Visible to the public Biblio

Found 136 results

Filters: Keyword is Detectors  [Clear All Filters]
2023-08-18
Zheng, Chengxu, Wang, Xiaopeng, Luo, Xiaoyu, Fang, Chongrong, He, Jianping.  2022.  An OpenPLC-based Active Real-time Anomaly Detection Framework for Industrial Control Systems. 2022 China Automation Congress (CAC). :5899—5904.
In recent years, the design of anomaly detectors has attracted a tremendous surge of interest due to security issues in industrial control systems (ICS). Restricted by hardware resources, most anomaly detectors can only be deployed at the remote monitoring ends, far away from the control sites, which brings potential threats to anomaly detection. In this paper, we propose an active real-time anomaly detection framework deployed in the controller of OpenPLC, which is a standardized open-source PLC and has high scalability. Specifically, we add adaptive active noises to control signals, and then identify a linear dynamic system model of the plant offline and implement it in the controller. Finally, we design two filters to process the estimated residuals based on the obtained model and use χ2 detector for anomaly detection. Extensive experiments are conducted on an industrial control virtual platform to show the effectiveness of the proposed detection framework.
2023-07-21
Mai, Juanyun, Wang, Minghao, Zheng, Jiayin, Shao, Yanbo, Diao, Zhaoqi, Fu, Xinliang, Chen, Yulong, Xiao, Jianyu, You, Jian, Yin, Airu et al..  2022.  MHSnet: Multi-head and Spatial Attention Network with False-Positive Reduction for Lung Nodule Detection. 2022 IEEE International Conference on Bioinformatics and Biomedicine (BIBM). :1108—1114.
Mortality from lung cancer has ranked high among cancers for many years. Early detection of lung cancer is critical for disease prevention, cure, and mortality rate reduction. Many existing detection methods on lung nodules can achieve high sensitivity but meanwhile introduce an excessive number of false-positive proposals, which is clinically unpractical. In this paper, we propose the multi-head detection and spatial attention network, shortly MHSnet, to address this crucial false-positive issue. Specifically, we first introduce multi-head detectors and skip connections to capture multi-scale features so as to customize for the variety of nodules in sizes, shapes, and types. Then, inspired by how experienced clinicians screen CT images, we implemented a spatial attention module to enable the network to focus on different regions, which can successfully distinguish nodules from noisy tissues. Finally, we designed a lightweight but effective false-positive reduction module to cut down the number of false-positive proposals, without any constraints on the front network. Compared with the state-of-the-art models, our extensive experimental results show the superiority of this MHSnet not only in the average FROC but also in the false discovery rate (2.64% improvement for the average FROC, 6.39% decrease for the false discovery rate). The false-positive reduction module takes a further step to decrease the false discovery rate by 14.29%, indicating its very promising utility of reducing distracted proposals for the downstream tasks relied on detection results.
2023-07-18
Nguyen, Thanh Tuan, Nguyen, Thanh Phuong, Tran, Thanh-Hai.  2022.  Detecting Reflectional Symmetry of Binary Shapes Based on Generalized R-Transform. 2022 International Conference on Multimedia Analysis and Pattern Recognition (MAPR). :1—6.
Analyzing reflectionally symmetric features inside an image is one of the important processes for recognizing the peculiar appearance of natural and man-made objects, biological patterns, etc. In this work, we will point out an efficient detector of reflectionally symmetric shapes by addressing a class of projection-based signatures that are structured by a generalized \textbackslashmathcalR\_fm-transform model. To this end, we will firstly prove the \textbackslashmathcalR\_fmˆ-transform in accordance with reflectional symmetry detection. Then different corresponding \textbackslashmathcalR\_fm-signatures of binary shapes are evaluated in order to determine which the corresponding exponentiation of the \textbackslashmathcalR\_fm-transform is the best for the detection. Experimental results of detecting on single/compound contour-based shapes have validated that the exponentiation of 10 is the most discriminatory, with over 2.7% better performance on the multiple-axis shapes in comparison with the conventional one. Additionally, the proposed detector also outperforms most of other existing methods. This finding should be recommended for applications in practice.
