Artificial intelligence in the cyber domain: Offense and defense

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41

Factors attracting foreign tourists of Ho Chi Minh City

International tourism has become one of the largest and most vital economic sectors of the global economy driving huge flows of people, commodities, and capital. Tourism has been and continues to be an important foreign exchange earner to many countries in South East Asia and Vietnam is no exception. The aim of this article is to trace the factors for visiting Ho Chi Minh city, the largest and fastest growing city of Vietnam, image of Ho Chi Minh city as a tourism destination and competitiveness of Ho Chi Minh city as a tourism destination among foreign tourists to Ho Chi Minh city. A survey was used to obtain data randomly from 200 foreign tourists visiting Ho Chi Minh city. From the results, uniqueness and self-connection are extremely important for choosing Ho Chi Minh city as a foreign city for long-haul travel. Ho Chi Minh city is at the top of the list of top five city for long-haul travel in South East Asia. Hospitality in Ho Chi Minh city was better and excellent than many long-haul cities for tourists, followed by natural environment. From the overall implications of this study, it could be concluded that a strong relationship between government, tourism industry players, local authorities, private agencies and businesses should be fostered to ensure that tourists needs, especially foreign tourists, are fulfilled. It is a known fact that foreign tourists have a high taste. Therefore the various tourism industry players need to work hand in hand to improve all types of services provided to the foreign tourists

Umělá inteligence v kybernetické bezpečnosti

Artifcial intelligence (AI) and machine learning (ML) have grown rapidly in recent years, and their applications in practice can be seen in many felds, ranging from facial recognition to image analysis. Recent developments in Artificial intelligence have a vast transformative potential for both cybersecurity defenders and cybercriminals. Anti-malware solutions adopt intelligent techniques to detect and prevent threats to the digital space. In contrast, cybercriminals are aware of the new prospects too and likely to adapt AI techniques to their operations. This thesis presents advances made so far in the field of applying AI techniques in cybersecurity for combating against cyber threats, to demonstrate how this promising technology can be a useful tool for detection and prevention of cyberattacks. Furthermore, the research examines how transnational criminal organizations and cybercriminals may leverage developing AI technology to conduct more sophisticated criminal activities. Next, the research outlines the possible dynamic new kind of malware, called X-Ware and X-sWarm, which simulates the swarm system behaviour and integrates the neural network to operate more efficiently as a background for the forthcoming anti-malware solution. This research proposes how to record and visualize the behaviour of these type of malware when it propagates through the file system, computer network (virus process is known) or by observed data analysis (virus process is not known and we observe only the data from the system). Finally, a paradigm of an anti-malware solution, named Multi agent antivirus system has been proposed in the thesis that gives the insight to develop a more robust, adaptive and flexible defence system.Význam umělé inteligence (AI) a strojového učení (ML) v posledních letech rychle rostl a na jejich aplikacích lze vidět, že v mnoha oblastech, od rozpoznávání obličeje až po analýzu obrazu, byl učiněn velký pokrok. Poslední vývoj v oblasti umělé inteligence má obrovský potenciál jak pro obránce v oblasti kybernetické bezpečnosti, tak pro ůtočníky. AI se stává řešením v otázce obrany proti modernímu malware a hraje tak důležitou roli v detekci a prevenci hrozeb v digitálním prostoru. Naproti tomu kyberzločinci jsou si vědomi nových vyhlídek ve spojení s AI a pravděpodobně přizpůsobí tyto techniky novým generacím malware, vektorům útoku a celkově jejich operacím. Tato práce představuje dosavadní pokroky aplikace technik AI v oblasti kybernetické bezpečnosti. V této oblasti tzn. v boji proti kybernetickým hrozbám se ukázuje jako slibná technologie a užitečný nástroj pro detekci a prevenci kybernetických útoků. V práci si rovněž pokládme otázku, jak mohou nadnárodní zločinecké organizace a počítačoví zločinci využít vyvíjející se technologii umělé inteligence k provádění sofistikovanějších trestných činností. Konečně, výzkum nastíní možný nový druh malware, nazvaný X-Ware, který simuluje chování hejnového systému a integruje neuronovou síť tak, aby fungovala efektivněji a tak se celý X-Ware a X-sWarm dal použít nejen jako kybernetická zbraň na útok, ale i jako antivirové obranné řešení. Tento výzkum navrhuje, jak zaznamenat a vizualizovat chování X-Ware, když se šíří prostřednictvím systému souborů, sítí a to jak analýzou jeho dynamiky (proces je znám), tak analýzou dat (proces není znám, pozorujeme jen data). Nakonec bylo v disertační práci navrženo paradigma řešení proti malwaru, jež bylo nazváno „Multi agent antivirus system“. Tato práce tedy poskytuje pohled na vývoj robustnějšího, adaptivnějšího a flexibilnějšího obranného systému.460 - Katedra informatikyvyhově

Secrecy outage probability of a NOMA scheme and impact imperfect channel state information in underlay cooperative cognitive networks

Security performance and the impact of imperfect channel state information (CSI) in underlay cooperative cognitive networks (UCCN) is investigated in this paper. In the proposed scheme, relay R uses non-orthogonal multiple access (NOMA) technology to transfer messages e1, e2 from the source node S to User 1 (U-1) and User 2 (U-2), respectively. An eavesdropper (E) is also proposed to wiretap the messages of U-1 and U-2. The transmission's security performance in the proposed system was analyzed and performed over Rayleigh fading channels. Through numerical analysis, the results showed that the proposed system's secrecy performance became more efficient when the eavesdropper node E was farther away from the source node S and the intermediate cooperative relay R. The secrecy performance of U-1 was also compared to the secrecy performance of U-2. Finally, the simulation results matched the Monte Carlo simulations well.Web of Science203art. no. 89

