Android platform has been the target of attackers due to its openness and increasing popularity. Android malware has explosively increased in recent years, which poses serious threats to Android ...security. Thus proposing efficient Android malware detection methods is curial in defeating malware. Various features extracted from static or dynamic analysis using machine learning have played an important role in malware detection recently. However, existing code obfuscation, code encryption, and dynamic code loading techniques can be employed to hinder systems that single based on static analysis, purely dynamic analysis systems cannot detect all potential code execution paths. To address these issues, we propose CoDroid, a sequence‐based hybrid Android malware detection method, which utilizes the sequences of static opcode and dynamic system call. We treat one sequence as a sentence in the natural language processing and construct a CNN–BiLSTM–Attention classifier which consists of Convolutional Neural Networks (CNNs), the Bidirectional Long Short‐Term Memory (BiLSTM) with an attention language model. We extensively evaluate CoDroid under a real‐world data set and perform comprehensive analysis against other existing related detection methods. The evaluations show the effectiveness and flexibility of CoDroid across a variety of experimental settings.
Machine learning (ML) methods have demonstrated impressive performance in many application fields such as autopilot, facial recognition, and spam detection. Traditionally, ML models are trained and ...deployed in a benign setting, in which the testing and training data have identical statistical characteristics. However, this assumption usually does not hold in the sense that the ML model is designed in an adversarial setting, where some statistical properties of the data can be tampered with by a capable adversary. Specifically, it has been observed that adversarial examples (also known as adversarial input perambulations) elaborately crafted during training/test phases can seriously undermine the ML performance. The susceptibility of ML models in adversarial settings and the corresponding countermeasures have been studied by many researchers in both academic and industrial communities. In this work, we present a comprehensive overview of the investigation of the security properties of ML algorithms under adversarial settings. First, we analyze the ML security model to develop a blueprint for this interdisciplinary research area. Then, we review adversarial attack methods and discuss the defense strategies against them. Finally, relying upon the reviewed work, we provide prospective relevant future works for designing more secure ML models.
Secure Multi-Party Computation (SMPC) is a generic cryptographic primitive that enables distributed parties to jointly compute an arbitrary functionality without revealing their own private inputs ...and outputs. Since Yao’s seminal work in 1982, 30 years of research on SMPC has been conducted, proceeding from pure theoretical research into real-world applications. Recently, the increasing prevalence of the newly emerging technologies such as cloud computing, mobile computing and the Internet of Thing has resulted in a re-birth of SMPC’s popularity. This has occurred mainly because, as a generic tool for computing on private data, SMPC has a natural advantage in solving security and privacy issues in these areas. Accordingly, many application-oriented SMPC protocols have been constructed. This paper presents a comprehensive survey on the theoretical and practical aspects of SMPC protocols. Specifically, we start by demonstrating the underlying concepts of SMPC, including its security requirements and basic construction techniques. Then, we present the research advances regarding construction techniques for generic SMPC protocols, and also the cutting-edge approaches to cloud-assisted SMPC protocols. Then, we summarize the concrete application-oriented protocols that are currently available, and finally, we present a discussion of the current literature and conclude this survey.
With the widespread application of Industrial Internet of Things (IIoT) technology in the industry, the security threats are also increasing. To ensure the safe sharing of resources in IIoT, this ...paper proposes a data security sharing model based on privacy protection (DSS‐PP) for blockchain‐enabled IIoT. Compared with previous works, DSS‐PP has obvious advantages in several important aspects: (1) In the process of identity authentication, it protects users' personal information by using authentication technology with hidden attributes; (2) the encrypted shared resources are stored in off‐chain database of the blockchain, while only the ciphertext index information is stored in the block. It reduces the storage load of the blockchain; (3) it uses blockchain logging technology to trace and account for illegal access. Under the hardness assumption of Inverse Computational Diffe–Hellman (ICDH) problem, this model is proven to be correct and safe. Through the analysis of performance, DSS‐PP has better performance than the referred works.
Video surveillance requires storing massive amounts of video data, which results in the rapid increasing of storage energy consumption. With the popularization of video surveillance, green storage ...for video surveillance is very attractive. The existing energy-saving methods for massive storage mostly concentrate on the data centers, mainly with random access, whereas the storage of video surveillance has inherent workload characteristics and access pattern, which can be fully exploited to save more energy. A dynamic partial-parallel data layout (DPPDL) is proposed for green video surveillance storage. It adopts a dynamic partial-parallel strategy, which dynamically allocates the storage space with an appropriate degree of partial parallelism according to performance requirement. Partial parallelism benefits energy conservation by scheduling only partial disks to work; a dynamic degree of parallelism can provide appropriate performances for various intensity workloads. DPPDL is evaluated by a simulated video surveillance consisting of 60-300 cameras with <inline-formula> <tex-math notation="LaTeX">1920 \times 1080 </tex-math></inline-formula> pixels. The experiment shows that DPPDL is most energy efficient, while tolerating single disk failure and providing more than 20% performance margin. On average, it saves 7%, 19%, 31%, 36%, 56%, and 59% more energy than a CacheRAID, Semi-RAID, Hibernator, MAID, eRAID5, and PARAID, respectively.