2023-06-23
Xie, Guorui, Li, Qing, Cui, Chupeng, Zhu, Peican, Zhao, Dan, Shi, Wanxin, Qi, Zhuyun, Jiang, Yong, Xiao, Xi.  2022.  Soter: Deep Learning Enhanced In-Network Attack Detection Based on Programmable Switches. 2022 41st International Symposium on Reliable Distributed Systems (SRDS). :225–236.
Though several deep learning (DL) detectors have been proposed for the network attack detection and achieved high accuracy, they are computationally expensive and struggle to satisfy the real-time detection for high-speed networks. Recently, programmable switches exhibit a remarkable throughput efficiency on production networks, indicating a possible deployment of the timely detector. Therefore, we present Soter, a DL enhanced in-network framework for the accurate real-time detection. Soter consists of two phases. One is filtering packets by a rule-based decision tree running on the Tofino ASIC. The other is executing a well-designed lightweight neural network for the thorough inspection of the suspicious packets on the CPU. Experiments on the commodity switch demonstrate that Soter behaves stably in ten network scenarios of different traffic rates and fulfills per-flow detection in 0.03s. Moreover, Soter naturally adapts to the distributed deployment among multiple switches, guaranteeing a higher total throughput for large data centers and cloud networks.
ISSN: 2575-8462
2023-06-22
Jamil, Huma, Liu, Yajing, Cole, Christina, Blanchard, Nathaniel, King, Emily J., Kirby, Michael, Peterson, Christopher.  2022.  Dual Graphs of Polyhedral Decompositions for the Detection of Adversarial Attacks. 2022 IEEE International Conference on Big Data (Big Data). :2913–2921.
Previous work has shown that a neural network with the rectified linear unit (ReLU) activation function leads to a convex polyhedral decomposition of the input space. These decompositions can be represented by a dual graph with vertices corresponding to polyhedra and edges corresponding to polyhedra sharing a facet, which is a subgraph of a Hamming graph. This paper illustrates how one can utilize the dual graph to detect and analyze adversarial attacks in the context of digital images. When an image passes through a network containing ReLU nodes, the firing or non-firing at a node can be encoded as a bit (1 for ReLU activation, 0 for ReLU non-activation). The sequence of all bit activations identifies the image with a bit vector, which identifies it with a polyhedron in the decomposition and, in turn, identifies it with a vertex in the dual graph. We identify ReLU bits that are discriminators between non-adversarial and adversarial images and examine how well collections of these discriminators can ensemble vote to build an adversarial image detector. Specifically, we examine the similarities and differences of ReLU bit vectors for adversarial images, and their non-adversarial counterparts, using a pre-trained ResNet-50 architecture. While this paper focuses on adversarial digital images, ResNet-50 architecture, and the ReLU activation function, our methods extend to other network architectures, activation functions, and types of datasets.
2023-05-26
Liu, Bin, Chen, Jingzhao, Hu, Yong.  2022.  A Simple Approach to Data-driven Security Detection for Industrial Cyber-Physical Systems. 2022 34th Chinese Control and Decision Conference (CCDC). :5440—5445.
In this paper, a data-driven security detection approach is proposed in a simple manner. The detector is designed to deal with false data injection attacks suffered by industrial cyber-physical systems with unknown model information. First, the attacks are modeled from the perspective of the generalized plant mismatch, rather than the operating data being tampered. Second, some subsystems are selected to reduce the design complexity of the detector, and based on them, an output estimator with iterative form is presented in a theoretical way. Then, a security detector is constructed based on the proposed estimator and its cost function. Finally, the effectiveness of the proposed approach is verified by simulations of a Western States Coordinated Council 9-bus power system.
2023-05-12
Jbene, Mourad, Tigani, Smail, Saadane, Rachid, Chehri, Abdellah.  2022.  An LSTM-based Intent Detector for Conversational Recommender Systems. 2022 IEEE 95th Vehicular Technology Conference: (VTC2022-Spring). :1–5.
