In 2018, in the above article, Zhou and Ren proposed PassBio, a privacy-preserving biometric authentication scheme. PassBio delivers its promise and effectively protects users’ privacy from malicious servers. However, we demonstrate that PassBio may be vulnerable in a more inclusive attack model with malicious clients.

With the development of generative adversarial networks (GAN), the field of face sketch synthesis has received extensive attention. Face sketch synthesis (FSS) has promising prospects in the fields of entertainment and law enforcement, where it plays an increasingly important role. We propose a novel generative adversarial network for synthesizing sketches with similar shapes and rich details to photos

In recent years, digital copies of paper documents are used widely with the prevalence of various online services. As a result, it is critical to validate the authenticity of the uploaded document images to protect against attacks from malicious users. Out of various types of attacks, the recapture attack (by reprinting and recapturing) is effective in concealing the trace of document forgeries. However

Greybox fuzzing has been widely used in stateless programs and has achieved great success. However, most state-of-the-art greybox fuzzers have slow speed and shallow state depth coverage in fuzzing stateful network protocol programs, which are able to remember and store the details of interactions. The existing greybox fuzzers for network protocol programs first send a series of well-defined prefix

Blockchain is a technology with decentralization and immutability features and has been employed for auditing by many applications. However, immutability sometimes limits the application of blockchain technology. For example, vulnerable smart contracts on blockchain cannot be redacted due to immutability. The existing redactable blockchain solutions either have a low efficiency or violate the decentralization

Deploying Intrusion Detection Systems (IDSs) is an essential way to enhance the security of Multi-hop Clustered Wireless Sensor Networks (MCWSNs). The conventional IDS deployment architectural designs show limitations in ensuring the security of MCWSNs due to the limited monitoring range of the nodes. This paper proposes an efficient IDS deployment architecture for MCWSNs. The architecture is a hybrid

The so-called behavioral anomaly detection (BAD) is expected to solve effectively a variety of security issues by detecting the deviances from normal behavioral patterns of protected agents. We propose a new graph-based behavioral modeling paradigm for BAD problem, named behavioral identification graph (BIG), which has distinct advantages over existing methods by mining deeply the property-level (as

Record linkage algorithms match and link records from different databases that refer to the same real-world entity based on direct and/or quasi-identifiers, such as name, address, age, and gender, available in the records. Since these identifiers generally contain personal identifiable information (PII) about the entities, record linkage algorithms need to be developed with privacy constraints. Known

By revisiting, improving, and extending recent neural-network based modeling attacks on XOR Arbiter PUFs from the literature, we show that XOR Arbiter PUFs, (XOR) Feed-Forward Arbiter PUFs, and Interpose PUFs can be attacked faster, up to larger security parameters, and with an order of magnitude fewer challenge-response pairs than previously known both in simulation and in silicon data. To support

One common task in image forensics is to detect spliced images, where multiple source images are composed to one output image. Most of the currently best performing splicing detectors leverage high-frequency artifacts. However, after an image underwent strong compression, most of the high frequency artifacts are not available anymore. In this work, we explore an alternative approach to splicing detection

When using location-based services (LBSs), a user obtains points-of-interest (PoI) information by providing the LBS platform with his current geo-location. Such a search leads to potential privacy leakage if an adversary has access to his geo-data. Traditional $k$ -anonymity mechanisms instruct a user to bear the overhead to report his current location together with $k-1$ dummy locations to confuse

Attacks exploiting the innate and the acquired vulnerabilities of human users have posed severe threats to cybersecurity. This work proposes ADVERT, a human-technical solution that generates adaptive visual aids in real-time to prevent users from inadvertence and reduce their susceptibility to phishing attacks. Based on the eye-tracking data, we extract visual states and attention states as system-level

Privacy-preserving data analysis is an emerging area that addresses the dilemma of performing data analysis on user data while protecting users’ privacy. In this paper, we consider the problem of constructing privacy-preserving $K$ -means clustering protocol for data analysis that provides local privacy to users’ data. To enable a desirable degree of local privacy guarantee while maintaining high accuracy

This paper considers satellite eavesdroppers in uplink satellite communication systems where the eavesdroppers are randomly distributed at arbitrary altitudes according to homogeneous binomial point processes and attempt to overhear signals that a ground terminal transmits to a serving satellite. Non-colluding eavesdropping satellites are assumed, i.e., they do not cooperate with each other, so that

Memory encryption (ME) with authentication is becoming a key security feature of modern processors, as evident by the adoption of ME by Intel’s SGX. Recently ME is actively studied from the viewpoint of system architecture. This paper studies ME from the viewpoint of symmetric-key cryptographic designs, with a primal focus on latency. A significant progress in such a direction can be observed in the

