Search Results for author: Surya Nepal

Found 57 papers, 11 papers with code

AI Potentiality and Awareness: A Position Paper from the Perspective of Human-AI Teaming in Cybersecurity

no code implementations28 Sep 2023 Iqbal H. Sarker, Helge Janicke, Nazeeruddin Mohammad, Paul Watters, Surya Nepal

This position paper explores the broad landscape of AI potentiality in the context of cybersecurity, with a particular emphasis on its possible risk factors with awareness, which can be managed by incorporating human experts in the loop, i. e., "Human-AI" teaming.

Parameter-Saving Adversarial Training: Reinforcing Multi-Perturbation Robustness via Hypernetworks

no code implementations28 Sep 2023 Huihui Gong, Minjing Dong, Siqi Ma, Seyit Camtepe, Surya Nepal, Chang Xu

Adversarial training serves as one of the most popular and effective methods to defend against adversarial perturbations.

RAI4IoE: Responsible AI for Enabling the Internet of Energy

no code implementations20 Sep 2023 Minhui Xue, Surya Nepal, Ling Liu, Subbu Sethuvenkatraman, Xingliang Yuan, Carsten Rudolph, Ruoxi Sun, Greg Eisenhauer

This paper plans to develop an Equitable and Responsible AI framework with enabling techniques and algorithms for the Internet of Energy (IoE), in short, RAI4IoE.


Stealthy Physical Masked Face Recognition Attack via Adversarial Style Optimization

no code implementations18 Sep 2023 Huihui Gong, Minjing Dong, Siqi Ma, Seyit Camtepe, Surya Nepal, Chang Xu

Moreover, to ameliorate the phenomenon of sub-optimization with one fixed style, we propose to discover the optimal style given a target through style optimization in a continuous relaxation manner.

Face Recognition

Two-in-one Knowledge Distillation for Efficient Facial Forgery Detection

no code implementations21 Feb 2023 Chuyang Zhou, Jiajun Huang, Daochang Liu, Chengbin Du, Siqi Ma, Surya Nepal, Chang Xu

More specifically, knowledge distillation on both the spatial and frequency branches has degraded performance than distillation only on the spatial branch.

Knowledge Distillation Vocal Bursts Valence Prediction

Anti-Compression Contrastive Facial Forgery Detection

no code implementations13 Feb 2023 Jiajun Huang, Xinqi Zhu, Chengbin Du, Siqi Ma, Surya Nepal, Chang Xu

To enhance the performance for such models, we consider the weak compressed and strong compressed data as two views of the original data and they should have similar representation and relationships with other samples.

Contrastive Learning

Masked Vector Quantization

no code implementations16 Jan 2023 David D. Nguyen, David Leibowitz, Surya Nepal, Salil S. Kanhere

Generative models with discrete latent representations have recently demonstrated an impressive ability to learn complex high-dimensional data distributions.


Diverse Multimedia Layout Generation with Multi Choice Learning

no code implementations16 Jan 2023 David D. Nguyen, Surya Nepal, Salil S. Kanhere

In the above example, this would form an unacceptable layout with a logo in the centre.

Private Image Generation With Dual-Purpose Auxiliary Classifier

no code implementations CVPR 2023 Chen Chen, Daochang Liu, Siqi Ma, Surya Nepal, Chang Xu

However, apart from this standard utility, we identify the "reversed utility" as another crucial aspect, which computes the accuracy on generated data of a classifier trained using real data, dubbed as real2gen accuracy (r2g%).

Image Generation Privacy Preserving

Tracking Dataset IP Use in Deep Neural Networks

no code implementations24 Nov 2022 Seonhye Park, Alsharif Abuadbba, Shuo Wang, Kristen Moore, Yansong Gao, Hyoungshick Kim, Surya Nepal

In this work, we propose a novel DNN fingerprinting technique dubbed DEEPTASTER to prevent a new attack scenario in which a victim's data is stolen to build a suspect model.

Data Augmentation Transfer Learning

Profiler: Profile-Based Model to Detect Phishing Emails

no code implementations18 Aug 2022 Mariya Shmalko, Alsharif Abuadbba, Raj Gaire, Tingmin Wu, Hye-Young Paik, Surya Nepal

The Profiler does not require large data sets to train on to be effective and its analysis of varied email features reduces the impact of concept drift.

