Adversarial Robustness of Learning-based Static Malware Classifiers

Malware detection has long been a stage for an ongoing arms race between malware authors and anti-virus systems. Solutions that utilize machine learning (ML) gain traction as the scale of this arms race increases. This trend, however, makes performing attacks directly on ML an attractive prospect for adversaries. We study this arms race from both perspectives in the context of MalConv, a popular convolutional neural network-based malware classifier that operates on raw bytes of files. First, we show that MalConv is vulnerable to adversarial patch attacks: appending a byte-level patch to malware files bypasses detection 94.3% of the time. Moreover, we develop a universal adversarial patch (UAP) attack where a single patch can drop the detection rate in constant time of any malware file that contains it by 80%. These patches are effective even being relatively small with respect to the original file size -- between 2%-8%. As a countermeasure, we then perform window ablation that allows us to apply de-randomized smoothing, a modern certified defense to patch attacks in vision tasks, to raw files. The resulting `smoothed-MalConv' can detect over 80% of malware that contains the universal patch and provides certified robustness up to 66%, outlining a promising step towards robust malware detection. To our knowledge, we are the first to apply universal adversarial patch attack and certified defense using ablations on byte level in the malware field

Modeling of Duty-Cycled MAC Protocols for Heterogeneous WSN with Priorities

[EN] Wireless Sensor Networks (WSN) have experienced an important revitalization, particularly with the arrival of Internet of Things applications. In a general sense, a WSN can be composed of different classes of nodes, having different characteristics or requirements (heterogeneity). Duty-cycling is a popular technique used in WSN, that allows nodes to sleep and wake up periodically in order to save energy. We believe that the modeling and performance evaluation of heterogeneous WSN with priorities operating in duty-cycling, being of capital importance for their correct design and successful deployment, have not been sufficiently explored. The present work presents a performance evaluation study of a WSN with these features. For a scenario with two classes of nodes composing the network, each with a different channel access priority, an approximate analytical model is developed with a pair of two-dimensional discrete-time Markov chains. Note that the same modeling approach can be used to analyze networks with a larger number of classes. Performance parameters such as average packet delay, throughput and average energy consumption are obtained. Analytical results are validated by simulation, showing accurate results. Furthermore, a new procedure to determine the energy consumption of nodes is proposed that significantly improves the accuracy of previous proposals. We provide quantitative evidence showing that the energy consumption accuracy improvement can be up to two orders of magnitudeThis work is part of the project PGC2018-094151-B-I00, which is financed by the Ministerio de Ciencia, Innovacion y Universidades (MCIU), Agencia Estatal de Investigacion (AEI) and Fondo Europeo de Desarrollo Regional (FEDER) (MCIU/AEI/FEDER.UE). C. Portillo acknowledges the funding received from the European Union under the program Erasmus Mundus Partnerships, project EuroinkaNet, GRANT AGREEMENT NUMBER -2014 -0870/001/001, and the support received from SEP-SES (DSA/103.5/15/6629)Portillo, C.; Martínez Bauset, J.; Pla, V.; Casares-Giner, V. (2020). Modeling of Duty-Cycled MAC Protocols for Heterogeneous WSN with Priorities. Electronics. 9(3):1-16. https://doi.org/10.3390/electronics9030467S11693Gomes, D. A., & Bianchini, D. (2016). Interconnecting Wireless Sensor Networks with the Internet Using Web Services. IEEE Latin America Transactions, 14(4), 1937-1942. doi:10.1109/tla.2016.7483537Libo, Z., Tian, H., & Chunyun, G. (2019). Wireless multimedia sensor network for rape disease detections. EURASIP Journal on Wireless Communications and Networking, 2019(1). doi:10.1186/s13638-019-1468-3Shi, X., An, X., Zhao, Q., Liu, H., Xia, L., Sun, X., & Guo, Y. (2019). State-of-the-Art Internet of Things in Protected Agriculture. Sensors, 19(8), 1833. doi:10.3390/s19081833Rajandekar, A., & Sikdar, B. (2015). A Survey of MAC Layer Issues and Protocols for Machine-to-Machine Communications. IEEE Internet of Things Journal, 2(2), 175-186. doi:10.1109/jiot.2015.2394438Dai, H.-N., Ng, K.-W., & Wu, M.-Y. (2013). On Busy-Tone Based MAC Protocol for Wireless Networks with Directional Antennas. Wireless Personal Communications, 73(3), 611-636. doi:10.1007/s11277-013-1206-9Padilla, P., Padilla, J. L., Valenzuela-Valdés, J. F., Serrán-González, J.-V., & López-Gordo, M. A. (2015). Performance Analysis of Different Link Layer Protocols in Wireless Sensor Networks (WSN). Wireless Personal Communications, 84(4), 3075-3089. doi:10.1007/s11277-015-2783-6Ye, W., Heidemann, J., & Estrin, D. (2004). Medium Access Control With Coordinated Adaptive Sleeping for Wireless Sensor Networks. IEEE/ACM Transactions on Networking, 12(3), 493-506. doi:10.1109/tnet.2004.828953Kuo, Y.-W., Li, C.-L., Jhang, J.-H., & Lin, S. (2018). Design of a Wireless Sensor Network-Based IoT Platform for Wide Area and Heterogeneous Applications. IEEE Sensors Journal, 18(12), 5187-5197. doi:10.1109/jsen.2018.2832664He, X., Liu, S., Yang, G., & Xiong, N. (2018). Achieving Efficient Data Collection in Heterogeneous Sensing WSNs. IEEE Access, 6, 63187-63199. doi:10.1109/access.2018.2876552Ortin, J., Cesana, M., Redondi, A. E. C., Canales, M., & Gallego, J. R. (2019). Analysis of Unslotted IEEE 802.15.4 Networks With Heterogeneous Traffic Classes. IEEE Wireless Communications Letters, 8(2), 380-383. doi:10.1109/lwc.2018.2873347Bianchi, G. (2000). Performance analysis of the IEEE 802.11 distributed coordination function. IEEE Journal on Selected Areas in Communications, 18(3), 535-547. doi:10.1109/49.840210Liu, R. P., Sutton, G. J., & Collings, I. B. (2010). A New Queueing Model for QoS Analysis of IEEE 802.11 DCF with Finite Buffer and Load. IEEE Transactions on Wireless Communications, 9(8), 2664-2675. doi:10.1109/twc.2010.061010.091803Ou Yang, & Heinzelman, W. (2012). Modeling and Performance Analysis for Duty-Cycled MAC Protocols with Applications to S-MAC and X-MAC. IEEE Transactions on Mobile Computing, 11(6), 905-921. doi:10.1109/tmc.2011.121Martinez-Bauset, J., Guntupalli, L., & Li, F. Y. (2015). Performance Analysis of Synchronous Duty-Cycled MAC Protocols. IEEE Wireless Communications Letters, 4(5), 469-472. doi:10.1109/lwc.2015.2439267Guntupalli, L., Martinez-Bauset, J., Li, F. Y., & Weitnauer, M. A. (2017). Aggregated Packet Transmission in Duty-Cycled WSNs: Modeling and Performance Evaluation. IEEE Transactions on Vehicular Technology, 66(1), 563-579. doi:10.1109/tvt.2016.2536686Zhang, R., Moungla, H., Yu, J., & Mehaoua, A. (2017). Medium Access for Concurrent Traffic in Wireless Body Area Networks: Protocol Design and Analysis. IEEE Transactions on Vehicular Technology, 66(3), 2586-2599. doi:10.1109/tvt.2016.2573718Guntupalli, L., Martinez-Bauset, J., & Li, F. Y. (2018). Performance of frame transmissions and event-triggered sleeping in duty-cycled WSNs with error-prone wireless links. Computer Networks, 134, 215-227. doi:10.1016/j.comnet.2018.01.047(July, 2019). The State Transition Probabilities of the Two 2D-DTMC. Technical Report http://personales.upv.es/jmartine/public/2DDTMC.pdfCrossbow Technology Incorporated, San Jose, CA, USA http://www.openautomation.net/uploadsproductos/micaz-datasheet.pd

