Showing papers on "Vulnerability (computing) published in 2019"

Analyzing Federated Learning through an Adversarial Lens

Abstract: Federated learning distributes model training among a multitude of agents, who, guided by privacy concerns, perform training using their local data but share only model parameter updates, for iterative aggregation at the server. In this work, we explore the threat of model poisoning attacks on federated learning initiated by a single, non-colluding malicious agent where the adversarial objective is to cause the model to misclassify a set of chosen inputs with high confidence. We explore a number of strategies to carry out this attack, starting with simple boosting of the malicious agent's update to overcome the effects of other agents' updates. To increase attack stealth, we propose an alternating minimization strategy, which alternately optimizes for the training loss and the adversarial objective. We follow up by using parameter estimation for the benign agents' updates to improve on attack success. Finally, we use a suite of interpretability techniques to generate visual explanations of model decisions for both benign and malicious models and show that the explanations are nearly visually indistinguishable. Our results indicate that even a highly constrained adversary can carry out model poisoning attacks while simultaneously maintaining stealth, thus highlighting the vulnerability of the federated learning setting and the need to develop effective defense strategies.

A Survey on Security Communication and Control for Smart Grids Under Malicious Cyber Attacks

Abstract: Smart grids (SGs), which can be classified into a class of networked distributed control systems, are designed to deliver electricity from various plants through a communication network to serve individual consumers. Due to the complexity of environments, the distribution of the spatial locations and vulnerability of the communication networks, cyber security emerges to be a critical issue because millions of electronic devices are interconnected via communication networks throughout critical power facilities. This paper addresses a comprehensive security understanding of the SGs framework, attacks scenarios, detection/protection methods, estimation and control strategies from both communication and control viewpoints. Also, some potential challenges and solution approaches are discussed to deal with the threat issues of SGs. At last, some conclusions and highlight future research directions are presented.

Anatomy of Threats to the Internet of Things

Abstract: The world is resorting to the Internet of Things (IoT) for ease of control and monitoring of smart devices. The ubiquitous use of IoT ranges from industrial control systems (ICS) to e-Health, e-Commerce, smart cities, supply chain management, smart cars, cyber physical systems (CPS), and a lot more. Such reliance on IoT is resulting in a significant amount of data to be generated, collected, processed, and analyzed. The big data analytics is no doubt beneficial for business development. However, at the same time, numerous threats to the availability and privacy of the user data, message, and device integrity, the vulnerability of IoT devices to malware attacks and the risk of physical compromise of devices pose a significant danger to the sustenance of IoT. This paper thus endeavors to highlight most of the known threats at various layers of the IoT architecture with a focus on the anatomy of malware attacks. We present a detailed attack methodology adopted by some of the most successful malware attacks on IoT, including ICS and CPS. We also deduce an attack strategy of a distributed denial of service attack through IoT botnet followed by requisite security measures. In the end, we propose a composite guideline for the development of an IoT security framework based on industry best practices and also highlight lessons learned, pitfalls and some open research challenges.

Face Recognition Systems Under Morphing Attacks: A Survey

Abstract: Recently, researchers found that the intended generalizability of (deep) face recognition systems increases their vulnerability against attacks. In particular, the attacks based on morphed face images pose a severe security risk to face recognition systems. In the last few years, the topic of (face) image morphing and automated morphing attack detection has sparked the interest of several research laboratories working in the field of biometrics and many different approaches have been published. In this paper, a conceptual categorization and metrics for an evaluation of such methods are presented, followed by a comprehensive survey of relevant publications. In addition, technical considerations and tradeoffs of the surveyed methods are discussed along with open issues and challenges in the field.

Deep Pixel-wise Binary Supervision for Face Presentation Attack Detection

Abstract: Face recognition has evolved as a prominent biometric authentication modality. However, vulnerability to presentation attacks curtails its reliable deployment. Automatic detection of presentation attacks is essential for secure use of face recognition technology in unattended scenarios. In this work, we introduce a Convolutional Neural Network (CNN) based framework for presentation attack detection, with deep pixel-wise supervision. The framework uses only frame level information making it suitable for deployment in smart devices with minimal computational and time overhead. We demonstrate the effectiveness of the proposed approach in public datasets for both intra as well as cross-dataset experiments. The proposed approach achieves an HTER of 0% in Replay Mobile dataset and an ACER of 0.42% in Protocol-1 of OULU dataset outperforming state of the art methods.

