Golden Reference-Free Hardware Trojan Localization using Graph Convolutional Network

The globalization of the Integrated Circuit (IC) supply chain has moved most of the design, fabrication, and testing process from a single trusted entity to various untrusted third-party entities worldwide. The risk of using untrusted third-Party Intellectual Property (3PIP) is the possibility for adversaries to insert malicious modifications known as Hardware Trojans (HTs). These HTs can compromise the integrity, deteriorate the performance, deny the service, and alter the functionality of the design. While numerous HT detection methods have been proposed in the literature, the crucial task of HT localization is overlooked. Moreover, a few existing HT localization methods have several weaknesses: reliance on a golden reference, inability to generalize for all types of HT, lack of scalability, low localization resolution, and manual feature engineering/property definition. To overcome their shortcomings, we propose a novel, golden reference-free HT localization method at the pre-silicon stage by leveraging Graph Convolutional Network (GCN). In this work, we convert the circuit design to its intrinsic data structure, graph and extract the node attributes. Afterward, the graph convolution performs automatic feature extraction for nodes to classify the nodes as Trojan or benign. Our automated approach does not burden the designer with manual code review. It locates the Trojan signals with 99.6% accuracy, 93.1% F1-score, and a false-positive rate below 0.009%.Comment: IEEE Transactions on Very Large Scale Integration Systems (TVLSI), 202

Cyber-security for embedded systems: methodologies, techniques and tools

L'abstract è presente nell'allegato / the abstract is in the attachmen

Neural malware detection

At the heart of today’s malware problem lies theoretically infinite diversity created by metamorphism. The majority of conventional machine learning techniques tackle the problem with the assumptions that a sufficiently large number of training samples exist and that the training set is independent and identically distributed. However, the lack of semantic features combined with the models under these wrong assumptions result largely in overfitting with many false positives against real world samples, resulting in systems being left vulnerable to various adversarial attacks. A key observation is that modern malware authors write a script that automatically generates an arbitrarily large number of diverse samples that share similar characteristics in program logic, which is a very cost-effective way to evade detection with minimum effort. Given that many malware campaigns follow this paradigm of economic malware manufacturing model, the samples within a campaign are likely to share coherent semantic characteristics. This opens up a possibility of one-to-many detection. Therefore, it is crucial to capture this non-linear metamorphic pattern unique to the campaign in order to detect these seemingly diverse but identically rooted variants. To address these issues, this dissertation proposes novel deep learning models, including generative static malware outbreak detection model, generative dynamic malware detection model using spatio-temporal isomorphic dynamic features, and instruction cognitive malware detection. A comparative study on metamorphic threats is also conducted as part of the thesis. Generative adversarial autoencoder (AAE) over convolutional network with global average pooling is introduced as a fundamental deep learning framework for malware detection, which captures highly complex non-linear metamorphism through translation invariancy and local variation insensitivity. Generative Adversarial Network (GAN) used as a part of the framework enables oneshot training where semantically isomorphic malware campaigns are identified by a single malware instance sampled from the very initial outbreak. This is a major innovation because, to the best of our knowledge, no approach has been found to this challenging training objective against the malware distribution that consists of a large number of very sparse groups artificially driven by arms race between attackers and defenders. In addition, we propose a novel method that extracts instruction cognitive representation from uninterpreted raw binary executables, which can be used for oneto- many malware detection via one-shot training against frequency spectrum of the Transformer’s encoded latent representation. The method works regardless of the presence of diverse malware variations while remaining resilient to adversarial attacks that mostly use random perturbation against raw binaries. Comprehensive performance analyses including mathematical formulations and experimental evaluations are provided, with the proposed deep learning framework for malware detection exhibiting a superior performance over conventional machine learning methods. The methods proposed in this thesis are applicable to a variety of threat environments here artificially formed sparse distributions arise at the cyber battle fronts.Doctor of Philosoph

Women in Science 2014

Women in Science 2014 summarizes research done by Smith College’s Summer Research Fellowship (SURF) Program participants. Ever since its 1967 start, SURF has been a cornerstone of Smith’s science education. In 2014, 150 students participated in SURF (141 hosted on campus and nearby eld sites), supervised by 61 faculty mentor-advisors drawn from the Clark Science Center and connected to its eighteen science, mathematics, and engineering departments and programs and associated centers and units. At summer’s end, SURF participants were asked to summarize their research experiences for this publication.https://scholarworks.smith.edu/clark_womeninscience/1003/thumbnail.jp

