25 research outputs found
Secure Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements
International audienc
UniASM: Binary Code Similarity Detection without Fine-tuning
Binary code similarity detection (BCSD) is widely used in various binary
analysis tasks such as vulnerability search, malware detection, clone
detection, and patch analysis. Recent studies have shown that the
learning-based binary code embedding models perform better than the traditional
feature-based approaches. In this paper, we proposed a novel transformer-based
binary code embedding model, named UniASM, to learn representations of the
binary functions. We designed two new training tasks to make the spatial
distribution of the generated vectors more uniform, which can be used directly
in BCSD without any fine-tuning. In addition, we proposed a new tokenization
approach for binary functions, increasing the token's semantic information
while mitigating the out-of-vocabulary (OOV) problem. The experimental results
show that UniASM outperforms state-of-the-art (SOTA) approaches on the
evaluation dataset. We achieved the average scores of recall@1 on
cross-compilers, cross-optimization-levels and cross-obfuscations are 0.72,
0.63, and 0.77, which is higher than existing SOTA baselines. In a real-world
task of known vulnerability searching, UniASM outperforms all the current
baselines.Comment: This work has been submitted to the IEEE for possible publication.
Copyright may be transferred without notice, after which this version may no
longer be accessibl
Enchancing RFID data quality and reliability using approximate filtering techniques
Radio Frequency Identification (RFID) is an emerging auto-identification technology
that uses radio waves to identify and track physical objects without the line of
sight. While delivering significant improvements in various aspects, such as, stock
management and inventory accuracy, there are serious data management issues that
affect RFID data quality in preparing reliable solutions. The raw read rate in real world
RFID deployments is often in the 60-70% range and naturally unreliable because of
redundant and false readings. The redundant readings result in unnecessary storage
and affect the efficiency of data processing. Furthermore, false readings that focused
on false positive readings generated by cloned tag could be mistakenly considered as
valid and affects the final results and decisions. Therefore, two approaches to enhance
the RFID data quality and reliability were proposed. A redundant reading filtering
approach based on modified Bloom Filter is presented as the existing Bloom Filter based
approaches are quite intricate. Meanwhile, even though tag cloning has been identified
as one of the serious RFID security issue, it only received little attention in the literature.
Therefore we developed a lightweight anti-cloning approach based on modified Count-
Min sketch vector and tag reading frequency from e-pedigree in observing identical
Electronic Product Code (EPC) of the low cost tag in local site and distributed region in
supply chain. Experimental results showed, that the first proposed approach, Duplicate
Filtering Hash (DFH) achieved the lowest false positive rate of 0.06% and the highest
true positive rate of 89.94% as compared to other baseline approaches. DFH is 71.1%
faster than d-Left Time Bloom Filter (DLTBF) while reducing amount of hashing
and achieved 100% true negative rate. The second proposed approach, Managing
Counterfeit Hash (MCH) performs fastest and 25.7% faster than baseline protocol
(BASE) and achieved 99% detection accuracy while DeClone 64% and BASE 77%.
Thus, this study successfully proposed approaches that can enhance the RFID data
quality and reliability
Expertise and Trust-Aware Social Web Service Recommendation
With the increasing number of Web services, the personalized recommendation of Web services has become more and more important. Fortunately, the social network popularity nowadays brings a good alternative for social recommendation to avoid the data sparsity problem that is not treated very well in the collaborative filtering approach. Since the social network provides a big data about the users, the trust concept has become necessary to filter this abundance and to foster the successful interactions between the users. In this paper, we firstly propose a trusted friend detection mechanism in a social network. The dynamic of the users’ interactions over time and the similarity of their interests have been considered. Secondly, we propose a Web service social recommendation mechanism which considers the expertise of the trusted friends according to their past invocation histories and the active user’s query. The experiments of each mechanism produced satisfactory results
Automated Framework to Improve User?s Awareness and to Categorize Friends on Online Social Networks
The popularity of online social networks has brought up new privacy threats. These threats often arise after users willingly, but unwittingly reveal their information to a wider group of people than they actually intended. Moreover, the well adapted ?friends-based? privacy control has proven to be ill-equipped to prevent dynamic information disclosure, such as in user text posts. Ironically, it fails to capture the dynamic nature of this data by reducing the problem to manual privacy management which is time-consuming, tiresome and error-prone task. This dissertation identifies an important problem with posting on social networks and proposes a unique two phase approach to the problem. First, we suggest an additional layer of security be added to social networking sites. This layer includes a framework for natural language to automatically check texts to be posted by the user and detect dangerous information disclosure so it warns the user. A set of detection rules have been developed for this purpose and tested with over 16,000 Facebook posts to confirm the detection quality. The results showed that our approach has an 85% detection rate which outperforms other existing approaches. Second, we propose utilizing trust between friends as currency to access dangerous posts. The unique feature of our approach is that the trust value is related to the absence of interaction on the given topic. To approach our goal, we defined trust metrics that can be used to determine trustworthy friends in terms of the given topic. In addition, we built a tool which calculates the metrics automatically, and then generates a list of trusted friends. Our experiments show that our approach has reasonably acceptable performance in terms of predicting friends? interactions for the given posts. Finally, we performed some data analysis on a small set of user interaction records on Facebook to show that friends? interaction could be triggered by certain topics
A Passive Testing Approach for Protocols in Wireless Sensor Networks
Smart systems are today increasingly developed with the number of wireless sensor devices drastically increasing. They are implemented within several contexts throughout our environment. Thus, sensed data transported in ubiquitous systems are important, and the way to carry them must be efficient and reliable. For that purpose, several routing protocols have been proposed for wireless sensor networks (WSN). However, one stage that is often neglected before their deployment is the conformance testing process, a crucial and challenging step. Compared to active testing techniques commonly used in wired networks, passive approaches are more suitable to the WSN environment. While some works propose to specify the protocol with state models or to analyze them with simulators and emulators, we here propose a logic-based approach for formally specifying some functional requirements of a novel WSN routing protocol. We provide an algorithm to evaluate these properties on collected protocol execution traces. Further, we demonstrate the efficiency and suitability of our approach by its application into common WSN functional properties, as well as specific ones designed from our own routing protocol. We provide relevant testing verdicts through a real indoor testbed and the implementation of our protocol. Furthermore, the flexibility, genericity and practicability of our approach have been proven by the experimental results
Phishing detection and traceback mechanism
Isredza Rahmi A Hamid’s thesis entitled Phishing Detection and Trackback Mechanism. The thesis investigates detection of phishing attacks through email, novel method to profile the attacker and tracking the attack back to the origin
Combating cyber attacks in cloud computing using machine learning techniques.
An extensive investigative survey on Cloud Computing with the main focus on gaps that is slowing down Cloud adoption as well as reviewing the threat remediation challenges. Some experimentally supported thoughts on novel approaches to address some of the widely discussed cyber-attack types using machine learning techniques. The thoughts have been constructed in such a way so that Cloud customers can detect the cyber-attacks in their VM without much help from Cloud service provide