Detecting cyber-physical attacks in CyberManufacturing systems with machine learning methods

Abstract: CyberManufacturing system (CMS) is a vision for future manufacturing systems. The concept delineates a vision of advanced manufacturing system integrated with technologies such as Internet of Things, Cloud Computing, Sensors Network and Machine Learning. As a result, cyber-attacks such as Stuxnet attack will increase along with growing simultaneous connectivity. Now, cyber-physical attacks are new and unique risks to CMSs and modern cyber security countermeasure is not enough. To learn this new vulnerability, the cyber-physical attacks is defined via a taxonomy under the vision of CMS. Machine learning on physical data is studied for detecting cyber-physical attacks. Two examples were developed with simulation and experiments: 3D printing malicious attack and CNC milling machine malicious attack. By implementing machine learning methods in physical data, the anomaly detection algorithm reached 96.1% accuracy in detecting cyber-physical attacks in 3D printing process; random forest algorithm reached on average 91.1% accuracy in detecting cyber-physical attacks in CNC milling process.

Lightweight Blockchain for Healthcare

Abstract: Healthcare data management has been gaining a lot of attention in recent years because of its high potential to provide more accurate and cost-efficient patient care. The traditional client-server and cloud-based healthcare data management systems suffer from the issues of single point of failure, data privacy, centralized data stewardship, and system vulnerability. The replication mechanism, and privacy and security features of blockchain have a promising future in the healthcare domain as they can solve some of the inherent issues of the health management system. However, most of the recent research works on blockchain in the healthcare domain have primarily focused on the permission-less Bitcoin network that suffers from drawbacks such as high energy consumption, limited scalability, and low transaction throughput. Consequently, there is a need for a scalable, fault-tolerant, secure, traceable and private blockchain to suit the requirements of the healthcare domain. We propose a lightweight blockchain architecture for the healthcare data management that reduces the computational and communication overhead compared to the Bitcoin network by dividing the network participants into clusters and maintaining one copy of the ledger per cluster. Our architecture introduces the use of canal, that allows secure and confidential transactions within a group of network participants. Furthermore, we propose a solution to avoid forking which is prevalent in the Bitcoin network. We demonstrate the effectiveness of our proposed architecture in providing security and privacy compared to the Bitcoin network by analyzing different threats and attacks. We also discuss how our proposed architecture addresses the identified threats. Our experimental results demonstrate that our proposed architecture generates 11 times lower network traffic compared to the Bitcoin network as the number of blocks increases. Our ledger update is 1.13 times faster. Our architecture shows a speedup of 67% in ledger update and 10 times lower network traffic when the number of nodes increases.

Towards Reverse-Engineering Black-Box Neural Networks

Abstract: Much progress in interpretable AI is built around scenarios where the user, one who interprets the model, has a full ownership of the model to be diagnosed. The user either owns the training data and computing resources to train an interpretable model herself or owns a full access to an already trained model to be interpreted post-hoc. In this chapter, we consider a less investigated scenario of diagnosing black-box neural networks, where the user can only send queries and read off outputs. Black-box access is a common deployment mode for many public and commercial models, since internal details, such as architecture, optimisation procedure, and training data, can be proprietary and aggravate their vulnerability to attacks like adversarial examples. We propose a method for exposing internals of black-box models and show that the method is surprisingly effective at inferring a diverse set of internal information. We further show how the exposed internals can be exploited to strengthen adversarial examples against the model. Our work starts an important discussion on the security implications of diagnosing deployed models with limited accessibility. The code is available at goo.gl/MbYfsv.

