Publications

1 2 3 11

An Information Theoretic Framework for Active De-anonymization in Social Networks Based on Group Memberships

October 11, 2017

Farhad Shirani, Siddharth Garg, and Elza Erkip

In this paper, a new mathematical formulation for the problem of de-anonymizing social network users by actively querying their membership in social network groups is introduced. In this formulation, the attacker has access to a noisy observation of the group membership of each user in the social network. When an unidentified victim visits a malicious website, the attacker uses browser history sniffing to make queries regarding the victim’s social media activity. Particularly, it can make polar queries regarding the victim’s group memberships and the victim’s identity. The attacker receives noisy responses to her queries. The goal is to de-anonymize the victim with the minimum number of queries. Starting with a rigorous mathematical model for this active de-anonymization problem, an upper bound on the attacker’s expected query cost is derived, and new attack algorithms are proposed which achieve this bound. These algorithms vary in computational cost and performance. The results suggest that prior heuristic approaches to this problem provide sub-optimal solutions.

Rethinking Split Manufacturing: An Information-Theoretic Approach with Secure Layout Techniques

October 5, 2017

Abhrajit Sengupta, Satwik Patnaik, Johann Knechtel, Mohammed Ashraf, Siddharth Garg and Ozgur Sinanoglu

Split manufacturing is a promising technique to defend against fab-based malicious activities such as IP piracy, overbuilding, and insertion of hardware Trojans. However, a network flow-based proximity attack, proposed by Wang et al. (DAC’16) [1], has demonstrated that most prior art on split manufacturing is highly vulnerable. Here in this work, we present two practical layout techniques towards secure split manufacturing: (i) gate-level graph coloring and (ii) clustering of same-type gates. Our approach shows promising results against the advanced proximity attack, lowering its success rate by 5.27x, 3.19x, and 1.73x on average compared to the unprotected layouts when splitting at metal layers M1, M2, and M3, respectively. Also, it largely outperforms previous defense efforts; we observe on average 8x higher resilience when compared to representative prior art. At the same time, extensive simulations on ISCAS’85 and MCNC benchmarks reveal that our techniques incur an acceptable layout overhead. Apart from this empirical study, we provide—for the first time—a theoretical framework for quantifying the layout-level resilience against any proximity-induced information leakage. Towards this end, we leverage the notion of mutual information and provide extensive results to validate our model.

Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security

October 4, 2017

Karel Horák, Quanyan Zhu and Branislav Bošanský.

Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.

Dynamics of Strategic Protection Against Virus Propagation in Heterogeneous Complex Networks

October 4, 2017

Yezekael Hayel and Quanyan Zhu

With an increasing number of wide-spreading cyber-attacks on networks such as the recent WannaCry and Petya Ransomware, protection against malware and virus spreading in large scale networks is essential to provide security to network systems. In this paper, we consider a network protection game in which heterogeneous agents decide their individual protection levels against virus propagation over complex networks. Each agent has his own private type which characterizes his recovery rate, transmission capabilities, and perceived cost. We propose an evolutionary Poisson game framework to model the heterogeneous interactions of the agents over a complex network and analyze the equilibrium strategies for decentralized protection. We show the structural results of the equilibrium strategies and their connections with replicator dynamics. Numerical results are used to corroborate the analytical results.

Strategic Defense Against Deceptive Civilian GPS Spoofing of Unmanned Aerial Vehicles

October 4, 2017

Tao Zhang and Quanyan Zhu

The Global Positioning System (GPS) is commonly used in civilian Unmanned Aerial Vehicles (UAVs) to provide geolocation and time information for navigation. However, GPS is vulnerable to many intentional threats such as the GPS signal spoofing, where an attacker can deceive a GPS receiver by broadcasting incorrect GPS signals. Defense against such attacks is critical to ensure the reliability and security of UAVs. In this work, we propose a signaling game framework in which the GPS receiver can strategically infer the true location when the attacker attempts to mislead it with a fraudulent and purposefully crafted signal. We characterize the necessary and sufficient conditions of perfect Bayesian equilibrium (PBE) of the game and observe that the equilibrium has a PLASH structure, i.e., pooling in low types and separating in high types. This structure enables the development of a game-theoretic security mechanism to defend against the civil GPS signal spoofing for civilian UAVs. Our results show that in the separating part of the PLASH PBE, the civilian UAV can infer its true position under the spoofing attack while in the pooling portion of the PLASH PBE, the corresponding equilibrium strategy allows the civilian UAV to rationally decide the position that minimizes the deviation from its true position. Numerical experiments are used to corroborate our results and observations.

Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks

September 20, 2017

Haizhong Zheng, Minhui Xue, Hao Lu, Shuang Hao, Haojin Zhu, Xiaohui Liang and Keith Ross.

Popular User-Review Social Networks (URSNs)-such as Dianping, Yelp, and Amazon-are often the targets of reputation attacks in which fake reviews are posted in order to boost or diminish the ratings of listed products and services. These attacks often emanate from a collection of accounts, called Sybils, which are collectively managed by a group of real users. A new advanced scheme, which we term elite Sybil attacks, recruits organically highly-rated accounts to generate seemingly-trustworthy and realistic-looking reviews. These elite Sybil accounts taken together form a large-scale sparsely-knit Sybil network for which existing Sybil fake-review defense systems are unlikely to succeed. In this paper, we conduct the first study to define, characterize, and detect elite Sybil attacks. We show that contemporary elite Sybil attacks have a hybrid architecture, with the first tier recruiting elite Sybil workers and distributing tasks by Sybil organizers, and with the second tier posting fake reviews for profit by elite Sybil workers. We design ELSIEDET, a three- stage Sybil detection scheme, which first separates out suspicious groups of users, then identifies the campaign windows, and finally identifies elite Sybil users participating in the campaigns. We perform a large-scale empirical study on ten million reviews from Dianping, by far the most popular URSN service in China. Our results show that reviews from elite Sybil users are more spread out temporally, craft more convincing reviews, and have higher filter bypass rates. We also measure the impact of Sybil campaigns on various industries (such as cinemas, hotels, restaurants) as well as chain stores, and demonstrate that monitoring elite Sybil users over time can provide valuable early alerts against Sybil campaigns.

Linking Amplification DDoS Attacks to Booter Services

September 20, 2017

Johannes Krupp, Mohammad Karami, Christian Rossow, Damon McCoy and Michael Backes
We present techniques for attributing ampli cation DDoS attacks to the booter services that launched the attack. Our k-Nearest Neighbor (k-NN) classi cation algorithm is based on features that are characteristic for a DDoS service, such as the set of re ectors
used by that service. This allows us to attribute DDoS attacks based on observations from honeypot ampli ers, augmented with
training data from ground truth attack-to-services mappings we generated by subscribing to DDoS services and attacking ourselves in a controlled environment. Our eval- uation shows that we can attribute DNS and NTP attacks observed by the honeypots with a precision of over 99% while still achieving recall of over 69% in the most challenging real-time attribution scenario. Furthermore, we develop a similarly precise technique that allows a victim to attribute an attack based on a slightly different set of features that can be extracted from a victim’s network traces. Executing our k-NN classi er over all attacks observed by the honeypots shows that 25.53% (49,297) of the DNS attacks can be attributed to 7 booter services and 13.34% (38,520) of the NTP attacks can be attributed to 15 booter services. This demonstrates the potential bene ts of DDoS attribution to identify harmful DDoS services and victims of these services.

Enabling Extreme Energy Efficiency Via Timing Speculation for Deep Neural Network Accelerators

September 10, 2017

Jeff (Jun) Zhang, Zahra Ghodsi, Kartheek Rangineni and Siddharth Garg

Due to the success of deep neural networks (DNN) in achieving and surpassing state-of-the-art results for a range of machine learning applications, there is growing interest in the design of high-performance hardware accelerators for DNN execution. Further, as DNN hardware accelerators are increasingly being deployed in datacenters, accelerator power and energy efficiency have become key design metrics. In this paper, we seek to enhance the energy efficiency of high-performance systolic array based DNN accelerators, like the recently released Google TPU, using voltage underscaling based timing speculation, a powerful energy reduction technique that enables digital logic to execute below its nominal supply voltage.

The design of MAC-Drop is motivated by the observation that conventional voltage underscaling techniques proposed in literature are not well-suited to large, high-performance DNN accelerators. MAC-Drop encompasses three new architectural innovations that enable aggressive voltage underscaling for DNN accelerators without compromising performance or classification accuracy. Our empirical results indicate that MAC-Drop enables between 32%−56% energy savings when evaluated over four state-of-the-art benchmark DNNs.

