检索结果-内蒙古大学图书馆

Proceedings of the 41st International Conference on Machine Learning

作者： Xiaofan Bai Chaoxiang He Xiaojing Ma Bin Benjamin Zhu Hai Jin School of Cyber Science and Engineering Huazhong University of Science and Technology National Engineering Research Center for Big Data Technology and System and Services Computing Technology and System Lab and Hubei Engineering Research Center on Big Data Security and Hubei Key Laboratory of Distributed System Security Microsoft School of Computer Science and Technology Huazhong University of Science and Technology and National Engineering Research Center for Big Data Technology and System and Services Computing Technology and System Lab and Cluster and Grid Computing Lab.

Cloud-based AI services offer numerous benefits but also introduce vulnerabilities, allowing for tampering with deployed DNN models, ranging from injecting malicious behaviors to reducing computing resources. Fingerprint samples are generated to query models to detect such tampering. In this paper, we present Intersecting-Boundary-Sensitive Fingerprinting (IBSF), a novel method for black-box integrity verification of DNN models using only top-1 labels. Recognizing that tampering with a model alters its decision boundary, IBSF crafts fingerprint samples from normal samples by maximizing the partial Shannon entropy of a selected subset of categories to position the fingerprint samples near decision boundaries where the categories in the subset intersect. These fingerprint samples are almost indistinguishable from their source samples. We theoretically establish and confirm experimentally that these fingerprint samples' expected sensitivity to tampering increases with the cardinality of the subset. Extensive evaluation demonstrates that IBSF surpasses existing state-of-the-art fingerprinting methods, particularly with larger subset cardinality, establishing its state-of-the-art performance in black-box tampering detection using only top-1 labels. The IBSF code is available at: https://***/CGCL-codes/IBSF.

关键词：

来源：评论

学校读者我要写书评

暂无评论

CLNX: Bridging Code and Natural Language for C/C++ Vulnerability-Contributing Commits Identification

arXiv

引用

arXiv 2024年

作者： Qin, Zeqing Wu, Yiwei Han, Lansheng School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security China

Large Language Models (LLMs) have shown great promise in vulnerability identification. As C/C++ comprises half of the Open-Source Software (OSS) vulnerabilities over the past decade and updates in OSS mainly occur through commits, enhancing LLMs' ability to identify C/C++ Vulnerability-Contributing Commits (VCCs) is essential. However, current studies primarily focus on further pre-training LLMs on massive code datasets, which is resource-intensive and poses efficiency challenges. In this paper, we enhance the ability of BERT-based LLMs to identify C/C++ VCCs in a lightweight manner. We propose CodeLinguaNexus (CLNX) as a bridge facilitating communication between C/C++ programs and LLMs. Based on commits, CLNX efficiently converts the source code into a more natural representation while preserving key details. Specifically, CLNX first applies structure-level naturalization to decompose complex programs, followed by token-level naturalization to interpret complex symbols. We evaluate CLNX on public datasets of 25,872 C/C++ functions with their commits. The results show that CLNX significantly enhances the performance of LLMs on identifying C/C++ VCCs. Moreover, CLNX-equipped CodeBERT achieves new state-of-the-art and identifies 38 OSS vulnerabilities in the real *** Codes 68M25 Copyright © 2024, The Authors. All rights reserved.

关键词： Open source software

来源：评论

学校读者我要写书评

暂无评论

The Power of Bamboo: On the Post-Compromise security for Searchable Symmetric Encryption 30

The Power of Bamboo: On the Post-Compromise Security for Sea...

引用

30th Annual Network and Distributed system security Symposium, NDSS 2023

作者： Chen, Tianyang Xu, Peng Picek, Stjepan Luo, Bo Susilo, Willy Jin, Hai Liang, Kaitai National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab China Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering China Cluster and Grid Computing Lab School of Computer Science and Technology China Huazhong University of Science and Technology Wuhan430074 China Digital Security Group Radboud University Nijmegen Netherlands Department of EECS Institute of Information Sciences The University of Kansas LawrenceKS United States Institute of Cybersecurity and Cryptology School of Computing and Information Technology University of Wollongong WollongongNSW2522 Australia Faculty of Electrical Engineering Mathematics and Computer Science Delft University of Technology Delft2628 CD Netherlands