Deception for Cyber Defence: Challenges and Opportunities

no code implementations15 Aug 2022 David Liebowitz, Surya Nepal, Kristen Moore, Cody J. Christopher, Salil S. Kanhere, David Nguyen, Roelien C. Timmer, Michael Longland, Keerth Rathakumar

Deception is rapidly growing as an important tool for cyber defence, complementing existing perimeter security measures to rapidly detect breaches and data theft.

Towards Web Phishing Detection Limitations and Mitigation

no code implementations3 Apr 2022 Alsharif Abuadbba, Shuo Wang, Mahathir Almashor, Muhammed Ejaz Ahmed, Raj Gaire, Seyit Camtepe, Surya Nepal

However, with an average of 10K phishing links reported per hour to platforms such as PhishTank and VirusTotal (VT), the deficiencies of such ML-based solutions are laid bare.

PublicCheck: Public Integrity Verification for Services of Run-time Deep Models

no code implementations21 Mar 2022 Shuo Wang, Sharif Abuadbba, Sidharth Agarwal, Kristen Moore, Ruoxi Sun, Minhui Xue, Surya Nepal, Seyit Camtepe, Salil Kanhere

Existing integrity verification approaches for deep models are designed for private verification (i. e., assuming the service provider is honest, with white-box access to model parameters).

Model Compression

TSM: Measuring the Enticement of Honeyfiles with Natural Language Processing

no code implementations15 Mar 2022 Roelien C. Timmer, David Liebowitz, Surya Nepal, Salil Kanhere

Honeyfile deployment is a useful breach detection method in cyber deception that can also inform defenders about the intent and interests of intruders and malicious insiders.

Can pre-trained Transformers be used in detecting complex sensitive sentences? -- A Monsanto case study

no code implementations14 Mar 2022 Roelien C. Timmer, David Liebowitz, Surya Nepal, Salil S. Kanhere

We experimented with four different categories of documents in the Monsanto dataset and observed that BERT achieves better F2 scores by 24. 13\% to 65. 79\% for GHOST, 30. 14\% to 54. 88\% for TOXIC, 39. 22\% for CHEMI, 53. 57\% for REGUL compared to existing sensitive information detection models.

DeepFake Disrupter: The Detector of DeepFake Is My Friend

no code implementations CVPR 2022 Xueyu Wang, Jiajun Huang, Siqi Ma, Surya Nepal, Chang Xu

We argue that the detectors do not share a similar perspective as human eyes, which might still be spoofed by the disrupted data.

Face Swapping

Modelling Direct Messaging Networks with Multiple Recipients for Cyber Deception

no code implementations21 Nov 2021 Kristen Moore, Cody J. Christopher, David Liebowitz, Surya Nepal, Renee Selvey

Cyber deception is emerging as a promising approach to defending networks and systems against attackers and data thieves.

Language Modelling

Mate! Are You Really Aware? An Explainability-Guided Testing Framework for Robustness of Malware Detectors

1 code implementation19 Nov 2021 Ruoxi Sun, Minhui Xue, Gareth Tyson, Tian Dong, Shaofeng Li, Shuo Wang, Haojin Zhu, Seyit Camtepe, Surya Nepal

We find that (i) commercial antivirus engines are vulnerable to AMM-guided test cases; (ii) the ability of a manipulated malware generated using one detector to evade detection by another detector (i. e., transferability) depends on the overlap of features with large AMM values between the different detectors; and (iii) AMM values effectively measure the fragility of features (i. e., capability of feature-space manipulation to flip the prediction results) and explain the robustness of malware detectors facing evasion attacks.

Characterizing Malicious URL Campaigns

1 code implementation29 Aug 2021 Mahathir Almashor, Ejaz Ahmed, Benjamin Pick, Sharif Abuadbba, Raj Gaire, Seyit Camtepe, Surya Nepal

Seemingly dissimilar URLs are being used in an organized way to perform phishing attacks and distribute malware.

FedDICE: A ransomware spread detection in a distributed integrated clinical environment using federated learning and SDN based mitigation

no code implementations9 Jun 2021 Chandra Thapa, Kallol Krishna Karmakar, Alberto Huertas Celdran, Seyit Camtepe, Vijay Varadharajan, Surya Nepal

FedDICE integrates federated learning (FL), which is privacy-preserving learning, to SDN-oriented security architecture to enable collaborative learning, detection, and mitigation of ransomware attacks.

