发布求助
文献互助 智能选刊 最新文献

2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)最新文献

筛选
英文 中文
IoT Anomaly Detection Via Device Interaction Graph 基于设备交互图的物联网异常检测
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00053
Jincheng Wang, Zhuohua Li, Mingshen Sun, Bin Yuan, John C.S. Lui
{"title":"IoT Anomaly Detection Via Device Interaction Graph","authors":"Jincheng Wang, Zhuohua Li, Mingshen Sun, Bin Yuan, John C.S. Lui","doi":"10.1109/DSN58367.2023.00053","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00053","url":null,"abstract":"With diverse functionalities and advanced platform applications, Internet of Things (IoT) devices extensively interact with each other, and these interactions govern the legitimate device state transitions. At the same time, attackers can easily manipulate these devices, and it is difficult to detect covert device control. In this work, we propose the device interaction graph, which uses device interactions to profile normal device behavior. We also formalize two types of device anomalies, and present an anomaly detection system CausalIoT. It can automatically construct the graph and validate runtime device events. For any violation of interaction executions, CausalIoT further checks whether it can trigger unexpected interaction executions and tracks the affected devices.1 Compared with existing methods, CausalIoT achieves the highest detection accuracy for abnormal device state transitions (95.2% precision and 96.8% recall). Moreover, we are the first to detect unexpected interaction executions, and CausalIoT successfully reports 91.9% anomaly chains on real-world testbeds.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129872085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
TransAST: A Machine Translation-Based Approach for Obfuscated Malicious JavaScript Detection TransAST:基于机器翻译的模糊恶意JavaScript检测方法
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00040
Yan Qin, Weiping Wang, Zixian Chen, Hong Song, Shigeng Zhang
{"title":"TransAST: A Machine Translation-Based Approach for Obfuscated Malicious JavaScript Detection","authors":"Yan Qin, Weiping Wang, Zixian Chen, Hong Song, Shigeng Zhang","doi":"10.1109/DSN58367.2023.00040","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00040","url":null,"abstract":"As an essential part of the website, JavaScript greatly enriches its functions. At the same time, JavaScript has become the most common attack payload on malicious websites. Although researchers are constantly proposing methods to detect malicious JavaScript, the emergence of obfuscation technology makes it difficult for previous approaches to detect disguised malicious JavaScript effectively. To solve this problem, we find that there are fixed templates for generating obfuscated code, which makes the original and obfuscated script have a mapping relationship in their structure. The structure information of the code is critical for malicious detection. Therefore, this paper proposes TransAST, a novel static detection method for obfuscated malicious JavaScript. Our approach's key is restoring the obfuscated JavaScript structure information by training the machine translation model. The experiment shows it can achieve 91.35% accuracy and 94.57% recall in the public dataset, which is 5.5% and 10.94% higher than the existing optimal method.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115245747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
PT-Guard: Integrity-Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks PT-Guard:完整性保护的页表,以防御突破滚锤攻击
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00022
A. Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, D. Gruss, Moinuddin K. Qureshi
{"title":"PT-Guard: Integrity-Protected Page Tables to Defend Against Breakthrough Rowhammer Attacks","authors":"A. Saxena, Gururaj Saileshwar, Jonas Juffinger, Andreas Kogler, D. Gruss, Moinuddin K. Qureshi","doi":"10.1109/DSN58367.2023.00022","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00022","url":null,"abstract":"Page tables enforce process isolation in systems. Rowhammer attacks break process isolation by flipping bits in DRAM to tamper page tables and achieving privilege escalation. Moreover, new Rowhammer attacks break existing mitigations. We seek to protect systems against such breakthrough attacks. We present PT-Guard, an integrity protection mechanism for page tables. PT-Guard uses unused bits in Page Table Entries (PTE) to embed a Message Authentication Code (MAC) for the PTE cacheline without any storage overhead. These unused bits arise from PTEs supporting petabytes of physical memory while systems targeted by Rowhammer use at-most terabytes of mem-ory. By storing and verifying MACs for PTEs, PT-Guard detects arbitrary bit-flips in PTEs. Moreover, PT-Guard also provides best-effort correction of faulty-PTEs leveraging value locality. PT-Guard protects page tables from breakthrough Rowhammer attacks with negligible hardware changes, no DRAM storage, <72 bytes of SRAM, 1.3% slowdown, and no software changes.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124261372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
HiMFP: Hierarchical Intelligent Memory Failure Prediction for Cloud Service Reliability 面向云服务可靠性的分层智能内存故障预测
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00031
Qiao Yu, Wengui Zhang, Paolo Notaro, Soroush Haeri, Jorge Cardoso, O. Kao
