Covert Communication Based on the Poisoning Attack in Federated Learning

Covert communication has become an important area of research in computer security. It involves hiding specific information on a carrier for message transmission and is often used to transmit private data, military secrets, and even malware. In deep learning, many methods have been developed for hiding information in models to achieve covert communication. However, these methods are not applicable to federated learning, where model aggregation invalidates the exact information embedded in the model by the client. To address this problem, we propose a novel method for covert communication in federated learning based on the poisoning attack. Our approach achieves 100% accuracy in covert message transmission between two clients and is shown to be both stealthy and robust through extensive experiments. However, existing defense methods are limited in their effectiveness against our attack scheme, highlighting the urgent need for new protection methods to be developed. Our study emphasizes the necessity of research in covert communication and serves as a foundation for future research in federated learning attacks and defenses

Covert Channels Within IRC

The exploration of advanced information hiding techniques is important to understand and defend against illicit data extractions over networks. Many techniques have been developed to covertly transmit data over networks, each differing in their capabilities, methods, and levels of complexity. This research introduces a new class of information hiding techniques for use over Internet Relay Chat (IRC), called the Variable Advanced Network IRC Stealth Handler (VANISH) system. Three methods for concealing information are developed under this framework to suit the needs of an attacker. These methods are referred to as the Throughput, Stealth, and Baseline scenarios. Each is designed for a specific purpose: to maximize channel capacity, minimize shape-based detectability, or provide a baseline for comparison using established techniques applied to IRC. The effectiveness of these scenarios is empirically tested using public IRC servers in Chicago, Illinois and Amsterdam, Netherlands. The Throughput method exfiltrates covert data at nearly 800 bits per second (bps) compared to 18 bps with the Baseline method and 0.13 bps for the Stealth method. The Stealth method uses Reed-Solomon forward error correction to reduce bit errors from 3.1% to nearly 0% with minimal additional overhead. The Stealth method also successfully evades shape-based detection tests but is vulnerable to regularity-based tests

Behavioral Mimicry Covert Communication

Covert communication refers to the process of communicating data through a channel that is neither designed, nor intended to transfer information. Traditionally, covert channels are considered as security threats in computer systems and a great deal of attention has been given to countermeasures for covert communication schemes. The evolution of computer networks led the communication community to revisit the concept of covert communication not only as a security threat but also as an alternative way of providing security and privacy to communication networks. In fact, the heterogeneous structure of computer networks and the diversity of communication protocols provide an appealing setting for covert channels. This dissertation is an exploration on a novel design methodology for undetectable and robust covert channels in communication networks. Our new design methodology is based on the concept of behavioral mimicry in computer systems. The objective is to design a covert transmitter that has enough degrees of freedom to behave like an ordinary transmitter and react normally to unpredictable network events, yet it has the ability to modulate a covert message over its behavioral fingerprints in the network. To this end, we argue that the inherent randomness in communication protocols and network environments is the key in finding the proper medium for network covert channels. We present a few examples on how random behaviors in communication protocols lead to discovery of suitable shared resources for covert channels. The proposed design methodology is tested on two new covert communication schemes, one is designed for wireless networks and the other one is optimized for public communication networks (e.g., Internet). Each design is accompanied by a comprehensive analysis from undetectability, achievable covert rate and reliability perspectives. In particular, we introduced turbo covert channels, a family of extremely robust model-based timing covert channels that achieve provable polynomial undetectability in public communication networks. This means that the covert channel is undetectable against any polynomial-time statistical test that analyzes samples of the covert traffic and the legitimate traffic of the network. Target applications for the proposed covert communication schemes are discussed including detailed practical scenarios in which the proposed channels can be implemented

