semi Supervised Generative Adversarial Networks Model for IoT Botnets Detection. 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS). :1–5.
The spread of Internet of Things (IoT) devices in our homes, healthcare, industries etc. are more easily infiltrated than desktop computers have resulted in a surge in botnet attacks based on IoT devices, which may jeopardize the IoT security. Hence, there is a need to detect these attacks and mitigate the damage. Existing systems rely on supervised learning-based intrusion detection methods, which require a large labelled data set to achieve high accuracy. Botnets are onerous to detect because of stealthy command & control protocols and large amount of network traffic and hence obtaining a large labelled data set is also difficult. Due to unlabeled Network traffic, the supervised classification techniques may not be used directly to sort out the botnet that is responsible for the attack. To overcome this limitation, a semi-supervised Deep Learning (DL) approach is proposed which uses Semi-supervised GAN (SGAN) for IoT botnet detection on N-BaIoT dataset which contains "Bashlite" and "Mirai" attacks along with their sub attacks. The results have been compared with the state-of-the-art supervised solutions and found efficient in terms of better accuracy which is 99.89% in binary classification and 59% in multi classification on larger dataset, faster and reliable model for IoT Botnet detection.
Yang, Xiaoran, Guo, Zhen, Mai, Zetian.  2022.  Botnet Detection Based on Machine Learning. 2022 International Conference on Blockchain Technology and Information Security (ICBCTIS). :213–217.
A botnet is a new type of attack method developed and integrated on the basis of traditional malicious code such as network worms and backdoor tools, and it is extremely threatening. This course combines deep learning and neural network methods in machine learning methods to detect and classify the existence of botnets. This sample does not rely on any prior features, the final multi-class classification accuracy rate is higher than 98.7%, the effect is significant.
2023-03-31
Huang, Dapeng, Chen, Haoran, Wang, Kai, Chen, Chen, Han, Weili.  2022.  A Traceability Method for Bitcoin Transactions Based on Gateway Network Traffic Analysis. 2022 International Conference on Networking and Network Applications (NaNA). :176–183.
Cryptocurrencies like Bitcoin have become a popular weapon for illegal activities. They have the characteristics of decentralization and anonymity, which can effectively avoid the supervision of government departments. How to de-anonymize Bitcoin transactions is a crucial issue for regulatory and judicial investigation departments to supervise and combat crimes involving Bitcoin effectively. This paper aims to de-anonymize Bitcoin transactions and present a Bitcoin transaction traceability method based on Bitcoin network traffic analysis. According to the characteristics of the physical network that the Bitcoin network relies on, the Bitcoin network traffic is obtained at the physical convergence point of the local Bitcoin network. By analyzing the collected network traffic data, we realize the traceability of the input address of Bitcoin transactions and test the scheme in the distributed Bitcoin network environment. The experimental results show that this traceability mechanism is suitable for nodes connected to the Bitcoin network (except for VPN, Tor, etc.), and can obtain 47.5% recall rate and 70.4% precision rate, which are promising in practice.
2023-03-17
Dhasade, Akash, Dresevic, Nevena, Kermarrec, Anne-Marie, Pires, Rafael.  2022.  TEE-based decentralized recommender systems: The raw data sharing redemption. 2022 IEEE International Parallel and Distributed Processing Symposium (IPDPS). :447–458.
Recommenders are central in many applications today. The most effective recommendation schemes, such as those based on collaborative filtering (CF), exploit similarities between user profiles to make recommendations, but potentially expose private data. Federated learning and decentralized learning systems address this by letting the data stay on user's machines to preserve privacy: each user performs the training on local data and only the model parameters are shared. However, sharing the model parameters across the network may still yield privacy breaches. In this paper, we present Rex, the first enclave-based decentralized CF recommender. Rex exploits Trusted execution environments (TEE), such as Intel software guard extensions (SGX), that provide shielded environments within the processor to improve convergence while preserving privacy. Firstly, Rex enables raw data sharing, which ultimately speeds up convergence and reduces the network load. Secondly, Rex fully preserves privacy. We analyze the impact of raw data sharing in both deep neural network (DNN) and matrix factorization (MF) recommenders and showcase the benefits of trusted environments in a full-fledged implementation of Rex. Our experimental results demonstrate that through raw data sharing, Rex significantly decreases the training time by 18.3 x and the network load by 2 orders of magnitude over standard decentralized approaches that share only parameters, while fully protecting privacy by leveraging trustworthy hardware enclaves with very little overhead.
ISSN: 1530-2075
2023-03-03
Krishnamoorthy, R., Arun, S., Sujitha, N., Vijayalakshmi, K.M, Karthiga, S., Thiagarajan, R..  2022.  Proposal of HMAC based Protocol for Message Authenication in Kerberos Authentication Protocol. 2022 Second International Conference on Artificial Intelligence and Smart Energy (ICAIS). :1443–1447.
Kerberos protocol is a derivative type of server used for the authentication purpose. Kerberos is a network-based authentication protocol which communicates the tickets from one network to another in a secured manner. Kerberos protocol encrypts the messages and provides mutual authentication. Kerberos uses the symmetric cryptography which uses the public key to strengthen the data confidentiality. The KDS Key Distribution System gives the center of securing the messages. Kerberos has certain disadvantages as it provides public key at both ends. In this proposed approach, the Kerberos are secured by using the HMAC Hash-based Message Authentication Code which is used for the authentication of message for integrity and authentication purpose. It verifies the data by authentication, verifies the e-mail address and message integrity. The computer network and security are authenticated by verifying the user or client. These messages which are transmitted and delivered have to be integrated by authenticating it. Kerberos authentication is used for the verification of a host or user. Authentication is based on the tickets on credentials in a secured way. Kerberos gives faster authentication and uses the unique ticketing system. It supports the authentication delegation with faster efficiency. These encrypt the standard by encrypting the tickets to pass the information.
Zadeh Nojoo Kambar, Mina Esmail, Esmaeilzadeh, Armin, Kim, Yoohwan, Taghva, Kazem.  2022.  A Survey on Mobile Malware Detection Methods using Machine Learning. 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC). :0215–0221.
The prevalence of mobile devices (smartphones) along with the availability of high-speed internet access world-wide resulted in a wide variety of mobile applications that carry a large amount of confidential information. Although popular mobile operating systems such as iOS and Android constantly increase their defenses methods, data shows that the number of intrusions and attacks using mobile applications is rising continuously. Experts use techniques to detect malware before the malicious application gets installed, during the runtime or by the network traffic analysis. In this paper, we first present the information about different categories of mobile malware and threats; then, we classify the recent research methods on mobile malware traffic detection.