The majority of machine learning methodologies operate with the assumption that their environment is benign. However, this assumption does not always hold, as it is often advantageous to adversaries to maliciously modify the training (poisoning attacks) or test data (evasion attacks). Such attacks can be catastrophic given the growth and the penetration of machine learning applications in society. Therefore, there is a need to secure machine learning enabling the safe adoption of it in adversarial cases, such as spam filtering, malware detection, and biometric recognition. This paper presents a taxonomy and survey of attacks against systems that use machine learning. It organizes the body of knowledge in adversarial machine learning so as to identify the aspects where researchers from different fields can contribute to. The taxonomy identifies attacks which share key characteristics and as such can potentially be addressed by the same defense approaches. Thus, the proposed taxonomy makes it easier to understand the existing attack landscape towards developing defence mechanisms, which are not investigated in this survey. The taxonomy is also leveraged to identify open problems that can lead to new research areas within the field of adversarial machine learning.
Abstract. In this paper, we present an Intrusion Detection System designed for wireless sensor networks and show how it can be configured to detect Sinkhole attacks. A Sinkhole attack forms a serious threat to sensor networks. We study in depth this attack by presenting how it can be launched in realistic networks that use the MintRoute protocol of TinyOS. MintRoute is the most widely used routing protocol in sensor network deployments, using the link quality metric to build the corresponding routing tree. Having implemented this attack in TinyOS, we embed the appropriate rules in our IDS system that will enable it to detect successfully the intruder node. We demonstrate this in our own sensor network deployment and we also present simulation results to confirm the effectiveness and accuracy of the algorithm in the general case of random topologies.
Abstract-Modern vehicles are no longer mere mechanical devices; they comprise dozens of digital computing platforms, coordinated by an in-vehicle network, and have the potential to significantly enhance the digital life of individuals on the road. While this transformation has driven major advancements in road safety and transportation efficiency, significant work remains to be done to support the security and privacy requirements of the envisioned ecosystem of commercial services and applications (i.e., Internet access, video streaming, etc.). In the era when "service is everything and everything is a service", Vehicular Communication (VC) systems cannot escape from this ongoing trend towards multi-service environments accessible from anywhere. To meet the diverse requirements of vehicle operators and Service Providers (SPs), we present SEROSA, a service-oriented security and privacy-preserving architecture for VC. By synthesizing existing VC standards and Web Services (WS), our architecture provides comprehensive identity and service management while ensuring interoperability with existing SPs. We fully implement our system and extensively assess its efficiency, practicality, and dependability. Overall, SEROSA significantly extends the state of the art and serves as a catalyst for the integration of vehicles into the vast domain of Internet-based services.
Recent advances in sensing, computing, and networking have paved the way for the emerging paradigm of Mobile Crowd Sensing (MCS). The openness of such systems and the richness of data MCS users are expected to contribute to them raise significant concerns for their security, privacypreservation and resilience. Prior works addressed different aspects of the problem. But in order to reap the benefits of this new sensing paradigm, we need a holistic solution. That is, a secure and accountable MCS system that preserves user privacy, and enables the provision of incentives to the participants. At the same time, we are after a MCS architecture that is resilient to abusive users and guarantees privacy protection even against multiple misbehaving and intelligent MCS entities (servers). In this work, we meet these challenges and propose a comprehensive security and privacy-preserving architecture. With a full blown implementation, on real mobile devices, and experimental evaluation we demonstrate our system's efficiency, practicality, and scalability. Last but not least, we formally assess the achieved security and privacy properties. Overall, our system offers strong security and privacy-preservation guarantees, thus, facilitating the deployment of trustworthy MCS applications.
Abstract-In this paper, we propose a novel secure and privacypreserving solution for V2X systems leveraging widely accepted trusted computing technologies. Our approach systematically addresses all key aspects, i.e., security, privacy and accountability (revocation). By reflecting on state-of-the-art pseudonym architectures, we identify their limitations focusing on pseudonym reusage policies and revocation mechanisms. We propose the use of Direct Anonymous Attestation (DAA) algorithms to enhance existing V2X security architectures. The novelty of our proposed solution is its decentralized approach in shifting trust from the infrastructure to vehicles. Applying DAA in V2X enables enhanced privacy protection than is possible in current architectures through user-controlled linkability. The paper presents the incorporation of DAA algorithms within V2X together with rigorous security and privacy arguments.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.