{"title":"HiMFP: Hierarchical Intelligent Memory Failure Prediction for Cloud Service Reliability","authors":"Qiao Yu, Wengui Zhang, Paolo Notaro, Soroush Haeri, Jorge Cardoso, O. Kao","doi":"10.1109/DSN58367.2023.00031","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00031","url":null,"abstract":"In large-scale datacenters, memory failure is one of the leading causes of server crashes, and uncorrectable error (UCE) is the major fault type indicating defects of memory modules. Existing approaches tend to predict UCEs using Correctable Errors (CE). However, bit-level CE information has not been completely discussed in previous works and CEs with error bit patterns are strongly correlated with UCE occurrences. In this paper, we present a novel Hierarchical Intelligent Memory Failure Prediction (HiMFP) framework which can predict UCEs on multiple levels of the memory system and associate with memory recovery techniques. Particularly, we leverage CE addresses on multiple levels of memory, especially bit-level, and construct machine learning models based on spatial and temporal CE information. Results of algorithm evaluation using real-world datasets indicate that HiMFP significantly enhances the prediction performance compared with the baseline algorithm. Overall, Virtual Machines (VM) interruptions caused by UCEs can be reduced by around 45% using HiMFP.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125327615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
DNAttest: Digital-twin-based Non-intrusive Attestation under Transient Uncertainty 基于数字孪生的瞬时不确定性下的非侵入式认证
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00044
Wei Lin, Heng Chuan Tan, Bin Chen, Fan Zhang
{"title":"DNAttest: Digital-twin-based Non-intrusive Attestation under Transient Uncertainty","authors":"Wei Lin, Heng Chuan Tan, Bin Chen, Fan Zhang","doi":"10.1109/DSN58367.2023.00044","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00044","url":null,"abstract":"Programmable logic controllers (PLCs) are vulnerable to malware, which is a key security risk for Industrial Control Systems (ICSs). Existing attestation solutions are invasive because they require hardware security modules and software upgrades in legacy devices. We propose DNAttest, a Digital-twin-based Noninvasive Attestation solution to attest PLC behaviors in near-real time. DNAttest requires minimal ICS infrastructure changes and does not interfere with normal ICS operations. DNAttest detects PLC deviations by replicating all input messages for a PLC to its digital twin and comparing their output messages. Due to transient uncertainty in the PLC's internal processing state, DNAttest may output an incorrect comparison. To generate all plausible output values for comparison, we instantiate multiple emulated PLCs by replicating input messages with different timing profiles. We demonstrate on a close-to-real-world power grid testbed that DNAttest can provide a timely detection of a wide range of attacks non-invasively and accurately. DNAttest solution is lightweight and scalable. A typical desktop PC can attest more than 20 actual PLCs even if we use 10 emulators to monitor every actual PLC.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"122 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133610249","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Āpta: Fault-tolerant object-granular CXL disaggregated memory for accelerating FaaS Āpta:用于加速FaaS的容错对象粒度CXL分解内存
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00030
Abhinandan H. Patil, V. Nagarajan
{"title":"Āpta: Fault-tolerant object-granular CXL disaggregated memory for accelerating FaaS","authors":"Abhinandan H. Patil, V. Nagarajan","doi":"10.1109/DSN58367.2023.00030","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00030","url":null,"abstract":"As cloud workloads increasingly adopt the fault-tolerant Function-as-a-Service (FaaS) model, demand for improved performance has increased. Alas, the performance of FaaS applications is heavily bottlenecked by the remote object store in which FaaS objects are maintained. We identify that the upcoming CXL-based cache-coherent disaggregated memory is a promising technology for maintaining FaaS objects. Our analysis indicates that CXL's low-latency, high-bandwidth access characteristics coupled with compute-side caching of objects, provides significant performance potential over an in-memory RDMA-based object store. We observe however that CXL lacks the requisite level of fault-tolerance necessary to operate at an inter-server scale within the datacenter. Furthermore, its cache-line granular accesses impose inefficiencies for object-granular data store accesses. We propose Āpta, a CXL-based object-granular memory interface for maintaining FaaS objects. Āpta's key innovation is a novel fault-tolerant coherence protocol for keeping the cached objects consistent without compromising availability in the face of compute server failures. Our evaluation of Āpta using 6 full FaaS application workflows (totaling 26 functions) indicates that it outperforms a state-of-the-art fault-tolerant object caching protocol on an RDMA-based system by 21-90% and an uncached CXL-based system by 15-42%.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131998465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
YODA: Covert Communication Channel over Public DNS Resolvers 尤达:公共DNS解析器上的隐蔽通信通道
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00034
Sandip Saha, Sareena Karapoola, C. Rebeiro, K. V.