Modélisation formelle des systèmes de détection d'intrusions

L’écosystème de la cybersécurité évolue en permanence en termes du nombre, de la diversité, et de la complexité des attaques. De ce fait, les outils de détection deviennent inefficaces face à certaines attaques. On distingue généralement trois types de systèmes de détection d’intrusions : détection par anomalies, détection par signatures et détection hybride. La détection par anomalies est fondée sur la caractérisation du comportement habituel du système, typiquement de manière statistique. Elle permet de détecter des attaques connues ou inconnues, mais génère aussi un très grand nombre de faux positifs. La détection par signatures permet de détecter des attaques connues en définissant des règles qui décrivent le comportement connu d’un attaquant. Cela demande une bonne connaissance du comportement de l’attaquant. La détection hybride repose sur plusieurs méthodes de détection incluant celles sus-citées. Elle présente l’avantage d’être plus précise pendant la détection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour l’expression de règles de reconnaissance d’attaques. Le nombre d’attaques potentielles étant très grand, ces bases de règles deviennent rapidement difficiles à gérer et à maintenir. De plus, l’expression de règles avec état dit stateful est particulièrement ardue pour reconnaître une séquence d’événements. Dans cette thèse, nous proposons une approche stateful basée sur les diagrammes d’état-transition algébriques (ASTDs) afin d’identifier des attaques complexes. Les ASTDs permettent de représenter de façon graphique et modulaire une spécification, ce qui facilite la maintenance et la compréhension des règles. Nous étendons la notation ASTD avec de nouvelles fonctionnalités pour représenter des attaques complexes. Ensuite, nous spécifions plusieurs attaques avec la notation étendue et exécutons les spécifications obtenues sur des flots d’événements à l’aide d’un interpréteur pour identifier des attaques. Nous évaluons aussi les performances de l’interpréteur avec des outils industriels tels que Snort et Zeek. Puis, nous réalisons un compilateur afin de générer du code exécutable à partir d’une spécification ASTD, capable d’identifier de façon efficiente les séquences d’événements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity, and the complexity of cyber attacks. Generally, we have three types of Intrusion Detection System (IDS) : anomaly-based detection, signature-based detection, and hybrid detection. Anomaly detection is based on the usual behavior description of the system, typically in a static manner. It enables detecting known or unknown attacks but also generating a large number of false positives. Signature based detection enables detecting known attacks by defining rules that describe known attacker’s behavior. It needs a good knowledge of attacker behavior. Hybrid detection relies on several detection methods including the previous ones. It has the advantage of being more precise during detection. Tools like Snort and Zeek offer low level languages to represent rules for detecting attacks. The number of potential attacks being large, these rule bases become quickly hard to manage and maintain. Moreover, the representation of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular representation of a specification, that facilitates maintenance and understanding of rules. We extend the ASTD notation with new features to represent complex attacks. Next, we specify several attacks with the extended notation and run the resulting specifications on event streams using an interpreter to identify attacks. We also evaluate the performance of the interpreter with industrial tools such as Snort and Zeek. Then, we build a compiler in order to generate executable code from an ASTD specification, able to efficiently identify sequences of events

Additive Polynomials for Finite Groups of Lie Type

This paper provides a realization of all classical and most exceptional finite groups of Lie type as Galois groups over function fields over F_q and derives explicit additive polynomials for the extensions. Our unified approach is based on results of Matzat which give bounds for Galois groups of Frobenius modules and uses the structure and representation theory of the corresponding connected linear algebraic groups.Comment: 59 pages; v2: added reference, slightly restructured section 6.1, few small rewordings; v3: completed realization of Steinberg's triality groups (thanks to P. Mueller for solving the remaining open question); clarified argument how to use Thm. 3.

Culture, worldview and transformative philosophy of mathematics education in Nepal: a cultural-philosophical inquiry

This thesis portrays my multifaceted and emergent inquiry into the protracted problem of culturally decontextualised mathematics education faced by students of Nepal, a culturally diverse country of south Asia with more than 90 language groups. I generated initial research questions on the basis of my history as a student of primary, secondary and university levels of education in Nepal, my Master’s research project, and my professional experiences as a teacher educator working in a university of Nepal between 2004 and 2006. Through an autobiographical excavation of my experiences of culturally decontextualised mathematics education, I came up with several emergent research questions, leading to six key themes of this inquiry: (i) hegemony of the unidimensional nature of mathematics as a body of pure knowledge, (ii) unhelpful dualisms in mathematics education, (iii) disempowering reductionisms in curricular and pedagogical aspects, (iv) narrowly conceived ‘logics’ that do not account for meaningful lifeworld-oriented thinking in mathematics teaching and learning, (v) uncritical attitudes towards the image of curriculum as a thing or object, and (vi) narrowly conceived notions of globalisation, foundationalism and mathematical language that give rise to a decontextualised mathematics teacher education program.With these research themes at my disposal my aim in this research was twofold. Primarily, I intended to explore, explain and interpret problems, issues and dilemmas arising from and embedded in the research questions. Such an epistemic activity of articulation was followed by envisioning, an act of imagining futures together with reflexivity, perspectival language and inclusive vision logics.In order to carry out both epistemic activities – articulating and envisioning – I employed a multi-paradigmatic research design space, taking on board mainly the paradigms of criticalism, postmodernism, interpretivism and integralism. The critical paradigm offered a critical outlook needed to identify the research problem, to reflect upon my experiences as a mathematics teacher and teacher educator, and to make my lifetime’s subjectivities transparent to readers, whereas the paradigm of postmodernism enabled me to construct multiple genres for cultivating different aspects of my experiences of culturally decontextualised mathematics education. The paradigm of interpretivism enabled me to employ emergence as the hallmark of my inquiry, and the paradigm of integralism acted as an inclusive meta-theory of the multi-paradigmatic design space for portraying my vision of an inclusive mathematics education in Nepal.Within this multi-paradigmatic design space, I chose autoethnography and small p philosophical inquiry as my methodological referents. Autoethnography helped generate the research text of my cultural-professional contexts, whereas small p philosophical inquiry enabled me to generate new knowledge via a host of innovative epistemologies that have the goal of deepening understanding of normal educational practices by examining them critically, identifying underpinning assumptions, and reconstructing them through scholarly interpretations and envisioning. Visions cultivated through this research include: (i) an inclusive and multidimensional image of the nature of mathematics as an im/pure knowledge system, (ii) the metaphors of thirdspace and dissolution for conceiving an inclusive mathematics education, (iii) a multilogical perspective for morphing the hegemony of reductionism-inspired mathematics education, (iv) an inclusive image of mathematics curriculum as montage that provides a basis for incorporating different knowledge systems in mathematics education, and (v) perspectives of glocalisation, healthy scepticism and multilevel contextualisation for constructing an inclusive mathematics teacher education program

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies