Computer Security. ESORICS 2023 International Workshops
CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25-29, 2023, Revised Selected Papers, Part II
Published on 11. March 2024
XV, 776 pages
978-3-031-54129-2 (ISBN)
Description
This two-volume set LNCS 14398 and LNCS 14399 constitutes the refereed proceedings of eleven International Workshops which were held in conjunction with the 28th European Symposium on Research in Computer Security, ESORICS 2023, in The Hague, The Netherlands, during September 25-29, 2023.
The 22 regular papers included in these proceedings stem from the following workshops:
9th International Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2023, which accepted 8 papers from 18 submissions;
18th International Workshop on Data Privacy Management, DPM 2023, which accepted 11 papers from 18 submissions;
7th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2023, which accepted 6 papers from 20 submissions;
7th International Workshop on Security and Privacy Requirements Engineering, SECPRE 2023, which accepted 4 papers from 7 submissions.
4th International Workshop onCyber-Physical Security for Critical Infrastructures Protection, CSPS4CIP 2023, which accepted 11 papers from 15 submissions.
6th International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2023, which accepted 6 papers from 10 submissions;
Second International Workshop on System Security Assurance, SecAssure 2023, which accepted 5 papers from 8 submissions;
First International Workshop on Attacks and Software Protection, WASP 2023, which accepted 7 papers from 13 submissions
International Workshop on Transparency, Accountability and User Control for a Responsible Internet, TAURIN 2023, which accepted 3 papers from 4 submissions;
International Workshop on Private, Secure, and Trustworthy AI, PriST-AI 2023, which accepted 4 papers from 8 submissions;
International Workshop on Security and Artificial Intelligence, SECAI 2023, which accepted 11 papers from 31 submissions.
More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XV, 776 p. 192 illus., 150 illus. in color.
File size
42,69 MB
ISBN-13
978-3-031-54129-2 (9783031541292)
DOI
10.1007/978-3-031-54129-2
Schweitzer Classification
Other editions
Additional editions
Sokratis Katsikas | Habtamu Abie | Silvio Ranise
Computer Security. ESORICS 2023 International Workshops
CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25-29, 2023, Revised Selected Papers, Part II
Book
03/2024
Springer
€117.69
Shipment within 15-20 days
Content
- Intro
- Preface
- Contents - Part II
- Contents - Part I
- CPS4CIP 2023
- CPS4CIP 2023 Preface
- Organization
- General Chairs
- Program Committee Chairs
- Program Committee
- External Reviewer
- An Opportunity-Based Approach to Information Security Risk
- 1 Introduction
- 2 Related Research
- 2.1 Risk Management
- 2.2 Research Questions
- 3 Research Method
- 4 Results
- 4.1 Definition of Risk
- 4.2 Risk Description
- 4.3 Sample Case - Use of Risk Description Strategies
- 4.4 Positive Risk Assessment
- 5 Summary and Conclusion
- References
- A Methodology for Cybersecurity Risk Assessment in Supply Chains
- 1 Introduction
- 2 Related Work
- 3 Security Risk Assessment Methodology
- 3.1 Asset Types
- 3.2 Threat Types
- 3.3 Vulnerability Types
- 3.4 Supply Chain Risk Assessment
- 3.5 Questionnaire
- 4 Preliminary Validation of the Methodology
- 4.1 Security Experts
- 4.2 Fictional Scenario
- 4.3 Result Discussion
- 5 Conclusion
- References
- IM-DISCO: Invariant Mining for Detecting IntrusionS in Critical Operations
- 1 Introduction
- 2 Related Work
- 3 IM-DISCO
- 3.1 Formalization of Concepts
- 3.2 Railway Example
- 3.3 Predicate Generation
- 3.4 Invariant Rule Mining
- 3.5 Summary
- 4 Implementation
- 5 Evaluation
- 5.1 Data Collection and Experiment Setup
- 5.2 Evaluation Metrics
- 5.3 Operational Mode Inference (RQ. 1)
- 5.4 Anomaly Detection (RQ. 2)
- 5.5 Invariant Rules Verification and Validation (RQ. 3)
- 6 Conclusion
- References
- Unravelling Network-Based Intrusion Detection: A Neutrosophic Rule Mining and Optimization Framework
- 1 Introduction
- 2 State-of-The-Art
- 2.1 Accuracy vs Explainability Dichotomy
- 2.2 Classification Rule Mining
- 2.3 Rule Uncertainty
- 3 RUGE Framework
- 3.1 Phase 1: Rule Mining
- 3.2 Phase 2: Rules Selection
- 4 Intrusion Detection Case Study: A CICIDS2017 Testbed
- 4.1 Dataset and Data Preprocessing
- 4.2 Scenario and Configuration
- 4.3 Results and Discussion
- 5 Conclusions
- References
- Labeling NIDS Rules with MITRE ATT&CK Techniques Using ChatGPT
- 1 Introduction
- 2 Background
- 2.1 Cyber Threat Intelligence
- 2.2 Generative Pre-trained Transformers
- 3 Related Work on Language Models for CTI Labeling
- 3.1 Non-networking-based CTI Labeling
- 3.2 Networking-Based CTI Labeling
- 4 Labeling NIDS Rules with MITRE ATT&CK Techniques
- 4.1 GPT-Based Labeling
- 4.2 Keyword-Based Labeling (KB)
- 4.3 Post-processing
- 5 Evaluation
- 5.1 Evaluation Set
- 5.2 Performance Metrics
- 5.3 Experimental Setup
- 5.4 Results
- 5.5 Discussion
- 6 Conclusions and Future Work
- A Appendix: Chat-GPT Prompt Templates
- References
- User Behavior Analysis for Malware Detection
- 1 Introduction
- 2 Related Work
- 3 Architecture
- 3.1 Enduser Host
- 3.2 Smart Behavior Analysis (SBA)
- 3.3 Metrics
- 4 Machine Learning Model
- 4.1 Autoencoder Model
- 4.2 Kernel Density Estimation Model
- 5 Model Accuracy and Validation
- 5.1 Training Data
- 5.2 Test Data
- 5.3 Metric Relevancy
- 5.4 Models' Comparison
- 5.5 False Positive Reduction
- 6 Conclusion
- References
- Balancing XAI with Privacy and Security Considerations
- 1 Introduction
- 2 Background
- 2.1 XAI Taxonomy Classes
- 2.2 Evaluation Criteria and Methods
- 3 Findings
- 3.1 Privacy Attacks
- 3.2 Privacy Defences
- 3.3 Security Aspects
- 4 Conclusions
- References
- Utilizing the Ensemble Learning and XAI for Performance Improvements in IoT Network Attack Detection
- 1 Introduction
- 2 Related work
- 3 Methodology
- 3.1 Overview of Approach
- 3.2 Dataset Refinement with XAI
- 3.3 Attack Detection
- 3.4 Attack Identification
- 4 Results and Evaluation
- 4.1 Dataset and Experimental Environment
- 4.2 Performance Metrics
- 4.3 Experimental Evaluation on CIC-IDS Dataset
- 5 Conclusions
- References
- Digital Twins in Healthcare: Security, Privacy, Trust and Safety Challenges*-10pt
- 1 Introduction
- 2 Challenges of Digital Twins
- 2.1 Security
- 2.2 Privacy
- 2.3 Trust
- 2.4 Safety
- 3 Digital Twins in Healthcare
- 3.1 Ethical Concerns of Digital Twins in Healthcare
- 3.2 Threat Landscape in Healthcare
- 4 IoT Digital Twins: Challenges and Conflict Analysis
- 4.1 Security vs. Safety
- 4.2 Security vs. Privacy
- 4.3 Security vs. Operational Requirements
- 4.4 Security vs. Trust
- 5 Summary and Conclusion
- References
- ADIoT 2023
- ADIoT 2023 Preface
- Organization
- General Co-chair
- Program Co-chairs
- Local Chairs
- Technical Program Committee
- Steering Committee
- Subreviewer
- C-TAR: A Compositional Threat Analysis and Risk Assessment Method for Infrastructure-Based Autonomous Driving
- 1 Introduction
- 2 Preliminaries
- 3 Related Work
- 3.1 Threat Modeling
- 3.2 Risk Assessment
- 3.3 Digital Dependability Identities
- 3.4 Automotive Security Surveys
- 3.5 Insights from Literature Review
- 4 C-TAR Method Description
- 4.1 First Phase - C-TAR Input
- 4.2 Second Phase - Compatibility Conditions
- 4.3 Third Phase - Compatibility Statement
- 5 Example
- 5.1 First Phase - C-TAR Input
- 5.2 Second Phase - Compatibility Conditions
- 5.3 Third Phase - Compatibility Statement
- 6 Conclusion
- References
- The VOCODES Kill Chain for Voice Controllable Devices
- 1 Introduction
- 2 Related Work
- 3 The VOCODES Kill Chain
- 3.1 Steps
- 3.2 Discussion
- 4 Applying VOCODES to Alexa vs Alexa
- 4.1 Reconnaissance
- 4.2 Audio Weaponization
- 4.3 Initial Foothold
- 4.4 Exploitation
- 4.5 Persistence
- 4.6 Actions on Objectives
- 5 Conclusions
- References
- DETONAR-Light: An IoT Network Intrusion Detection Using DETONAR without a Sniffer Network
- 1 Introduction
- 2 Background on RPL and DETONAR
- 2.1 RPL
- 2.2 DETONAR
- 2.3 RADAR
- 3 DETONAR-Light Design
- 3.1 Running DETONAR Using Data Collected at a Border Router
- 3.2 DETONAR Adaptation to Contiki-NG and Cooja
- 4 Experiments
- 4.1 Attack Implementation in Contiki-NG
- 4.2 Setup
- 4.3 Metrics
- 5 Results
- 5.1 Attack Detection and Classification for Networks Without Packet Loss
- 5.2 Attack Detection and Classification for Networks with Packet Loss
- 6 Discussion and Limitations
- 7 Conclusions
- References
- Firmware-Based DoS Attacks in Wireless Sensor Network
- 1 Introduction
- 2 Background
- 3 Threat Scenario
- 3.1 Assumption
- 3.2 Vulnerable Code
- 4 Attack Simulation
- 5 Defensive Mechanism
- 6 Related Work
- 7 Conclusion
- Appendix
- References
- Single-Server Batch Delegation of Variable-Input Pairings with Unbounded Client Lifetime
- 1 Introduction
- 2 Pairing Definitions
- 3 Our Batch Delegation Protocols
- 3.1 Input Scenario: "017E A Private Online, "017E B Public Online
- 3.2 Input Scenario: "017E A and "017E B Public Online
- 3.3 Input Scenario: "017E A Private Online and "017E B Public Offline
- 3.4 Input Scenario: "017E A Public Online, "017E B Public Offline
- 3.5 Input Scenario: "017E A and "017E B="017E sH Private Online
- 4 Practical Performance Analysis of Our Protocols
- 5 Conclusions
- A Formal Definitions
- References
- SigIL: A Signature-Based Approach of Malware Detection on Intermediate Language
- 1 Introduction
- 2 Background
- 3 Related Work
- 4 Implementation
- 5 Example
- 6 Conclusion and Future Work
- References
- SecAssure 2023
- SecAssure 2023 Preface
- Organization
- General Chairs
- Program Committee Chairs
- Program Committee
- Additional Reviewers
- Toward Next-Generation Cyber Range: A Comparative Study of Training Platforms
- 1 Introduction
- 2 Comparison Criteria
- 2.1 Application Domains
- 2.2 Team Formation
- 2.3 Methods of Experimentation
- 2.4 Infrastructure Technologies
- 2.5 Front-End Technologies
- 2.6 Scenario
- 2.7 Topology Generation
- 2.8 Accessibility
- 2.9 Traffic
- 2.10 User Modeling