ISBN: (纸本)1891562835

Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated encrypted databases to an honest-but-curious server without losing keyword privacy. This paper studies a new and practical security risk to DSSE, namely, secret key compromise (e.g., a user’s secret key is leaked or stolen), which threatens all the security guarantees offered by existing DSSE schemes. To address this open problem, we introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates. We further define the notion of post-compromise secure with respect to leakage functions to study whether DSSE schemes can still provide data security after the client’s secret key is compromised. We demonstrate that post-compromise security is achievable with a proposed protocol called "Bamboo". Interestingly, the leakage functions of Bamboo satisfy the requirements for both forward and backward security. We conduct a performance evaluation of Bamboo using a real-world dataset and compare its runtime efficiency with the existing forward-and-backward secure DSSE schemes. The result shows that Bamboo provides strong security with better or comparable performance. © 2023 30th Annual Network and Distributed system security Symposium, NDSS 2023. All Rights Reserved.

关键词：

来源：评论

学校读者我要写书评

暂无评论

POINTERGUESS: targeted password guessing model using pointer mechanism 24

POINTERGUESS: targeted password guessing model using pointer...

引用

Proceedings of the 33rd USENIX Conference on security Symposium

作者： Kedong Xiu Ding Wang College of Cyber Science Nankai University Tianjin China and Key Laboratory of Data and Intelligent System Security (NKU) Ministry of Education Tianjin China and Tianjin Key Laboratory of Network and Data Security Technology Nankai University Tianjin China

ISBN: (纸本)9781939133441

Most existing targeted password guessing models view users' reuse behaviors as sequences of edit operations (e.g., insert and delete) performed on old passwords. These atomic edit operations are limited to modifying one character at a time and cannot fully cover users' complex password modification behaviors (e.g., modifying the password structure). This partially leads to a significant gap between the proportion of users' reused passwords and the success rates that existing targeted password models can achieve. To fill this gap, this paper models users' reuse behaviors by focusing on two key components: (1) What they want to copy/keep; (2) What they want to tweak. More specifically, we introduce the pointer mechanism and propose a new targeted guessing model, namely POINTERGUESS. By hierarchically redefining password reuse from both personal and population-wide perspectives, we can accurately and comprehensively characterize users' password reuse behaviors. Moreover, we propose MS-POINTERGUESS, which can employ the victim's multiple leaked *** employing 13 large-scale real-world password datasets, we demonstrate that POINTERGUESS is effective: (1) When the victim's password at site A (namely pwA) is known, within 100 guesses, the average success rate of POINTERGUESS in guessing her password at site B (namely pwB, pwA ≠ pwB) is 25.21% (for common users) and 12.34% (for security-savvy users), respectively, which is 21.23%~71.54% (38.37% on average) higher than its foremost counterparts; (2) When not excluding identical password pairs (i.e., pwA can equal pwB), within 100 guesses, the average success rate of POINTERGUESS is 48.30% (for common users) and 28.42% (for security-savvy users), respectively, which is 6.31%~15.92% higher than its foremost counterparts; (3) Within 100 guesses, the MS-POINTERGUESS further improves the cracking success rate by 31.21% compared to POINTERGUESS.

关键词：

来源：评论

学校读者我要写书评

暂无评论

A First Look at LLM-powered Smartphones

A First Look at LLM-powered Smartphones

引用

IEEE/ACM International Conference on Automated Software Engineering - Workshops (ASE Workshops)

作者： Liangxuan Wu Yanjie Zhao Chao Wang Tianming Liu Haoyu Wang Huazhong University of Science and Technology Wuhan China Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology

ISBN: (数字)9798400712494

ISBN: (纸本)9798331523169

The integration of Large Language Models (LLMs) into edge devices such as smartphones represents a significant leap in mobile technology, promising enhanced user experiences and novel functionalities. This paper presents a first look at LLM-powered smartphones, addressing four key aspects: the current market landscape, core functions enabled by integrated LLMs, potential security risks, and user perceptions. The findings reveal a rapidly evolving market with major manufacturers competing to integrate LLMs, innovative features that improve user interaction, significant security challenges, and mixed user perceptions that balance enthusiasm for new capabilities with privacy concerns. This study contributes to understanding LLM integration in mobile devices and its implications for users, manufacturers, and the broader technological landscape.

关键词： Industries Privacy Technological innovation Ethics Large language models Conferences User experience security Smart phones Software engineering

来源：评论

学校读者我要写书评

暂无评论

Application Research of Vertical Federated Learning Technology in Banking Risk Control Model Strategy 21

Application Research of Vertical Federated Learning Technolo...