UNDERWATER COMMUNICATIONS WITH ACOUSTIC STEGANOGRAPHY: RECOVERY ANALYSIS AND MODELING

In the modern warfare environment, communication is a cornerstone of combat competence. However, the increasing threat of communications-denied environments highlights the need for communications systems with low probability of intercept and detection. This is doubly true in the subsurface environment, where communications and sonar systems can reveal the tactical location of platforms and capabilities, subverting their covert mission set. A steganographic communication scheme that leverages existing technologies and unexpected data carriers is a feasible means of increasing assurance of communications, even in denied environments. This research works toward a covert communication system by determining and comparing novel symbol recovery schemes to extract data from a signal transmitted under a steganographic technique and interfered with by a simulated underwater acoustic channel. We apply techniques for reliably extracting imperceptible information from unremarkable acoustic events robust to the variability of the hostile operating environment. The system is evaluated based on performance metrics, such as transmission rate and bit error rate, and we show that our scheme is sufficient to conduct covert communications through acoustic transmissions, though we do not solve the problems of synchronization or equalization.Lieutenant, United States NavyApproved for public release. Distribution is unlimited

Public Cyberinstitutions: Signaling State Cybercapacity

Even though there has been a rapid increase in state cybercapacity over the last two decades, researchers have paid little attention to this phenomenon. In my dissertation Public Cyberinstitutions: Signaling State Cybercapacity, I employ a combination of formal theory, event history analysis, and interviews to shed light on what drives a state’s decision to develop this capacity in the form of public cyberinstitutions (PCIs)—publicly observable efforts meant to signal the state offensive and defensive cybercapacity—and the effects these PCIs have on its adversaries’ decision-making. Unlike existing scholarship which emphasizes the cyberthreat environment as the main driver of PCIs, I empirically model the international proliferation of PCIs as a diffusion process and argue that it happens through different types of networks. The distinct pathways behind different types of PCIs reflect the different types of signals each is intended to send. National cybersecurity strategies diffuse through networks of “like-minded” states, with similar preferences on cybersovereignty. The development of a military cyberapparatus diffuses through military alliance networks, following the logic of complementarity. National strategies are among the less costly PCIs a country could adopt, but—because their purpose is to articulate a country’s main goals, threats and priorities in the cyber domain—governments cannot adopt them without first considering the role the Internet plays within their polity and how heavily they wish to regulate it. Military cybersecurity units, meanwhile, have higher startup and maintenance costs, and the willingness to pay these costs sends a potentially informative signal to a country’s allies and adversaries. Rather than “free ride” off the cybercapabilities of one’s allies, however, countries tend to complement the activities of their allies (e.g., invest more if their allies invest less). I test these theoretical explanations with newly collected data sets on national cybersecurity strategies and on state cybersecurity organizations between 1999 and 2018, and find robust empirical support. Using an incomplete-information model I also demonstrate that PCIs meant to demonstrate an increase in cybercapacity only deter adversaries that are susceptible to the costs created by this increased cybercapacity. Despite this, states tend to over-invest in PCIs. In particular, weak cyber states tend to over-invest to convince adversaries that they are strong, whereas strong cyber states over-invest so that adversaries do not believe that they are weak states pretending to be strong. In doing so, these states reduce their overall cybercapacity. Through my interviews with cybersecurity experts, intelligence reports, and examples of attempted election interference campaigns, I establish the empirical plausibility of this theoretical result. These findings, which focus on a fundamentally new domain of warfare and statecraft, have important implications for national security policy.PHDPublic Policy & Political ScienceUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/163168/1/nadiya_1.pd

Privacy and Transparency in Blockchain-based Smart Grid Operations

In the past few years, blockchain technology has emerged in numerous smart grid applications, enabling the construction of systems without the need for a trusted third party. Blockchain offers transparency, traceability, and accountability, which lets various energy management system functionalities be executed through smart contracts, such as monitoring, consumption analysis, and intelligent energy adaptation. Nevertheless, revealing sensitive energy consumption information could render users vulnerable to digital and physical assaults. This paper presents a novel method for achieving a dual balance between privacy and transparency, as well as accountability and verifiability. This equilibrium requires the incorporation of cryptographic tools like Secure Mul- tiparty Computation and Verifiable Secret Sharing within the distributed components of a multi- channel blockchain and its associated smart contracts. We corroborate the suggested architecture throughout the entire process of a Demand Response scenario, from the collection of energy data to the ultimate reward. To address our proposal’s constraints, we present countermeasures against accidental crashes and Byzantine behavior while ensuring that the solution remains appropriate for low-performance IoT devices