418 research outputs found
Recommended from our members
Lithium‐Metal Batteries: Enabling Rapid Charging Lithium Metal Batteries via Surface Acoustic Wave‐Driven Electrolyte Flow (Adv. Mater. 14/2020)
NSDroid: Efficient Multi-classification of Android Malware using Neighborhood Signature in Local Function Call Graphs
With the rapid development of mobile Internet, Android applications are used more and more in people\u27s daily life. While bringing convenience and making people\u27s life smarter, Android applications also face much serious security and privacy issues, e.g., information leakage and monetary loss caused by malware. Detection and classification of malware have thus attracted much research attention in recent years. Most current malware detection and classification approaches are based on graph-based similarity analysis (e.g., subgraph isomorphism), which is well known to be time-consuming, especially for large graphs. In this paper, we propose NSDroid, a time-efficient malware multi-classification approach based on neighborhood signature in local function call graphs (FCGs). NSDroid uses a approach based on neighborhood signature to calculate the similarity of different applications\u27 FCGs, which is significantly faster than traditional approaches based on subgraph isomorphism. For each node in the FCGs, NSDroid uses a fixed-length neighborhood signature to capture the caller-callee relationship between different functions and combines neighborhood signatures of all nodes to form a vector that characterizes the function call relationship in the whole application. The generated signature vector is fed into a SVM-based classifier to determine which family the malware belongs to. Experimental results on large-scale benchmarks show that, compared with state-of-the-art solutions, NSDroid reduces average detection latency by nearly 20x, and meanwhile improves many evaluation index such as recall rate and others
A Universal Identity Backdoor Attack against Speaker Verification based on Siamese Network
Speaker verification has been widely used in many authentication scenarios.
However, training models for speaker verification requires large amounts of
data and computing power, so users often use untrustworthy third-party data or
deploy third-party models directly, which may create security risks. In this
paper, we propose a backdoor attack for the above scenario. Specifically, for
the Siamese network in the speaker verification system, we try to implant a
universal identity in the model that can simulate any enrolled speaker and pass
the verification. So the attacker does not need to know the victim, which makes
the attack more flexible and stealthy. In addition, we design and compare three
ways of selecting attacker utterances and two ways of poisoned training for the
GE2E loss function in different scenarios. The results on the TIMIT and
Voxceleb1 datasets show that our approach can achieve a high attack success
rate while guaranteeing the normal verification accuracy. Our work reveals the
vulnerability of the speaker verification system and provides a new perspective
to further improve the robustness of the system.Comment: Accepted by the Interspeech 2022. The first two authors contributed
equally to this wor
- …