Cognitive Connectivity Resilience in Multi-layer Remotely Deployed Mobile Internet of Things

September 2, 2017

Muhammad Junaid Farooq and Quanyan Zhu

Enabling the Internet of things in remote areas without traditional communication infrastructure requires a multi-layer network architecture. The devices in the overlay network are required to provide coverage to the underlay devices as well as to remain connected to other overlay devices. The coordination, planning, and design of such two-layer heterogeneous networks is an important problem to address. Moreover, the mobility of the nodes and their vulnerability to adversaries pose new challenges to the connectivity. For instance, the connectivity of devices can be affected by changes in the network, e.g., the mobility of the underlay devices or the unavailability of overlay devices due to failure or adversarial attacks. To this end, this work proposes a feedback based adaptive, self-configurable, and resilient framework for the overlay network that cognitively adapts to the changes in the network to provide reliable connectivity between spatially dispersed smart devices. Our results show that if sufficient overlay devices are available, the framework leads to a connected configuration that ensures a high coverage of the mobile underlay network. Moreover, the framework can actively reconfigure itself in the event of varying levels of device failure.

 

Secure Randomized Checkpointing for Digital Microfluidic Biochips

August 31, 2017

Jack Tang, Mohamed Ibrahim,Krishnendu Chakrabarty and Ramesh Karri

Digital microfluidic biochips (DMFBs) integrated with processors and arrays of sensors form cyberphysical systems and consequently face a variety of unique, recently described security threats. It has been noted that techniques used for error recovery can provide some assurance of integrity when a cyberphysical DMFB is under attack. This work proposes the use of such hardware for security purposes through the randomization of checkpoints in both space and time, and provides design guidelines for designers of such systems. We define security metrics and present techniques for improving performance through static checkpoint maps, and describe performance trade-offs associated with static and random checkpoints. We also provide detailed classification of attack models and demonstrate the feasibility of our techniques with case studies on assays implemented in typical DMFB hardware.

BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain

August 22, 2017

Tianyu Gu, Brendan Dolan-Gavitt and Siddharth Garg

Deep learning-based techniques have achieved stateof-the-art performance on a wide variety of recognition and classification tasks. However, these networks are typically computationally expensive to train, requiring weeks of computation on many GPUs; as a result, many users outsource the training procedure to the cloud or rely on pre-trained models that are then fine-tuned for a specific task. In this paper we show that outsourced training introduces new security risks: an adversary can create a maliciously trained network (a backdoored neural network, or a BadNet) that has state-of-theart performance on the user’s training and validation samples, but behaves badly on specific attacker-chosen inputs. We first explore the properties of BadNets in a toy example, by creating a backdoored handwritten digit classifier. Next, we demonstrate backdoors in a more realistic scenario by creating a U.S. street sign classifier that identifies stop signs as speed limits when a special sticker is added to the stop sign; we then show in addition that the backdoor in our US street sign detector can persist even if the network is later retrained for another task and cause a drop in accuracy of 25% on average when the backdoor trigger is present.

A network framework for dynamic models of urban food, energy and water systems (FEWS)

August 22, 2017

Rae Zimmerman, Quanyan Zhu and Carolyn Dimitri

The urban food system addressed here centers on urban food processing, distribution and consumption (including food packaging and waste disposal) and as such addresses how food moves from processing and distribution centers to points of consumption and ultimately waste disposal within cities. The Food-Energy-Water Systems (FEWS) Nexus extends to and through urban boundaries. Energy and water resource use are vital along these routes and are interdependent with one another and with food processing in ways that differ from those in agricultural production systems outside urban boundaries. This paper addresses how the urban food system affects the intensity of energy and water resource use and how these interdependencies can be altered by abrupt changes or extreme events.

HIV-1-infected T-cells dynamics and prognosis: An evolutionary game model

August 21, 2017

 

Bahareh Khazaei, Javad Salimi Sartakhti, Mohammad Hossein Manshaei, Quanyan Zhu, Mehdi Sadeghi and Seyed Rasoul Mousavi

Understanding the dynamics of human immunodeficiency virus (HIV) is essential for depicting, developing, and investigating effective treatment strategies. HIV infects several types of immune cells, but its main target is to destroy helper T-cells. In the lymph nodes, the infected T-cells interact with each other and their environment to obtain more resources. According to infectivity and replicative capacity of T-cells in the HIV infection process, they can be divided into four phenotypes. Although genetic mutations in the reverse transcription that beget these phenotypes are random, the framework by which a phenotype become favored is affected by the environment and neighboring phenotypes. Moreover, the HIV disease has all components of an evolutionary process, including replication, mutation, and selection

 

Detecting the Presence of ENF Signal in Digital Videos: A Superpixel-Based Approach

