Currently, it is ever more common to access online services for activities which formerly required physical attendance. From banking operations to visa applications, a significant number of processes have been digitised, especially since the advent of the COVID-19 pandemic, requiring remote biometric authentication of the user. On the downside, some subjects intend to interfere with the normal operation

The existing solutions related to local differential privacy (LDP) in multi-layer networks for edge computing scenarios present several limitations in both key-value data heavy hitter identification and related frequency and mean estimation tasks. First, existing LDP approaches cannot effectively use edge nodes to improve their utility/performance. Secondly, there are many network transmission tasks

Statistical analytics on encrypted data requires a fully-homomorphic encryption (FHE) scheme. However, heavy computation overheads make FHE impractical. In this paper we propose a novel approach to achieve privacy-preserving statistical analysis on an encrypted database. The main idea of this work is to construct a privacy-preserving calculator to calculate attributes’ count values for later statistical

The physical unclonable function (PUF) is regarded as the root of trust of hardware systems. However, it suffers from the modeling attacks based on machine learning (ML) algorithms. Subsequently, the anti-modeling-attack PUF is of great concern from academia and industries in recent years. In practice, the security of a given PUF is evaluated after the pertinent attacks. However, these evaluation methods

As an emerging biometric technology, multi-spectral palmprint recognition has attracted increasing attention in security due to its high accuracy and ease of use. Compared to single spectral case, multi-spectral palmprint model is more susceptible to the attack of adversarial examples. However, the previous adversarial example attack approaches cannot generate the most aggressive adversarial examples

While social bots can be used for various good causes, they can also be utilized to manipulate people and spread malware. Therefore, it is crucial to detect bots running on social media platforms. However, social bots are increasingly successful in creating human-like messages with the recent developments in artificial intelligence. Thus, we need more sophisticated solutions to detect them. In this

Despite the large body of academic work on machine learning security, little is known about the occurrence of attacks on machine learning systems in the wild. In this paper, we report on a quantitative study with 139 industrial practitioners. We analyze attack occurrence and concern and evaluate statistical hypotheses on factors influencing threat perception and exposure. Our results shed light on

The subject of attack detection for industrial cyber-physical systems (IPCSs) is covered in this paper, which addresses threats from transient covert attacks (TCAs), also referred to as the second version of replay attacks with a specific frequency and short duration. A comprehensive model of the TCAs is built using the active instant and period of the attacks, as well as the dynamics of a virtual

Billions of fingerprint images are acquired and matched to protect the national borders and in a range of egovernance applications. Fast and accurate minutiae detection from fingerprint images is the key to advance fingerprint matching algorithms for large-scale applications. However, currently available fingerprint minutiae extraction methods are not accurate and fast enough to support such large-scale

To defend against eavesdropping and spoofing attacks, the physical layer authentication (PLA) techniques utilize the unique attributes of channel or device for identifying attackers. Among these techniques, the PLA schemes based on channel phase responses use the secret key driven channel phase to authenticate the legitimate user, which have a better performance than the channel amplitude based schemes

We study two problems of private matrix multiplication, over a distributed computing system consisting of a master node, and multiple servers that collectively store a family of public matrices using Maximum-Distance-Separable (MDS) codes. In the first problem of Private and Secure Matrix Multiplication (PSMM) from colluding servers, the master intends to compute the product of its confidential matrix

Federated learning (FL) is an emerging framework that enables massive clients (e.g., mobile devices or enterprises) to collaboratively construct a global model without sharing their local data. However, due to the lack of direct access to clients’ data, the global model is vulnerable to be attacked by malicious clients with their poisoned data. Many strategies have been proposed to mitigate the threat

DeepFake detection aims to differentiate falsified faces from real ones. Most approaches formulate it as a binary classification problem by solely mining the local artifacts and inconsistencies of face forgery, which neglect the relation across local regions. Although several recent works explore local relation learning for DeepFake detection, they overlook the propagation of relational information

Training a Deep Learning (DL) model requires proprietary data and computing-intensive resources. To recoup their training costs, a model provider can monetize DL models through Machine Learning as a Service (MLaaS). Generally, the model is deployed at the cloud, while providing a publicly accessible Application Programming Interface (API) for paid queries to obtain benefits. However, model stealing

The hierarchical network is the more effective platform, which provides multiple channels for various worm propagation. Thus, emerging worms can infect vulnerable hosts by scanning strategy and social media. However, the spread of scan-based worm is restrained due to uneven distribution of vulnerable hosts and NAT (Network Address Translation) technique. Meanwhile, topological dependency dictates to