Federated Learning Privacy Preserving

A Comprehensive Survey on Community Detection with Deep Learning

no code implementations26 May 2021 Xing Su, Shan Xue, Fanzhen Liu, Jia Wu, Jian Yang, Chuan Zhou, Wenbin Hu, Cecile Paris, Surya Nepal, Di Jin, Quan Z. Sheng, Philip S. Yu

A community reveals the features and connections of its members that are different from those in other communities in a network.

Clustering Community Detection +3

RAIDER: Reinforcement-aided Spear Phishing Detector

no code implementations17 May 2021 Keelan Evans, Alsharif Abuadbba, Tingmin Wu, Kristen Moore, Mohiuddin Ahmed, Ganna Pogrebna, Surya Nepal, Mike Johnstone

RAIDER also keeps the number of features to a minimum by selecting only the significant features to represent phishing emails and detect spear-phishing attacks.

Binary Classification reinforcement-learning +1

Robust Training Using Natural Transformation

no code implementations10 May 2021 Shuo Wang, Lingjuan Lyu, Surya Nepal, Carsten Rudolph, Marthie Grobler, Kristen Moore

We target attributes of the input images that are independent of the class identification, and manipulate those attributes to mimic real-world natural transformations (NaTra) of the inputs, which are then used to augment the training dataset of the image classifier.

Data Augmentation Image Classification +1

OCTOPUS: Overcoming Performance andPrivatization Bottlenecks in Distributed Learning

no code implementations3 May 2021 Shuo Wang, Surya Nepal, Kristen Moore, Marthie Grobler, Carsten Rudolph, Alsharif Abuadbba

We introduce a new distributed/collaborative learning scheme to address communication overhead via latent compression, leveraging global data while providing privatization of local data without additional cost due to encryption or perturbation.

Disentanglement Federated Learning

Evaluation and Optimization of Distributed Machine Learning Techniques for Internet of Things

1 code implementation3 Mar 2021 Yansong Gao, Minki Kim, Chandra Thapa, Sharif Abuadbba, Zhi Zhang, Seyit A. Camtepe, Hyoungshick Kim, Surya Nepal

Federated learning (FL) and split learning (SL) are state-of-the-art distributed machine learning techniques to enable machine learning training without accessing raw data on clients or end devices.

BIG-bench Machine Learning Federated Learning

Peeler: Profiling Kernel-Level Events to Detect Ransomware

no code implementations29 Jan 2021 Muhammad Ejaz Ahmed, Hyoungshick Kim, Seyit Camtepe, Surya Nepal

Based on those characteristics, we develop Peeler that continuously monitors a target system's kernel events and detects ransomware attacks on the system.

Malware Detection Cryptography and Security

DeepiSign: Invisible Fragile Watermark to Protect the Integrityand Authenticity of CNN

no code implementations12 Jan 2021 Alsharif Abuadbba, Hyoungshick Kim, Surya Nepal

In this paper, we propose a self-contained tamper-proofing method, called DeepiSign, to ensure the integrity and authenticity of CNN models against such manipulation attacks.

Autonomous Vehicles

HaS-Nets: A Heal and Select Mechanism to Defend DNNs Against Backdoor Attacks for Data Collection Scenarios

no code implementations14 Dec 2020 Hassan Ali, Surya Nepal, Salil S. Kanhere, Sanjay Jha

We have witnessed the continuing arms race between backdoor attacks and the corresponding defense strategies on Deep Neural Networks (DNNs).

Backdoor Attack

Assessing Social License to Operate from the Public Discourse on Social Media

no code implementations COLING 2020 Chang Xu, Cecile Paris, Ross Sparks, Surya Nepal, Keith VanderLinden

Our experimental results show that SIRTA is highly effective in distilling stances from social posts for SLO level assessment, and that the continuous monitoring of SLO levels afforded by SIRTA enables the early detection of critical SLO changes.

text-classification Text Classification +2

Decamouflage: A Framework to Detect Image-Scaling Attacks on Convolutional Neural Networks

no code implementations8 Oct 2020 Bedeuro Kim, Alsharif Abuadbba, Yansong Gao, Yifeng Zheng, Muhammad Ejaz Ahmed, Hyoungshick Kim, Surya Nepal

To corroborate the efficiency of Decamouflage, we have also measured its run-time overhead on a personal PC with an i5 CPU and found that Decamouflage can detect image-scaling attacks in milliseconds.


Evaluation of Federated Learning in Phishing Email Detection

no code implementations27 Jul 2020 Chandra Thapa, Jun Wen Tang, Alsharif Abuadbba, Yansong Gao, Seyit Camtepe, Surya Nepal, Mahathir Almashor, Yifeng Zheng

For a fixed total email dataset, the global RNN based model suffers by a 1. 8% accuracy drop when increasing organizational counts from 2 to 10.

Distributed Computing Federated Learning +2

Backdoor Attacks and Countermeasures on Deep Learning: A Comprehensive Review

1 code implementation21 Jul 2020 Yansong Gao, Bao Gia Doan, Zhi Zhang, Siqi Ma, Jiliang Zhang, Anmin Fu, Surya Nepal, Hyoungshick Kim

We have also reviewed the flip side of backdoor attacks, which are explored for i) protecting intellectual property of deep learning models, ii) acting as a honeypot to catch adversarial example attacks, and iii) verifying data deletion requested by the data contributor. Overall, the research on defense is far behind the attack, and there is no single defense that can prevent all types of backdoor attacks.

Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity

no code implementations26 Jun 2020 Tingmin Wu, Wanlun Ma, Sheng Wen, Xin Xia, Cecile Paris, Surya Nepal, Yang Xiang

We further compare the identified 16 security categories across different sources based on their popularity and impact.

Adversarial Defense by Latent Style Transformations

no code implementations17 Jun 2020 Shuo Wang, Surya Nepal, Alsharif Abuadbba, Carsten Rudolph, Marthie Grobler

The intuition behind our approach is that the essential characteristics of a normal image are generally consistent with non-essential style transformations, e. g., slightly changing the facial expression of human portraits.

Adversarial Defense

Can the Multi-Incoming Smart Meter Compressed Streams be Re-Compressed?

no code implementations5 Jun 2020 Sharif Abuadbba, Ayman Ibaida, Ibrahim Khalil, Naveen Chilamkurti, Surya Nepal, Xinghuo Yu

Smart meters have currently attracted attention because of their high efficiency and throughput performance.


Deep Learning for Community Detection: Progress, Challenges and Opportunities

1 code implementation17 May 2020 Fanzhen Liu, Shan Xue, Jia Wu, Chuan Zhou, Wenbin Hu, Cecile Paris, Surya Nepal, Jian Yang, Philip S. Yu

As communities represent similar opinions, similar functions, similar purposes, etc., community detection is an important and extremely useful tool in both scientific inquiry and data analytics.

Clustering Community Detection +1

End-to-End Evaluation of Federated Learning and Split Learning for Internet of Things

1 code implementation30 Mar 2020 Yansong Gao, Minki Kim, Sharif Abuadbba, Yeonjae Kim, Chandra Thapa, Kyuyeon Kim, Seyit A. Camtepe, Hyoungshick Kim, Surya Nepal

For learning performance, which is specified by the model accuracy and convergence speed metrics, we empirically evaluate both FL and SplitNN under different types of data distributions such as imbalanced and non-independent and identically distributed (non-IID) data.

Federated Learning

Can We Use Split Learning on 1D CNN Models for Privacy Preserving Training?

1 code implementation16 Mar 2020 Sharif Abuadbba, Kyuyeon Kim, Minki Kim, Chandra Thapa, Seyit A. Camtepe, Yansong Gao, Hyoungshick Kim, Surya Nepal

We observed that the 1D CNN model under split learning can achieve the same accuracy of 98. 9\% like the original (non-split) model.

Privacy Preserving

DAN: Dual-View Representation Learning for Adapting Stance Classifiers to New Domains

no code implementations13 Mar 2020 Chang Xu, Cecile Paris, Surya Nepal, Ross Sparks, Chong Long, Yafang Wang

We address the issue of having a limited number of annotations for stance classification in a new domain, by adapting out-of-domain classifiers with domain adaptation.