Small World with High Risks: A Study of Security Threats in the npm Ecosystem

Abstract: The popularity of JavaScript has lead to a large ecosystem of third-party packages available via the npm software package registry. The open nature of npm has boosted its growth, providing over 800,000 free and reusable software packages. Unfortunately, this open nature also causes security risks, as evidenced by recent incidents of single packages that broke or attacked software running on millions of computers. This paper studies security risks for users of npm by systematically analyzing dependencies between packages, the maintainers responsible for these packages, and publicly reported security issues. Studying the potential for running vulnerable or malicious code due to third-party dependencies, we find that individual packages could impact large parts of the entire ecosystem. Moreover, a very small number of maintainer accounts could be used to inject malicious code into the majority of all packages, a problem that has been increasing over time. Studying the potential for accidentally using vulnerable code, we find that lack of maintenance causes many packages to depend on vulnerable code, even years after a vulnerability has become public. Our results provide evidence that npm suffers from single points of failure and that unmaintained packages threaten large code bases. We discuss several mitigation techniques, such as trusted maintainers and total first-party security, and analyze their potential effectiveness.

Stochastic Stability Analysis and Control of Secondary Frequency Regulation for Islanded Microgrids Under Random Denial of Service Attacks

Abstract: As communication networks are increasingly implemented to support the information exchange between microgrid control centers and/or local controllers, they expose microgrids to cyber-attack threats. This paper aims to analyze the stochastic stability of islanded microgrids in the presence of random denial of service (DoS) attack and propose a mode-dependent resilient controller to mitigate the influence of DoS attacks. Specifically, the small-signal model of the microgrid under the DoS attack is integrated as a stochastic jump system with state continuity disruptions. A new vulnerability metric is defined by using observability Gramians of the stochastic jump system, to measure the vulnerability of the system regarding DoS attack choices. The Lyapunov function analysis is conducted to find conditions sustaining the stochastic stability of the islanded microgrid in the form of linear matrix inequalities. A mode-dependent control approach is proposed for microgrids to mitigate the influence of random DoS attacks. In case studies, the vulnerability analysis and time-domain simulation results show the performance of the investigated microgrid can be degraded when the random DoS attacks exist. When the proposed mode-based secondary frequency controllers are installed, the islanded microgrid can sustain its stability during the attacking period and system dynamics rapidly converge when the DoS attack is over.

Power Grid AC-Based State Estimation: Vulnerability Analysis Against Cyber Attacks

Abstract: To ensure grid efficiency and reliability, power system operators continuously monitor the operational characteristics of the grid through a critical process called state estimation (SE), which performs the task by filtering and fusing various measurements collected from grid sensors. This study analyzes the vulnerability of the key operation module, namely ac-based SE, against potential cyber attacks on data integrity, also known as false data injection attack (FDIA). A general form of FDIA can be formulated as an optimization problem, whose objective is to find a stealthy and sparse data injection vector on the sensor measurements with the aim of making the state estimate spurious and misleading. Due to the nonlinear ac measurement model and the cardinality constraint, the problem includes both continuous and discrete nonlinearities. To solve the FDIA problem efficiently, we propose a novel convexification framework based on semidefinite programming (SDP). By analyzing a globally optimal SDP solution, we delineate the “attackable region” for any given set of measurement types and grid topology, where the spurious state can be falsified by FDIA. Furthermore, we prove that the attack is stealthy and sparse, and derive performance bounds. Simulation results on various IEEE test cases indicate the efficacy of the proposed convexification approach. From the grid protection point of view, the results of this study can be used to design a security metric for the current practice against cyber attacks, redesign the bad data detection scheme, and inform proposals of grid hardening. From a theoretical point of view, the proposed framework can be used for other nonconvex problems in power systems and beyond.

Defending Against Flow Table Overloading Attack in Software-Defined Networks

Abstract: The Software-Defined Network (SDN) is a new and promising network architecture. At the same time, SDN will surely become a new target of cyber attackers. In this paper, we point out one critical vulnerability in SDNs, the size of flow table, which is most likely to be attacked. Due to the expensive and power-hungry features of Ternary Content Addressable Memory (TCAM), a flow table usually has a limited size, which can be easily disabled by a flow table overloading attack (a transformed DDoS attack). To provide a security service in SDN, we proposed a QoS-aware mitigation strategy, namely, peer support strategy, which integrates the available idle flow table resource of the whole SDN system to mitigate such an attack on a single switch of the system. We established a practical mathematical model to represent the studied system, and conducted a thorough analysis for the system in various circumstances. Based on our analysis, we found that the proposed strategy can effectively defeat the flow table overloading attacks. Extensive simulations and testbed-based experiments solidly support our claims. Moreover, our work also shed light on the implementation of SDN networks against possible brute-force attacks.

