PapersCut A shortcut to recent security papers

LSTM Hyper-Parameter Selection for Malware Detection: Interaction Effects and Hierarchical Selection Approach

Authors: Mohit Sewak, Sanjay K. Sahay, Hemant Rathore

Abstract: Long-Short-Term-Memory (LSTM) networks have shown great promise in artificial intelligence (AI) based language modeling. Recently, LSTM networks have also become popular for designing AI-based Intrusion Detection Systems (IDS). However, its applicability in IDS is studied largely in the default settings as used in language models. Whereas security applications offer distinct conditions and hence warrant careful consideration while applying such recurrent networks. Therefore, we conducted one of the most exhaustive works on LSTM hyper-parameters for IDS and experimented with approx. 150 LSTM configurations to determine its hyper-parameters relative importance, interaction effects, and optimal selection approach for designing an IDS. We conducted multiple analyses of the results of these experiments and empirically controlled for the interaction effects of different hyper-parameters covariate levels. We found that for security applications, especially for designing an IDS, neither similar relative importance as applicable to language models is valid, nor is the standard linear method for hyper-parameter selection ideal. We ascertained that the interaction effect plays a crucial role in determining the relative importance of hyper-parameters. We also discovered that after controlling for the interaction effect, the correct relative importance for LSTMs for an IDS is batch-size, followed by dropout ratio and padding. The findings are significant because when LSTM was first used for language models, the focus had mostly been on increasing the number of layers to enhance performance.

Date: 23 Sep 2021

PDF »Main page »


DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications

Authors: Dongqi Han, Zhiliang Wang, Wenqi Chen, Ying Zhong, Su Wang, Han Zhang, Jiahai Yang, Xingang Shi, Xia Yin

Abstract: Unsupervised Deep Learning (DL) techniques have been widely used in various security-related anomaly detection applications, owing to the great promise of being able to detect unforeseen threats and superior performance provided by Deep Neural Networks (DNN). However, the lack of interpretability creates key barriers to the adoption of DL models in practice. Unfortunately, existing interpretation approaches are proposed for supervised learning models and/or non-security domains, which are unadaptable for unsupervised DL models and fail to satisfy special requirements in security domains. In this paper, we propose DeepAID, a general framework aiming to (1) interpret DL-based anomaly detection systems in security domains, and (2) improve the practicality of these systems based on the interpretations. We first propose a novel interpretation method for unsupervised DNNs by formulating and solving well-designed optimization problems with special constraints for security domains. Then, we provide several applications based on our Interpreter as well as a model-based extension Distiller to improve security systems by solving domain-specific problems. We apply DeepAID over three types of security-related anomaly detection systems and extensively evaluate our Interpreter with representative prior works. Experimental results show that DeepAID can provide high-quality interpretations for unsupervised DL models while meeting the special requirements of security domains. We also provide several use cases to show that DeepAID can help security operators to understand model decisions, diagnose system mistakes, give feedback to models, and reduce false positives.

Comment: Accepted by 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21)

Date: 23 Sep 2021

PDF »Main page »


An Improved Authentication & Key Exchange Protocol Based on ECDH for WSNs

Authors: Sina Baghbanijam, Hanie Sanaei

Abstract: Wide-spread use of wireless sensor networks (WSNs) that are consisted of resource-constrained sensor nodes in communication with gateways in sensitive and mission-critical industries have highlighted the need for a secure yet fast communication protocol between users, gateways and sensor nodes. Due to the properties of the network, elliptic-curve cryptography seems to be the most viable choice as it requires less resources than most other options. In this paper we analyze the protocol suggested by Moghadam et al. which is based on ECDH (elliptic-curve Diffie-Hellman) and mention some of the flaws in their proposed authentication and key exchange protocol. Some attacks are also mentioned to further explain the shortcomings of their schema. Then a modified version of the protocol is proposed, analyzed and checked against the same attacks as an informal security proof.