Domain Adaptation Representation Learning +1

Defending Adversarial Attacks via Semantic Feature Manipulation

no code implementations3 Feb 2020 Shuo Wang, Tianle Chen, Surya Nepal, Carsten Rudolph, Marthie Grobler, Shangyu Chen

In this paper, we propose a one-off and attack-agnostic Feature Manipulation (FM)-Defense to detect and purify adversarial examples in an interpretable and efficient manner.

General Classification

OIAD: One-for-all Image Anomaly Detection with Disentanglement Learning

no code implementations18 Jan 2020 Shuo Wang, Tianle Chen, Shangyu Chen, Carsten Rudolph, Surya Nepal, Marthie Grobler

Our key insight is that the impact of small perturbation on the latent representation can be bounded for normal samples while anomaly images are usually outside such bounded intervals, referred to as structure consistency.

Anomaly Detection Disentanglement

Backdoor Attacks against Transfer Learning with Pre-trained Deep Learning Models

no code implementations10 Jan 2020 Shuo Wang, Surya Nepal, Carsten Rudolph, Marthie Grobler, Shangyu Chen, Tianle Chen

In this paper, we demonstrate a backdoor threat to transfer learning tasks on both image and time-series data leveraging the knowledge of publicly accessible Teacher models, aimed at defeating three commonly-adopted defenses: \textit{pruning-based}, \textit{retraining-based} and \textit{input pre-processing-based defenses}.

Electrocardiography (ECG) Electroencephalogram (EEG) +3

Man-in-the-Middle Attacks against Machine Learning Classifiers via Malicious Generative Models

no code implementations14 Oct 2019 Derui, Wang, Chaoran Li, Sheng Wen, Surya Nepal, Yang Xiang

First, such attacks must acquire the outputs from the models by multiple times before actually launching attacks, which is difficult for the MitM adversary in practice.

BIG-bench Machine Learning

Recognising Agreement and Disagreement between Stances with Reason Comparing Networks

no code implementations ACL 2019 Chang Xu, Cecile Paris, Surya Nepal, Ross Sparks

We identify agreement and disagreement between utterances that express stances towards a topic of discussion.

STRIP: A Defence Against Trojan Attacks on Deep Neural Networks

3 code implementations18 Feb 2019 Yansong Gao, Chang Xu, Derui Wang, Shiping Chen, Damith C. Ranasinghe, Surya Nepal

Since the trojan trigger is a secret guarded and exploited by the attacker, detecting such trojan inputs is a challenge, especially at run-time when models are in active operation.

Cryptography and Security

Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection

no code implementations10 Aug 2018 Xiao Chen, Chaoran Li, Derui Wang, Sheng Wen, Jun Zhang, Surya Nepal, Yang Xiang, Kui Ren

In contrast to existing works, the adversarial examples crafted by our method can also deceive recent machine learning based detectors that rely on semantic features such as control-flow-graph.

Cryptography and Security

Cross-Target Stance Classification with Self-Attention Networks

1 code implementation ACL 2018 Chang Xu, Cecile Paris, Surya Nepal, Ross Sparks

In stance classification, the target on which the stance is made defines the boundary of the task, and a classifier is usually trained for prediction on the same target.

Classification General Classification +1

Defending against Adversarial Attack towards Deep Neural Networks via Collaborative Multi-task Training

no code implementations14 Mar 2018 Derek Wang, Chaoran Li, Sheng Wen, Surya Nepal, Yang Xiang

For example, proactive defending methods are invalid against grey-box or white-box attacks, while reactive defending methods are challenged by low-distortion adversarial examples or transferring adversarial examples.

Adversarial Attack

Still Hammerable and Exploitable: on the Effectiveness of Software-only Physical Kernel Isolation

no code implementations20 Feb 2018 Yueqiang Cheng, Zhi Zhang, Surya Nepal, Zhi Wang

The exploit is motivated by our key observation that the modern OSes have double-owned kernel buffers (e. g., video buffers) owned concurrently by the kernel and user domains.

Cryptography and Security

KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels

no code implementations20 Feb 2018 Zhi Zhang, Yueqiang Cheng, Surya Nepal, Dongxi Liu, Qingni Shen, Fethi Rabhi

In this paper, we propose a reliable and practical system, named KASR, which transparently reduces attack surfaces of commodity OS kernels at runtime without requiring their source code.

Cryptography and Security Operating Systems

Cannot find the paper you are looking for? You can Submit a new open access paper.