Machine Learning for Intelligent Authentication in 5G and Beyond Wireless Networks

Abstract: The 5G and beyond wireless networks are critical to support diverse vertical applications by connecting heterogeneous devices and machines, which directly increase vulnerability for various spoofing attacks. Conventional cryptographic and physical layer authentication techniques are facing some challenges in complex dynamic wireless environments, including significant security overhead, low reliability, as well as difficulties in pre-designing a precise authentication model, providing continuous protection, and learning time-varying attributes. In this article, we envision new authentication approaches based on machine learning techniques by opportunistically leveraging physical layer attributes, and introduce intelligence to authentication for more efficient security provisioning. Machine learning paradigms for intelligent authentication design are presented, namely for parametric/non-parametric and supervised/ unsupervised/reinforcement learning algorithms. In a nutshell, the machine-learning-based intelligent authentication approaches utilize specific features in the multi-dimensional domain for achieving cost-effective, more reliable, model-free, continuous, and situation-aware device validation under unknown network conditions and unpredictable dynamics.

New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols

Abstract: Mobile communications are used by more than two-thirds of the world population who expect security and privacy guarantees. The 3rd Generation Partnership Project (3GPP) responsible for the worldwide standardization of mobile communication has designed and mandated the use of the AKA protocol to protect the subscribers' mobile services. Even though privacy was a requirement, numerous subscriber location attacks have been demonstrated against AKA, some of which have been fixed or mitigated in the enhanced AKA protocol designed for 5G. In this paper, we reveal a new privacy attack against all variants of the AKA protocol, including 5G AKA, that breaches subscriber privacy more severely than known location privacy attacks do. Our attack exploits a new logical vulnerability we uncovered that would require dedicated fixes. We demonstrate the practical feasibility of our attack using low cost and widely available setups. Finally we conduct a security analysis of the vulnerability and discuss countermeasures to remedy our attack.

Dynamic Detection of False Data Injection Attack in Smart Grid using Deep Learning

Abstract: Modern advances in sensor, computing, and communication technologies enable various smart grid applications. The heavy dependence on communication technology has highlighted the vulnerability of the electricity grid to false data injection (FDI) attacks that can bypass bad data detection mechanisms. Existing mitigation in the power system either focus on redundant measurements or protect a set of basic measurements. These methods make specific assumptions about FDI attacks, which are often restrictive and inadequate to deal with modern cyber threats. In the proposed approach, a deep learning based framework is used to detect injected data measurement. Our time-series anomaly detector adopts a Convolutional Neural Network (CNN) and a Long Short Term Memory (LSTM) network. To effectively estimate system variables, our approach observes both data measurements and network level features to jointly learn system states. The proposed system is tested on IEEE 39-bus system. Experimental analysis shows that the deep learning algorithm can identify anomalies which cannot be detected by traditional state estimation bad data detection.

Towards the detection of inconsistencies in public security vulnerability reports

Abstract: Public vulnerability databases such as the Common Vulnerabilities and Exposures (CVE) and the National Vulnerability Database (NVD) have achieved great success in promoting vulnerability disclosure and mitigation. While these databases have accumulated massive data, there is a growing concern for their information quality and consistency. In this paper, we propose an automated system VIEM to detect inconsistent information between the fully standardized NVD database and the unstructured CVE descriptions and their referenced vulnerability reports. VIEM allows us, for the first time, to quantify the information consistency at a massive scale, and provides the needed tool for the community to keep the CVE/NVD databases up-to-date. VIEM is developed to extract vulnerable software names and vulnerable versions from unstructured text. We introduce customized designs to deep-learning-based named entity recognition (NER) and relation extraction (RE) so that VIEM can recognize previous unseen software names and versions based on sentence structure and contexts. Ground-truth evaluation shows the system is highly accurate (0.941 precision and 0.993 recall). Using VIEM, we examine the information consistency using a large dataset of 78,296 CVE IDs and 70,569 vulnerability reports in the past 20 years. Our result suggests that inconsistent vulnerable software versions are highly prevalent. Only 59.82% of the vulnerability reports/CVE summaries strictly match the standardized NVD entries, and the inconsistency level increases over time. Case studies confirm the erroneous information of NVD that either overclaims or underclaims the vulnerable software versions.

