1,033 research outputs found
The Challenges in SDN/ML Based Network Security : A Survey
Machine Learning is gaining popularity in the network security domain as many
more network-enabled devices get connected, as malicious activities become
stealthier, and as new technologies like Software Defined Networking (SDN)
emerge. Sitting at the application layer and communicating with the control
layer, machine learning based SDN security models exercise a huge influence on
the routing/switching of the entire SDN. Compromising the models is
consequently a very desirable goal. Previous surveys have been done on either
adversarial machine learning or the general vulnerabilities of SDNs but not
both. Through examination of the latest ML-based SDN security applications and
a good look at ML/SDN specific vulnerabilities accompanied by common attack
methods on ML, this paper serves as a unique survey, making a case for more
secure development processes of ML-based SDN security applications.Comment: 8 pages. arXiv admin note: substantial text overlap with
arXiv:1705.0056
Visual Analytics of Neuron Vulnerability to Adversarial Attacks on Convolutional Neural Networks
Adversarial attacks on a convolutional neural network (CNN) -- injecting
human-imperceptible perturbations into an input image -- could fool a
high-performance CNN into making incorrect predictions. The success of
adversarial attacks raises serious concerns about the robustness of CNNs, and
prevents them from being used in safety-critical applications, such as medical
diagnosis and autonomous driving. Our work introduces a visual analytics
approach to understanding adversarial attacks by answering two questions: (1)
which neurons are more vulnerable to attacks and (2) which image features do
these vulnerable neurons capture during the prediction? For the first question,
we introduce multiple perturbation-based measures to break down the attacking
magnitude into individual CNN neurons and rank the neurons by their
vulnerability levels. For the second, we identify image features (e.g., cat
ears) that highly stimulate a user-selected neuron to augment and validate the
neuron's responsibility. Furthermore, we support an interactive exploration of
a large number of neurons by aiding with hierarchical clustering based on the
neurons' roles in the prediction. To this end, a visual analytics system is
designed to incorporate visual reasoning for interpreting adversarial attacks.
We validate the effectiveness of our system through multiple case studies as
well as feedback from domain experts.Comment: Accepted by the Special Issue on Human-Centered Explainable AI, ACM
Transactions on Interactive Intelligent System
Talking Trojan: Analyzing an Industry-Wide Disclosure
While vulnerability research often focuses on technical findings and
post-public release industrial response, we provide an analysis of the rest of
the story: the coordinated disclosure process from discovery through public
release. The industry-wide 'Trojan Source' vulnerability which affected most
compilers, interpreters, code editors, and code repositories provided an
interesting natural experiment, enabling us to compare responses by firms
versus nonprofits and by firms that managed their own response versus firms
that outsourced it. We document the interaction with bug bounty programs,
government disclosure assistance, academic peer review, and press coverage,
among other topics. We compare the response to an attack on source code with
the response to a comparable attack on NLP systems employing machine-learning
techniques. We conclude with recommendations to improve the global coordinated
disclosure system
AI Potentiality and Awareness: A Position Paper from the Perspective of Human-AI Teaming in Cybersecurity
This position paper explores the broad landscape of AI potentiality in the
context of cybersecurity, with a particular emphasis on its possible risk
factors with awareness, which can be managed by incorporating human experts in
the loop, i.e., "Human-AI" teaming. As artificial intelligence (AI)
technologies advance, they will provide unparalleled opportunities for attack
identification, incident response, and recovery. However, the successful
deployment of AI into cybersecurity measures necessitates an in-depth
understanding of its capabilities, challenges, and ethical and legal
implications to handle associated risk factors in real-world application areas.
Towards this, we emphasize the importance of a balanced approach that
incorporates AI's computational power with human expertise. AI systems may
proactively discover vulnerabilities and detect anomalies through pattern
recognition, and predictive modeling, significantly enhancing speed and
accuracy. Human experts can explain AI-generated decisions to stakeholders,
regulators, and end-users in critical situations, ensuring responsibility and
accountability, which helps establish trust in AI-driven security solutions.
Therefore, in this position paper, we argue that human-AI teaming is worthwhile
in cybersecurity, in which human expertise such as intuition, critical
thinking, or contextual understanding is combined with AI's computational power
to improve overall cyber defenses.Comment: 10 pages, Springe
Adversarial Training Towards Robust Multimedia Recommender System
With the prevalence of multimedia content on the Web, developing recommender
solutions that can effectively leverage the rich signal in multimedia data is
in urgent need. Owing to the success of deep neural networks in representation
learning, recent advance on multimedia recommendation has largely focused on
exploring deep learning methods to improve the recommendation accuracy. To
date, however, there has been little effort to investigate the robustness of
multimedia representation and its impact on the performance of multimedia
recommendation.
In this paper, we shed light on the robustness of multimedia recommender
system. Using the state-of-the-art recommendation framework and deep image
features, we demonstrate that the overall system is not robust, such that a
small (but purposeful) perturbation on the input image will severely decrease
the recommendation accuracy. This implies the possible weakness of multimedia
recommender system in predicting user preference, and more importantly, the
potential of improvement by enhancing its robustness. To this end, we propose a
novel solution named Adversarial Multimedia Recommendation (AMR), which can
lead to a more robust multimedia recommender model by using adversarial
learning. The idea is to train the model to defend an adversary, which adds
perturbations to the target image with the purpose of decreasing the model's
accuracy. We conduct experiments on two representative multimedia
recommendation tasks, namely, image recommendation and visually-aware product
recommendation. Extensive results verify the positive effect of adversarial
learning and demonstrate the effectiveness of our AMR method. Source codes are
available in https://github.com/duxy-me/AMR.Comment: TKD
Artificial Intelligence and Machine Learning in Cybersecurity: Applications, Challenges, and Opportunities for MIS Academics
The availability of massive amounts of data, fast computers, and superior machine learning (ML) algorithms has spurred interest in artificial intelligence (AI). It is no surprise, then, that we observe an increase in the application of AI in cybersecurity. Our survey of AI applications in cybersecurity shows most of the present applications are in the areas of malware identification and classification, intrusion detection, and cybercrime prevention. We should, however, be aware that AI-enabled cybersecurity is not without its drawbacks. Challenges to AI solutions include a shortage of good quality data to train machine learning models, the potential for exploits via adversarial AI/ML, and limited human expertise in AI. However, the rewards in terms of increased accuracy of cyberattack predictions, faster response to cyberattacks, and improved cybersecurity make it worthwhile to overcome these challenges. We present a summary of the current research on the application of AI and ML to improve cybersecurity, challenges that need to be overcome, and research opportunities for academics in management information systems
- …