Subscribe to the gold package and get unlimited access to Shamra Academy
Register a new userClonability of anti-counterfeiting printable graphical codes: a machine learning approach
149
0
0.0
(
0
)
Added by
Olga Taran
Publication date
2019
fields
Informatics Engineering
and research's language is
English
Ask ChatGPT about the research
No Arabic abstract
In recent years, printable graphical codes have attracted a lot of attention enabling a link between the physical and digital worlds, which is of great interest for the IoT and brand protection applications. The security of printable codes in terms of their reproducibility by unauthorized parties or clonability is largely unexplored. In this paper, we try to investigate the clonability of printable graphical codes from a machine learning perspective. The proposed framework is based on a simple system composed of fully connected neural network layers. The results obtained on real codes printed by several printers demonstrate a possibility to accurately estimate digital codes from their printed counterparts in certain cases. This provides a new insight on scenarios, where printable graphical codes can be accurately cloned.
rate research
Read More
State-of-the-art password guessing tools, such as HashCat and John the Ripper, enable users to check billions of passwords per second against password hashes. In addition to performing straightforward dictionary attacks, these tools can expand password dictionaries using password generation rules, such as concatenation of words (e.g., password123456) and leet speak (e.g., password becomes p4s5w0rd). Although these rules work well in practice, expanding them to model further passwords is a laborious task that requires specialized expertise. To address this issue, in this paper we introduce PassGAN, a novel approach that replaces human-generated password rules with theory-grounded machine learning algorithms. Instead of relying on manual password analysis, PassGAN uses a Generative Adversarial Network (GAN) to autonomously learn the distribution of real passwords from actual password leaks, and to generate high-quality password guesses. Our experiments show that this approach is very promising. When we evaluated PassGAN on two large password datasets, we were able to surpass rule-based and state-of-the-art machine learning password guessing tools. However, in contrast with the other tools, PassGAN achieved this result without any a-priori knowledge on passwords or common password structures. Additionally, when we combined the output of PassGAN with the output of HashCat, we were able to match 51%-73% more passwords than with HashCat alone. This is remarkable, because it shows that PassGAN can autonomously extract a considerable number of password properties that current state-of-the art rules do not encode.
Machine Learning (ML) has been widely applied to cybersecurity, and is currently considered state-of-the-art for solving many of the fields open issues. However, it is very difficult to evaluate how good the produced solutions are, since the challenges faced in security may not appear in other areas (at least not in the same way). One of these challenges is the concept drift, that actually creates an arms race between attackers and defenders, given that any attacker may create novel, different threats as time goes by (to overcome defense solutions) and this evolution is not always considered in many works. Due to this type of issue, it is fundamental to know how to correctly build and evaluate a ML-based security solution. In this work, we list, detail, and discuss some of the challenges of applying ML to cybersecurity, including concept drift, concept evolution, delayed labels, and adversarial machine learning. We also show how existing solutions fail and, in some cases, we propose possible solutions to fix them.
A variety of innovative software solutions, addressing product anti-counterfeiting and record provenance of the wider supply chain industry, have been implemented. However, these solutions have been developed with centralized system architecture which could be susceptible to malicious modifications on states of product records and various potential security attacks leading to system failure and downtime. Blockchain technology has been enabling decentralized trust with a network of distributed peer nodes to maintain consistent shared states via a decentralized consensus reached, with which an idea of developing decentralized and reliable solutions has been basing on. A Decentralized NFC-Enabled Anti-Counterfeiting System (dNAS) was therefore proposed and developed, decentralizing a legacy anti-counterfeiting system of supply chain industry utilizing enterprise blockchain protocols and enterprise consortium, to facilitate trustworthy data provenance retrieval, verification and management, as well as strengthening capability of product anti-counterfeiting and traceability in supply chain industry. The adoption of enterprise blockchain protocols and implementations has been surging in supply chain industry given its advantages in scalability, governance and compatibility with existing supply chain systems and networks, but development and adoption of decentralized solutions could also impose additional implications to supply chain integrity, in terms of security, privacy and confidentiality. In this research, an empirical analysis performed against decentralized solutions, including dNAS, summarizes the effectiveness, limitations and future opportunities of developing decentralized solutions built around existing enterprise blockchain protocols and implementations for supply chain anti-counterfeiting and traceability.
Vulnerability prediction refers to the problem of identifying the system components that are most likely to be vulnerable based on the information gained from historical data. Typically, vulnerability prediction is performed using manually identified features that are potentially linked with vulnerable code. Unfortunately, recent studies have shown that existing approaches are ineffective when evaluated in realistic settings due to some unavoidable noise included in the historical data. To deal with this issue, we develop a prediction method using the encoder-decoder framework of machine translation that automatically learns the latent features (context, patterns, etc.) of code that are linked with vulnerabilities. The key idea of our approach is to learn from things we know, the past vulnerability fixes and their context. We evaluate our approach by comparing it with existing techniques on available releases of the three security-critical open source systems (Linux Kernel, OpenSSL, and Wireshark) with historical vulnerabilities that have been reported in the National Vulnerability Database (NVD). Our evaluation demonstrates that the prediction capability of our approach significantly outperforms the state-of-the-art vulnerability prediction techniques (Software Metrics, Imports, Function Calls, and Text Mining) in both recall and precision values (yielding 4.7 times higher MCC values) under realistic training setting.
By using smart radio devices, a jammer can dynamically change its jamming policy based on opposing security mechanisms; it can even induce the mobile device to enter a specific communication mode and then launch the jamming policy accordingly. On the other hand, mobile devices can exploit spread spectrum and user mobility to address both jamming and interference. In this paper, a two-dimensional anti-jamming mobile communication scheme is proposed in which a mobile device leaves a heavily jammed/interfered-with frequency or area. It is shown that, by applying reinforcement learning techniques, a mobile device can achieve an optimal communication policy without the need to know the jamming and interference model and the radio channel model in a dynamic game framework. More specifically, a hotbooting deep Q-network based two-dimensional mobile communication scheme is proposed that exploits experiences in similar scenarios to reduce the exploration time at the beginning of the game, and applies deep convolutional neural network and macro-action techniques to accelerate the learning speed in dynamic situations. Several real-world scenarios are simulated to evaluate the proposed method. These simulation results show that our proposed scheme can improve both the signal-to-interference-plus-noise ratio of the signals and the utility of the mobile devices against cooperative jamming compared with benchmark schemes.
suggested questions
Log in to be able to interact and post comments
comments
Fetching comments
Sign in to be able to follow your search criteria
