65 research outputs found
Machine Learning-Based Detection for Cyber Security Attacks on Connected and Autonomous Vehicles
Connected and Autonomous Vehicle (CAV)-related initiatives have become some of the fastest expanding in recent years, and have started to affect the daily lives of people. More and more companies and research organizations have announced their initiatives, and some have started CAV road trials. Governments around the world have also introduced policies to support and accelerate the deployments of CAVs. Along these, issues such as CAV cyber security have become predominant, forming an essential part of the complications of CAV deployment. There is, however, no universally agreed upon or recognized framework for CAV cyber security. In this paper, following the UK CAV cyber security principles, we propose a UML (Unified Modeling Language)-based CAV cyber security framework, and based on which we classify the potential vulnerabilities of CAV systems. With this framework, a new CAV communication cyber-attack data set (named CAV-KDD) is generated based on the widely tested benchmark data set KDD99. This data set focuses on the communication-based CAV cyber-attacks. Two classification models are developed, using two machine learning algorithms, namely Decision Tree and Naive Bayes, based on the CAV-KDD training data set. The accuracy, precision and runtime of these two models when identifying each type of communication-based attacks are compared and analysed. It is found that the Decision Tree model requires a shorter runtime, and is more appropriate for CAV communication attack detection
Distributed System Fuzzing
Grey-box fuzzing is the lightweight approach of choice for finding bugs in
sequential programs. It provides a balance between efficiency and effectiveness
by conducting a biased random search over the domain of program inputs using a
feedback function from observed test executions. For distributed system
testing, however, the state-of-practice is represented today by only black-box
tools that do not attempt to infer and exploit any knowledge of the system's
past behaviours to guide the search for bugs.
In this work, we present Mallory: the first framework for grey-box
fuzz-testing of distributed systems. Unlike popular black-box distributed
system fuzzers, such as Jepsen, that search for bugs by randomly injecting
network partitions and node faults or by following human-defined schedules,
Mallory is adaptive. It exercises a novel metric to learn how to maximize the
number of observed system behaviors by choosing different sequences of faults,
thus increasing the likelihood of finding new bugs. The key enablers for our
approach are the new ideas of timeline-driven testing and timeline abstraction
that provide the feedback function guiding a biased random search for failures.
Mallory dynamically constructs Lamport timelines of the system behaviour,
abstracts these timelines into happens-before summaries, and introduces faults
guided by its real-time observation of the summaries.
We have evaluated Mallory on a diverse set of widely-used industrial
distributed systems. Compared to the start-of-the-art black-box fuzzer Jepsen,
Mallory explores more behaviours and takes less time to find bugs. Mallory
discovered 22 zero-day bugs (of which 18 were confirmed by developers),
including 10 new vulnerabilities, in rigorously-tested distributed systems such
as Braft, Dqlite, and Redis. 6 new CVEs have been assigned
GPS/GLONASS carrier phase elevation-dependent stochastic modelling estimation and its application in bridge monitoring
The Global Positioning System (GPS) based monitoring technology has been recognised as an essential tool in the long-span bridge health monitoring throughout the world in recent years. However, the high observation noise is still a big problem that limits the high precision displacement extraction and vibration response detection. To solve this problem, GPS double-difference model and many other specific function models have been developed to eliminate systematic errors e.g. unmodeled atmospheric delays, multipath effect and hardware delays. However, relatively less attention has been given to the noise reduction in the deformation monitoring area. In this paper, we first proposed a new carrier phase elevation-dependent precision estimation method with Geometry-Free (GF) and Melbourne-Wü bbena (MW) linear combinations, which is appropriate to regardless of Code Division Multiple Access (CDMA) system (GPS) or Frequency Division Multiple Access (FDMA) system (GLONASS). Then, the method is used to estimate the receiver internal noise and the realistic GNSS stochastic model with a group of zero-baselines and short-baselines (served for the GNSS and Earth Observation for Structural Health Monitoring of Bridges (GeoSHM) project), and to demonstrate their impacts on the positioning. At last, the contribution of integration of GPS and GLONASS is introduced to see the performance of noise reduction with multi-GNSS. The results show that the higher level receiver internal noise in cost effective receivers has less influences on the short-baseline data processing. The high noise effects introduced by the low elevation satellite and the geometry variation caused by rising and dropping satellites, can be reduced by 10–20% with the refined carrier phase elevation-dependent stochastic model. Furthermore, based on observations from GPS and GLONASS with the refined stochastic model, the noise can be reduced by 30–40%, and the spurious signals in the real-life bridge displacements tend to be completely eliminated
Linear-time Temporal Logic guided Greybox Fuzzing
Software model checking is a verification technique which is widely used for
checking temporal properties of software systems. Even though it is a property
verification technique, its common usage in practice is in "bug finding", that
is, finding violations of temporal properties. Motivated by this observation
and leveraging the recent progress in fuzzing, we build a greybox fuzzing
framework to find violations of Linear-time Temporal Logic (LTL) properties.