- 2.11 Data Collection and Analysis
- 2.12 Scoring and Reporting
- 2.13 Ownership and License
- 3 Comparison of Cyber Ranges Solutions
- 3.1 Analysis
- 3.2 Overall Comparison
- 4 Scenario and Topology Generation
- 4.1 SecGen
- 4.2 CyExec*
- 5 Discussion and Open Challenges
- 6 Conclusion
- References
- Forkfuzz: Leveraging the Fork-Awareness in Coverage-Guided Fuzzing
- 1 Introduction
- 2 Background
- 3 Related Work
- 4 Motivational Scenario
- 5 Forkfuzz
- 5.1 Setup Step
- 5.2 Execution Step
- 5.3 Termination Step
- 6 Evaluation
- 6.1 Dining Philosophers Problem
- 6.2 Producer-Consumer Problem
- 6.3 Web Server
- 6.4 Performance
- 7 Discussion
- 7.1 Limitations
- 7.2 Aggregated Coverage
- 7.3 Areas of Improvement
- 8 Concluding Remarks
- References
- Trust Assumptions in Voting Systems
- 1 Introduction
- 2 Paper-Based Voting in a Polling Station
- 2.1 Regular Paper Voting
- 2.2 Paper Voting with Cryptographic Receipts
- 3 Postal Voting
- 3.1 Regular Postal Voting
- 3.2 Postal Voting with Cryptographic Receipts
- 4 Voting via Voting Machines
- 4.1 Voting Machines Used in Bulgaria
- 5 Internet Voting
- 5.1 Estonian IVXV
- 6 Discussion and Conclusions
- 6.1 Overview of the Trust Assumptions
- 6.2 Comparative Analysis of the Trust Assumptions
- References
- Introducing Distributed Ledger Security into System Specifications with the Isabelle RR-Cycle
- 1 Introduction
- 2 Summary of RR-Cycle and Case Study
- 3 IoT Model in IIIf, Attack Trees Analysis and Refinement to Distributed Ledger
- 3.1 IoT Healthcare Model in IIIf
- 3.2 Attack Tree Analysis
- 3.3 Introducing Distributed Ledger via Refinement
- 3.4 Discussion
- 4 Conclusions and Related Work
- References
- Enhancing Security Assurance in Software Development: AI-Based Vulnerable Code Detection with Static Analysis
- 1 Introduction
- 2 Background and Related Work
- 2.1 Vulnerabilities in Source Code
- 2.2 Scanners and Parsers
- 2.3 Detecting Vulnerabilities
- 3 Vulnerability Detection Process
- 3.1 Dataset
- 3.2 Model Architecture
- 4 Performance Evaluation
- 4.1 Machine Learning Models
- 4.2 Explainable AI and Web Portal Output
- 5 Conclusion and Future Works
- References
- WASP 2023
- WASP 2023 Preface
- Organization
- General Chairs
- Program Committee
- Least Information Redundancy Algorithm of Printable Shellcode Encoding for X86
- 1 Introduction
- 2 Related Work
- 2.1 Riley Eller Algorithm
- 2.2 Zsolt Geczi and Peter Ivanyi's Method
- 2.3 Printable Shellcode Compiler
- 3 Proof of Least Redundancy
- 3.1 The Least Redundancy of Encoding Shellcode
- 3.2 Analysis
- 4 Algorithm
- 4.1 Encoding Algorithm
- 4.2 Decoding Algorithm
- 5 Implementation
- 5.1 Overview of the Printable Decoder
- 5.2 Assignment Operation of Register
- 5.3 Xor Patching Technique
- 6 Evaluation
- 7 Conclusion
- References
- Execution at RISC: Stealth JOP Attacks on RISC-V Applications
- 1 Introduction
- 2 Code-Reuse Attacks Overview
- 2.1 Countermeasures
- 2.2 Jump-Oriented Programming
- 3 Autonomous Dispatcher Gadget
- 4 Attacking Real-World RISC-V Applications
- 4.1 Results and Limitations
- 4.2 Next Steps
- 5 Related Work
- 5.1 Building JOP Attacks
- 5.2 Defenses from CRA
- 6 Conclusion
- References
- Modeling Obfuscation Stealth Through Code Complexity
- 1 Introduction
- 2 Related Work
- 3 Preliminaries
- 3.1 Code Obfuscation
- 3.2 Obfuscation Stealth
- 3.3 Code Complexity
- 4 Approach
- 5 Evaluation