Coin Hopping Attack in Blockchain-Based IoT

Abstract: With dramatic developments of blockchain technology, a number of blockchain-based applications emerge rapidly, among which the incorporation of blockchain into Internet of Things is one of the most valued research direction. Such powerful incorporation is a double-sided sword, i.e., it can benefit both individuals and society but has the vulnerability to coin hopping attack that is a new type of pool mining attack and hard to happen in traditional blockchain networks. In this paper, we theoretically prove the feasibility of coin hopping attack, deeply analyze the conditions of attack implementation, and comprehensively investigate the impacts of coin hopping attack. Moreover, some defense strategies are addressed. To our best knowledge, this paper is the first work targeting coin hopping attack.

Analysis of the GPS Spoofing Vulnerability in the Drone 3DR Solo

Abstract: At present, the boom in unmanned aerial vehicles (UAV) has been increasing in recent years, placing them in an important way in the commercial market. The use of UAV in the daily tasks of industry, commerce or as entertainment for children and adults becomes more recurrent. Each of the UAVs has a specific task, depending on the technologies that are provided, in addition to their basic functions with which they were manufactured. However, in most cases the security of these UAVs is not usually taken into account since some of them are inexpensive and do not have a robust security system that protects the data they send or receive for their operation, that can cause its communication system or the operating system that controls its basic functions of flight, landing, among others, to be compromised. These computer attacks could cause physical or moral harm to people around the same operator of the UAV because they could steal information related to the locations they have visited, or intercept images or videos taken by the UAV. This paper shows the exploitation of GPS vulnerability in the commercial drone of the company 3D Robotics, this vulnerability can cause a malicious user to have control of their autonomy, and carry out illicit activities, such as overflying in spaces not allowed as an airport and private areas. The exploitation of this vulnerability is important to make known that the UAVs should have a more robust security system and also give importance to the security of GPS since the only one that has security is the military GPS.

A Study on Improvement of Blockchain Application to Overcome Vulnerability of IoT Multiplatform Security

Abstract: IoT devices are widely used in the smart home, automobile, and aerospace areas. Note, however, that recent information on thefts and hacking have given rise to many problems. The aim of this study is to overcome the security weaknesses of existing Internet of Things (IoT) devices using Blockchain technology, which is a recent issue. This technology is used in Machine-to-Machine (M2M) access payment—KYD (Know Your Device)—based on the reliability of existing IoT devices. Thus, this paper proposes a BoT (Blockchain of Things) ecosystem to overcome problems related to the hacking risk of IoT devices to be introduced, such as logistics management and history management. There are also many security vulnerabilities in the sensor multi-platform from the IoT point of view. In this paper, we propose a model that solves the security vulnerability in the sensor multi-platform by using blockchain technology on an empirical model. The color spectrum chain mentioned in this paper suggests a blockchain technique completed by using the multiple-agreement algorithm to enhance Thin-Plate Spline (TPS) performance and measure various security strengths. In conclusion, we propose a radix of the blockchain’s core algorithm to overcome the weaknesses of sensor devices such as automobile, airplane, and close-circuit television (CCTV) using blockchain technology. Because all IoT devices use wireless technology, they have a fundamental weakness over wired networks. Sensors are exposed to hacking and sensor multi-platforms are vulnerable to security by multiple channels. In addition, since IoT devices have a lot of security weaknesses we intend to show the authentication strength of security through the color spectrum chain and apply it to sensor and multi-platform using Blockchain in the future.