Scene text recognition (STR) has witnessed tremendous progress in the era of deep learning, but it also raises concerns about privacy infringement as scene texts usually contain valuable or sensitive information. Previous works in privacy protection of scene texts mainly focus on masking out the texts from the image/video. In this work, we learn from the idea of adversarial examples and use minimal

The immutability of blockchains is critical for cryptocurrencies, but an imperative need arises for the redaction of on-chain data due to privacy-protecting laws like GPDR. Recently, Ateniese et al. (EuroS&P 2017) proposed an elegant solution to this problem based on chameleon hash functions, followed by many subsequent works. While these works offered a solution to the permissioned blockchain, the

Insider threat is destructive and concealable, making addressing it a challenging task in cybersecurity. Most existing methods transform user behavior into sequential information and analyze user behavior while neglecting structural information among users, resulting in high false positives. To solve this problem, in this paper, we propose Dual-Domain Graph Convolutional Network (referred to as DD-GCN)

Deep Neural Network (DNN) models have offered powerful solutions for a wide range of tasks, but the cost to develop such models is nontrivial, which calls for effective model protection. Although black-box distribution can mitigate some threats, model functionality can still be stolen via black-box surrogate attacks. Recent studies have shown that surrogate attacks can be launched in several ways,

Mobile wireless sensor networks (MWSNs) have blended into a new application scenario to create revolutionary intelligent cities and handle numerous challenges of security, adaptability, and robustness as wireless technology has advanced. Exploiting lightweight cryptosystems is considered one of the main approaches for MWSNs to achieve confidentiality, integrity, and authentication to prevent malicious

Recently, the success of non-additive steganography has demonstrated that asymmetric distortion can remarkably improve security performance compared with symmetric cost functions. However, most of current existing additive steganographic methods are still based on symmetric distortion. In this paper, for the first time we optimize asymmetric distortion for additive steganography and propose an A3C

The growing concerns about data privacy in society lead to restrictions on the computer vision research gradually. Several collaboration-based vision learning methods have recently emerged, e.g., federated learning and split learning. These methods protect user data from leaving local devices, and make training performed only by uploading gradients, parameters, or activations, etc. However, there is

Vein biometrics is a high security and privacy preserving identification technology that has attracted increasing attention over the last decade. Deep neural networks (DNNs), such as convolutional neural networks (CNN), have shown strong capabilities for robust feature representation, and have achieved, as a result, state-of-the-art performance on various vision tasks. Inspired by their success, deep

Commitment schemes are one of the basic building blocks to construct secure protocols for multi party computation. Many recent works are exploring hardware primitives like physically unclonable functions to build keyless cryptographic protocols, with minimal assumptions. The asymmetric nature and non-invertibility property of PUFs are widely exploited to build oblivious transfer protocols that are

To generate image adversarial examples, state-of-the-art black-box attacks usually require thousands of queries. However, massive queries will introduce additional costs and exposure risks in the real world. Towards improving the attack efficiency, we carefully design an acceleration framework SAGE for existing black-box methods, which is composed of sLocator (initial point optimization) and sRudder

Content Disarm and Reconstruction (CDR) is a zero-trust file methodology that proactively extracts threat attack vectors from documents and media files. While there is extensive literature on CDR that emphasizes its importance, a detailed discussion of how the CDR process works, its effectiveness and drawbacks is lacking. Therefore, this paper presents DeepCDR, the first CDR system in which the validation

In the field of information security, the unpredictability of random numbers plays determinant role according to the security of cryptographic systems. However, limited by the capability of pattern recognition and data mining, statistical-based methods for random number security assessment can only detect whether there are obvious statistical flaws in random sequences. In recent years, some machine

The paper studies face spoofing, a.k.a. presentation attack detection (PAD) in the demanding scenarios of unknown attacks. While earlier studies have revealed the benefits of ensemble methods, and in particular, a multiple kernel learning (MKL) approach to the problem, one limitation of such techniques is that they treat the entire observation space similarly and ignore any variability and local structure

Due to the lack of CAN frame encryption and authentication, CAN bus is vulnerable to various attacks, which can in general be divided into message injection, suspension, and falsification. Existing CAN bus anomaly detection mechanisms either can only detect one or two of these attacks, or require numerous CAN messages during predictions, which can hardly realize real-time performance. In this paper

With advances in social engineering tricks and other technical shortcomings, ransomware attacks have become a severe cybercrime affecting organizations of all shapes and sizes. Although the security teams are making plenty of ransomware detection tools, the ransomware incident report shows they are ineffective in detecting emerging ransomware attacks. This work presents “RTrap,” a systematic framework

Recent on-manifold adversarial attacks can mislead gait recognition by generating adversarial walking postures (AWP) with image generation techniques. However, existing defense methods only eliminate adversarial perturbations on each frame isolatedly but ignore the temporal correlation of gait sequence, which leads to vulnerability of robust gait recognition. In this paper, we propose GaitReload, a

In this paper, we consider the physical layer (PHY) security problem for hybrid wiretapping wireless systems in millimeter wave transmission, where active eavesdroppers (AEs) and passive eavesdroppers (PEs) coexist to intercept the confidential messages and emit jamming signals. To achieve secure and reliable transmission, we propose an artificial noise (AN)-aided robust multi-beam array transceiver

Electromagnetic (EM) emanation measurement and evaluation is one important testing for modern integrated circuits (ICs). Severe electromagnetic interference may degrade the performance of electronic devices or even cause system crashes. As a result, modern ICs need to follow strict electromagnetic compatibility (EMC) requirements. Moreover, EM emanations offer a covert channel for adversaries to steal

With the rapid development of Deepfake synthesis technology, our information security and personal privacy have been severely threatened in recent years. To achieve a robust Deepfake detection, researchers attempt to exploit the joint spatial-temporal information in the videos, like using recurrent networks and 3D convolutional networks. However, these spatial-temporal models remain room to improve

Liu et al. (2021) recently proposed a privacy-enhanced framework named PEFL to efficiently detect poisoning behaviours in Federated Learning (FL) using homomorphic encryption. In this article, we show that PEFL does not preserve privacy. In particular, we illustrate that PEFL reveals the entire gradient vector of all users in clear to one of the participating entities, thereby violating privacy. Furthermore

Finger vein biometrics is becoming an important source of human authentication due to its advantages in terms of liveness detection, high security, and user convenience. Although there exist a lot of deep learning-based methods for finger vein authentication, they only extract features from finger vein images in the spatial domain and may lose some important information that is present in other domains

Blockchain smart contracts have given rise to a variety of interesting and compelling applications and emerged as a revolutionary force for the Internet. Smart contracts from various fields now hold over one trillion dollars worth of virtual coins, attracting numerous attacks. Quite a few practitioners have devoted themselves to developing tools for detecting bugs in smart contracts. One line of efforts

Online social networks (OSNs) are threatened by Sybil attacks, which create fake accounts (also called Sybils) on OSNs and use them for various malicious activities. Therefore, Sybil detection is a fundamental task for OSN security. Most existing Sybil detection methods are based on the graph structure of OSNs, and various methods have been proposed recently. However, although almost all methods have

Path validation has already been incrementally deployed in the Internet architecture. It secures packet forwarding by enabling end hosts to negotiate specific forwarding paths and enforcing on-path routers to prove their forwarding behaviors along these paths. Most existing path validation solutions target static paths, paying less attention to fully dynamic paths that support flexible routing. In

As a legacy from conventional wireless services, illegal eavesdropping is regarded as one of the critical security challenges in Connected and Autonomous Vehicles (CAVs) network. Our work considers the use of Distributed Kalman Filtering (DKF) and Deep Reinforcement Learning (DRL) techniques to improve anti-eavesdropping communication capacity and mitigate jamming interference. Aiming to improve the

Ethereum is a permissionless blockchain ecosystem that supports execution of smart contracts, the key enablers of decentralized finance (DeFi) and non-fungible tokens (NFT). However, the expressiveness of Ethereum smart contracts is a double-edged sword: while it enables blockchain programmability, it also introduces security vulnerabilities, i.e., the exploitable discrepancies between expected and

Electronic health records (EHRs: digital collections of patient health status and diagnosis) are generally shared, analyzed and stored on cloud servers. One operational challenge is to ensure that EHRs are stored correctly, for example using provable data possession (PDP). Seeking to contribute to the literature, we propose a certificateless PDP scheme for cloud-based EHRs. In our scheme, we distribute

Large-scale cropping (LSC) is one of the mostly-used operations in desynchronization attacks and can easily destroy the watermark information by deleting continuous audio slices from the watermarked audio. In this work, we propose a spread spectrum (SS) based audio watermarking scheme to resist against LSC attacks more robustly from both theoretical and empirical perspectives. Specifically, we first

Private function evaluation (PFE) is a special type of MPC protocols that, in addition to the input privacy, can preserve the function privacy. In this work, we propose a PFE scheme for RAM. In particular, we first design an efficient 4-server distributed ORAM scheme with amortized communication $O(\log n)$ per access (both reading and writing). We then simulate a RISC RAM machine over the MPC platform

Partial occlusion of the human body caused by obstacles or a limited camera field of view often occurs in surveillance videos, which affects the performance of gait recognition in practice. Existing methods for gait recognition against occlusion require a bounding box or the height of a full human body as a prerequisite, which is unobserved in occlusion scenarios. In this paper, we propose an occlusion-aware