- 5.1 Model Selection
- 5.2 Hyperparameter Tuning
- 5.3 Model Results
- 6 Discussion
- 6.1 Stealthiness of Obfuscations
- 6.2 Impact of Compiler Optimization Levels
- 7 Conclusions
- A Specifications
- References
- ZeekFlow: Deep Learning-Based Network Intrusion Detection a Multimodal Approach
- 1 Introduction
- 2 Related Work
- 3 ZeekFlow: DL-based Network Intrusion Detection
- 3.1 Background
- 3.2 Modalities
- 3.3 Proposed Architecture
- 3.4 Implementation Details
- 4 Evaluation
- 4.1 Datasets
- 4.2 Evaluation Criteria
- 4.3 Baselines
- 4.4 Ablation Study
- 5 Conclusion
- References
- FedREVAN: Real-time DEtection of Vulnerable Android Source Code Through Federated Neural Network with XAI
- 1 Introduction
- 2 Background and Related Work
- 2.1 Vulnerabilities in Source Code
- 2.2 Developer Assistance for Identifying Code Vulnerabilities
- 2.3 Vulnerability Scanning Techniques
- 2.4 AI-Based Vulnerability Detection
- 2.5 Understanding AI-Based Predictions Results with XAI
- 2.6 Federated Learning for AI Models
- 3 Methodology
- 3.1 Selecting the Dataset
- 3.2 Building the Neural Network-Based Model
- 3.3 Model Parameter Tuning and Pruning
- 3.4 Detection of Vulnerabilities with XAI Using Trained Model
- 3.5 Model Training in the Federated Environment
- 4 Results and Discussions
- 4.1 Performances of the Initial Models
- 4.2 Federated Neural Network Model
- 4.3 Developer Feedback on FedREVAN
- 5 Conclusion and Future Work
- A Appendix
- References
- Finding Server-Side Endpoints with Static Analysis of Client-Side JavaScript
- 1 Introduction
- 2 Features of Real JS in Respect to Finding Endpoints
- 2.1 Motivating Examples
- 3 Related Work
- 3.1 Dynamic Analysis
- 3.2 Static Analysis
- 4 Approach
- 5 Evaluation
- 5.1 Comparison with Existing Approaches
- 5.2 Comparison with Industry-Grade Scanners
- 6 Conclusion
- References
- The Nonce-nce of Web Security: An Investigation of CSP Nonces Reuse
- 1 Introduction
- 2 Background
- 2.1 Cross-Site Scripting
- 2.2 Content Security Policy
- 2.3 Web Caches
- 3 Related Work
- 4 Methodology and Experiment
- 4.1 URLs Collection
- 4.2 CSP Nonces Detection
- 4.3 CSP Nonces Evaluation
- 4.4 Experiment
- 5 Results
- 5.1 CSP Adoption and Usage
- 5.2 Reuse Analysis
- 5.3 Length and Validity Analysis
- 6 Discussion
- 6.1 Reuse Causes
- 6.2 Limitations and Future Work
- 7 Conclusion
- References
- TAURIN 2023
- TAURIN 2023 Preface
- Organization
- General Chairs
- Program Chairs
- Web Chair
- Program Committee
- Internet Transparency Through Multi-party Computation
- 1 Introduction
- 2 Design of a Multi-domain Network Telemetry System
- 2.1 Design Goals and Considerations
- 2.2 Design Proposal
- 2.3 Proof-of-Concept Details
- 3 Performance Analysis
- 3.1 Testbed
- 3.2 Test Scenarios
- 3.3 Results
- 4 Related Work
- 5 Conclusion
- A MPC Code Details
- References
- DNS Dependencies as an Expression of the Digital Divide: The Example of Australia
- 1 Introduction
- 2 Related Work
- 3 Methodology
- 4 Results
- 4.1 Analysis by Provider Type
- 5 Limitations
- 6 Discussion and Conclusion
- References
- Towards Security Transparency of Autonomous Systems on the Internet
- 1 Introduction
- 2 RQ1: What May Be the Security Attributes of an AS?
- 3 RQ2: How to Rank ASes in Terms of Reputation?
- 4 RQ3: How to Choose Paths Based on ASes' Reputations?
- 5 RQ4: What May Be a Way to Verify a Path?