引用

21st IEEE International Symposium on Parallel and Distributed Processing with Applications, 13th IEEE International Conference on Big data and Cloud Computing, 16th IEEE International Conference on Social Computing and Networking and 13th International Conference on Sustainable Computing and Communications, ISPA/BDCloud/SocialCom/SustainCom 2023

作者： Luo, Yong Lu, Zhi Yin, Xiaofei Lu, Songfeng Weng, Yiting Huazhong University of Science and Technology Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Wuhan China China Minsheng Banking Corp. Ltd. Beijing China Shenzhen Huazhong University of Science and Technology Research Institute Wuhan China Shu Lun Pan Beijing China

ISBN: (纸本)9798350329223

This study centers on the application of vertical federated learning technology in the context of Internet banking loans, with a particular focus on innovations in data privacy protection, risk control model algorithms, and secure multi-party computation. Currently, banking risk control strategies mainly rely on traditional data processing technologies, which often fall short in protecting user privacy and ensuring data usage efficiency. We adopt vertical federated learning technology, offering an innovative solution for the Internet banking loan scenario. Firstly, regarding data privacy protection, we propose a differential privacy mechanism to safeguard user-sensitive data. Secondly, we innovatively apply risk control model algorithms, facilitating collaborative modeling across multiple Internet loan platforms through federated learning. Furthermore, we introduce secure multi-party computation technology to ensure the secure transmission of data and confidentiality of computation processes during federated learning. Through empirical experiments on real Internet loan datasets, we validate the effectiveness and feasibility of our proposed methods. After implementing our risk control model, the credit approval rate increased from 3.44% to 18.2%, with a single-day high reaching 25.53%. The average loan amount increased by 7,700 yuan, and the average interest rate slightly declined by 0.48%, marking a significant improvement and breakthrough compared to traditional risk control models. This study offers innovative solutions for data privacy protection and risk control in the Internet loan scenario, providing safer and more reliable services for financial institutions and users. Moreover, our methods possess high practicality and promotional value. The potential widespread impact on the industry is profound. © 2023 IEEE.

关键词： Risk management

来源：评论

学校读者我要写书评

暂无评论

Learning Time Slot Preferences via Mobility Tree for Next POI Recommendation

arXiv

引用

arXiv 2024年

作者： Huang, Tianhao Pan, Xuan Cai, Xiangrui Zhang, Ying Yuan, Xiaojie College of Computer Science Nankai University China Tianjin Key Laboratory Network and Data Security Technology Tianjin China Key Laboratory of Data and Intelligent System Security Ministry of Education China Science and Technology on Communication Networks Laboratory Shijiazhuang China

Next Point-of-Interests (POIs) recommendation task aims to provide a dynamic ranking of POIs based on users’ current check-in trajectories. The recommendation performance of this task is contingent upon a comprehensive understanding of users’ personalized behavioral patterns through Location-based Social Networks (LBSNs) data. While prior studies have adeptly captured sequential patterns and transitional relationships within users’ check-in trajectories, a noticeable gap persists in devising a mechanism for discerning specialized behavioral patterns during distinct time slots, such as noon, afternoon, or evening. In this paper, we introduce an innovative data structure termed the "Mobility Tree", tailored for hierarchically describing users’ check-in records. The Mobility Tree encompasses multi-granularity time slot nodes to learn user preferences across varying temporal periods. Meanwhile, we propose the Mobility Tree Network (MTNet), a multitask framework for personalized preference learning based on Mobility Trees. We develop a four-step node interaction operation to propagate feature information from the leaf nodes to the root node. Additionally, we adopt a multitask training strategy to push the model towards learning a robust representation. The comprehensive experimental results demonstrate the superiority of MTNet over ten state-of-the-art next POI recommendation models across three real-world LBSN datasets, substantiating the efficacy of time slot preference learning facilitated by Mobility Tree. Copyright © 2024, The Authors. All rights reserved.

关键词： Trees (mathematics)

来源：评论

学校读者我要写书评

暂无评论

BadActs: A Universal Backdoor Defense in the Activation Space

arXiv

引用

arXiv 2024年

作者： Yi, Biao Chen, Sishuo Li, Yiming Li, Tong Zhang, Baolei Liu, Zheli College of Cyber Science Key Laboratory of Data and Intelligent System Security Ministry of Education Nankai University China Center for Data Science Peking University China Nanyang Technological University Singapore