A Secure and Efficient Data Integrity Verification Scheme for Cloud-IoT Based on Short Signature

Abstract: The Internet of Things (IoT) is also known as the Internet of everything. As an important part of the new generation of intelligent information technology, the IoT has attracted the attention both of researchers and engineers all over the world. Considering the limited capacity of smart products, the IoT mainly uses cloud computing to expand computing and storage resources. The massive data collected by the sensor are stored in the cloud storage server, also the cloud vulnerability will directly threaten the security and reliability of the IoT. In order to ensure data integrity and availability in the cloud and IoT storage system, users need to verify the integrity of remote data. However, the existing remote data integrity verification schemes are mostly based on the RSA and BLS signature mechanisms. The RSA-based scheme has too much computational overhead. The BLS signature-based scheme needs to adopt a specific hash function, and the batch signature efficiency in the big data environment is low. Therefore, for the computational overhead and signature efficiency issues of these two signature mechanisms, we propose a scheme of data integrity verification based on a short signature algorithm (ZSS signature), which supports privacy protection and public auditing by introducing a trusted third party (TPA). The computational overhead is effectively reduced by reducing hash function overhead in the signature process. Under the assumption of CDH difficult problem, it can resist adaptive chosen-message attacks. The analysis shows that the scheme has a higher efficiency and safety.

Dynamic Games in Cyber-Physical Security: An Overview

Abstract: Due to complex dependencies between multiple layers and components of emerging cyber-physical systems, security and vulnerability of such systems have become a major challenge in recent years. In this regard, game theory, a powerful tool for modeling strategic interactions between multiple decision makers with conflicting objectives, offers a natural paradigm to address the security-related issues arising in these systems. While there exists substantial amount of work in modeling and analyzing security problems using game-theoretic techniques, most of the existing literature in this area focuses on static game models, ignoring the dynamic nature of interactions between the main players (defenders vs. attackers). In this paper, we focus only on dynamic game analysis of cyber-physical security problems and provide a general overview of the existing results and recent advances based on application domains. We also discuss several limitations of the existing models and identify several hitherto unaddressed directions for future research.

Biometric Face Presentation Attack Detection with Multi-Channel Convolutional Neural Network

Abstract: Face recognition is a mainstream biometric authentication method. However, vulnerability to presentation attacks (a.k.a spoofing) limits its usability in unsupervised applications. Even though there are many methods available for tackling presentation attacks (PA), most of them fail to detect sophisticated attacks such as silicone masks. As the quality of presentation attack instruments improves over time, achieving reliable PA detection with visual spectra alone remains very challenging. We argue that analysis in multiple channels might help to address this issue. In this context, we propose a multi-channel Convolutional Neural Network based approach for presentation attack detection (PAD). We also introduce the new Wide Multi-Channel presentation Attack (WMCA) database for face PAD which contains a wide variety of 2D and 3D presentation attacks for both impersonation and obfuscation attacks. Data from different channels such as color, depth, near-infrared and thermal are available to advance the research in face PAD. The proposed method was compared with feature-based approaches and found to outperform the baselines achieving an ACER of 0.3% on the introduced dataset. The database and the software to reproduce the results are made available publicly.

Detection and Isolation of False Data Injection Attacks in Smart Grid via Unknown Input Interval Observer

Abstract: This article investigates the detection and isolation of false data injection (FDI) attacks in a smart grid based on the unknown input (UI) interval observer. Recent studies have shown that the FDI attacks can bypass the traditional bad data detection methods by using the vulnerability of state estimation. For this reason, the emergency of FDI attacks brings enormous risk to the security of smart grid. To solve this crucial problem, an UI interval observer-based detection and the isolation scheme against FDI attacks are proposed. We first design the UI interval observers to obtain interval state estimation accurately, based on the constructed physical dynamics grid model. Through the capabilities of the designed UI interval observers, the accurate interval estimation state can be decoupled from unknown disturbances. Based on the characteristics of the interval residuals, a UI interval observer-based global detection algorithm was proposed. Particularly, the interval residual-based detection criteria can address the limitation of the precomputed threshold in traditional bad data detection methods. On this basis, we further consider the detection and isolation of FDI attacks under structure vulnerability. Namely, there exist undetectable FDI attacks in the grid system. Taking the attack undetectability problem into account, a logic judgment matrix-based local detection and isolation algorithm against FDI attacks are developed. Based on the combinations of observable sensor cases, local control centers can further detect and isolate the attack set under structure vulnerability. Finally, the effectiveness of the developed detection and isolation algorithms against FDI attacks is demonstrated on the IEEE 8-bus and IEEE 118-bus smart grid system, respectively.