- References
- PriST-AI 2023
- PriST-AI 2023 Preface
- Organization
- General Chair
- Program Committee
- Privacy-Preserving Object Recognition with Explainability in Smart Systems
- 1 Introduction
- 2 Related Work
- 2.1 Object Recognition
- 2.2 Privacy in Machine Learning for Image Data
- 2.3 Explainability in Machine Learning for Image Data
- 3 Reference Scenario and Problem Statement
- 4 Proposed Architecture and Methodology
- 4.1 Privacy Preserving Mechanism Enforcement
- 4.2 Object Recognition
- 4.3 Computation of Data Privacy and Recognition Accuracy
- 5 Experiments
- 5.1 Datasets
- 5.2 Object Recognition Models
- 5.3 Privacy-Preserving Object Recognition with Explainability
- 5.4 Experimental Results
- 6 Conclusion
- References
- An Efficient CKKS-FHEW/TFHE Hybrid Encrypted Inference Framework
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Technical Overview
- 2 Preliminaries
- 3 Methodology
- 3.1 LUT-Aware Model Fine-Tuning
- 3.2 Estimate the Numerical Ranges of the Input for Activation Functions
- 3.3 Incorporate the Linear Mapping into Model Weights
- 4 Experiments
- 4.1 Performance
- 4.2 Comparison with Two State-of-the-art Methods
- 5 Other Related Works
- 6 Conclusion
- References
- Pixels Who Violate Our Privacy! Deep Learning for Identifying Images' Key Pixels
- 1 Introduction
- 2 Preliminaries
- 2.1 Pixel Detection
- 2.2 Recognition
- 3 Methodology
- 4 Experimental Analysis
- 4.1 Experimental Setup
- 4.2 Experimental Results
- 4.3 Discussion
- 5 Related Work
- 6 Conclusion and Future Directions
- References
- Verifiable Fairness: Privacy-preserving Computation of Fairness for Machine Learning Systems
- 1 Introduction
- 2 Background and Related Work
- 2.1 Fairness Metrics
- 2.2 Auditing ML Models for Fairness
- 3 FaaS Architecture
- 3.1 Threat Model
- 3.2 Protocol Overview
- 3.3 Protocol Sequence
- 4 Implementation and Performance Analysis
- 4.1 Proof-of-Concept Implementation
- 4.2 Performance
- 5 Conclusion
- References
- SECAI 2023
- SECAI 2023 Preface
- Organization
- Program Chairs
- General Chairs
- Program Committee
- Organizing Committee
- Additional Reviewers
- NASimEmu: Network Attack Simulator & Emulator for Training Agents Generalizing to Novel Scenarios
- 1 Introduction
- 2 Related Work
- 3 Network Attack Simulator and Emulator
- 3.1 Simulator
- 3.2 Emulator
- 3.3 Known Limitations
- 4 Experiments
- 4.1 Agent Models
- 4.2 Scenarios
- 4.3 Experiment: Generalization to Novel Scenarios
- 4.4 Experiment: Transfer to Emulation
- 5 Conclusion and Future Work
- A Appendix
- References
- On the Use of AutoML for Combating Alert Fatigue in Security Operations Centers
- 1 Introduction
- 2 Related Work
- 3 Methodology
- 3.1 Case Study
- 3.2 Security Alert Dataset
- 3.3 AutoML-Driven Automation Methodology
- 3.4 Evaluation Methodology
- 3.5 AutoSklearn ML Pipeline Configurations and Interactive Dashboard
- 4 Evaluation and Discussion
- 4.1 Impact of Manual Feature Engineering
- 4.2 Stochastic Nature of Repeated Experiments
- 4.3 Out-of-Distribution Samples and Temporal Constraints on Validation and Test Datasets
- 4.4 Interpretability and Explainability
- 4.5 On Safety Margins
- 4.6 Discussion
- 5 Conclusion
- References
- CO-DECYBER: Co-operative Decision Making for Cybersecurity Using Deep Multi-agent Reinforcement Learning
- 1 Introduction
- 2 Related Work
- 3 Co-Decyber
- 3.1 Attack and Defence Modelling
- 3.2 Autonomous Platooning Vehicles
- 3.3 Generic Framework and Architecture
- 4 Training Methodology
- 4.1 Training Approach
- 4.2 Co-Decyber Agents
- 5 Results
- 6 Conclusions and Future Work
- References
- Fault Injection and Safe-Error Attack for Extraction of Embedded Neural Network Models
- 1 Introduction
- 2 Background
- 2.1 Model Extraction
- 2.2 Fault Injection Attacks
- 3 Related Works
- 4 Threat Model
- 5 Experimental Setup
- 5.1 8-Bit Quantized Neural Network Models
- 5.2 Models and Datasets
- 6 Model Extraction with SEA
- 6.1 Overview
- 6.2 Exploiting Safe-Error Attack
- 6.3 Efficiency of Task-Specific Inputs
- 6.4 Crafting Inputs for Uncertain Predictions
- 6.5 Least Significant Bit Leakage Principle
- 6.6 Train Substitute Model
- 6.7 Evaluation
- 7 Discussions
- 8 Conclusion
- References
- Can Inputs' Reconstruction Information Be Coded into Machine Learning Model's Outputs?
