Global ETD Search

1	MULTIPLE LOGS ANALYSIS FOR DETECTING ZERO-DAY BACKDOOR TROJANS Caravut, Sinchai 15 May 2008 (has links) No description available. Computer Science detecting backdoor trojans
2	Detecting Backdoor Kao, Cheng-yuan 12 August 2004 (has links) Cyber space is like a society. Attacking events happen all the time. No matter what is in the cyber space. We need to do many things to defend our computers and network devices form attackers, for example: update patches, install anti-virus software, firewalls and intrusion detection system. In all kinds of network attacks, it is hard to detect that an attacker install a backdoor after he crack the system. He can do many things by the backdoor, like steal sensitive or secret information. Otherwise, intrusion detection systems are responsible for early warnings, but they usually need to capture all the network packets include the headers and contents to analyze. It costs many overheads for the system. The goal of our research is to detect backdoors correctly, and we only use the network packet headers to analyze. Network Security Backdoor Data Mining Intrusion Detection
3	Backdoor Detection based on SVM Tzeng, Zhong-Chiang 29 July 2005 (has links) With the improvement of computer technologies and the wide use of the Internet, network security becomes more and more significant. According to the relevant statistics, malicious codes such as virus, worms, backdoors, and Trojans launch a lot of attacks. Backdoors are especially critical. Not only can it cross firewalls and antivirus software but also will steal confidential information and misuse network resources and launch attacks such as DDoS¡]Distributed Denial of Service¡^. In this research, we analyze the properties and categories of backdoors and the application of data mining and support vector machines in intrusion detection. This research will focus on detecting the behavior of backdoor connection, and we propose a detecting architecture. The architecture is based on SVM, which is a machine learning method based on statistic theory and proposed by Vapnik to solve the problems in Neural Network techniques. In system modules, this research chooses IPAudit as our network monitor and libsvm as a SVM classifier. The packets captured by IPAudit will be classified into interactive or non-interactive flow by libsvm, and the result will be compared with legal service lists to determine whether a connection is a backdoor connection. We compare the accuracy of SVM, C4.5, and Na Intrusion Detection Backdoor Data Mining and Classification SVM
4	Check Your Other Door: Creating Backdoor Attacks in the Frequency Domain Hammoud, Hasan Abed Al Kader 04 1900 (has links) Deep Neural Networks (DNNs) are ubiquitous and span a variety of applications ranging from image classification and facial recognition to medical image analysis and real-time object detection. As DNN models become more sophisticated and complex, the computational cost of training these models becomes a burden. For this reason, outsourcing the training process has been the go-to option for many DNN users. Unfortunately, this comes at the cost of vulnerability to backdoor attacks. These attacks aim at establishing hidden backdoors in the DNN such that it performs well on clean samples but outputs a particular target label when a trigger is applied to the input. Current backdoor attacks generate triggers in the spatial domain; however, as we show in this work, it is not the only domain to exploit and one should always "check the other doors". To the best of our knowledge, this work is the first to propose a pipeline for generating a spatially dynamic (changing) and invisible (low norm) backdoor attack in the frequency domain. We show the advantages of utilizing the frequency domain for creating undetectable and powerful backdoor attacks through extensive experiments on various datasets and network architectures. Unlike most spatial domain attacks, frequency-based backdoor attacks can achieve high attack success rates with low poisoning rates and little to no drop in performance while remaining imperceptible to the human eye. Moreover, we show that the backdoored models (poisoned by our attacks) are resistant to various state-of-the-art (SOTA) defenses, and so we contribute two possible defenses that can successfully evade the attack. We conclude the work with some remarks regarding a network’s learning capacity and the capability of embedding a backdoor attack in the model. backdoor attacks robustness security deep neural networks
5	Harnessing tractability in constraint satisfaction problems Carbonnel, Clément 07 December 2016 (has links) (PDF) The Constraint Satisfaction Problem (CSP) is a fundamental NP-complete problem with many applications in artificial intelligence. This problem has enjoyed considerable scientific attention in the past decades due to its practical usefulness and the deep theoretical questions it relates to. However, there is a wide gap between practitioners, who develop solving techniques that are efficient for industrial instances but exponential in the worst case, and theorists who design sophisticated polynomial-time algorithms for restrictions of CSP defined by certain algebraic properties. In this thesis we attempt to bridge this gap by providing polynomial-time algorithms to test for membership in a selection of major tractable classes. Even if the instance does not belong to one of these classes, we investigate the possibility of decomposing efficiently a CSP instance into tractable subproblems through the lens of parameterized complexity. Finally, we propose a general framework to adapt the concept of kernelization, central to parameterized complexity but hitherto rarely used in practice, to the context of constraint reasoning. Preliminary experiments on this last contribution show promising results. Constraint Satisfaction Problem Tractable class Polymorphism Backdoor Parameterized complexity Kernelization