With the rapid development of artificial intelligence (AI), many companies are moving towards automating their services using automated conversational agents. Dialogue-based conversational recommender agents, in particular, have gained much attention recently. The successful development of such systems in the case of natural language input is conditioned by the ability to understand the users’ utterances. Predicting the users’ intents allows the system to adjust its dialogue strategy and gradually upgrade its preference profile. Nevertheless, little work has investigated this problem so far. This paper proposes an LSTM-based Neural Network model and compares its performance to seven baseline Machine Learning (ML) classifiers. Experiments on a new publicly available dataset revealed The superiority of the LSTM model with 95% Accuracy and 94% F1-score on the full dataset despite the relatively small dataset size (9300 messages and 17 intents) and label imbalance.
ISSN: 2577-2465
2023-05-11
Jawdeh, Shaya Abou, Choi, Seungdeog, Liu, Chung-Hung.  2022.  Model-Based Deep Learning for Cyber-Attack Detection in Electric Drive Systems. 2022 IEEE Applied Power Electronics Conference and Exposition (APEC). :567–573.
Modern cyber-physical systems that comprise controlled power electronics are becoming more internet-of-things-enabled and vulnerable to cyber-attacks. Therefore, hardening those systems against cyber-attacks becomes an emerging need. In this paper, a model-based deep learning cyber-attack detection to protect electric drive systems from cyber-attacks on the physical level is proposed. The approach combines the model physics with a deep learning-based classifier. The combination of model-based and deep learning will enable more accurate cyber-attack detection results. The proposed cyber-attack detector will be trained and simulated on a PM based electric drive system to detect false data injection attacks on the drive controller command and sensor signals.
ISSN: 2470-6647
Li, Hongwei, Chasaki, Danai.  2022.  Network-Based Machine Learning Detection of Covert Channel Attacks on Cyber-Physical Systems. 2022 IEEE 20th International Conference on Industrial Informatics (INDIN). :195–201.
Most of the recent high-profile attacks targeting cyber-physical systems (CPS) started with lengthy reconnaissance periods that enabled attackers to gain in-depth understanding of the victim’s environment. To simulate these stealthy attacks, several covert channel tools have been published and proven effective in their ability to blend into existing CPS communication streams and have the capability for data exfiltration and command injection.In this paper, we report a novel machine learning feature engineering and data processing pipeline for the detection of covert channel attacks on CPS systems with real-time detection throughput. The system also operates at the network layer without requiring physical system domain-specific state modeling, such as voltage levels in a power generation system. We not only demonstrate the effectiveness of using TCP payload entropy as engineered features and the technique of grouping information into network flows, but also pitch the proposed detector against scenarios employing advanced evasion tactics, and still achieve above 99% detection performance.
2023-03-06
Le, Trung-Nghia, Akihiro, Sugimoto, Ono, Shintaro, Kawasaki, Hiroshi.  2020.  Toward Interactive Self-Annotation For Video Object Bounding Box: Recurrent Self-Learning And Hierarchical Annotation Based Framework. 2020 IEEE Winter Conference on Applications of Computer Vision (WACV). :3220–3229.
Amount and variety of training data drastically affect the performance of CNNs. Thus, annotation methods are becoming more and more critical to collect data efficiently. In this paper, we propose a simple yet efficient Interactive Self-Annotation framework to cut down both time and human labor cost for video object bounding box annotation. Our method is based on recurrent self-supervised learning and consists of two processes: automatic process and interactive process, where the automatic process aims to build a supported detector to speed up the interactive process. In the Automatic Recurrent Annotation, we let an off-the-shelf detector watch unlabeled videos repeatedly to reinforce itself automatically. At each iteration, we utilize the trained model from the previous iteration to generate better pseudo ground-truth bounding boxes than those at the previous iteration, recurrently improving self-supervised training the detector. In the Interactive Recurrent Annotation, we tackle the human-in-the-loop annotation scenario where the detector receives feedback from the human annotator. To this end, we propose a novel Hierarchical Correction module, where the annotated frame-distance binarizedly decreases at each time step, to utilize the strength of CNN for neighbor frames. Experimental results on various video datasets demonstrate the advantages of the proposed framework in generating high-quality annotations while reducing annotation time and human labor costs.