Our framework takes as input a sequential program written in C/C++, and an
LTL property. It finds violations, or counterexample traces, of the LTL
property in stateful software systems; however, it does not achieve
verification. Our work substantially extends directed greybox fuzzing to
witness arbitrarily complex event orderings. We note that existing directed
greybox fuzzing approaches are limited to witnessing reaching a location or
witnessing simple event orderings like use-after-free. At the same time,
compared to model checkers, our approach finds the counterexamples faster,
thereby finding more counterexamples within a given time budget.
Our LTL-Fuzzer tool, built on top of the AFL fuzzer, is shown to be effective
in detecting bugs in well-known protocol implementations, such as OpenSSL and
Telnet. We use LTL-Fuzzer to reproduce known vulnerabilities (CVEs), to find 15
zero-day bugs by checking properties extracted from RFCs (for which 10 CVEs
have been assigned), and to find violations of both safety as well as liveness
properties in real-world protocol implementations. Our work represents a
practical advance over software model checkers -- while simultaneously
representing a conceptual advance over existing greybox fuzzers. Our work thus
provides a starting point for understanding the unexplored synergies between
software model checking and greybox fuzzing.Comment: To appear in International Conference on Software Engineering (ICSE)
202
SSRESF: Sensitivity-aware Single-particle Radiation Effects Simulation Framework in SoC Platforms based on SVM Algorithm
The ever-expanding scale of integrated circuits has brought about a
significant rise in the design risks associated with radiation-resistant
integrated circuit chips. Traditional single-particle experimental methods,
with their iterative design approach, are increasingly ill-suited for the
challenges posed by large-scale integrated circuits. In response, this article
introduces a novel sensitivity-aware single-particle radiation effects
simulation framework tailored for System-on-Chip platforms. Based on SVM
algorithm we have implemented fast finding and classification of sensitive
circuit nodes. Additionally, the methodology automates soft error analysis
across the entire software stack. The study includes practical experiments
focusing on RISC-V architecture, encompassing core components, buses, and
memory systems. It culminates in the establishment of databases for Single
Event Upsets (SEU) and Single Event Transients (SET), showcasing the practical
efficacy of the proposed methodology in addressing radiation-induced challenges
at the scale of contemporary integrated circuits. Experimental results have
shown up to 12.78X speed-up on the basis of achieving 94.58% accuracy.Comment: Accepted to the 61th ACM/IEEE Design Automation conference (DAC 2024
Reliable dynamic monitoring of bridges with integrated GPS and BeiDou
In recent years, global positioning system (GPS) has been widely used for the measurement of deflections of bridges. However, due to multipath and satellite signal obstructions caused by towers, cables, and passing vehicles, the reliability of deformation monitoring with GPS is still a problem. Recent research with respect to multi–global navigation satellite system (multi-GNSS) technology, though, has enhanced satellite visibility and availability for positioning, navigation, and timing (PNT) for users. Its benefits involving application in bridge monitoring are still rarely studied. In this paper, we propose a composite strategy where integrated GPS and BeiDou navigation satellite system (BDS) dual-frequency, carrier-phase data processing is carried out to improve the reliability of bridge monitoring with GNSS measurements. In addition, signal-to-noise ratio (SNR)–based stochastic model and postfit residual editing strategies are utilized to enhance the reliability further. In a group of fixed-point experiments, improvements of 20–30% in precision were achieved with the integrated GPS and BDS compared to GPS-only results. Based on the real GPS and BDS measurements collected on the Baishazhou Yangtze River Bridge in China, we assessed the performance of the proposed method. In the vibration experiment, no apparent effects on natural frequency identification were found by introducing BDS into the solution in an ideal observation environment. However, the combined GPS and BDS results seemed to be much more promising, with lower background noise. Meanwhile, the integrated GPS and BDS data processing with postfit residual editing and SNR-based stochastic model strategies effectively managed satellite signal obstruction and the influence of multipath effect to attain reliable dynamic deformation-monitoring information for bridges
USED: Universal Speaker Extraction and Diarization
Speaker extraction and diarization are two crucial enabling techniques for
speech applications. Speaker extraction aims to extract a target speaker's
voice from a multi-talk mixture, while speaker diarization demarcates speech
segments by speaker, identifying `who spoke when'. The previous studies have
typically treated the two tasks independently. However, the two tasks share a
similar objective, that is to disentangle the speakers in the spectral domain
for the former but in the temporal domain for the latter. It is logical to
believe that the speaker turns obtained from speaker diarization can benefit
speaker extraction, while the extracted speech offers more accurate speaker
turns than the mixture speech. In this paper, we propose a unified framework
called Universal Speaker Extraction and Diarization (USED). We extend the
existing speaker extraction model to simultaneously extract the waveforms of
all speakers. We also employ a scenario-aware differentiated loss function to
address the problem of sparsely overlapped speech in real-world conversations.