X-ware: a proof of concept malware utilizing artificial intelligence

Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasure

A Design of Similar High-gain and Dual-band Frequency/Polarization Reconfigurable Antenna for ISM Band Applications

This paper proposes a frequency/polarization reconfigurable antenna (RA) incorporating with Frequency Selective Surface (FSS) to achieve dual-band and similar high-gain characteristics. The proposed RA-FSS design using 4 PIN Diodes can switch between circular polarization (CP) at 1.8 GHz and linear polarization at 2.45 GHz. The fabricated prototype shows good CP performance at 1.8 GHz while the measured peak broadside gains are about 7.2 dBi at 1.8 GHz and 8.5 dBi at 2.45 GHz when PIN diode ON and OFF, respectively

Multisensor Data Fusion for Reliable Obstacle Avoidance

In this work, we propose a new approach that combines data from multiple sensors for reliable obstacle avoidance. The sensors include two depth cameras and a LiDAR arranged so that they can capture the whole 3D area in front of the robot and a 2D slide around it. To fuse the data from these sensors, we first use an external camera as a reference to combine data from two depth cameras. A projection technique is then introduced to convert the 3D point cloud data of the cameras to its 2D correspondence. An obstacle avoidance algorithm is then developed based on the dynamic window approach. A number of experiments have been conducted to evaluate our proposed approach. The results show that the robot can effectively avoid static and dynamic obstacles of different shapes and sizes in different environments.Comment: In the 11th International Conference on Control, Automation and Information Sciences (ICCAIS 2022), Hanoi, Vietna

VulCurator: A Vulnerability-Fixing Commit Detector

Open-source software (OSS) vulnerability management process is important nowadays, as the number of discovered OSS vulnerabilities is increasing over time. Monitoring vulnerability-fixing commits is a part of the standard process to prevent vulnerability exploitation. Manually detecting vulnerability-fixing commits is, however, time consuming due to the possibly large number of commits to review. Recently, many techniques have been proposed to automatically detect vulnerability-fixing commits using machine learning. These solutions either: (1) did not use deep learning, or (2) use deep learning on only limited sources of information. This paper proposes VulCurator, a tool that leverages deep learning on richer sources of information, including commit messages, code changes and issue reports for vulnerability-fixing commit classifica- tion. Our experimental results show that VulCurator outperforms the state-of-the-art baselines up to 16.1% in terms of F1-score. VulCurator tool is publicly available at https://github.com/ntgiang71096/VFDetector and https://zenodo.org/record/7034132#.Yw3MN-xBzDI, with a demo video at https://youtu.be/uMlFmWSJYOE.Comment: accepted to ESEC/FSE 2022, Tool Demos Trac

X-Swarm: The Upcoming Swarm Worm

With the rapid growth of technology in the digital landscape, cybercriminals attempt to utilize new and sophisticated techniques to autonomous and increase the speed and scale of their attacks. Meanwhile, the Dark Web infrastructures such as Tor, plays a crucial role in the criminal underground, especially for malware developers' communities. It is logical to expect that the malicious actors would utilize the combination of these techniques in shortcoming time. To better understand the upcoming threat, in this manuscript, we investigate the design and mitigation of such malware. Accordingly, we introduce X-sWarm, which will be the next generation of resilient, stealthy malware that leverages the intelligent technique and the darknet infrastructures. Furthermore, we show that with the self-healing network mechanism, X-sWarm can achieve a low diameter and a low degree and be robust to partitioning under node removal. More importantly, we suggest the mitigation technique that neutralizes the nodes of the proposed worm

AutoPruner: Transformer-Based Call Graph Pruning

Constructing a static call graph requires trade-offs between soundness and precision. Program analysis techniques for constructing call graphs are unfortunately usually imprecise. To address this problem, researchers have recently proposed call graph pruning empowered by machine learning to post-process call graphs constructed by static analysis. A machine learning model is built to capture information from the call graph by extracting structural features for use in a random forest classifier. It then removes edges that are predicted to be false positives. Despite the improvements shown by machine learning models, they are still limited as they do not consider the source code semantics and thus often are not able to effectively distinguish true and false positives. In this paper, we present a novel call graph pruning technique, AutoPruner, for eliminating false positives in call graphs via both statistical semantic and structural analysis. Given a call graph constructed by traditional static analysis tools, AutoPruner takes a Transformer-based approach to capture the semantic relationships between the caller and callee functions associated with each edge in the call graph. To do so, AutoPruner fine-tunes a model of code that was pre-trained on a large corpus to represent source code based on descriptions of its semantics. Next, the model is used to extract semantic features from the functions related to each edge in the call graph. AutoPruner uses these semantic features together with the structural features extracted from the call graph to classify each edge via a feed-forward neural network. Our empirical evaluation on a benchmark dataset of real-world programs shows that AutoPruner outperforms the state-of-the-art baselines, improving on F-measure by up to 13% in identifying false-positive edges in a static call graph.Comment: Accepted to ESEC/FSE 2022, Research Trac