Optimizing resource allocation for secure SDN-based virtual network migration

International audienceRecent evolutions in cloud infrastructures allowed service providers to tailor new services for demanding customers. Providing these services confronts the infrastructure providers with costs and constraints considerations. In particular, security constraints are a major concern for today's businesses as the leak of personal information would tarnish their reputation. Recent works provide examples on how an attacker may leverage the infrastructure's weaknesses to steal sensitive information from the users. Specifically, an attacker can leverage maintenance processes inside the infrastructure to conduct an attack. In this paper, we consider the migration of a virtual network as the maintenance process. Then we determine the optimal monitoring resources allocation in this context with a Markov Decision Process. This model takes into account the impact of monitoring the infrastructure, the migration process and finally how the attacker may chose particular targets in the infrastructure. We provide a working prototype implemented in Python

Ciosy:A collaborative blockchain-based insurance system

The insurance industry is heavily dependent on several processes executed among multiple entities, such as insurer, insured, and third-party services. The increasingly competitive environment is pushing insurance companies to use advanced technologies to address multiple challenges, namely lack of trust, lack of transparency, and economic instability. To this end, blockchain is used as an emerging technology that enables transparent and secure data storage and transmission. In this paper, we propose CioSy, a collaborative blockchain-based insurance system for monitoring and processing the insurance transactions. To the best of our knowledge, the existing approaches do not consider collaborative insurance to achieve an automated, transparent, and tamper-proof solution. CioSy aims at automating the insurance policy processing, claim handling, and payment using smart contracts. For validation purposes, an experimental prototype is developed on Ethereum blockchain. Our experimental results show that the proposed approach is both feasible and economical in terms of time and cost