In recent years, machine learning as a service (MLaaS) has brought considerable convenience to our daily lives. However, these services raise the issue of leaking users’ sensitive attributes, such as race, when provided through the cloud. The present work overcomes this issue by proposing an innovative privacy-preserving approach called privacy-preserving class overlap (PPCO), which incorporates both

Proactive eavesdropping is an effective approach to legitimately surveil the suspicious communications. Current studies all considered that physical layer security (PLS) techniques such as the wiretap coding are not applied by the suspicious users (SUs) to protect their communications. Contrary to that, we consider that the wiretap coding in PLS is adopted by the SUs to defend against the proactive

Many commercial cloud service providers (CSPs) adopt pay-per-query pricing models, in which data owners are charged based on the amount of data scanned by each query. In such a data sharing model, not only the privacy preservation for the data and queries but also the trustworthiness of the underlying billing system is of the utmost importance. In this paper, we revisit multi-key searchable encryption

Face anti-spoofing (FAS) plays a crucial role in securing face recognition systems. Empirically, given an image, a model with more consistent output on different views (i.e., augmentations) of this image usually performs better. Motivated by this exciting observation, we conjecture that encouraging feature consistency of different views may be a promising way to boost FAS models. In this paper, we

In this paper, we propose a new DeepFakes forensics approach called forensic symmetry, which determines whether two symmetrical face patches contain the same or different natural features. To do this, we propose a multi-stream learning structure composed of two feature extractors. The first feature extractor obtains symmetry feature from the front face images. The second feature extractor obtains similarity

Industrial Internet of Things (IIoT) is a new paradigm for building intelligent industrial control systems, and how to establish a secure channel in IIoT for machine-to-machine (M2M) communication is a critical problem because the devices in IIoT suffer from various attacks and may leak confidential information. Traditional authenticated and confidential channel establishment (ACCE) protocols neither

Copy-move forgery is a manipulation of copying and pasting specific patches from and to an image, with potentially illegal or unethical uses. Recent advances in the forensic methods for copy-move forgery have shown increasing success in detection accuracy and robustness. However, for images with high self-similarity or strong signal corruption, the existing algorithms often exhibit inefficient processes

Due to millions of heterogeneous physical nodes, multiple-vendor and multi-tenant domains, and technologies etc., 5G has greatly expanded the threat landscape. Particularly from the high rate of traffic and ultra-low latency requirement of applications in 5G networks, the detection of the network traffic anomalies in real-time is critical. The conventional security approaches lack compatibility with

In recent years, face forgery detectors have aroused great interest and achieved impressive performance, but they are still struggling with generalization and robustness. In this work, we explore taking full advantage of the fine-grained forgery traces in both spatial and frequency domains to alleviate this issue. Specifically, we propose a novel High-Frequency Fine-Grained Transformer (F2Trans) network

Data availability is the major concern of outsourced data storage services. While reliability is promoted by many storage providers, it is infeasible for users to verify these claims. Proofs of Storage-Time are proposed to address this issue: they allow a prover to convince a verifier that the prover indeed stores the outsourced data continuously during the whole storage period. These protocols, however

Federated learning (FL) preserves data privacy by exchanging gradients instead of local training data. However, these private data can still be reconstructed from the exchanged gradients. Deep leakage from gradients (DLG) is a classical reconstruction attack that optimizes dummy data to real data by making the corresponding dummy and real gradients as similar as possible. Nevertheless, DLG fails with

This paper addresses the event-triggered model free adaptive control (MFAC) problem for unknown nonlinear systems under denial-of-service (DoS) attacks, where the design and analysis are discussed under the data-driven framework. Firstly, by using the novel pseudo partial derivative, the nonlinear systems are converted into an equivalent data-relationship model. Then, the DoS attacks are described

A bus-off attack is a denial-of-service (DoS) attack which exploits error handling in the controller area network (CAN) to induce an honest node to disconnect itself from the CAN bus. This paper develops a stochastic transmission policy as a countermeasure for the controller-transmitter pair against the bus-off attack. We model this as a non-zero-sum linear-quadratic-Gaussian game between the controller-transmitter

In a model inversion attack, an adversary attempts to reconstruct the training data records of a target model using only the model’s output. In launching a contemporary model inversion attack, the strategies discussed are generally based on either predicted confidence score vectors, i.e., black-box attacks, or the parameters of a target model, i.e., white-box attacks. However, in the real world, model

With the ubiquitous adoption, mobile face authentication systems have been facing constant security challenges, particularly the spoofing risks. Except for those using specialized hardware, existing proposals for face anti-spoofing on mainstream smartphones either leverage people’s 3D face characteristics or various facial expressions. While showing progress towards more resilient face authentication