A Novel Data Integrity Attack on Consensus-Based Distributed Energy Management Algorithm Using Local Information

Abstract: This paper introduces a novel data integrity attack on the well-developed consensus-based energy management algorithm. In particular, we show that by sending out elaborately falsified information during the consensus iterations, attackers could manipulate the system operating point and gain extra economic benefits. Meanwhile, the system-level and device-level constraints are still satisfied, e.g., the power generation and demand are balanced, and the operation of individual device respects physical constraints. This data integrity attack has two major features: First, attackers rely only on local information to complete the attack; neither additional information about system topology nor additional colluders are required; second, the attacking effect is accumulative, which enables attackers to choose to finish in either single or multiple iterations. By revealing such vulnerability of consensus-based applications to data integrity attack, this paper conveys the message that besides the efforts of designing novel distributed energy management algorithms to address the renewable energy integration challenges, it is equally important to protect the distributed energy management algorithms from possible malicious attacks to avoid potential economic losses. The proposed attack is illustrated in the Future Renewable Electric Energy Delivery and Management system.

Using Safety Properties to Generate Vulnerability Patches

Abstract: Security vulnerabilities are among the most critical software defects in existence. When identified, programmers aim to produce patches that prevent the vulnerability as quickly as possible, motivating the need for automatic program repair (APR) methods to generate patches automatically. Unfortunately, most current APR methods fall short because they approximate the properties necessary to prevent the vulnerability using examples. Approximations result in patches that either do not fix the vulnerability comprehensively, or may even introduce new bugs. Instead, we propose property-based APR, which uses human-specified, program-independent and vulnerability-specific safety properties to derive source code patches for security vulnerabilities. Unlike properties that are approximated by observing the execution of test cases, such safety properties are precise and complete. The primary challenge lies in mapping such safety properties into source code patches that can be instantiated into an existing program. To address these challenges, we propose Senx, which, given a set of safety properties and a single input that triggers the vulnerability, detects the safety property violated by the vulnerability input and generates a corresponding patch that enforces the safety property and thus, removes the vulnerability. Senx solves several challenges with property-based APR: it identifies the program expressions and variables that must be evaluated to check safety properties and identifies the program scopes where they can be evaluated, it generates new code to selectively compute the values it needs if calling existing program code would cause unwanted side effects, and it uses a novel access range analysis technique to avoid placing patches inside loops where it could incur performance overhead. Our evaluation shows that the patches generated by Senx successfully fix 32 of 42 real-world vulnerabilities from 11 applications including various tools or libraries for manipulating graphics/media files, a programming language interpreter, a relational database engine, a collection of programming tools for creating and managing binary programs, and a collection of basic file, shell, and text manipulation tools.

Fault Sneaking Attack: a Stealthy Framework for Misleading Deep Neural Networks

Abstract: Despite the great achievements of deep neural networks (DNNs), the vulnerability of state-of-the-art DNNs raises security concerns of DNNs in many application domains requiring high reliability. We propose the fault sneaking attack on DNNs, where the adversary aims to misclassify certain input images into any target labels by modifying the DNN parameters. We apply ADMM (alternating direction method of multipliers) for solving the optimization problem of the fault sneaking attack with two constraints: 1) the classification of the other images should be unchanged and 2) the parameter modifications should be minimized. Specifically, the first constraint requires us not only to inject designated faults (misclassifications), but also to hide the faults for stealthy or sneaking considerations by maintaining model accuracy. The second constraint requires us to minimize the parameter modifications (using 0 norm to measure the number of modifications and 2 norm to measure the magnitude of modifications). Comprehensive experimental evaluation demonstrates that the proposed framework can inject multiple sneaking faults without losing the overall test accuracy performance.CCS CONCEPTS•Security and privacy → Domain-specific security and privacy architectures;Network security; •Networks → Network performance analysis; •Theory of computation → Theory and algorithms for application domains;