Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 7 of 7
Full-Text Articles in Information Security
Secure And Verifiable Inference In Deep Neural Networks, Guowen Xu, Hongwei Li, Hao Ren, Jianfei Sun, Shengmin Xu, Jianting Ning, Haoming Yang, Kan Yang, Robert H. Deng
Secure And Verifiable Inference In Deep Neural Networks, Guowen Xu, Hongwei Li, Hao Ren, Jianfei Sun, Shengmin Xu, Jianting Ning, Haoming Yang, Kan Yang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Outsourced inference service has enormously promoted the popularity of deep learning, and helped users to customize a range of personalized applications. However, it also entails a variety of security and privacy issues brought by untrusted service providers. Particularly, a malicious adversary may violate user privacy during the inference process, or worse, return incorrect results to the client through compromising the integrity of the outsourced model. To address these problems, we propose SecureDL to protect the model’s integrity and user’s privacy in Deep Neural Networks (DNNs) inference process. In SecureDL, we first transform complicated non-linear activation functions of DNNs to low-degree …
Understanding Android Voip Security: A System-Level Vulnerability Assessment, En He, Daoyuan Wu, Robert H. Deng
Understanding Android Voip Security: A System-Level Vulnerability Assessment, En He, Daoyuan Wu, Robert H. Deng
Research Collection School Of Computing and Information Systems
VoIP is a class of new technologies that deliver voice calls over the packet-switched networks, which surpasses the legacy circuit-switched telecom telephony. Android provides the native support of VoIP, including the recent VoLTE and VoWiFi standards. While prior works have analyzed the weaknesses of VoIP network infrastructure and the privacy concerns of third-party VoIP apps, no efforts were attempted to investigate the (in)security of Android’s VoIP integration at the system level. In this paper, we first demystify Android VoIP’s protocol stack and all its four attack surfaces. We then propose a novel vulnerability assessment approach that assembles on-device Intent/API fuzzing, …
Sclib: A Practical And Lightweight Defense Against Component Hijacking In Android Applications, Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, Robert H. Deng
Sclib: A Practical And Lightweight Defense Against Component Hijacking In Android Applications, Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By hijacking a vulnerable component in victim apps, an attack app can escalate its privilege for operations originally prohibited. Many prior studies have been performed to understand and mitigate this issue, but no defense is being deployed in the wild, largely due to the deployment difficulties and performance concerns. In this paper we present SCLib, a secure component library that performs in-app mandatory access control on behalf of app …
Secure Smart Metering Based On Lora Technology, Yao Cheng, Hendra Saputra, Leng Meng Goh, Yongdong Wu
Secure Smart Metering Based On Lora Technology, Yao Cheng, Hendra Saputra, Leng Meng Goh, Yongdong Wu
Research Collection School Of Computing and Information Systems
Smart metering allows Substation Automation System (SAS) to remotely and timely read smart meters. Despite its advantages, smart metering brings some challenges. a) It introduces cyber attack risks to the metering system, which may lead to user privacy leakage or even the compromise of smart metering systems. b) Although the majority of meters are located within a regional power supply area, some hard-to-reach nodes are geographically far from the clustered area, which account for a big portion of the entire smart metering operation cost. Facing the above challenges, we propose a secure smart metering infrastructure based on LoRa technology which …
Genomic Security (Lest We Forget), Tatiana Bradley, Xuhua Ding, Gene Tsudik
Genomic Security (Lest We Forget), Tatiana Bradley, Xuhua Ding, Gene Tsudik
Research Collection School Of Computing and Information Systems
Genomic privacy has attracted much attention from the research community, because its risks are unique and breaches can lead to terrifying leakage of sensitive information. The less-explored topic of genomic security must address threats of digitized genomes being altered, which can have dire consequences in medical or legal settings.
Active Malware Analysis Using Stochastic Games, Simon Williamson, Pradeep Reddy Varakantham, Debin Gao, Chen Hui Ong
Active Malware Analysis Using Stochastic Games, Simon Williamson, Pradeep Reddy Varakantham, Debin Gao, Chen Hui Ong
Research Collection School Of Computing and Information Systems
Cyber security is increasingly important for defending computer systems from loss of privacy or unauthorised use. One important aspect is threat analysis - how does an attacker infiltrate a system and what do they want once they are inside. This paper considers the problem of Active Malware Analysis, where we learn about the human or software intruder by actively interacting with it with the goal of learning about its behaviours and intentions, whilst at the same time that intruder may be trying to avoid detection or showing those behaviours and intentions. This game-theoretic active learning is then used to obtain …
Breaking Public Key Cryptosystems On Tamper Resistant Devices In The Presence Of Transient Faults, Feng Bao, Robert H. Deng, Y. Han, A. Jeng, Arcot Desai Narasimhalu, T. Ngair
Breaking Public Key Cryptosystems On Tamper Resistant Devices In The Presence Of Transient Faults, Feng Bao, Robert H. Deng, Y. Han, A. Jeng, Arcot Desai Narasimhalu, T. Ngair
Research Collection School Of Computing and Information Systems
In this paper we present a method of attacking public-key cryptosystems (PKCs) on tamper resistant devices. The attack makes use of transient faults and seems applicable to many types of PKCs. In particular, we show how to attack the RSA, the E1Gamal signature scheme, the Schnorr signature scheme, and the DSA. We also present some possible methods to counter the attack.