Search Results for author:
Found 55 papers, 13 papers with code
Transferability Ranking of Adversarial Examples
However, to the best of our knowledge, there are no works which propose a means for ranking the transferability of an adversarial example in the perspective of a blackbox attacker.
WinoGAViL: Gamified Association Benchmark to Challenge Vision-and-Language Models
While vision-and-language models perform well on tasks such as visual question answering, they struggle when it comes to basic human commonsense reasoning skills.
Ranked #1 on
Visual Reasoning
on WinoGAViL
EyeDAS: Securing Perception of Autonomous Cars Against the Stereoblindness Syndrome
The ability to detect whether an object is a 2D or 3D object is extremely important in autonomous driving, since a detection error can have life-threatening consequences, endangering the safety of the driver, passengers, pedestrians, and others on the road.
The Security of Deep Learning Defences for Medical Imaging
Deep learning has shown great promise in the domain of medical image analysis.
Adversarial Machine Learning Threat Analysis in Open Radio Access Networks
Motivated by the success of artificial intelligence in other domains, O-RAN strives to leverage machine learning (ML) to automatically and efficiently manage network resources in diverse use cases such as traffic steering, quality of experience prediction, and anomaly detection.
Adversarial Mask: Real-World Universal Adversarial Attack on Face Recognition Model
In our experiments, we examined the transferability of our adversarial mask to a wide range of FR model architectures and datasets.
Towards A Conceptually Simple Defensive Approach for Few-shot classifiers Against Adversarial Support Samples
In this work, we aim to close this gap by studying a conceptually simple approach to defend few-shot classifiers against adversarial attacks.
Dodging Attack Using Carefully Crafted Natural Makeup
Deep learning face recognition models are used by state-of-the-art surveillance systems to identify individuals passing through public areas (e. g., airports).
Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems
Using the extension, security practitioners can apply attack graph analysis methods in environments that include ML components; thus, providing security practitioners with a methodological and practical tool for evaluating the impact and quantifying the risk of a cyberattack targeting an ML production system.
The Threat of Offensive AI to Organizations
Although offensive AI has been discussed in the past, there is a need to analyze and understand the threat in the context of organizations.
CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals
This mechanism's effectiveness (100% accuracy) is demonstrated in a wide variety of insertion scenarios on a CAN bus prototype.
RadArnomaly: Protecting Radar Systems from Data Manipulation Attacks
The proposed technique, which allows the detection of malicious manipulation of critical fields in the data stream, is complemented by a timing-interval anomaly detection mechanism proposed for the detection of message dropping attempts.
Who's Afraid of Adversarial Transferability?
By combining theoretical reasoning with a series of empirical results, we show that it is practically impossible to predict whether a given adversarial example is transferable to a specific target model in a black-box setting, hence questioning the validity of adversarial transferability as a real-life attack tool for adversaries that are sensitive to the cost of a failed attack.
TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack
Prior research on bypassing NIDSs has mainly focused on perturbing the features extracted from the attack traffic to fool the detection system, however, this may jeopardize the attack's functionality.
Enhancing Real-World Adversarial Patches through 3D Modeling of Complex Target Scenes
We use the framework to create a patch for an everyday scene and evaluate its performance using a novel evaluation process that ensures that our results are reproducible in both the digital space and the real world.
The Translucent Patch: A Physical and Universal Attack on Object Detectors
Therefore, in our experiments, which are conducted on state-of-the-art object detection models used in autonomous driving, we study the effect of the patch on the detection of both the selected target class and the other classes.
BENN: Bias Estimation Using Deep Neural Network
The need to detect bias in machine learning (ML) models has led to the development of multiple bias detection methods, yet utilizing them is challenging since each method: i) explores a different ethical aspect of bias, which may result in contradictory output among the different methods, ii) provides an output of a different range/scale and therefore, can't be compared with other methods, and iii) requires different input, and therefore a human expert needs to be involved to adjust each method according to the examined model.
Detection of Adversarial Supports in Few-shot Classifiers Using Self-Similarity and Filtering
In this work, we propose a detection strategy to identify adversarial support sets, aimed at destroying the understanding of a few-shot classifier for a certain class.
Toward Scalable and Unified Example-based Explanation and Outlier Detection
We compare performances in terms of the classification, explanation quality, and outlier detection of our proposed network with other baselines.
Being Single Has Benefits. Instance Poisoning to Deceive Malware Classifiers
The performance of a machine learning-based malware classifier depends on the large and updated training set used to induce its model.
Dynamic Adversarial Patch for Evading Object Detection Models
In order to demonstrate our attack in a real-world setup, we implemented the patches by attaching flat screens to the target object; the screens are used to present the patches and switch between them, depending on the current camera location.
Stop Bugging Me! Evading Modern-Day Wiretapping Using Adversarial Perturbations
Our results in the real world suggest that our approach is a feasible solution for privacy protection.
Taking Over the Stock Market: Adversarial Perturbations Against Algorithmic Traders
In this study, we present a realistic scenario in which an attacker influences algorithmic trading systems by using adversarial learning techniques to manipulate the input data stream in real time.
Not All Datasets Are Born Equal: On Heterogeneous Data and Adversarial Examples
We, however, argue that machine learning models trained on heterogeneous tabular data are as susceptible to adversarial manipulations as those trained on continuous or homogeneous data such as images.
Fair and accurate age prediction using distribution aware data curation and augmentation
One of the main causes of unfair behavior in age prediction methods lies in the distribution and diversity of the training data.
FOOD: Fast Out-Of-Distribution Detector
Deep neural networks (DNNs) perform well at classifying inputs associated with the classes they have been trained on, which are known as in distribution inputs.
