MHC/HLA Class I Loss in Cancer Cells

Supervisory Control and Data Acquisition (SCADA) systems play an important role in monitoring industrial processes such as electric power distribution, transport systems, water distribution, and wastewater collection systems. Such systems require a particular attention with regards to security aspects, as they deal with critical infrastructures that are crucial to organizations and countries. Protecting SCADA systems from intrusion is a very challenging task because they do not only inherit traditional IT security threats but they also include additional vulnerabilities related to field components (e.g., cyber-physical attacks). Many of the existing intrusion detection techniques rely on supervised learning that consists of algorithms that are first trained with reference inputs to learn specific information, and then tested on unseen inputs for classification purposes. This article surveys supervised learning from a specific security angle, namely SCADA-based intrusion detection. Based on a systematic review process, existing literature is categorized and evaluated according to SCADA-specific requirements. Additionally, this survey reports on well-known SCADA datasets and testbeds used with machine learning methods. Finally, we present key challenges and our recommendations for using specific supervised methods for SCADA systems.

show abstract

Sub-curve HMM: A malware detection approach based on partial analysis of API call sequences

Suaboot

Tari

Mahmood

et al. 2020

Computers & Security

View full text Add to dashboard Cite

The Flash Loan Attack Analysis (FAA) Framework—A Case Study of the Warp Finance Exploitation

et al. 2022

View full text Add to dashboard Cite

Decentralized finance (DeFi) has exploded in popularity with a billion-dollar market cap. While uncollateralized lending, known as a flash loan, emerged from DeFi, it has become a primary tool used by attackers to drain investment tokens from DeFi networks. The existing countermeasures seem practical, but no comprehensive quantitative analysis framework was available to test them. This paper proposes the Flash loan Attack Analysis (FAA) framework, which aids security practitioners in understanding the DeFi system’s effects on preventative methods when various factors change. The quantitative predictions can help security professionals in identifying hidden dangers and more efficiently adopting countermeasure strategies. The simulation predicts that the existing strategy, fair reserves, can fully protect the platform in a typical market environment; however, in a highly volatile market where the token price drops by 60% in a single hour, it will be broken, causing more than $8 million in damage.

show abstract

NativeVRF: A Simplified Decentralized Random Number Generator on EVM Blockchains

Werapun

Karode

Suaboot

et al. 2023

Systems

View full text Add to dashboard Cite

Smart contracts refer to small programs that run in a decentralized blockchain infrastructure. The blockchain system is trustless, and the determination of common variables is done by consensus between peers. Developing applications that require generating random variables becomes significantly challenging—for instance, lotteries, games, and random assignments. Many random number generators (RNGs) for smart contracts have been developed for the decentralized environment. The methods can be classified into three categories: on-chain RNG, Verifiable Random Function (VRF), and the Commit–reveal scheme. Although the existing methods offer different strengths and weaknesses, none achieves the three important requirements for an ideal RNG solution: security, applicability, and cost efficiency. This paper proposes a novel RNG approach called Native VRF, which offers application development simplicity and cost efficiency while maintaining strong RNG security properties. Experimental results show that Native VRF has the same security properties as the widely used RNG methods, i.e., Randao and Chainlink VRF. On top of that, our work offers a much simpler setup process and lower hardware resources and developer expertise requirements. Most importantly, the proposed Native VRF is compatible with all Ethereum virtual machine (EVM) blockchains, contributing to the overall growth of the blockchain ecosystem.

show abstract

On the feasibility of attacking Thai LPR systems with adversarial examples

Jiamsuchon¹,

Suaboot²,

Rattanavipanon³

2023

Preprint

View full text Add to dashboard Cite

Recent advances in deep neural networks (DNNs) have significantly enhanced the capabilities of optical character recognition (OCR) technology, enabling its adoption to a wide range of real-world applications. Despite this success, DNNbased OCR is shown to be vulnerable to adversarial attacks, in which the adversary can influence the DNN model's prediction by carefully manipulating input to the model. Prior work has demonstrated the security impacts of adversarial attacks on various OCR languages. However, to date, no studies have been conducted and evaluated on an OCR system tailored specifically for the Thai language. To bridge this gap, this work presents a feasibility study of performing adversarial attacks on a specific Thai OCR application -Thai License Plate Recognition (LPR). Moreover, we propose a new type of adversarial attack based on the semi-targeted scenario and show that this scenario is highly realistic in LPR applications. Our experimental results show the feasibility of our attacks as they can be performed on a commodity computer desktop with over 90% attack success rate.

show abstract

The SWC-based Security Analysis Tool for Smart Contract Vulnerability Detection

Songsom

Werapun

Suaboot

et al. 2022

View full text Add to dashboard Cite

From Characters to Chaos: On the Feasibility of Attacking Thai OCR with Adversarial Examples

Jiamsuchon

Suaboot

Rattanavipanon

2023

View full text Add to dashboard Cite

Data Exfiltration Threats and Prevention Techniques

Tari¹,

Sohrabi²,

Samadi³

et al. 2023

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jakapan Suaboot

A Taxonomy of Supervised Learning for IDSs in SCADA Environments

Sub-curve HMM: A malware detection approach based on partial analysis of API call sequences

The Flash Loan Attack Analysis (FAA) Framework—A Case Study of the Warp Finance Exploitation

NativeVRF: A Simplified Decentralized Random Number Generator on EVM Blockchains

On the feasibility of attacking Thai LPR systems with adversarial examples

The SWC-based Security Analysis Tool for Smart Contract Vulnerability Detection

From Characters to Chaos: On the Feasibility of Attacking Thai OCR with Adversarial Examples

Data Exfiltration Threats and Prevention Techniques

Contact Info

Product

Resources

About