Face presentation attack detection (PAD) is essential to secure face recognition systems primarily from high-fidelity mask attacks. Most existing 3D mask PAD benchmarks suffer from several drawbacks: 1) a limited number of mask identities, types of sensors, and a total number of videos; 2) low-fidelity quality of facial masks. Basic deep models and remote photoplethysmography (rPPG) methods achieved

Homomorphic encryption (HE) is being widely used for privacy-preserving computation. Since HE schemes only support polynomial operations, it is prevalent to use polynomial approximations of non-polynomial functions. We cannot monitor the intermediate values during the homomorphic evaluation; as a consequence, we should utilize polynomial approximations with sufficiently large approximation intervals

It has been witnessed that Aggregate Reverse Skyline (ARS) query has recently received a wide range of practical applications due to its marvelous property of identifying the influence of query requests. Nevertheless, the query users may hesitate to participate in such query services as the query requests and query results may leak sensitive personal data or valuable business data assets to the service

Advances in facial manipulation technology have led to increasing indistinguishable and realistic face swap videos, which raises growing concerns about the security risk of deepfakes in the community. Although current deepfake detectors can gain promising performance when handling high-quality faces under within-database settings, most detectors suffer from performance degradation in cross-database

Automated deception detection has been found as a vital and concerned task, capable of assisting human users to assess truthfulness and detect deceptive behaviors in several situations (e.g., medical, legal, as well as occupational domains). As contact-free video cameras and data analysis techniques are leaping forward, leveraging one’s visual, acoustic and textual information captured in a video can

In recent years, there has been increasing interest in studying the adversarial attack, which poses potential risks to deep learning applications and has stimulated numerous researches, e.g. improving the robustness of deep neural networks. In this work, we propose a novel double-stream architecture – Guided Erasable Adversarial Attack (GEAA) – for protecting high-quality labeled data with high commercial

Federated learning is an emerging technology which allows a server to train a global model with the cooperation of participants without exposing the participants’ data. In recent years, there have been many studies focusing on maintaining participant privacy against honest-but-curious servers. In 2017, Google proposed a promising solution that applies double masking and secret sharing tools to protect

Website Fingerprinting (WF) enables a local passive attacker to infer which website a user is visiting over an encrypted connection. Classifiers utilizing deep neural networks (DNNs) automatically extract reliable features and have achieved up to 98% accuracy even against Tor. Since DNNs are known to be vulnerable to adversarial examples, several recent studies have exploited adversarial perturbations

Geotagging images of interest are increasingly important to law enforcement, national security, and journalism. Today, many images do not carry location tags that are trustworthy and resilient to tampering; and landmark-based visual clues may not be readily present in every image, especially in those taken indoors. In this paper, we exploit an environmental signature from the power grid, the electric

To address the camera origin identification problem of inquiry images, many forensic methods have been proposed. However, the heavy computational overhead and the potential threat of privacy leakage for inquiry images make many existing forensic methods less applicable. Only a few research works have proposed secure forensic methods to address the aforementioned issues; however, they did not give a

The Gaussian distribution is widely used in mechanism design for differential privacy (DP). Thanks to its sub-Gaussian tail, it significantly reduces the chance of outliers when responding to queries. However, it can only provide approximate $(\varepsilon, \delta (\varepsilon))$ -DP. In practice, $\delta (\varepsilon)$ must be much smaller than the size of the dataset, which may limit the use of the

Causal inference is widely used in clinical research, economic analysis, and other fields. As is the case with many statistical data, the findings of causal discovery (i.e., causal graph) might leak demographic information of participants. For example, a causal link between one genome and a rare disease can reveal the participation of a minority patient in genome-wide association studies. To date,

Recent studies have shown that robustness to adversarial attacks can be transferred across deep neural networks. In other words, we can make a weak model more robust with the help of a strong teacher model. In this paper, we ask if models can “learn together” and “teach each other” to achieve better robustness instead of learning from a static teacher. We study how interactions among models enhance

In recent years, face recognition has made a remarkable breakthrough due to the emergence of deep learning. However, compared with frontal face recognition, plenty of deep face recognition models still suffer serious performance degradation when handling profile faces. To address this issue, we propose a novel Frontal-Centers Guided Loss (FCGFace) to obtain highly discriminative features for face recognition

Local features contain crucial clues for face anti-spoofing. Convolutional neural networks (CNNs) are powerful in extracting local features, but the intrinsic inductive bias of CNNs limits the ability to capture long-range dependencies. This paper aims to develop a simple yet effective framework that is versatile in extracting both local information and long-range dependencies for face anti-spoofing