6	Harnessing tractability in constraint satisfaction problems / Algorithmes paramétrés pour des problèmes de satisfaction de contraintes presque traitables Carbonnel, Clément 07 December 2016 (has links) Le problème de satisfaction de contraintes (CSP) est un problème NP-complet classique en intelligence artificielle qui a suscité un engouement important de la communauté scientifique grâce à la richesse de ses aspects pratiques et théoriques. Cependant, au fil des années un gouffre s'est creusé entre les praticiens, qui développent des méthodes exponentielles mais efficaces pour résoudre des instances industrielles, et les théoriciens qui conçoivent des algorithmes sophistiqués pour résoudre en temps polynomial certaines restrictions de CSP dont l'intérêt pratique n'est pas avéré. Dans cette thèse nous tentons de réconcilier les deux communautés en fournissant des méthodes polynomiales pour tester automatiquement l'appartenance d'une instance de CSP à une sélection de classes traitables majeures. Anticipant la possibilité que les instances réelles ne tombent que rarement dans ces classes traitables, nous analysons également de manière systématique la possibilité de décomposer efficacement une instance en sous-problèmes traitables en utilisant des méthodes de complexité paramétrée. Finalement, nous introduisons un cadre général pour exploiter dans les CSP les idées développées pour la kernelization, un concept fondamental de complexité paramétrée jusqu'ici peu utilisé en pratique. Ce dernier point est appuyé par des expérimentations prometteuses. / The Constraint Satisfaction Problem (CSP) is a fundamental NP-complete problem with many applications in artificial intelligence. This problem has enjoyed considerable scientific attention in the past decades due to its practical usefulness and the deep theoretical questions it relates to. However, there is a wide gap between practitioners, who develop solving techniques that are efficient for industrial instances but exponential in the worst case, and theorists who design sophisticated polynomial-time algorithms for restrictions of CSP defined by certain algebraic properties. In this thesis we attempt to bridge this gap by providing polynomial-time algorithms to test for membership in a selection of major tractable classes. Even if the instance does not belong to one of these classes, we investigate the possibility of decomposing efficiently a CSP instance into tractable subproblems through the lens of parameterized complexity. Finally, we propose a general framework to adapt the concept of kernelization, central to parameterized complexity but hitherto rarely used in practice, to the context of constraint reasoning. Preliminary experiments on this last contribution show promising results. Problème de satisfaction de Contraintes Classe traitable Polymorphisme Backdoor Complexité paramétrée Kernelisation Constraint satisfaction Problem Tractable class Polymorphism Backdoor Parameterized complexity Kernelization 006
7	Kompilace KNF do backdoor decomposable monotone circuit / Compilation of a CNF into a backdoor decomposable monotone circuit Illner, Petr January 2021 (has links) An NNF circuit is a directed acyclic graph (DAG), where each leaf is labelled with either true/false or a literal, and each inner node represents either a conjunction (∧) or a disjunction (∨). A decomposable NNF (DNNF) is an NNF satisfying the decomposabi- lity property for each conjunction node. The C-BDMC language generalizes the DNNF language. In a C-BDMC, the leaves can contain CNF formulae from a given base class C. In this paper, we focus only on renamable Horn formulae. We experimentally compare the sizes of d-BDMC and d-DNNF representations. We describe a new compilation langu- age, called cara DNNF (c-DNNF), that generalizes the DNNF language. A c-DNNF circuit can be considered as a compressed representation of a DNNF circuit. We present a new experimental knowledge compiler, called CaraCompiler, for converting a CNF formula into a d-BDMC or a (c)d-DNNF circuit. CaraCompiler is based on the state-of-the-art compiler D4. Also, we mention some extensions for the compiler D4, such as caching hypergraph cuts that can reduce the compilation times. 1
8	Security Evaluation of Intel's Active Management Technology Ververis, Vassilios January 2010 (has links) Intel’s Active Management Technology (AMT) is, a hardware-based platform for remotely managing and securing personal computers out of band. AMT is available in most desktop and notebooks PCs equipped with an Intel Core 2, Centrino, or Centrino 2 processors with support for vPro technology. AMT operates independently of the platform processor and operating system. Remote platform management applications can access AMT securely, even when the platform is turned off, as long as the platform is connected to power supply and to a network. Developers can build applications that utilize AMT using the application programming interface (API) provided by Intel. While this might seem to enable creation of a powerful management tool, a secure infrastructure that is secure against insider and outsider attacks on an enterprise network is difficult. Unfortunately this technology can also potentially be used to create a powerful backdoor that is easily deployed and offers numerous features due to its almost unlimited permissions since the platform can be managed even though it is powered off. / Intel Active Management Technology (AMT) är en hårdvarubaserad plattform för avlägset att hantera och säkra datorer utanför bandet. AMT är tillgänglig de flesta stationära och bärbara dator utrustad med en Intel Core 2, Centrino, eller Centrino 2 processorer med stöd för vPro-teknik. AMT driver oberoende av plattform processor och operativsystem. Remote optimera hanteringen ansökningar kan komma åt AMT säkert, även om Plattformen är avstängd, så länge som plattform är ansluten till linjen makt och till ett nätverk. Utvecklare kan bygga applikationer som utnyttjar AMT använder Application Programming Interface från Intel. Även detta kan verkar för att möjliggöra skapandet av ett kraftfullt verktyg i förvaltningen, faktiskt skapar en säker infrastruktur som är säkert mot insider och outsider angrepp på företagets nätverk är svårt. Tyvärr har denna teknik kan komma i används för att skapa en kraftfull rootkit som är lätt att iordningställas och erbjuder flera egenskaper på grund av dess nästan obegränsade tillstånd eftersom plattformen kan lyckades även om den är avstängd. AMT vPRO out of band remote management backdoor stealth malware security Communication Systems Kommunikationssystem
9	Experimental Evaluation of Kleptographic Backdoors in LWE-based KEMs / Implementation och utvärdering av kleptografiska bakdörrar i LWE-baserad nyckelförhandling Rosén, Miriam January 2023 (has links) This work aims to provide an experimental evaluation of two kleptographic backdoors. The backdoors target the key generation step in Learning with Errors-based crypto algorithms and exploit freedom in choosing the seeds for the algorithm. Based on the descriptions, four variants were implemented, and their detectability was evaluated by measuring their running time and whether the output from the backdoors passed as uniformly random bit strings. Our results show that all variants of the backdoored seed generation were significantly slower than the normal routine, the fastest variant made key generation in Kyber take 10 times as long as normal. All variants did however pass the tests on uniformity. Additionally, previous work describes a countermeasure that makes the backdoors detectable. We have contributed with a description of how the detection could be implemented, and our measurements show that the detection routine makes the key generation approximately 8% slower. cryptography post-quantum backdoor kleptography Other Computer and Information Science Annan data- och informationsvetenskap
10	Towards Secure and Safe AI-enabled Systems Through Optimizations Guanhong Tao (18542383) 15 May 2024 (has links) <p dir="ltr">Artificial intelligence (AI) is increasingly integrated into critical systems across various sectors, including public surveillance, autonomous driving, and malware detection. Despite their impressive performance and promise, the security and safety of AI-enabled systems remain significant concerns. Like conventional systems that have software bugs or vulnerabilities, applications leveraging AI are also susceptible to such issues. Malicious behaviors can be intentionally injected into AI models by adversaries, creating a backdoor. These models operate normally with benign inputs but consistently misclassify samples containing an attacker-inserted trigger, known as a <i>backdoor attack</i>.</p><p dir="ltr">However, backdoors can not only be injected by an attacker but may also naturally exist in normally trained models. One can find backdoor triggers in benign models that cause any inputs with the trigger to be misclassified, a phenomenon termed <i>natural backdoors</i>. Regardless of whether they are injected or natural, backdoors can take various forms, which increases the difficulty of identifying such vulnerabilities. This challenge is exacerbated when access to AI models is limited.</p><p dir="ltr">This dissertation introduces an optimization-based technique that reverse-engineers trigger patterns exploited by backdoors, whether injected or natural. It formulates how backdoor triggers modify inputs down to the pixel level to approximate their potential forms. The intended changes in output predictions guide the reverse-engineering process, which involves computing the input gradient or sampling possible perturbations when model access is limited. Although various types of backdoors exist, this dissertation demonstrates that they can be effectively clustered into two categories based on their methods of input manipulation. The development of practical reverse-engineering approaches is based on this fundamental classification, leading to the successful identification of backdoor vulnerabilities in AI models.</p><p dir="ltr">To alleviate such security threats, this dissertation introduces a novel hardening technique that enhances the robustness of models against adversary exploitation. It sheds light on the existence of backdoors, which can often be attributed to the small distance between two classes. Based on this analysis, a class distance hardening method is proposed to proactively enlarge the distance between every pair of classes in a model. This method is effective in eliminating both injected and natural backdoors in a variety of forms.</p><p dir="ltr">This dissertation aims to highlight both existing and newly identified security and safety challenges in AI systems. It introduces novel formulations of backdoor trigger patterns and provides a fundamental understanding of backdoor vulnerabilities, paving the way for the development of safer and more secure AI systems.</p> Software and application security Adversarial machine learning AI Security Backdoor Attack Trigger Reverse Engineering Model Hardening

Search results