Comment: 6 Pages, 5 figures

Date: 23 Sep 2021

PDF »Main page »


Robin Hood and Matthew Effects -- Differential Privacy Has Disparate Impact on Synthetic Data

Authors: Georgi Ganev, Bristena Oprisanu, Emiliano De Cristofaro

Abstract: Generative models trained using Differential Privacy (DP) are increasingly used to produce and share synthetic data in a privacy-friendly manner. In this paper, we set out to analyze the impact of DP on these models vis-a-vis underrepresented classes and subgroups of data. We do so from two angles: 1) the size of classes and subgroups in the synthetic data, and 2) classification accuracy on them. We also evaluate the effect of various levels of imbalance and privacy budgets. Our experiments, conducted using three state-of-the-art DP models (PrivBayes, DP-WGAN, and PATE-GAN), show that DP results in opposite size distributions in the generated synthetic data. More precisely, it affects the gap between the majority and minority classes and subgroups, either reducing it (a "Robin Hood" effect) or increasing it ("Matthew" effect). However, both of these size shifts lead to similar disparate impacts on a classifier's accuracy, affecting disproportionately more the underrepresented subparts of the data. As a result, we call for caution when analyzing or training a model on synthetic data, or risk treating different subpopulations unevenly, which might also lead to unreliable conclusions.

Date: 23 Sep 2021

PDF »Main page »


On The Vulnerability of Anti-Malware Solutions to DNS Attacks

Authors: Asaf Nadler, Ron Bitton, Oleg Brodt, Asaf Shabtai

Abstract: Anti-malware agents typically communicate with their remote services to share information about suspicious files. These remote services use their up-to-date information and global context (view) to help classify the files and instruct their agents to take a predetermined action (e.g., delete or quarantine). In this study, we provide a security analysis of a specific form of communication between anti-malware agents and their services, which takes place entirely over the insecure DNS protocol. These services, which we denote DNS anti-malware list (DNSAML) services, affect the classification of files scanned by anti-malware agents, therefore potentially putting their consumers at risk due to known integrity and confidentiality flaws of the DNS protocol. By analyzing a large-scale DNS traffic dataset made available to the authors by a well-known CDN provider, we identify anti-malware solutions that seem to make use of DNSAML services. We found that these solutions, deployed on almost three million machines worldwide, exchange hundreds of millions of DNS requests daily. These requests are carrying sensitive file scan information, oftentimes - as we demonstrate - without any additional safeguards to compensate for the insecurities of the DNS protocol. As a result, these anti-malware solutions that use DNSAML are made vulnerable to DNS attacks. For instance, an attacker capable of tampering with DNS queries, gains the ability to alter the classification of scanned files, without presence on the scanning machine. We showcase three attacks applicable to at least three anti-malware solutions that could result in the disclosure of sensitive information and improper behavior of the anti-malware agent, such as ignoring detected threats. Finally, we propose and review a set of countermeasures for anti-malware solution providers to prevent the attacks stemming from the use of DNSAML services.

Date: 23 Sep 2021

PDF »Main page »


A Validated Privacy-Utility Preserving Recommendation System with Local Differential Privacy

Authors: Seryne Rahali, Maryline Laurent, Souha Masmoudi, Charles Roux, Brice Mazeau

Abstract: This paper proposes a new recommendation system preserving both privacy and utility. It relies on the local differential privacy (LDP) for the browsing user to transmit his noisy preference profile, as perturbed Bloom filters, to the service provider. The originality of the approach is multifold. First, as far as we know, the approach is the first one including at the user side two perturbation rounds - PRR (Permanent Randomized Response) and IRR (Instantaneous Randomized Response) - over a complete user profile. Second, a full validation experimentation chain is set up, with a machine learning decoding algorithm based on neural network or XGBoost for decoding the perturbed Bloom filters and the clustering Kmeans tool for clustering users. Third, extensive experiments show that our method achieves good utility-privacy trade-off, i.e. a 90$\%$ clustering success rate, resp. 80.3$\%$ for a value of LDP $\epsilon = 0.8$, resp. $\epsilon = 2$. Fourth, an experimental and theoretical analysis gives concrete results on the resistance of our approach to the plausible deniability and resistance against averaging attacks.

Comment: Accepted for publication in the 15th IEEE International Conference on Big Data Science and Engineering (BigDataSE 2021)

Date: 23 Sep 2021

PDF »Main page »


FormatFuzzer: Effective Fuzzing of Binary File Formats

Authors: Rafael Dutra, Rahul Gopinath, Andreas Zeller

Abstract: Effective fuzzing of programs that process structured binary inputs, such as multimedia files, is a challenging task, since those programs expect a very specific input format. Existing fuzzers, however, are mostly format-agnostic, which makes them versatile, but also ineffective when a specific format is required. We present FormatFuzzer, a generator for format-specific fuzzers. FormatFuzzer takes as input a binary template (a format specification used by the 010 Editor) and compiles it into C++ code that acts as parser, mutator, and highly efficient generator of inputs conforming to the rules of the language. The resulting format-specific fuzzer can be used as a standalone producer or mutator in black-box settings, where no guidance from the program is available. In addition, by providing mutable decision seeds, it can be easily integrated with arbitrary format-agnostic fuzzers such as AFL to make them format-aware. In our evaluation on complex formats such as MP4 or ZIP, FormatFuzzer showed to be a highly effective producer of valid inputs that also detected previously unknown memory errors in ffmpeg and timidity.