Cloud attack provenance is a well-established industrial practice for assuring transparency and accountability for a service provider to tenants. However, the multi-tenancy and self-service nature coupled with the sheer size of a cloud implies many unique challenges to cloud forensics. Although Virtual Machine Introspection (VMI) is a powerful tool for attack provenance due to the privilege isolation

Over the past few years, Domain Name Service (DNS) remained a prime target for hackers as it enables them to gain first entry into networks and gain access to data for exfiltration. Although the DNS over HTTPS (DoH) protocol has desirable properties for internet users such as privacy and security, it also causes a problem in that network administrators are prevented from detecting suspicious network

Extensive studies have revealed that smart grid is vulnerable to cyber-physical attacks. However, these strategies only focus on the cascading initiation phase to induce single-stage failures with multiple branch tripping, lacking of exploring the attack effectiveness in the propagation phase so that the deeply-hidden cascading failures are underestimated. In this paper, we propose a novel false load

Distributed learning is proposed as a promising technique to reduce heavy data transmissions in centralized machine learning. By allowing the participants training the model locally, raw data is unnecessarily uploaded to the centralized cloud server, reducing the risks of privacy leakage as well. However, the existing studies have shown that an adversary is able to derive the raw data by analyzing

This work presents a new paradigm for protection of sensitive inferences drawn from data streams with relevance to Internet-of-Things (IoT). This paradigm is an alternative to end-to-end encryption of entire data streams, or noise-addition based privatization mechanisms. It relies on the notion that raw data shared through IoTs are themselves not sensitive but for the inferences that can be drawn from

Although users can obtain various services by sharing their location information online with location-based service providers, it reveals sensitive information about users. However, existing privacy-preserving techniques in the online scenario suffer from the following shortcomings. First, they model the correlations between the real trajectory and the distorted trajectory as undirected, which makes

Android security has received a lot of attention over the last decade, especially malware investigation. Researchers attempt to highlight applications’ security-relevant characteristics to better understand malware and effectively distinguish malware from benign applications. The accuracy and the completeness of their proposals are evaluated experimentally on malware and goodware datasets. Thus, the

Dynamic time warping (DTW) is a popular technique for sequence alignment, and is the de facto standard for dynamic signature verification. In this paper, we go a significant step further to enhance DTW with the capability of deep representation learning, and propose an end-to-end trainable Deep soft-DTW (DsDTW) model for dynamic signature verification. Specifically, we design a convolutional recurrent

Analysis of imaging sensors is one of the most reliable photo forensic techniques, but it is increasingly challenged by complex image processing in modern cameras. The underlying photo response non-uniformity (PRNU) is distilled into a static sensor fingerprint unique for each device. This makes it easy to estimate and spoof and limits its reliability in face of sophisticated attackers. We propose

Heterogeneous Face Recognition (HFR) is a challenging task due to the significant intra-class variation between the query and gallery images. The reason behind this vast intra-class variation is the varying image capturing sensors and the varying image representation techniques. Visual, Infrared, thermal images are the output of different sensors and viewed sketches, and composite sketches are the

Although many network traffic protection methods have been developed to protect user privacy, encrypted traffic can still reveal sensitive user information with sophisticated analysis. In this paper, we propose ETC-PS, a novel encrypted traffic classification method with path signature. We first construct the traffic path with a session packet length sequence to represent the interactions between the

Face presentation attack detection (PAD) has been extensively studied by research communities to enhance the security of face recognition systems. Although existing methods have achieved good performance on testing data with similar distribution as the training data, their performance degrades severely in application scenarios with data of unseen distributions. In situations where the training and

Two main privacy models for sanitising datasets are differential privacy (DP) and syntactic privacy. The former restricts individual values’ impact on the output based on the dataset while the latter restructures the dataset before publication to link any record to multiple sensitive data values. Besides both providing mechanisms to sanitise data, these models are often applied independently of each

Heterogeneous face recognition (HFR) aims at matching face images across different domains. It is challenging due to the severe domain discrepancies and overfitting caused by small training datasets. Some researchers apply a “recognition via generation” strategy and propose to solve the problem by translating images from a given domain into the visual domain. However, in many HFR tasks such as near-infrablack

Face detection and subsequent localization of facial landmarks are the primary steps in many face applications. Numerous algorithms and benchmark datasets have been introduced to develop robust models for the visible domain. However, varying conditions of illumination still pose challenging problems. In this regard, thermal cameras are employed to address this problem, because they operate on longer

