81,613 research outputs found
Bkd-FedGNN: A Benchmark for Classification Backdoor Attacks on Federated Graph Neural Network
Federated Graph Neural Network (FedGNN) has recently emerged as a rapidly
growing research topic, as it integrates the strengths of graph neural networks
and federated learning to enable advanced machine learning applications without
direct access to sensitive data. Despite its advantages, the distributed nature
of FedGNN introduces additional vulnerabilities, particularly backdoor attacks
stemming from malicious participants. Although graph backdoor attacks have been
explored, the compounded complexity introduced by the combination of GNNs and
federated learning has hindered a comprehensive understanding of these attacks,
as existing research lacks extensive benchmark coverage and in-depth analysis
of critical factors. To address these limitations, we propose Bkd-FedGNN, a
benchmark for backdoor attacks on FedGNN. Specifically, Bkd-FedGNN decomposes
the graph backdoor attack into trigger generation and injection steps, and
extending the attack to the node-level federated setting, resulting in a
unified framework that covers both node-level and graph-level classification
tasks. Moreover, we thoroughly investigate the impact of multiple critical
factors in backdoor attacks on FedGNN. These factors are categorized into
global-level and local-level factors, including data distribution, the number
of malicious attackers, attack time, overlapping rate, trigger size, trigger
type, trigger position, and poisoning rate. Finally, we conduct comprehensive
evaluations on 13 benchmark datasets and 13 critical factors, comprising 1,725
experimental configurations for node-level and graph-level tasks from six
domains. These experiments encompass over 8,000 individual tests, allowing us
to provide a thorough evaluation and insightful observations that advance our
understanding of backdoor attacks on FedGNN.The Bkd-FedGNN benchmark is
publicly available at https://github.com/usail-hkust/BkdFedGCN
On specification-based cyber-attack detection in smart grids
The transformation of power grids into intelligent cyber-physical systems brings numerous benefits, but also significantly increases the surface for cyber-attacks, demanding appropriate countermeasures. However, the development, validation, and testing of data-driven countermeasures against cyber-attacks, such as machine learning-based detection approaches, lack important data from real-world cyber incidents. Unlike attack data from real-world cyber incidents, infrastructure knowledge and standards are accessible through expert and domain knowledge. Our proposed approach uses domain knowledge to define the behavior of a smart grid under non-attack conditions and detect attack patterns and anomalies. Using a graph-based specification formalism, we combine cross-domain knowledge that enables the generation of whitelisting rules not only for statically defined protocol fields but also for communication flows and technical operation boundaries. Finally, we evaluate our specification-based intrusion detection system against various attack scenarios and assess detection quality and performance. In particular, we investigate a data manipulation attack in a future-orientated use case of an IEC 60870-based SCADA system that controls distributed energy resources in the distribution grid. Our approach can detect severe data manipulation attacks with high accuracy in a timely and reliable manner
OnionBots: Subverting Privacy Infrastructure for Cyber Attacks
Over the last decade botnets survived by adopting a sequence of increasingly
sophisticated strategies to evade detection and take overs, and to monetize
their infrastructure. At the same time, the success of privacy infrastructures
such as Tor opened the door to illegal activities, including botnets,
ransomware, and a marketplace for drugs and contraband. We contend that the
next waves of botnets will extensively subvert privacy infrastructure and
cryptographic mechanisms. In this work we propose to preemptively investigate
the design and mitigation of such botnets. We first, introduce OnionBots, what
we believe will be the next generation of resilient, stealthy botnets.
OnionBots use privacy infrastructures for cyber attacks by completely
decoupling their operation from the infected host IP address and by carrying
traffic that does not leak information about its source, destination, and
nature. Such bots live symbiotically within the privacy infrastructures to
evade detection, measurement, scale estimation, observation, and in general all
IP-based current mitigation techniques. Furthermore, we show that with an
adequate self-healing network maintenance scheme, that is simple to implement,
OnionBots achieve a low diameter and a low degree and are robust to
partitioning under node deletions. We developed a mitigation technique, called
SOAP, that neutralizes the nodes of the basic OnionBots. We also outline and
discuss a set of techniques that can enable subsequent waves of Super
OnionBots. In light of the potential of such botnets, we believe that the
research community should proactively develop detection and mitigation methods
to thwart OnionBots, potentially making adjustments to privacy infrastructure.Comment: 12 pages, 8 figure
On Counteracting Byzantine Attacks in Network Coded Peer-to-Peer Networks
Random linear network coding can be used in peer-to-peer networks to increase
the efficiency of content distribution and distributed storage. However, these
systems are particularly susceptible to Byzantine attacks. We quantify the
impact of Byzantine attacks on the coded system by evaluating the probability
that a receiver node fails to correctly recover a file. We show that even for a
small probability of attack, the system fails with overwhelming probability. We
then propose a novel signature scheme that allows packet-level Byzantine
detection. This scheme allows one-hop containment of the contamination, and
saves bandwidth by allowing nodes to detect and drop the contaminated packets.
We compare the net cost of our signature scheme with various other Byzantine
schemes, and show that when the probability of Byzantine attacks is high, our
scheme is the most bandwidth efficient.Comment: 26 pages, 9 figures, Submitted to IEEE Journal on Selected Areas in
Communications (JSAC) "Mission Critical Networking
A Topological Investigation of Phase Transitions of Cascading Failures in Power Grids
Cascading failures are one of the main reasons for blackouts in electric
power transmission grids. The economic cost of such failures is in the order of
tens of billion dollars annually. The loading level of power system is a key
aspect to determine the amount of the damage caused by cascading failures.
Existing studies show that the blackout size exhibits phase transitions as the
loading level increases. This paper investigates the impact of the topology of
a power grid on phase transitions in its robustness. Three spectral graph
metrics are considered: spectral radius, effective graph resistance and
algebraic connectivity. Experimental results from a model of cascading failures
in power grids on the IEEE power systems demonstrate the applicability of these
metrics to design/optimize a power grid topology for an enhanced phase
transition behavior of the system
LightChain: A DHT-based Blockchain for Resource Constrained Environments
As an append-only distributed database, blockchain is utilized in a vast
variety of applications including the cryptocurrency and Internet-of-Things
(IoT). The existing blockchain solutions have downsides in communication and
storage efficiency, convergence to centralization, and consistency problems. In
this paper, we propose LightChain, which is the first blockchain architecture
that operates over a Distributed Hash Table (DHT) of participating peers.
LightChain is a permissionless blockchain that provides addressable blocks and
transactions within the network, which makes them efficiently accessible by all
the peers. Each block and transaction is replicated within the DHT of peers and
is retrieved in an on-demand manner. Hence, peers in LightChain are not
required to retrieve or keep the entire blockchain. LightChain is fair as all
of the participating peers have a uniform chance of being involved in the
consensus regardless of their influence such as hashing power or stake.
LightChain provides a deterministic fork-resolving strategy as well as a
blacklisting mechanism, and it is secure against colluding adversarial peers
attacking the availability and integrity of the system. We provide mathematical
analysis and experimental results on scenarios involving 10K nodes to
demonstrate the security and fairness of LightChain. As we experimentally show
in this paper, compared to the mainstream blockchains like Bitcoin and
Ethereum, LightChain requires around 66 times less per node storage, and is
around 380 times faster on bootstrapping a new node to the system, while each
LightChain node is rewarded equally likely for participating in the protocol
- …