IEEE TIFS Article

This paper presents a signal processing and machine learning (ML) based methodology to leverage Electromagnetic (EM) emissions from an embedded device to remotely detect a malicious application running on the device and classify the application into a malware family. We develop Fast Fourier Transform (FFT) based feature extraction followed by Support Vector Machine (SVM) and Random Forest (RF) based ML models to detect a malware. 

Deep learning-based person re-identification (Re-ID) has made great progress and achieved high performance recently. In this paper, we make the first attempt to examine the vulnerability of current person Re-ID models against a dangerous attack method, i.e. , the universal adversarial perturbation (UAP) attack, which has been shown to fool classification models with a little overhead.

Monitoring all the internal flows in a datacenter is important to protect a victim against internal distributed denial-of-service (DDoS) attacks. Unused virtual machines (VMs) in a datacenter are used as monitors and flows are copied to the monitors from software defined networking (SDN) switches by adding some special rules. In such a system, a VM runs a machine learning method to detect DDoS behavior but it can only process a limited number/amount of flows. 

User activities in cyberspace leave unique traces for user identification (UI). Individual users can be identified by their frequent activity items through statistical feature matching. However, such approaches face the data sparsity problem. In this paper, we propose to address this problem by multi-item-set fingerprinting that identifies users not only based on their frequent individual activity items, but also their frequent consecutive item sequences with different lengths.

Identifying information sources plays a significant role in network science and engineering. However, existing source identification approaches generally focus on static networks without considering the temporal features of networks. To this end, we comprehensively study the problem of identifying single and multiple information sources in time-varying networks.

In this paper, a cyber-physical system (CPS) is considered, whose state estimation is done by a central controller (CC) using the measurements received from a wireless powered sensor network (WPSN) over fading channels. An adversary injects false data in this system by compromising some of the idle sensor nodes (SNs) of the WPSN. Using the WPSN for transmitting supervision and control data, in the aforementioned setting, makes the CPS vulnerable to both error and false data injection (FDI). 

In this study, we propose a neural network-based face anti-spoofing algorithm using dual pixel (DP) sensor images. The proposed algorithm has two stages: depth reconstruction and depth classification. The first network takes a DP image pair as input and generates a depth map with a baseline of approximately 1 mm. Then, the classification network is trained to distinguish real individuals and planar attack shapes to produce a binary output.

Anonymous authentication (AA) schemes are used by an application provider to grant services to its n users for pre-defined k times after they have authenticated themselves anonymously. These privacy-preserving cryptographic schemes are essentially based on the secret key that is embedded in a trusted platform module (TPM).

This article proposes an algorithm which allows Alice to simulate the game played between her and Eve. Under the condition that the set of detectors that Alice assumes Eve to have is sufficiently rich (e.g. CNNs), and that she has an algorithm enabling to avoid detection by a single classifier (e.g adversarial embedding, gibbs sampler, dynamic STCs), the proposed algorithm converges to an efficient steganographic algorithm.

Recent years have witnessed the proliferation of the deployment of virtualization techniques. Virtualization is designed to be transparent, that is, unprivileged users should not be able to detect whether a system is virtualized. Such detection can result in serious security threats such as evading virtual machine (VM)-based malware dynamic analysis and exploiting vulnerabilities for cross-VM attacks.