{"title":"YODA: Covert Communication Channel over Public DNS Resolvers","authors":"Sandip Saha, Sareena Karapoola, C. Rebeiro, K. V.","doi":"10.1109/DSN58367.2023.00034","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00034","url":null,"abstract":"Enterprises are increasingly migrating to public domain name system (DNS) resolvers for reliability, cost optimizations, and, most importantly, improved security and user privacy. The integrated threat intelligence feeds at these resolvers enable easy identification and blocking of malicious exploits that use DNS queries. However, we observe that the shared local caches at these public DNS resolvers enable covert communication channels from otherwise secure enterprises accessible to any remote adversary, thus cautioning the migration to public DNS resolvers. We present YODA, a covert communication channel via public DNS resolvers that can exfiltrate sensitive information from a victim enterprise to a remote adversary. Unlike prior works, YODA overloads DNS queries for popular domains to transfer the data without revealing any identity of the adversary. Consequently, YODA cannot be blocked by domain name filtering. We demonstrate our attack on public DNS resolvers such as Google, Cloudflare, Quad9, OpenDNS, and LibreDNS. Our evaluations show that the adversary can achieve a bandwidth of 480bps with desktop devices.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"54 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115349931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
MalAder: Decision-Based Black-Box Attack Against API Sequence Based Malware Detectors MalAder:针对基于API序列的恶意软件检测器的基于决策的黑盒攻击
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/DSN58367.2023.00027
Xiaohui Chen, Lei Cui, Hui Wen, Zhi Li, Hongsong Zhu, Zhiyu Hao, Limin Sun
{"title":"MalAder: Decision-Based Black-Box Attack Against API Sequence Based Malware Detectors","authors":"Xiaohui Chen, Lei Cui, Hui Wen, Zhi Li, Hongsong Zhu, Zhiyu Hao, Limin Sun","doi":"10.1109/DSN58367.2023.00027","DOIUrl":"https://doi.org/10.1109/DSN58367.2023.00027","url":null,"abstract":"The API call sequence based malware detectors have proven to be promising, especially when incorporated with deep neural networks (DNNs). Several adversarial attack methods are proposed to fool these detectors by introducing undetectable perturbations into normal samples. However, in real-world scenarios, the malware detector provides only the predicted label for a given sample, without exposing its network architecture or output probability, making it challenging for adversarial attacks under the decision-based black-box. Existing work in this area typically relies on random-based methods that suffer high costs and low attack success rates. To address these limitations, we propose a novel decision-based black-box attack against API sequence based malware detectors, called MalAder. Our approach aims to improve the attack success rate as well as query efficiency through a directional perturbation algorithm. First, it utilizes attention-based API ranking to assess the importance of API calls in the context of different API sequences. This assessment guides the insertion position for perturbation. Then, the perturbation is carried out using benign distance perturbing, which gradually shortens the semantic distance from adversarial API sequences to a set of benign samples. Finally, our algorithm iteratively generates adversarial malware samples by performing perturbations. In addition, we have implemented MalAder and evaluated its performance against two classic malware detectors. The results show that MalAder outperforms state-of-the-art decision-based black-box adversarial attacks, proving its effectiveness.","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"142 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121026174","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Copyright Page 版权页
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/dsn58367.2023.00003
{"title":"Copyright Page","authors":"","doi":"10.1109/dsn58367.2023.00003","DOIUrl":"https://doi.org/10.1109/dsn58367.2023.00003","url":null,"abstract":"","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126591463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Welcome Message from the DSN 2023 General Chairs DSN 2023总主席的欢迎辞
2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2023-06-01 DOI: 10.1109/dsn58367.2023.00005
{"title":"Welcome Message from the DSN 2023 General Chairs","authors":"","doi":"10.1109/dsn58367.2023.00005","DOIUrl":"https://doi.org/10.1109/dsn58367.2023.00005","url":null,"abstract":"","PeriodicalId":427725,"journal":{"name":"2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123696471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信