Over the past years, the increasingly severe data island problem has spawned an emerging distributed deep learning framework—federated learning, in which the global model can be constructed over multiple participants without directly sharing their raw data. Despite its promising prospect, there are still many security challenges in federated learning, such as privacy preservation and integrity verification

In this paper, we explore the data recovery procedures from ${e} \cdot $ MMCs. The ${e} \cdot $ MMC is one of the “managed” flash memory devices that are popularly used in modern digital devices as their storage media. The ${e} \cdot $ MMC, which consists of flash memory and the flash memory controller, optimizes the data input/output between the host device and the non-volatile memory through its

High Efficiency Video Coding (HEVC) double compression detection is of prime significance in video forensics. However, double compression with the same parameters and video content with high motion displacement intensity have become two main factors that limit the performance of existing algorithms. To address these issues, a novel motion-adaptive algorithm is proposed in this paper. Firstly, the analysis

This paper introduces a defense approach against end-to-end adversarial attacks developed for cutting-edge speech-to-text systems. The proposed defense algorithm has four steps. First, we use the short-time Fourier transform to represent speech signals with 2D spectrograms. Second, we iteratively find a safe vector using a spectrogram subspace projection operation. This operation minimizes the chordal

Backdoor attacks cause model misbehaving by first implanting backdoors in deep neural networks (DNNs) during training and then activating the backdoor via samples with triggers during inference. The compromised models could pose serious security risks to artificial intelligence systems, such as misidentifying ‘stop’ traffic sign into ‘80km/h’. In this paper, we investigate the connection characteristic

This paper studies the defense strategy of remote state estimation under deception attacks. In order to prevent the stealthy attacker from reducing the estimation performance without triggering an alarm, an encoding-decoding mechanism combining linear transformation and artificial noise is proposed. Moreover, the detection performance under three different attack scenarios is analyzed. It is proved

Compared with single biometric recognition, multimodal biometric recognition based on fingerprint and finger vein has been widely considered because of its convenient sample collection, high security and accurate recognition. However, according to our investigation, there is no public dataset of fingerprint and finger vein collected at the same time. The existing work uses fingerprint datasets and

Federated learning (FL) can protect clients’ privacy from leakage in distributed machine learning. Applying federated learning to edge computing can protect the privacy of edge clients and benefit edge computing. Nevertheless, eavesdroppers can analyze the parameter information to specify clients’ private information and model features. And it is difficult to achieve a high privacy level, convergence

In vehicular networks, caching content in fog nodes is a widely accepted and favorable way to quickly respond to massive vehicle requests, reduce content retrieval delay and improve service quality. However, to implement such caching mode, it is critical to ensure efficient security and privacy protection when vehicles access the cached content in fog nodes. In this paper, aiming at the security issue

Due to its high anti-counterfeiting and universality, the use of finger-vein pattern for identity authentication has recently attracted extensive attention in academia and industry. Despite recent advances in finger-vein recognition, most of the hand-crafted descriptors require strong prior knowledge, which may be ineffective in expressing its distinctiveness. In this paper, we present a novel compact

We consider the critical problems of distributed computing and learning over data while keeping it private from the computational servers. The state-of-the-art approaches to this problem rely on quantizing the data into a finite field, so that the cryptographic approaches for secure multiparty computing can then be employed. These approaches, however, can result in substantial accuracy losses due to

We present a data-driven framework for learning fair universal representations (FUR) that guarantee statistical fairness for any learning task that may not be known a priori. Our framework leverages recent advances in adversarial learning to allow a data holder to learn representations in which a set of sensitive attributes are decoupled from the rest of the dataset. We formulate this as a constrained

The operation of smart grids heavily relies on secure and accurate meter measurements provided by phasor measurement units (PMUs). Therefore, the optimal PMU placement (OPP) aiming to achieve the complete system observability of smart grids with as few PMUs as possible has been extensively investigated. Although many existing studies have focused on the OPP, few of them are concerned with the placement

The secure authenticated key establishment between nodes in Wireless Sensor Networks (WSNs) has not been fully solved in the existing schemes. It’s a good idea to apply the Diffie-Hellman protocol to address it perfectly, but the existing authenticated Diffie-Hellman (ADH) protocols are not perfect because their authentication are partial or delayed. In this paper, we first present a concept of full

Attribute-based encryption scheme is a promising mechanism to realize one-to-many fine-grained access control which strengthens the security in cloud computing. However, massive amounts of data and various data sharing requirements bring great challenges to the complex but isolated and fixed access structures in most of the existing attribute-based encryption schemes. In this paper, we propose an attribute-based