skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Dissecting Cyber-adversarial Intrusion Stages via Interdisciplinary Observations
Advanced Persistent Threats (APTs) are professional, sophisticated threats that pose a serious concern to our technologically-dependent society. As these threats become more common, conventional response-driven cyberattack management needs to be substituted with anticipatory defense measures. Understanding adversarial behavior and movement is critical to improve our ability to proactively defend. This paper focuses on understanding adversarial movement and adaptation using a case study from a real-time cybersecurity exercise. Through multidisciplinary methodologies from social and hard sciences, this paper presents a mechanism to dissect cyberadversarial intrusion chains to unpack movement, and adaptations.  more » « less
Award ID(s):
1742789
PAR ID:
10190299
Author(s) / Creator(s):
; ; ; ; ;
Date Published:
Journal Name:
Proceedings of The 6th ACM International Workshop on Security and Privacy Analytics, co-located with ACM Codaspy
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. (, European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning)
    null (Ed.)
    Recent publications have shown that neural network based classifiers are vulnerable to adversarial inputs that are virtually indistinguishable from normal data, constructed explicitly for the purpose of forcing misclassification. In this paper, we present several defenses to counter these threats. First, we observe that most adversarial attacks succeed by mounting gradient ascent on the confidence returned by the model, which allows adversary to gain understanding of the classification boundary. Our defenses are based on denying access to the precise classification boundary. Our first defense adds a controlled random noise to the output confidence levels, which prevents an adversary from converging in their numerical approximation attack. Our next defense is based on the observation that by varying the order of the training, often we arrive at models which offer the same classification accuracy, yet they are different numerically. An ensemble of such models allows us to randomly switch between these equivalent models during query which further blurs the classification boundary. We demonstrate our defense via an adversarial input generator which defeats previously published defenses but cannot breach the proposed defenses do to their non-static nature. 
    more » « less
  2. ; ; (, Ecology and Evolution)
    Abstract Vigilant animals detect and respond to threats in the environment, often changing posture and movement patterns. Vigilance is modulated not only by predators but also by conspecific threats. In social animals, precisely how conspecific threats alter vigilance behavior over time is relevant to long‐standing hypotheses about social plasticity. We report persistent effects of a simulated conspecific challenge on behavior of wild northern paper wasp foundresses,Polistes fuscatus. During the founding phase of the colony cycle, conspecific wasps can usurp nests from the resident foundress, representing a severe threat. We used automated tracking to monitor the movement and posture ofP. fuscatusfoundresses in response to simulated intrusions. Wasps displayed increased movement, greater bilateral wing extension, and reduced antennal separation after the threat was removed. These changes were not observed after presentation with a wooden dowel. By rapidly adjusting individual behavior after fending off an intruder, paper wasp foundresses might invest in surveillance of potential threats, even when such threats are no longer immediately present. The prolonged vigilance‐like behavioral state observed here is relevant to plasticity of social recognition processes in paper wasps. 
    more » « less
  3. ; ; (, International Conference on Learning Representations)
    Growing applications of generative models have led to new threats such as malicious personation and digital copyright infringement. One solution to these threats is model attribution, i.e., the identification of user-end models where the contents under question are generated from. Existing studies showed empirical feasibility of attribution through a centralized classifier trained on all user-end models. However, this approach is not scalable in reality as the number of models ever grows. Neither does it provide an attributability guarantee. To this end, this paper studies decentralized attribution, which relies on binary classifiers associated with each user-end model. Each binary classifier is parameterized by a user-specific key and distinguishes its associated model distribution from the authentic data distribution. We develop sufficient conditions of the keys that guarantee an attributability lower bound. Our method is validated on MNIST, CelebA, and FFHQ datasets. We also examine the trade-off between generation quality and robustness of attribution against adversarial post-processes. 
    more » « less
  4. ; ; (, ICLR 2021)
    null (Ed.)
    Growing applications of generative models have led to new threats such as malicious personation and digital copyright infringement. One solution to these threats is model attribution, i.e., the identification of user-end models where the contents under question are generated. Existing studies showed empirical feasibility of attribution through a centralized classifier trained on all existing user-end models. However, this approach is not scalable in a reality where the number of models ever grows. Neither does it provide an attributability guarantee. To this end, this paper studies decentralized attribution, which relies on binary classifiers associated with each user-end model. Each binary classifier is parameterized by a user-specific key and distinguishes its associated model distribution from the authentic data distribution. We develop sufficient conditions of the keys that guarantee an attributability lower bound. Our method is validated on MNIST, CelebA, and FFHQ datasets. We also examine the trade-off between generation quality and robustness of attribution against adversarial post-processes. 
    more » « less
  5. ; (, Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing)
    This paper proposes MilliPose, a system that facilitates full human body silhouette imaging and 3D pose estimation from millimeterwave (mmWave) devices. Unlike existing vision-based motion capture systems, MilliPose is not privacy-invasive and is capable of working under obstructions, poor visibility, and low light conditions. MilliPose leverages machine-learning models based on conditional Generative Adversarial Networks and Recurrent Neural Network to solve the challenges of poor resolution, specularity, and variable reflectivity with existing mmWave imaging systems. Our preliminary results show the efficacy of MilliPose in accurately predicting body joint locations under natural human movement. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email