ISSN: 2642-9381
2023-02-17
Yerima, Suleiman Y., Bashar, Abul.  2022.  Semi-supervised novelty detection with one class SVM for SMS spam detection. 2022 29th International Conference on Systems, Signals and Image Processing (IWSSIP). CFP2255E-ART:1–4.
The volume of SMS messages sent on a daily basis globally has continued to grow significantly over the past years. Hence, mobile phones are becoming increasingly vulnerable to SMS spam messages, thereby exposing users to the risk of fraud and theft of personal data. Filtering of messages to detect and eliminate SMS spam is now a critical functionality for which different types of machine learning approaches are still being explored. In this paper, we propose a system for detecting SMS spam using a semi-supervised novelty detection approach based on one class SVM classifier. The system is built as an anomaly detector that learns only from normal SMS messages thus enabling detection models to be implemented in the absence of labelled SMS spam training examples. We evaluated our proposed system using a benchmark dataset consisting of 747 SMS spam and 4827 non-spam messages. The results show that our proposed method out-performed the traditional supervised machine learning approaches based on binary, frequency or TF-IDF bag-of-words. The overall accuracy was 98% with 100% SMS spam detection rate and only around 3% false positive rate.
ISSN: 2157-8702
Li, Nige, Zhou, Peng, Wang, Tengyan, Chen, Jingnan.  2022.  Control flow integrity check based on LBR register in power 5G environment. 2022 China International Conference on Electricity Distribution (CICED). :1211–1216.
This paper proposes a control flow integrity checking method based on the LBR register: through an analysis of the static target program loaded binary modules, gain function attributes such as borders and build the initial transfer of legal control flow boundary, real-time maintenance when combined with the dynamic execution of the program flow of control transfer record, build a complete profile control flow transfer security; Get the call location of /bin/sh or system() in the program to build an internal monitor for control-flow integrity checks. In the process of program execution, on the one hand, the control flow transfer outside the outline is judged as the abnormal control flow transfer with attack threat; On the other hand, abnormal transitions across the contour are picked up by an internal detector. In this method, by identifying abnormal control flow transitions, attacks are initially detected before the attack code is executed, while some attacks that bypass the coarse-grained verification of security profile are captured by the refined internal detector of control flow integrity. This method reduces the cost of control flow integrity check by using the safety profile analysis of coarse-grained check. In addition, a fine-grained shell internal detector is inserted into the contour to improve the safety performance of the system and achieve a good balance between performance and efficiency.
2023-02-13
Wu, Yueming, Zou, Deqing, Dou, Shihan, Yang, Wei, Xu, Duo, Jin, Hai.  2022.  VulCNN: An Image-inspired Scalable Vulnerability Detection System. 2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE). :2365—2376.
Since deep learning (DL) can automatically learn features from source code, it has been widely used to detect source code vulnerability. To achieve scalable vulnerability scanning, some prior studies intend to process the source code directly by treating them as text. To achieve accurate vulnerability detection, other approaches consider distilling the program semantics into graph representations and using them to detect vulnerability. In practice, text-based techniques are scalable but not accurate due to the lack of program semantics. Graph-based methods are accurate but not scalable since graph analysis is typically time-consuming. In this paper, we aim to achieve both scalability and accuracy on scanning large-scale source code vulnerabilities. Inspired by existing DL-based image classification which has the ability to analyze millions of images accurately, we prefer to use these techniques to accomplish our purpose. Specifically, we propose a novel idea that can efficiently convert the source code of a function into an image while preserving the program details. We implement Vul-CNN and evaluate it on a dataset of 13,687 vulnerable functions and 26,970 non-vulnerable functions. Experimental results report that VulCNN can achieve better accuracy than eight state-of-the-art vul-nerability detectors (i.e., Checkmarx, FlawFinder, RATS, TokenCNN, VulDeePecker, SySeVR, VulDeeLocator, and Devign). As for scalability, VulCNN is about four times faster than VulDeePecker and SySeVR, about 15 times faster than VulDeeLocator, and about six times faster than Devign. Furthermore, we conduct a case study on more than 25 million lines of code and the result indicates that VulCNN can detect large-scale vulnerability. Through the scanning reports, we finally discover 73 vulnerabilities that are not reported in NVD.
2023-02-03
Song, Sanquan, Tell, Stephen G., Zimmer, Brian, Kudva, Sudhir S., Nedovic, Nikola, Gray, C. Thomas.  2022.  An FLL-Based Clock Glitch Detector for Security Circuits in a 5nm FINFET Process. 2022 IEEE Symposium on VLSI Technology and Circuits (VLSI Technology and Circuits). :146–147.
The rapid complexity growth of electronic systems nowadays increases their vulnerability to hacking, such as fault injection, including insertion of glitches into the system clock to corrupt internal state through timing errors. As a countermeasure, a frequency locked loop (FLL) based clock glitch detector is proposed in this paper. Regulated from an external supply voltage, this FLL locks at 16-36X of the system clock, creating four phases to measure the system clock by oversampling at 64-144X. The samples are then used to sense the frequency and close the frequency locked loop, as well as to detect glitches through pattern matching. Implemented in a 5nm FINFET process, it can detect the glitches or pulse width variations down to 3.125% of the input 40MHz clock cycle with the supply varying from 0.5 to 1.0V.
ISSN: 2158-9682
Sultana, Habiba, Kamal, A H M.  2022.  An Edge Detection Based Reversible Data Hiding Scheme. 2022 IEEE Delhi Section Conference (DELCON). :1–6.

Edge detection based embedding techniques are famous for data security and image quality preservation. These techniques use diverse edge detectors to classify edge and non-edge pixels in an image and then implant secrets in one or both of these classes. Image with conceived data is called stego image. It is noticeable that none of such researches tries to reform the original image from the stego one. Rather, they devote their concentration to extract the hidden message only. This research presents a solution to the raised reversibility problem. Like the others, our research, first, applies an edge detector e.g., canny, in a cover image. The scheme next collects \$n\$-LSBs of each of edge pixels and finally, concatenates them with encrypted message stream. This method applies a lossless compression algorithm to that processed stream. Compression factor is taken such a way that the length of compressed stream does not exceed the length of collected LSBs. The compressed message stream is then implanted only in the edge pixels by \$n\$-LSB substitution method. As the scheme does not destroy the originality of non-edge pixels, it presents better stego quality. By incorporation the mechanisms of encryption, concatenation, compression and \$n\$-LSB, the method has enriched the security of implanted data. The research shows its effectiveness while implanting a small sized message.

Yahia, Fatima F. M., Abushaala, Ahmed M..  2022.  Cryptography using Affine Hill Cipher Combining with Hybrid Edge Detection (Canny-LoG) and LSB for Data Hiding. 2022 IEEE 2nd International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering (MI-STA). :379–384.

In our time the rapid growth of internet and digital communications has been required to be protected from illegal users. It is important to secure the information transmitted between the sender and receiver over the communication channels such as the internet, since it is a public environment. Cryptography and Steganography are the most popular techniques used for sending data in secrete way. In this paper, we are proposing a new algorithm that combines both cryptography and steganography in order to increase the level of data security against attackers. In cryptography, we are using affine hill cipher method; while in steganography we are using Hybrid edge detection with LSB to hide the message. Our paper shows how we can use image edges to hide text message. Grayscale images are used for our experiments and a comparison is developed based on using different edge detection operators such as (canny-LoG ) and (Canny-Sobel). Their performance is measured using PSNR (Peak Signal to Noise ratio), MSE (Mean Squared Error) and EC (Embedding Capacity). The results indicate that, using hybrid edge detection (canny- LoG) with LSB for hiding data could provide high embedding capacity than using hybrid edge detection (canny- Sobel) with LSB. We could prove that hiding in the image edge area could preserve the imperceptibility of the Stego-image. This paper has also proved that the secrete message was extracted successfully without any distortion.