Backdoor attacks pose an increasingly severe security threat to Deep Neural Networks (DNNs) during their development stage. In response, backdoor sample purification has emerged as a promising defense mechanism, aiming to eliminate backdoor triggers while preserving the integrity of the clean content in the samples. However, existing approaches have been predominantly focused on the word space, which are ineffective against featurespace triggers and significantly impair performance on clean data. To address this, we introduce a universal backdoor defense that purifies backdoor samples in the activation space by drawing abnormal activations towards optimized minimum clean activation distribution intervals. The advantages of our approach are twofold: (1) By operating in the activation space, our method captures from surface-level information like words to higher-level semantic concepts such as syntax, thus counteracting diverse triggers;(2) the fine-grained continuous nature of the activation space allows for more precise preservation of clean content while removing triggers. Furthermore, we propose a detection module based on statistical information of abnormal activations, to achieve a better trade-off between clean accuracy and defending performance. Extensive experiments on diverse datasets and against diverse attacks (including syntax and style attacks) demonstrate that our defense achieves state-of-the-art performance. Copyright © 2024, The Authors. All rights reserved.

关键词： Chemical activation

来源：评论

学校读者我要写书评

暂无评论

Coping With a Severely Changing Number of Objectives in Dynamic Multi-Objective Optimization

引用

IEEE Transactions on Evolutionary Computation 2025年

作者： Ruan, Gan Hou, Zhanglu Yao, Xin Lingnan University School of Data Science Hong Kong Xiangtan University Hunan Engineering Research Center of Intelligent System Optimization and Security Hunan Province Xiangtan411105 China

In dynamic multi-objective optimization problems (DMOPs) where the number of objectives changes, the Pareto-optimal set (PS) manifold may expand or contract over time. Knowledge transfer has been utilized to solve DMOPs because it can transfer valuable information from one problem-solving instance (i.e., source) to solving another related problem instance. However, existing transfer approaches suffer from poor diversity and convergence after a severe increase and decrease in the number of objectives, respectively. The reason is that most transfer approaches simply transfer knowledge from the solutions before the change, which causes degeneration in quality of transferred solutions due to dissimilarity between the problem instances before and after the severe change. In this paper, we propose a simple-yet-effective transfer approach, called similarity transfer approach (STA) to tackling a severely changing number of objectives. It selects the historically most similar environment to the current one as the source problem instance and transfers knowledge from that environment. Furthermore, a novel strategy of randomization enhancing transfer diversity is proposed in STA if the transfer from the most similar environment still lacks sufficient diversity when increasing the number of objectives. Comprehensive studies using 13 DMOP benchmarks with a severely changing number of objectives demonstrate that our proposed STA is effective in improving solution quality not only immediately after changes but also after optimization, in comparison to state-of-the-art algorithms. © 1997-2012 IEEE.

关键词： Optimization algorithms

来源：评论

学校读者我要写书评

暂无评论

Advancing Healthcare IoT: Blockchain and Federated Learning Integration for Enhanced security and Insights

Advancing Healthcare IoT: Blockchain and Federated Learning ...

引用

2024 International Conference on Communication, Computer sciences and Engineering, IC3SE 2024

作者： Malik, Rida Ur-Rehaman, Atta Razzaq, Hamza Bhatt, Chandradeep Kaushik, Keshav Khan, Inam Ullah Riphah Institute Of System Engineering Department Of Information Security Islamabad Pakistan Riphah Institute Of System Engineering Department Of Data Science Islamabad Pakistan Graphic Era Hill University Department Of Cse Uttarakhand India Graphic Era Deemed To Be University Uttarakhand Dehradun India School Of Computer Science University Of Petroleum And Energy Studies Dehradun India Seas Isra University Department Of Electronic Engineering Islamabad Campus Pakistan

ISBN: (纸本)9798350366846

Fast-growing IoT devices in healthcare have ushered in a new era of data-driven patient care and treatment. These gadgets capture too much sensitive medical data, a major issue. We need to boost data analysis, security, and privacy. This research uses cutting-edge concepts like federated learning and blockchain technology to improve Healthcare IoT analytics and security. This study examines blockchain and federated learning's numerous integration aspects. It begins with data security, employing blockchain's immutability and decentralization to prevent manipulation. Federation learning was utilized to solve privacy concerns while adhering to tight healthcare data security regulations, providing strong data analysis without releasing raw, patient-specific information. This study examines how federated learning and blockchain technologies enhance healthcare IoT systems' analytics. This connection allows safe, collaborative analysis among healthcare professionals and devices, offering more insights for research, diagnostics, and tailored patient care. How to integrate these cutting-edge technologies into healthcare IoT networks is also explored. © 2024 IEEE.

关键词： Diagnosis

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：