We show that the USED model significantly outperforms the baselines for both
speaker extraction and diarization tasks, in both highly overlapped and
sparsely overlapped scenarios. Audio samples are available at
https://ajyy.github.io/demo/USED/.Comment: Submitted to ICASSP 202
Pass-by-Pass Ambiguity Resolution in Single GPS Receiver PPP Using Observations for Two Sequential Days: An Exploratory Study
“Pass-by-pass” or “track-to-track” ambiguity resolution removes Global Navigation Satellite System (GNSS) satellite hardware delays between adjacent undifferenced (UD) ambiguities, which is often applied in precise orbit determination (POD) for Low Earth Orbit (LEO) satellites to improve the accuracy of orbits. In this study, we carried out an exploratory study to use the “pass-by-pass” ambiguity resolution by differencing the undifferenced ambiguity candidates for two adjacent passes in sidereal days for a single Global Positioning System (GPS) receiver static Precise Point Positioning (PPP). Using the GPS observations from 132 globally distributed reference stations of International GPS Service (IGS), we find that 99.08% wide-lane (WL) and 97.83% narrow-lane (NL) double-difference ambiguities formed by the “pass-by-pass” method for all stations can be fixed to their nearest integers within absolute fractional residuals of 0.2 cycles. These proportions are higher than the corresponding values of network solution with multiple receivers with 97.39% and 91.20%, respectively. About 97% to 98% of ambiguities can be fixed finally on average. The comparison of the estimated station coordinates with the IGS weekly solutions reveals that the Root Mean Square (RMS) in East and North directions are 2-4 mm and is about 6 mm in the Up direction. For hourly data, it is found that the mean positioning accuracy improvement can achieve to about 10% after ambiguity resolution. From a dam deformation monitoring application, it shows that the fixing rate of WL and NL ambiguity can be closed to 100% and higher than 90%, respectively. The time series generated by PPP are also in agreement with the short baseline solutions
Southward key pathways of radioactive materials from the Fukushima Daiichi Nuclear Power Plant
This study examines the interannual and seasonal variations in the distribution of radioactive materials released from the Fukushima Daiichi Nuclear Power Plant (FDNPP) accident in the surface layer of the Kuroshio Extension (KE). Focusing on the contrasting flow conditions in 2015 (southward) and 2021 (northward) – significant oscillatory phases of the KE’s mean flow axis – the research analyzes the impact of seasonal variations on particle transport pathways. The findings reveal distinct seasonal patterns: summer releases primarily follow the eastward KE movement, while winter releases exhibit a southward trajectory. The study further quantifies the transport timescales, demonstrating that particles can reach the Luzon Strait within 10 months, subsequently diverging northward along the Kuroshio and northwestward along the Kuroshio Branch Current, potentially entering the South China Sea within 13 months. This research contributes valuable insights into the seasonal dynamics governing the dispersion and transport of Fukushima-derived radioisotopes in the surface ocean, highlighting the crucial role of the KE in influencing their trajectories
I4U System Description for NIST SRE'20 CTS Challenge
This manuscript describes the I4U submission to the 2020 NIST Speaker
Recognition Evaluation (SRE'20) Conversational Telephone Speech (CTS)
Challenge. The I4U's submission was resulted from active collaboration among
researchers across eight research teams - IR (Singapore), UEF (Finland),
VALPT (Italy, Spain), NEC (Japan), THUEE (China), LIA (France), NUS
(Singapore), INRIA (France) and TJU (China). The submission was based on the
fusion of top performing sub-systems and sub-fusion systems contributed by
individual teams. Efforts have been spent on the use of common development and
validation sets, submission schedule and milestone, minimizing inconsistency in
trial list and score file format across sites.Comment: SRE 2021, NIST Speaker Recognition Evaluation Workshop, CTS Speaker
Recognition Challenge, 14-12 December 202
- …