Muliono, Yohan, Darus, Mohamad Yusof, Pardomuan, Chrisando Ryan, Ariffin, Muhammad Azizi Mohd, Kurniawan, Aditya.  2022.  Predicting Confidentiality, Integrity, and Availability from SQL Injection Payload. 2022 International Conference on Information Management and Technology (ICIMTech). :600–605.
SQL Injection has been around as a harmful and prolific threat on web applications for more than 20 years, yet it still poses a huge threat to the World Wide Web. Rapidly evolving web technology has not eradicated this threat; In 2017 51 % of web application attacks are SQL injection attacks. Most conventional practices to prevent SQL injection attacks revolves around secure web and database programming and administration techniques. Despite developer ignorance, a large number of online applications remain susceptible to SQL injection attacks. There is a need for a more effective method to detect and prevent SQL Injection attacks. In this research, we offer a unique machine learning-based strategy for identifying potential SQL injection attack (SQL injection attack) threats. Application of the proposed method in a Security Information and Event Management(SIEM) system will be discussed. SIEM can aggregate and normalize event information from multiple sources, and detect malicious events from analysis of these information. The result of this work shows that a machine learning based SQL injection attack detector which uses SIEM approach possess high accuracy in detecting malicious SQL queries.
2023-01-05
Chen, Ye, Lai, Yingxu, Zhang, Zhaoyi, Li, Hanmei, Wang, Yuhang.  2022.  Malicious attack detection based on traffic-flow information fusion. 2022 IFIP Networking Conference (IFIP Networking). :1–9.
While vehicle-to-everything communication technology enables information sharing and cooperative control for vehicles, it also poses a significant threat to the vehicles' driving security owing to cyber-attacks. In particular, Sybil malicious attacks hidden in the vehicle broadcast information flow are challenging to detect, thereby becoming an urgent issue requiring attention. Several researchers have considered this problem and proposed different detection schemes. However, the detection performance of existing schemes based on plausibility checks and neighboring observers is affected by the traffic and attacker densities. In this study, we propose a malicious attack detection scheme based on traffic-flow information fusion, which enables the detection of Sybil attacks without neighboring observer nodes. Our solution is based on the basic safety message, which is broadcast by vehicles periodically. It first constructs the basic features of traffic flow to reflect the traffic state, subsequently fuses it with the road detector information to add the road fusion features, and then classifies them using machine learning algorithms to identify malicious attacks. The experimental results demonstrate that our scheme achieves the detection of Sybil attacks with an accuracy greater than 90 % at different traffic and attacker densities. Our solutions provide security for achieving a usable vehicle communication network.
2022-12-06
Raich, Philipp, Kastner, Wolfgang.  2022.  Failure Detectors for 6LoWPAN: Model and Implementation. 2022 International Conference on Electrical, Computer and Energy Technologies (ICECET). :1-6.

Consensus is a basic building block in distributed systems for a myriad of related problems that involve agreement. For asynchronous networks, consensus has been proven impossible, and is well known as Augean task. Failure Detectors (FDs) have since emerged as a possible remedy, able to solve consensus in asynchronous systems under certain assumptions. With the increasing use of asynchronous, wireless Internet of Things (IoT) technologies, such as IEEE 802.15.4/6LoWPAN, the demand of applications that require some form of reliability and agreement is on the rise. What was missing so far is an FD that can operate under the tight constraints offered by Low Power and Lossy Networks (LLNs) without compromising the efficiency of the network. We present 6LoFD, an FD specifically aimed at energy and memory efficient operation in small scale, unreliable networks, and evaluate its working principles by using an ns-3 implementation of 6LoFD.

