发布求助
文献互助 智能选刊 最新文献

Cybersecurity最新文献

筛选
英文 中文
Towards the transferable audio adversarial attack via ensemble methods 基于集成方法的可转移音频对抗性攻击
IF 3.1 4区 计算机科学
Cybersecurity Pub Date : 2023-12-05 DOI: 10.1186/s42400-023-00175-8
Feng Guo, Zheng Sun, Yuxuan Chen, Lei Ju
{"title":"Towards the transferable audio adversarial attack via ensemble methods","authors":"Feng Guo, Zheng Sun, Yuxuan Chen, Lei Ju","doi":"10.1186/s42400-023-00175-8","DOIUrl":"https://doi.org/10.1186/s42400-023-00175-8","url":null,"abstract":"<p>In recent years, deep learning (DL) models have achieved significant progress in many domains, such as autonomous driving, facial recognition, and speech recognition. However, the vulnerability of deep learning models to adversarial attacks has raised serious concerns in the community because of their insufficient robustness and generalization. Also, transferable attacks have become a prominent method for black-box attacks. In this work, we explore the potential factors that impact adversarial examples (AEs) transferability in DL-based speech recognition. We also discuss the vulnerability of different DL systems and the irregular nature of decision boundaries. Our results show a remarkable difference in the transferability of AEs between speech and images, with the data relevance being low in images but opposite in speech recognition. Motivated by dropout-based ensemble approaches, we propose random gradient ensembles and dynamic gradient-weighted ensembles, and we evaluate the impact of ensembles on the transferability of AEs. The results show that the AEs created by both approaches are valid for transfer to the black box API.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2023-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
LayerCFL: an efficient federated learning with layer-wised clustering LayerCFL:一种具有分层聚类的高效联邦学习
IF 3.1 4区 计算机科学
Cybersecurity Pub Date : 2023-12-04 DOI: 10.1186/s42400-023-00172-x
Jie Yuan, Rui Qian, Tingting Yuan, Mingliang Sun, Jirui Li, Xiaoyong Li
{"title":"LayerCFL: an efficient federated learning with layer-wised clustering","authors":"Jie Yuan, Rui Qian, Tingting Yuan, Mingliang Sun, Jirui Li, Xiaoyong Li","doi":"10.1186/s42400-023-00172-x","DOIUrl":"https://doi.org/10.1186/s42400-023-00172-x","url":null,"abstract":"<p>Federated Learning (FL) suffers from the Non-IID problem in practice, which poses a challenge for efficient and accurate model training. To address this challenge, prior research has introduced clustered FL (CFL), which involves clustering clients and training them separately. Despite its potential benefits, CFL can be computationally and communicationally expensive when the data distribution is unknown beforehand. This is because CFL involves the entire neural networks of involved clients in computing the clusters during training, which can become increasingly time-consuming with large-sized models. To tackle this issue, this paper proposes an efficient CFL approach called LayerCFL that employs a Layer-wised clustering technique. In LayerCFL, clients are clustered based on a limited number of layers of neural networks that are pre-selected using statistical and experimental methods. Our experimental results demonstrate the effectiveness of LayerCFL in mitigating the impact of Non-IID data, improving the accuracy of clustering, and enhancing computational efficiency.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2023-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A novel botnet attack detection for IoT networks based on communication graphs 基于通信图的物联网僵尸网络攻击检测
IF 3.1 4区 计算机科学
Cybersecurity Pub Date : 2023-12-03 DOI: 10.1186/s42400-023-00169-6
David Concejal Muñoz, Antonio del-Corte Valiente
{"title":"A novel botnet attack detection for IoT networks based on communication graphs","authors":"David Concejal Muñoz, Antonio del-Corte Valiente","doi":"10.1186/s42400-023-00169-6","DOIUrl":"https://doi.org/10.1186/s42400-023-00169-6","url":null,"abstract":"<h3 data-test=\"abstract-sub-heading\">Abstract</h3><p>Intrusion detection systems have been proposed for the detection of botnet attacks. Various types of centralized or distributed cloud-based machine learning and deep learning models have been suggested. However, the emergence of the Internet of Things (IoT) has brought about a huge increase in connected devices, necessitating a different approach. In this paper, we propose to perform detection on IoT-edge devices. The suggested architecture includes an anomaly intrusion detection system in the application layer of IoT-edge devices, arranged in software-defined networks. IoT-edge devices request information from the software-defined networks controller about their own behaviour in the network. This behaviour is represented by communication graphs and is novel for IoT networks. This representation better characterizes the behaviour of the device than the traditional analysis of network traffic, with a lower volume of information. Botnet attack scenarios are simulated with the IoT-23 dataset. Experimental results show that attacks are detected with high accuracy using a deep learning model with low device memory requirements and significant storage reduction for training.\u0000</p><h3 data-test=\"abstract-sub-heading\">Graphical abstract</h3>\u0000","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2023-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Machine learning based fileless malware traffic classification using image visualization 基于机器学习的无文件恶意软件流量分类
IF 3.1 4区 计算机科学
Cybersecurity Pub Date : 2023-12-02 DOI: 10.1186/s42400-023-00170-z
Fikirte Ayalke Demmese, Ajaya Neupane, Sajad Khorsandroo, May Wang, Kaushik Roy, Yu Fu
{"title":"Machine learning based fileless malware traffic classification using image visualization","authors":"Fikirte Ayalke Demmese, Ajaya Neupane, Sajad Khorsandroo, May Wang, Kaushik Roy, Yu Fu","doi":"10.1186/s42400-023-00170-z","DOIUrl":"https://doi.org/10.1186/s42400-023-00170-z","url":null,"abstract":"<p>In today’s interconnected world, network traffic is replete with adversarial attacks. As technology evolves, these attacks are also becoming increasingly sophisticated, making them even harder to detect. Fortunately, artificial intelligence (AI) and, specifically machine learning (ML), have shown great success in fast and accurate detection, classification, and even analysis of such threats. Accordingly, there is a growing body of literature addressing how subfields of AI/ML (e.g., natural language processing (NLP)) are getting leveraged to accurately detect evasive malicious patterns in network traffic. In this paper, we delve into the current advancements in ML-based network traffic classification using image visualization. Through a rigorous experimental methodology, we first explore the process of network traffic to image conversion. Subsequently, we investigate how machine learning techniques can effectively leverage image visualization to accurately classify evasive malicious traces within network traffic. Through the utilization of production-level tools and utilities in realistic experiments, our proposed solution achieves an impressive accuracy rate of 99.48% in detecting fileless malware, which is widely regarded as one of the most elusive classes of malicious software.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2023-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Full-round impossible differential attack on shadow block cipher 对影子区块密码的全轮不可能差分攻击
IF 3.1 4区 计算机科学
Cybersecurity Pub Date : 2023-12-01 DOI: 10.1186/s42400-023-00184-7
Yuting Liu, Yongqiang Li, Huiqin Chen, Mingsheng Wang
{"title":"Full-round impossible differential attack on shadow block cipher","authors":"Yuting Liu, Yongqiang Li, Huiqin Chen, Mingsheng Wang","doi":"10.1186/s42400-023-00184-7","DOIUrl":"https://doi.org/10.1186/s42400-023-00184-7","url":null,"abstract":"","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2023-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138612158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Research on privacy information retrieval model based on hybrid homomorphic encryption 基于混合同态加密的隐私信息检索模型研究
IF 3.1 4区 计算机科学
Cybersecurity Pub Date : 2023-12-01 DOI: 10.1186/s42400-023-00168-7
Wei-tao Song, Guang Zeng, Wen-zheng Zhang, Dian-hua Tang
{"title":"Research on privacy information retrieval model based on hybrid homomorphic encryption","authors":"Wei-tao Song, Guang Zeng, Wen-zheng Zhang, Dian-hua Tang","doi":"10.1186/s42400-023-00168-7","DOIUrl":"https://doi.org/10.1186/s42400-023-00168-7","url":null,"abstract":"<p>The computational complexity of privacy information retrieval protocols is often linearly related to database size. When the database size is large, the efficiency of privacy information retrieval protocols is relatively low. This paper designs an effective privacy information retrieval model based on hybrid fully homomorphic encryption. The assignment method is cleverly used to replace a large number of homomorphic encryption operations. At the same time, the multiplicative homomorphic encryption scheme is first used to deal with the large-scale serialization in the search, and then the fully homomorphic encryption scheme is used to deal with the remaining simple operations. The depth of operations supported by the fully homomorphic scheme no longer depends on the size of the database, but only needs to support the single homomorphic encryption scheme to decrypt the circuit depth. Based on this hybrid homomorphic encryption retrieval model, the efficiency of homomorphic privacy information retrieval model can be greatly improved.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2023-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506426","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Performance evaluation of Cuckoo filters as an enhancement tool for password cracking 杜鹃滤波器作为密码破解增强工具的性能评价
4区 计算机科学
Cybersecurity Pub Date : 2023-11-09 DOI: 10.1186/s42400-023-00193-6
Maria-Dolores Cano, Antonio Villafranca, Igor Tasic
{"title":"Performance evaluation of Cuckoo filters as an enhancement tool for password cracking","authors":"Maria-Dolores Cano, Antonio Villafranca, Igor Tasic","doi":"10.1186/s42400-023-00193-6","DOIUrl":"https://doi.org/10.1186/s42400-023-00193-6","url":null,"abstract":"Abstract Cyberthreats continue their expansion, becoming more and more complex and varied. However, credentials and passwords are still a critical point in security. Password cracking can be a powerful tool to fight against cyber criminals if used by cybersecurity professionals and red teams, for instance, to evaluate compliance with security policies or in forensic investigations. For particular systems, one crucial step in the password-cracking process is comparison or matchmaking between password-guess hashes and real hashes. We hypothesize that using newer data structures such as Cuckoo filters could optimize this process. Experimental results show that, with a proper configuration, this data structure is two orders of magnitude more efficient in terms of size/usage compared to other data structures while keeping a comparable performance in terms of time.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135192430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Tor network anonymity evaluation based on node anonymity 基于节点匿名的Tor网络匿名性评估
4区 计算机科学
Cybersecurity Pub Date : 2023-11-08 DOI: 10.1186/s42400-023-00191-8
Jun Cui, Changqi Huang, Huan Meng, Ran Wei
{"title":"Tor network anonymity evaluation based on node anonymity","authors":"Jun Cui, Changqi Huang, Huan Meng, Ran Wei","doi":"10.1186/s42400-023-00191-8","DOIUrl":"https://doi.org/10.1186/s42400-023-00191-8","url":null,"abstract":"Abstract In order to address the shortcomings of traditional anonymity network anonymity evaluation methods, which only analyze from the perspective of the overall network and ignore the attributes of individual nodes, we proposes a dynamic anonymity model based on a self-built anonymous system that combines node attributes, network behavior, and program security monitoring. The anonymity of evaluation nodes is assessed based on stable intervals and behavior baselines defined according to their normal operating status. The anonymity of the network is evaluated using an improved normalized information entropy method that refines anonymity evaluation to the anonymity of each node and expands the dimensionality of evaluation features. This paper compares the effectiveness of our proposed method with static framework information entropy and single indicator methods by evaluating the degree of anonymity provided by a self-built Tor anonymous network under multiple operating scenarios including normal and under attack. Our approach utilizes dynamically changing network anonymity based on multiple anonymous attributes and better reflects the degree of anonymity in anonymous systems.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135340634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Verifiable delay functions and delay encryptions from hyperelliptic curves 超椭圆曲线上的可验证延迟函数和延迟加密
4区 计算机科学
Cybersecurity Pub Date : 2023-11-08 DOI: 10.1186/s42400-023-00189-2
Chao Chen, Fangguo Zhang
{"title":"Verifiable delay functions and delay encryptions from hyperelliptic curves","authors":"Chao Chen, Fangguo Zhang","doi":"10.1186/s42400-023-00189-2","DOIUrl":"https://doi.org/10.1186/s42400-023-00189-2","url":null,"abstract":"Abstract Verifiable delay functions (VDFs) and delay encryptions (DEs) are two important primitives in decentralized systems, while existing constructions are mainly based on time-lock puzzles. A disparate framework has been established by applying isogenies and pairings on elliptic curves. Following this line, we first employ Richelot isogenies and non-degenerate pairings from hyperelliptic curves for a new verifiable delay function, such that no auxiliary proof and interaction are needed for the verification. Then, we demonstrate that our scheme satisfies all security requirements, in particular, our VDF can resist several attacks, including the latest attacks for SIDH. Besides, resorting to the same techniques, a secure delay encryption from hyperelliptic curves is constructed by modifying Boneh and Frankiln’s IBE scheme, which shares the identical setup with our VDF scheme. As far as we know, these schemes are the first cryptographic applications from high-genus isogenies apart from basic protocols, i.e., hash functions and key exchange protocols.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135340621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
MSLFuzzer: black-box fuzzing of SOHO router devices via message segment list inference MSLFuzzer:通过消息段列表推理实现SOHO路由器设备的黑盒模糊测试
4区 计算机科学
Cybersecurity Pub Date : 2023-11-07 DOI: 10.1186/s42400-023-00186-5
Yixuan Cheng, Wenqing Fan, Wei Huang, Jingyu Yang, Gaoqing Yu, Wen Liu
{"title":"MSLFuzzer: black-box fuzzing of SOHO router devices via message segment list inference","authors":"Yixuan Cheng, Wenqing Fan, Wei Huang, Jingyu Yang, Gaoqing Yu, Wen Liu","doi":"10.1186/s42400-023-00186-5","DOIUrl":"https://doi.org/10.1186/s42400-023-00186-5","url":null,"abstract":"Abstract The popularity of small office and home office routers has brought convenience, but it also caused many security issues due to vulnerabilities. Black-box fuzzing through network protocols to discover vulnerabilities becomes a viable option. The main drawbacks of state-of-the-art black-box fuzzers can be summarized as follows. First, the feedback process neglects to discover the missing fields in the raw message. Secondly, the guidance of the raw message content in the mutation process is aimless. Finally, the randomized validity of the test case structure can cause most fuzzing tests to end up with an invalid response of the tested device. To address these challenges, we propose a novel black-box fuzzing framework called MSLFuzzer. MSLFuzzer infers the raw message structure according to the response from a tested device and generates a message segment list. Furthermore, MSLFuzzer performs semantic, sequence, and stability analyses on each message segment to enhance the complementation of missing fields in the raw message and guide the mutation process. We construct a dataset of 35 real-world vulnerabilities and evaluate MSLFuzzer. The evaluation results show that MSLFuzzer can find more vulnerabilities and elicit more types of responses from fuzzing targets. Additionally, MSLFuzzer successfully discovered 10 previously unknown vulnerabilities.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135432082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信