Date: 23 Sep 2021

PDF »Main page »


Towards Private On-Chain Algorithmic Trading

Authors: Ceren Kocaoğullar, Arthur Gervais, Benjamin Livshits

Abstract: While quantitative automation related to trading crypto-assets such as ERC-20 tokens has become relatively commonplace, with services such as 3Commas and Shrimpy offering user-friendly web-driven services for even the average crypto trader, we have not yet seen the emergence of on-chain trading as a phenomenon. We hypothesize that just like decentralized exchanges (DEXes) that by now are by some measures more popular than traditional exchanges, process in the space of decentralized finance (DeFi) may enable attractive online trading automation options. In this paper we present ChainBot, an approach for creating algorithmic trading bots with the help of blockchain technology. We show how to partition the computation into on- and off-chain components in a way that provides a measure of end-to-end integrity, while preserving the algorithmic "secret sauce". Our system is enabled with a careful use of algorithm partitioning, zero-knowledge proofs and smart contracts. We also show that with layer-2 (L2) technologies, trades can be kept private, which means that algorithmic parameters are difficult to recover by a chain observer. Our approach offers more transparent access to liquidity and better censorship-resistance compared to traditional off-chain trading approaches. We develop a sample ChainBot and train it on historical data, resulting in returns that are up to 2.4x the buy-and-hold strategy, which we use as our baseline. Our measurements show that across 1000 runs, the end-to-end average execution time for our system is 48.4 seconds. We demonstrate that the frequency of trading does not significantly affect the rate of return and Sharpe ratio, which indicates that we do not have to trade at every block, thereby significantly saving in terms of gas fees. In our implementation, a user who invests \$1,000 would earn \$105, and spend \$3 on gas; assuming a user pool of 1,000 subscribers.

Date: 23 Sep 2021

PDF »Main page »


FooBaR: Fault Fooling Backdoor Attack on Neural Network Training

Authors: Jakub Breier, Xiaolu Hou, Martín Ochoa, Jesus Solano

Abstract: Neural network implementations are known to be vulnerable to physical attack vectors such as fault injection attacks. As of now, these attacks were only utilized during the inference phase with the intention to cause a misclassification. In this work, we explore a novel attack paradigm by injecting faults during the training phase of a neural network in a way that the resulting network can be attacked during deployment without the necessity of further faulting. In particular, we discuss attacks against ReLU activation functions that make it possible to generate a family of malicious inputs, which are called fooling inputs, to be used at inference time to induce controlled misclassifications. Such malicious inputs are obtained by mathematically solving a system of linear equations that would cause a particular behaviour on the attacked activation functions, similar to the one induced in training through faulting. We call such attacks fooling backdoors as the fault attacks at the training phase inject backdoors into the network that allow an attacker to produce fooling inputs. We evaluate our approach against multi-layer perceptron networks and convolutional networks on a popular image classification task obtaining high attack success rates (from 60% to 100%) and high classification confidence when as little as 25 neurons are attacked while preserving high accuracy on the originally intended classification task.

Date: 23 Sep 2021

PDF »Main page »


Encryption Device Based on Wave-Chaos for Enhanced Physical Security of Wireless Wave Transmission

Authors: Hong Soo Park, Sun K. Hong

Abstract: We introduce an encryption device based on wave-chaos to enhance the physical security of wireless wave transmission. The proposed encryption device is composed of a compact quasi-2D disordered cavity, where transmit signals pass through to be distorted in time before transmission. On the receiving end, the signals can only be decrypted when they pass through an identical cavity. In the absence of a proper decryption device, the signals cannot be properly decrypted. If a cavity with a different shape is used on the receiving end, vastly different wave dynamics will prevent the signals from being decrypted, causing them to appear as noise. We experimentally demonstrate the proposed concept in an apparatus representing a wireless link.

Date: 23 Sep 2021

PDF »Main page »


Loading ...