2022-12-01
Ajorpaz, Samira Mirbagher, Moghimi, Daniel, Collins, Jeffrey Neal, Pokam, Gilles, Abu-Ghazaleh, Nael, Tullsen, Dean.  2022.  EVAX: Towards a Practical, Pro-active & Adaptive Architecture for High Performance & Security. 2022 55th IEEE/ACM International Symposium on Microarchitecture (MICRO). :1218—1236.
This paper provides an end-to-end solution to defend against known microarchitectural attacks such as speculative execution attacks, fault-injection attacks, covert and side channel attacks, and unknown or evasive versions of these attacks. Current defenses are attack specific and can have unacceptably high performance overhead. We propose an approach that reduces the overhead of state-of-art defenses by over 95%, by applying defenses only when attacks are detected. Many current proposed mitigations are not practical for deployment; for example, InvisiSpec has 27% overhead and Fencing has 74% overhead while protecting against only Spectre attacks. Other mitigations carry similar performance penalties. We reduce the overhead for InvisiSpec to 1.26% and for Fencing to 3.45% offering performance and security for not only spectre attacks but other known transient attacks as well, including the dangerous class of LVI and Rowhammer attacks, as well as covering a large set of future evasive and zero-day attacks. Critical to our approach is an accurate detector that is not fooled by evasive attacks and that can generalize to novel zero-day attacks. We use a novel Generative framework, Evasion Vaccination (EVAX) for training ML models and engineering new security-centric performance counters. EVAX significantly increases sensitivity to detect and classify attacks in time for mitigation to be deployed with low false positives (4 FPs in every 1M instructions in our experiments). Such performance enables efficient and timely mitigations, enabling the processor to automatically switch between performance and security as needed.
2022-10-16
Almashfi, Nabil, Lu, Lunjin.  2020.  Code Smell Detection Tool for Java Script Programs. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :172–176.
JavaScript is a client-side scripting language that is widely used in web applications. It is dynamic, loosely-typed and prototype-based with first-class functions. The dynamic nature of JavaScript makes it powerful and highly flexible in almost every way. However, this flexibility may result in what is known as code smells. Code smells are characteristics in the source code of a program that usually correspond to a deeper problem. They can lead to a variety of comprehension and maintenance issues and they may impact fault- and change-proneness of the application in the future. We present TAJSlint, an automated code smell detection tool for JavaScript programs that is based on static analysis. TAJSlint includes a set of 14 code smells, 9 of which are collected from various sources and 5 new smells we propose. We conduct an empirical evaluation of TAJSlint on a number of JavaScript projects and show that TAJSlint achieves an overall precision of 98% with a small number of false positives. We also study the prevalence of code smells in these projects.
2022-09-09
Saini, Anu, Sri, Manepalli Ratna, Thakur, Mansi.  2021.  Intrinsic Plagiarism Detection System Using Stylometric Features and DBSCAN. 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS). :13—18.
Plagiarism is the act of using someone else’s words or ideas without giving them due credit and representing it as one’s own work. In today's world, it is very easy to plagiarize others' work due to advancement in technology, especially by the use of the Internet or other offline sources such as books or magazines. Plagiarism can be classified into two broad categories on the basis of detection namely extrinsic and intrinsic plagiarism. Extrinsic plagiarism detection refers to detecting plagiarism in a document by comparing it against a given reference dataset, whereas, Intrinsic plagiarism detection refers to detecting plagiarism with the help of variation in writing styles without using any reference corpus. Although there are many approaches which can be adopted to detect extrinsic plagiarism, few are available for intrinsic plagiarism detection. In this paper, a simplified approach is proposed for developing an intrinsic plagiarism detector which is helpful in detecting plagiarism even when no reference corpus is available. The approach deals with development of an intrinsic plagiarism detection system by identifying the writing style of authors in the document using stylometric features and Density-Based Spatial Clustering of Applications with Noise (DBSCAN) clustering. The proposed system has an easy to use interactive interface where user has to upload a text document to be checked for plagiarism and the result is displayed on the web page itself. In addition, the user can also see the analysis of the document in the form of graphs.