August 17, 2017

Saffet Vatansever, Ahmet Emer Dirik and Nasir Memon

Electrical network frequency (ENF) instantaneously fluctuates around its nominal value (50/60 Hz) due to a continuous disparity between generated power and consumed power. Consequently, luminous intensity of a mains-powered light source varies depending on ENF fluctuations in the grid network. Variations in the luminance over time can be captured from video recordings and ENF can be estimated through content analysis of these recordings. In ENF-based video forensics, it is critical to check whether a given video file is appropriate for this type of analysis. That is, if ENF signal is not present in a given video, it would be useless to apply ENF-based forensic analysis. In this letter, an ENF signal presence detection method is introduced for videos. The proposed method is based on multiple ENF signal estimations from steady superpixels, i.e., pixels that are most likely uniform in color, brightness, and texture, and intra-class similarity of the estimated signals. Subsequently, consistency among these estimates is then used to determine the presence or absence of an ENF signal in a given video. The proposed technique can operate on video clips as short as 2 min and is independent of the camera sensor type, i.e., CCD or CMOS.

Backpage and Bitcoin: Uncovering Human Traffickers

August 17, 2017

Rebecca S. Portnoff, Danny Yuxing Huang, Periwinkle Doerfler, Sadia Afroz and Damon McCoy

Sites for online classified ads selling sex are widely used by human traffickers to support their pernicious business. The sheer quantity of ads makes manual exploration and analysis unscalable. In addition, discerning whether an ad is advertising a trafficked victim or a independent sex worker is a very difficult task. Very little concrete ground truth (i.e., ads definitively known to be posted by a trafficker) exists in this space. In this work, we develop tools and techniques that can be used separately and in conjunction to group sex ads by their true owner (and not the claimed author in the ad). Specifically, we develop a machine learning classifier that uses stylometry to distinguish between ads posted by the same vs. different authors with 96% accuracy. We also design a linking technique that takes advantage of leakages from the Bitcoin mempool, blockchain and sex ad site, to link a subset of sex ads to Bitcoin public wallets and transactions. Finally, we demonstrate via a 4-week proof of concept using Backpage as the sex ad site, how an analyst can use these automated approaches to potentially find human traffickers.

Security features embedded in computer aided design (CAD) solid models for additive manufacturing

August 15, 2017

Fei Chen, Gary Mac, and Nikhil Gupta

The additive manufacturing (AM) process chain relies heavily on cloud based resources and software programs that are connected to the internet. Cybersecurity has become a major concern for cloud based resources. While network security is important and is the responsibility of the information technology departments of corporations, a second line of defense is necessary if the cybersecurity is breached and the computer aided design (CAD) files are stolen. The stolen CAD files can be used to print components in exactly the same quality as the original component. The present work aims at developing design features in CAD models that can be used for the purpose of security against counterfeiting.

CONGRESS: A Hybrid Reputation System for Coping with Rating Subjectivity

August 11, 2017

Yuan Liu, Jie Zhang, Quanyan Zhu and Xingwei Wang

In electronic commerce, buyers and sellers conduct transactions without physical interactions. In reputation systems, the trustworthiness of sellers is achieved by aggregating the ratings shared by other buyers with whom the sellers have ever conducted transactions. However, the ratings provided by buyers for evaluating the same seller could be diverse due to their different judgment criteria, which is referred as the subjectivity problem of reputation systems. It indicates that the ratings shared by some buyers may mislead other buyers with different personalities, making it challenging to aggregate the ratings properly in reputation systems. In this paper, in order to cope with the subjectivity problem, a hybrid architecture of reputation systems is proposed, which is based on coalition formation game theory. In the proposed module, buyers with the same subjectivity will automatically form a club, and share their ratings so as to build seller reputation within their club. The utility of a club is the profit created by the reputation system, which is further divided among the buyers of the club. Two utility allocation algorithms have been investigated, i.e., the proportional and Shapley allocations, respectively. Theoretical analysis and experimental results have shown that buyers with the same personality have the incentive to form a separate pure club if specific conditions are satisfied.

PRNU-Based Camera Attribution from Multiple Seam-Carved Images

August 9, 2017

Samet Taspinar, Manoranjan Mohanty and Nasir Memon

Photo Response Non-Uniformity (PRNU) noisebased source attribution is a well known technique to verify the camera of an image or video. Researchers have proposed various countermeasures to prevent PRNU-based source camera attribution. Forced seam-carving is one such recently proposed counter forensics technique. This technique can disable PRNUbased source camera attribution by forcefully removing seams such that the size of most uncarved image blocks is less than 50 × 50 pixels. In this paper, we show that given multiple seamcarved images from the same camera, source attribution can still be possible even if the size of uncarved blocks in the image is less than the recommended size of 50 × 50 pixels. Theoretical analysis and experiments with multiple cameras demonstrate that the effectiveness of our scheme depends on the number of seams carved from an image and the randomness of the seam positions.