Unobtrusive Health Monitoring in Private Spaces: The Smart Vehicle

Unobtrusive in-vehicle health monitoring has the potential to use the driving time to perform regular medical check-ups. This work intends to provide a guide to currently proposed sensor systems for in-vehicle monitoring and to answer, in particular, the questions: (1) Which sensors are suitable for in-vehicle data collection? (2) Where should the sensors be placed? (3) Which biosignals or vital signs can be monitored in the vehicle? (4) Which purposes can be supported with the health data? We reviewed retrospective literature systematically and summarized the up-to-date research on leveraging sensor technology for unobtrusive in-vehicle health monitoring. PubMed, IEEE Xplore, and Scopus delivered 959 articles. We firstly screened titles and abstracts for relevance. Thereafter, we assessed the entire articles. Finally, 46 papers were included and analyzed. A guide is provided to the currently proposed sensor systems. Through this guide, potential sensor information can be derived from the biomedical data needed for respective purposes. The suggested locations for the corresponding sensors are also linked. Fifteen types of sensors were found. Driver-centered locations, such as steering wheel, car seat, and windscreen, are frequently used for mounting unobtrusive sensors, through which some typical biosignals like heart rate and respiration rate are measured. To date, most research focuses on sensor technology development, and most application-driven research aims at driving safety. Health-oriented research on the medical use of sensor-derived physiological parameters is still of interest

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte

Survey on RPL enhancements: a focus on topology, security and mobility

International audienceA few years ago, the IPv6 Routing Protocol for Low-power and Lossy Networks (RPL) was proposed by IETF as the routing standard designed for classes of networks in which both nodes and their interconnects are constrained. Since then, great attention has been paid by the scientific and industrial communities for the protocol evaluation and improvement. Indeed, depending on applications scenarios, constraints related to the target environments or other requirements, many adaptations and improvements can be made. So, since the initial release of the standard, several implementations were proposed, some targeting specific optimization goals whereas others would optimize several criteria while building the routing topology. They include, but are not limited to, extending the network lifetime, maximizing throughput at the sink node, avoiding the less secured nodes, considering nodes or sink mobility. Sometimes, to consider the Quality of Service (QoS), it is necessary to consider several of those criteria at the same time. This paper reviews recent works on RPL and highlights major contributions to its improvement, especially those related to topology optimization, security and mobility. We aim to provide an insight into relevant efforts around the protocol, draw some lessons and give useful guidelines for future developments

A Low-Cost IoT-Based System to Monitor the Location of a Whole Herd

Animal location technologies have evolved considerably in the last 60 years. Nowadays, animal tracking solutions based on global positioning systems (GPS) are commercially available. However, existing devices have several constraints, mostly related to wireless data transmission and financial cost, which make impractical the monitorization of all the animals in a herd. The main objective of this work is to develop a low-cost solution to enable the monitorization of a whole herd. An IoT-based system, which requires some animals of the herd being fitted with GPS collars connected to a Sigfox network and the rest with low-cost Bluetooth tags, has been developed. Its performance has been tested in two commercial farms, raising sheep and beef cattle, through the monitorization of 50 females in each case. Several collar/tag ratios, which define the cost per animal of the solution, have been simulated. Results demonstrate that a low collar/tag ratio enable the monitorization of a whole sheep herd. A larger ratio is needed for beef cows because of their grazing behavior. Nevertheless, the optimal ratio depends on the purpose of location data. Large variability has been observed for the number of hourly and daily messages from collars and tags. The system effectiveness for the monitorization of all the animals in a herd has been certainly proved

Blockchain-Based Services Implemented in a Microservices Architecture Using a Trusted Platform Module Applied to Electric Vehicle Charging Stations

Microservice architectures exploit container-based virtualized services, which rarely use hardware-based cryptography. A trusted platform module (TPM) offers a hardware root for trust in services that makes use of cryptographic operations. The virtualization of this hardware module offers high usability for other types of service that require TPM functionalities. This paper proposes the design of TPM virtualization in a container. To ensure integrity, different mechanisms, such as attestation and sealing, have been developed for the binaries and libraries stored in the container volumes. Through a REST API, the container offers the functionalities of a TPM, such as key generation and signing. To prevent unauthorized access to the container, this article proposes an authentication mechanism based on tokens issued by the Cognito Amazon Web Service. As a proof of concept and applicability in industry, a use case for electric vehicle charging stations using a microservice-based architecture is proposed. Using the EOS.IO blockchain to maintain a copy of the data, the virtualized TPM microservice provides the cryptographic operations necessary for blockchain transactions. Through a two-factor authentication mechanism, users can access the data. This scenario shows the potential of using blockchain technologies in microservice-based architectures, where microservices such as the virtualized TPM fill a security gap in these architectures.Infineon TechnologiesProgram “Digitalisierung der EnergiewendeBundesministeriums für Wirtschaft und EnergieTrusted Blockchains fur das offene, intelligente Energienetz der Zukunft (tbiEnergy)FKZ 03EI6029DEuropean Health and Digital Executive Agency (HaDEA) program under Grant Agreement No 101092950 (EDGELESS project)FEDER/Junta de Andalucia-Consejeria de Transformacion Economica, Industria, Conocimiento y Universidades under Project B-TIC-588-UGR20