An Automated, End-to-End Framework for Modeling Attacks From Vulnerability Descriptions
Given a description of a security vulnerability, the proposed framework first extracts the relevant attack entities required to model the attack, completes missing information on the vulnerability, and derives a new interaction rule that models the attack; this new rule is integrated within MulVAL attack graph tool.
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain
In recent years machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security.
Autosploit: A Fully Automated Framework for Evaluating the Exploitability of Security Vulnerabilities
The results show that Autosploit is able to automatically identify the system properties that affect the ability to exploit a vulnerability in both noiseless and noisy environments.
Lightweight Collaborative Anomaly Detection for the IoT using Blockchain
Due to their rapid growth and deployment, the Internet of things (IoT) have become a central aspect of our daily lives.
DANTE: A framework for mining and monitoring darknet traffic
In this paper, we present DANTE: a framework and algorithm for mining darknet traffic.
IoT Device Identification Using Deep Learning
In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
GIM: Gaussian Isolation Machines
In many cases, neural network classifiers are likely to be exposed to input data that is outside of their training distribution data.
Exploring the Back Alleys: Analysing The Robustness of Alternative Neural Network Architectures against Adversarial Attacks
We investigate to what extent alternative variants of Artificial Neural Networks (ANNs) are susceptible to adversarial attacks.
Why Blocking Targeted Adversarial Perturbations Impairs the Ability to Learn
We show that contrary to commonly held belief, the ability to bypass defensive distillation is not dependent on an attack's level of sophistication.
CTRL-ALT-LED: Leaking Data from Air-Gapped Computers via Keyboard LEDs
In this type of attack, an advanced persistent threat (APT) uses the keyboard LEDs (Caps-Lock, Num-Lock and Scroll-Lock) to encode information and exfiltrate data from airgapped computers optically.
Cryptography and Security Signal Processing
Privacy-Preserving Detection of IoT Devices Connected Behind a NAT in a Smart Home Setup
Today, telecommunication service providers (telcos) are exposed to cyber-attacks executed by compromised IoT devices connected to their customers' networks.
Adversarial Attacks on Remote User Authentication Using Behavioural Mouse Dynamics
In an attempt to address this gap, we built a set of attacks, which are applications of several generative approaches, to construct adversarial mouse trajectories that bypass authentication models.
HADES-IoT: A Practical Host-Based Anomaly Detection System for IoT Devices (Extended Version)
The main advantage of HADES-IoT is its low performance overhead, which makes it suitable for the IoT domain, where state-of-the-art approaches cannot be applied due to their high-performance demands.
Cryptography and Security
Defense Methods Against Adversarial Examples for Recurrent Neural Networks
Using our methods we were able to decrease the effectiveness of such attack from 99. 9% to 15%.
Cryptography and Security
CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning
In this paper, we show how an attacker can use deep-learning to add or remove evidence of medical conditions from volumetric (3D) medical scans.
Detecting Adversarial Perturbations Through Spatial Behavior in Activation Spaces
We leverage those classifiers to produce a sequence of class labels for each nonperturbed input sample and estimate the a priori probability for a class label change between one activation space and another.
DOPING: Generative Data Augmentation for Unsupervised Anomaly Detection with GAN
To the best of our knowledge, our method is the first data augmentation technique focused on improving performance in unsupervised anomaly detection.
N-BaIoT: Network-based Detection of IoT Botnet Attacks Using Deep Autoencoders
The proliferation of IoT devices which can be more easily compromised than desktop computers has led to an increase in the occurrence of IoT based botnet attacks.
Query-Efficient Black-Box Attack Against Sequence-Based Malware Classifiers
In this paper, we present a generic, query-efficient black-box attack against API call-based machine learning malware classifiers.
CIoTA: Collaborative IoT Anomaly Detection via Blockchain
However, an anomaly detection model must be trained for a long time in order to capture all benign behaviors.
Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection
In this paper, we present Kitsune: a plug and play NIDS which can learn to detect attacks on the local network, without supervision, and in an efficient online manner.
Detection of Unauthorized IoT Devices Using Machine Learning Techniques
Based on the classification of 20 consecutive sessions and the use of majority rule, IoT device types that are not on the white list were correctly detected as unknown in 96% of test cases (on average), and white listed device types were correctly classified by their actual types in 99% of cases.
Temporal Pattern Discovery for Accurate Sepsis Diagnosis in ICU Patients
Sepsis is a condition caused by the body's overwhelming and life-threatening response to infection, which can lead to tissue damage, organ failure, and finally death.
Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers
In this paper, we present a black-box attack against API call based machine learning malware classifiers, focusing on generating adversarial sequences combining API calls and static features (e. g., printable strings) that will be misclassified by the classifier without affecting the malware functionality.
SIPHON: Towards Scalable High-Interaction Physical Honeypots
Based on this setup, six physical IP cameras, one NVR and one IP printer are presented as 85 real IoT devices on the Internet, attracting a daily traffic of 700MB for a period of two months.
Cryptography and Security
Handwritten Signature Verification Using Hand-Worn Devices
Online signature verification technologies, such as those available in banks and post offices, rely on dedicated digital devices such as tablets or smart pens to capture, analyze and verify signatures.
AirHopper: Bridging the Air-Gap between Isolated Networks and Mobile Phones using Radio Frequencies
In this paper we present "AirHopper", a bifurcated malware that bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals.
Cryptography and Security
Securing Your Transactions: Detecting Anomalous Patterns In XML Documents
XML transactions are used in many information systems to store data and interact with other systems.
Combining One-Class Classifiers via Meta-Learning
In particular, we propose two new one-class classification performance measures to weigh classifiers and show that a simple ensemble that implements these measures can outperform the most popular one-class ensembles.