Secure data‐sharing technology is a bridge for various collaborative operations among intelligent terminals in the edge‐cloud collaborative application scenario. For the shared data ...involves different levels of confidentiality, intelligent terminals for collaborative operations may be distributed in multiple management domains, and the private information of intelligent terminals is easy to be leaked in edge‐cloud collaboration scenarios, the security of data sharing is severely threatened. To solve these problems, this paper proposed a fine‐grained and traceable multidomain secure data‐sharing model for intelligent terminals. In this model, a key self‐certification algorithm is proposed, which avoids potential security threats of key leakage during the key distribution process. The model combines attribute encryption and threshold function to achieve more fine‐grained and more flexible secure data sharing; it uses blockchain technology to achieve integrity verification of stored data and traceability of shared data, and it combines on‐chain and off‐chain databases to achieve rapid retrieval and positioning of shared data distributed among multiple domains, which improves the efficiency of data sharing among domains. The security of the model proposed by us is proved, and compared with the cited literature, it is shown that the proposed model has certain advantages in terms of computational complexity and time consumption.
Searching on remote encrypted data (commonly known as searchable encryption) has become an important issue in secure data outsourcing, since it allows users to outsource encrypted data to an ...untrusted third party while maintains the capability of keyword search on the data.
Searchable encryption can be achieved using the classical method called oblivious RAM, but the resultant schemes are too inefficient to be applied in the real-world scenarios (e.g., cloud computing). Recently, a number of efficient searchable encryption schemes have been proposed under weaker security guarantees. Such schemes, however, still leak statistical information about the users’ search pattern.
In this paper, we first present two concrete attack methods to show that the search pattern leakage will result in such a situation: an adversary who has some auxiliary knowledge can uncover the underlying keywords of user queries. To address this issue, we then develop a grouping-based construction (GBC) to transform an existing searchable encryption scheme to a new scheme hiding the search pattern. Finally, experiments based on the real-world dataset demonstrate the effectiveness of our attack methods and the feasibility of our construction.
Android mobile devices and applications are widely deployed and used in industry and smart city. Malware detection is one of the most powerful and effective approaches to guarantee security of ...Android systems, especially for industrial platform and smart city. Recently, researches using machine learning-based techniques for Android malware detection increased rapidly. Nevertheless, most of the appeared approaches have to perform feature analysis and selection, so-called feature engineering, which is time-consuming and relies on artificial experience. To solve the inefficiency problem of feature engineering, we propose TC-Droid, an automatic framework for Android malware detection based on text classification method. The core idea of TC-Droid is derived from the field of text classification. TC-Droid feeds on the text sequence of APPs analysis reports generated by AndroPyTool, applies a convolutional neural network (CNN) to explore significant information (or knowledge) under original report text, instead of manual feature engineering. In an evaluation with different number of real-world samples, TC-Droid outperforms state-of-the-art model (Drebin) and several classic models (NB, LR, KNN, RF) as well. With multiple experimental settings and corresponding comparisons, TC-Droid achieves effective and flexible performance in Android malware detection task.
•Android Malware Detection Using Text Classification Method of NLP.•Non-essential feature selection. Automatic word-based sensitive feature engineering instead of hand feature engineering (including feature selection).•A prototype of TC-Droid with performance evaluation on real-world dataset. High and stable performance under extensive experiments on real-world samples.
Boosting cross‐task adversarial attack with random blur Zhang, Yaoyuan; Tan, Yu‐an; Lu, Mingfeng ...
International journal of intelligent systems,
October 2022, 2022-10-00, 20221001, Volume:
37, Issue:
10
Journal Article
Peer reviewed
Open access
Deep neural networks are highly vulnerable to adversarial examples, and these adversarial examples stay malicious when transferred to other neural networks. Many works exploit this transferability of ...adversarial examples to execute black‐box attacks. However, most existing adversarial attack methods rarely consider cross‐task black‐box attacks that are more similar to real‐world scenarios. In this paper, we propose a class of random blur‐based iterative methods (RBMs) to enhance the success rates of cross‐task black‐box attacks. By integrating the random erasing and Gaussian blur into the iterative gradient‐based attacks, the proposed RBM augments the diversity of adversarial perturbation and alleviates the marginal effect caused by iterative gradient‐based methods, generating the adversarial examples of stronger transferability. Experimental results on ImageNet and PASCAL VOC data sets show that the proposed RBM generates more transferable adversarial examples on image classification models, thereby successfully attacking cross‐task black‐box object detection models.
Data hiding technology plays an important role in many areas related to people's life, such as military and medical images. However, it is difficult to obtain high embedding capacity in compressed ...images, and it may cause obvious image distortion. Also, the target image's file size should be controlled, as a significant increase in file size may cause the interceptor's attention. In the field of data hiding, many people have proposed feasible solutions. However, considering the visual quality and embedding rate of images, more improvements are needed. In this paper, the histogram shift is used to realize data hiding of JPEG images. The secret message bits are embedded in the high-frequency coefficients to ensure a higher embedding rate, and the high-frequency coefficients are obtained by histogram distribution. The optimal threshold is used to select a discrete cosine transform (DCT) coefficient sub-block that is suitable to embed the secret message and further improve the visual quality of the target image. The experiments show that our solution is significantly better than the most advanced technology in terms of embedding rate and visual quality.