- 1 Introduction
- 2 Related Work
- 3 Problem Setting
- 3.1 Confidential Inference in MLaaS
- 3.2 Attack Scenarios
- 3.3 Attacker's Capacity and Goal
- 4 Attack Method
- 4.1 Training Phase
- 4.2 Attack Phase
- 5 Evaluation
- 5.1 Experimental Setup
- 5.2 Results
- 6 Discussion
- 6.1 Effectiveness of Our Attack
- 6.2 Similarity with Reconstructed Images
- 6.3 Difficulty of Data Reconstruction
- 6.4 Relation to Autoencoders
- 6.5 Potential Countermeasures
- 7 Conclusion
- References
- Towards a Practical Defense Against Adversarial Attacks on Deep Learning-Based Malware Detectors via Randomized Smoothing
- 1 Introduction
- 2 Problem Formulation
- 2.1 The Task of Malware Detection
- 2.2 Evasion Attacks
- 2.3 Adversarial Defenses
- 3 Methodology
- 3.1 Randomized Smoothing
- 4 Evaluation
- 4.1 Experimental Setup
- 4.2 Empirical Evaluation
- 5 Discussion
- 6 Conclusions
- 6.1 Future Work
- References
- Backdoor Attacks Leveraging Latent Representation in Competitive Learning
- 1 Introduction
- 2 Related Works
- 2.1 Backdoor Removal for Countermeasures
- 2.2 Backdoor Attacks with Resistance to Backdoor Removal
- 3 Problem Setting
- 3.1 Machine Learning and Backdoor Attacks
- 3.2 Threat Model
- 4 TALPA
- 4.1 Overview
- 4.2 Objective Functions
- 5 Experiments
- 5.1 Setting
- 5.2 Results of Accuracy and Attack Success Rate
- 5.3 Results of Backdoor Removal
- 6 Discussion
- 6.1 Impacts of Hyperparameters
- 6.2 Impacts of Norms
- 6.3 Extension to Other Layers
- 6.4 Resistance Against Existing Backdoor Defense
- 6.5 Potential Countermeasures
- 7 Conclusion
- A Architectures of Models
- References
- Simulating Deception for Web Applications Using Reinforcement Learning
- 1 Introduction
- 2 Related Work
- 3 Background on CyberBattleSim
- 4 Method: Using CyberBattleSim to Simulate Application-Layer Deception
- 4.1 Implementation of Deceptive Elements
- 4.2 Reinforcement Learning Agents as Attackers
- 5 Experiments
- 5.1 MedicalPortal Web Application
- 5.2 Experiment Setup
- 5.3 Detection Metrics: Identifying the Best Deceptive Configuration
- 6 Results
- 6.1 Research Question 1: Impact of Honeytokens on the Time to Detect the Attacker
- 6.2 Research Question 2: Impact of Detection Points on the Time to Detect the Attacker
- 6.3 Research Question 3: Impact of the Type of Honeytokens
- 7 Discussion
- 8 Conclusions
- References
- The Road Towards Autonomous Cybersecurity Agents: Remedies for Simulation Environments
- 1 Introduction
- 2 Related Work
- 3 An Assessment Framework for Autonomous Cyber Agent Simulation
- 3.1 Ontology for Cyber Terrain Simulation
- 3.2 Actor Behavior Framework and Types
- 3.3 Metrics to Measure Quality
- 4 Comparison of Existing Simulations' Models
- 4.1 Yawning Titan
- 4.2 CyberBattleSim
- 4.3 CybORG
- 4.4 CYST
- 4.5 Structured Comparison
- 5 Comparison of CybORG and CYST
- 6 Summary
- 6.1 Future Work
- References
- Mitigating Gradient Inversion Attacks in Federated Learning with Frequency Transformation
- 1 Introduction
- 2 Background
- 2.1 Federated Learning
- 2.2 Attacks in Federated Learning
- 2.3 Gradient Inversion Attacks in FL
- 2.4 Frequency Space Transformation in FL
- 2.5 Attack Scenario
- 3 Method
- 3.1 Attack Methods
- 3.2 Proposed Defence Method
- 3.3 Improving Resilience in FL
- 3.4 pFGD Algorithm
- 4 Experiment Setup
- 4.1 Comparative Study
- 5 Results and Discussion
- 6 Conclusion
- References
- Network Intrusion Detection by Variational Component-Based Feature Saliency Gaussian Mixture Clustering
- 1 Introduction
- 2 Related Works
- 3 Methodology
- 3.1 Normal Traffic Learning
- 3.2 Anomaly Detection
- 4 Experiments
- 4.1 Datasets
- 4.2 Methods
- 4.3 Results and Discussion
- 5 Conclusions
- References
- Author Index