2022-08-12
Oshnoei, Soroush, Aghamohammadi, Mohammadreza.  2021.  Detection and Mitigation of Coordinate False DataInjection Attacks in Frequency Control of Power Grids. 2021 11th Smart Grid Conference (SGC). :1—5.
In modern power grids (PGs), load frequency control (LFC) is effectively employed to preserve the frequency within the allowable ranges. However, LFC dependence on information and communication technologies (ICTs) makes PGs vulnerable to cyber attacks. Manipulation of measured data and control commands known as false data injection attacks (FDIAs) can negatively affect grid frequency performance and destabilize PG. This paper investigates the frequency performance of an isolated PG under coordinated FDIAs. A control scheme based on the combination of a Kalman filter, a chi-square detector, and a linear quadratic Gaussian controller is proposed to detect and mitigate the coordinated FDIAs. The efficiency of the proposed control scheme is evaluated under two types of scaling and exogenous FDIAs. The simulation results demonstrate that the proposed control scheme has significant capabilities to detect and mitigate the designed FDIAs.
Ajiri, Victor, Butakov, Sergey, Zavarsky, Pavol.  2020.  Detection Efficiency of Static Analyzers against Obfuscated Android Malware. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :231–234.
Mobile antivirus technologies incorporate static analysis which involves the analysis of programs without its execution. This process relies on pattern matching against a signature repository to identify malware, which can be easily tricked by transformation techniques such as obfuscation. Obfuscation as an evasion technique renders character strings disguised and incomprehensive, to prevent tampering and reengineering, which poses to be a valuable technique malware developers adopt to evade detection. This paper attempts to study the detection efficiency of static analyzers against obfuscated Android malware. This study is the first step in a larger project attempting to improve the efficiency of malware detectors.
2022-07-12
Akowuah, Francis, Kong, Fanxin.  2021.  Real-Time Adaptive Sensor Attack Detection in Autonomous Cyber-Physical Systems. 2021 IEEE 27th Real-Time and Embedded Technology and Applications Symposium (RTAS). :237—250.
Cyber-Physical Systems (CPS) tightly couple information technology with physical processes, which rises new vulnerabilities such as physical attacks that are beyond conventional cyber attacks. Attackers may non-invasively compromise sensors and spoof the controller to perform unsafe actions. This issue is even emphasized with the increasing autonomy in CPS. While this fact has motivated many defense mechanisms against sensor attacks, a clear vision on the timing and usability (or the false alarm rate) of attack detection still remains elusive. Existing works tend to pursue an unachievable goal of minimizing the detection delay and false alarm rate at the same time, while there is a clear trade-off between the two metrics. Instead, we argue that attack detection should bias different metrics when a system sits in different states. For example, if the system is close to unsafe states, reducing the detection delay is preferable to lowering the false alarm rate, and vice versa. To achieve this, we make the following contributions. In this paper, we propose a real-time adaptive sensor attack detection framework. The framework can dynamically adapt the detection delay and false alarm rate so as to meet a detection deadline and improve the usability according to different system status. The core component of this framework is an attack detector that identifies anomalies based on a CUSUM algorithm through monitoring the cumulative sum of difference (or residuals) between the nominal (predicted) and observed sensor values. We augment this algorithm with a drift parameter that can govern the detection delay and false alarm. The second component is a behavior predictor that estimates nominal sensor values fed to the core component for calculating the residuals. The predictor uses a deep learning model that is offline extracted from sensor data through leveraging convolutional neural network (CNN) and recurrent neural network (RNN). The model relies on little knowledge of the system (e.g., dynamics), but uncovers and exploits both the local and complex long-term dependencies in multivariate sequential sensor measurements. The third component is a drift adaptor that estimates a detection deadline and then determines the drift parameter fed to the detector component for adjusting the detection delay and false alarms. Finally, we implement the proposed framework and validate it using realistic sensor data of automotive CPS to demonstrate its efficiency and efficacy.