Filters








19,196 Hits in 4.6 sec

Adversarial Attacks against Neural Networks in Audio Domain: Exploiting Principal Components [article]

Ken Alparslan, Yigit Alparslan, Matthew Burlick
2021 arXiv   pre-print
With no knowledge regarding the model, parameters, or weights, we craft adversarial attacks by applying PCA to samples from Common Voice data set and achieve 100% adversarial success under black-box setting  ...  We also experiment with different percentage of components necessary to result in a classification during attacking process. In all cases, adversary becomes successful.  ...  Black-Box Attacks Black-Box attacks are not targeted. They are weaker but their advantage is that they don't have to have full adversarial knowledge regarding the model.  ... 
arXiv:2007.07001v3 fatcat:wwlih4unknakpeujgh74mqizxi

Aviation data networks: security issues and network architecture

N. Thanthry, R. Pendse
2005 IEEE Aerospace and Electronic Systems Magazine  
Ubiquitous access to the Internet has become an essential component of a mobUe workforce, and multiple mechanisms are being devised to ensure seamless connectivity to corporate resources.  ...  The Information Technology (IT) revolution, combined with people's need to access information quickly, has resulted in the explosive growth of the Internet in the past decade.  ...  ACKNOWLEDGEMENT This research work is partially funded by the Cisco Systems, Cessna Aircraft Company, and the State of Kansas.  ... 
doi:10.1109/maes.2005.1453803 fatcat:7nakwyfuorb3jbcqfyenndpohq

White-Box Cryptography [chapter]

Gerrit Bleumer, Alex Biryukov, Collin Jackson, Alban Gabillon, V. N. Venkatakrishnan, Amit Klein, Dario V Forte, Dario V Forte, Ernesto Damiani, Frdrique Biennier, William Stallings, Paulo S. L. M. Barreto (+8 others)
2011 Encyclopedia of Cryptography and Security  
This is in contrast with the more traditional security model where the attacker is only given a black-box access (i.e., inputs/outputs) to the cryptographic algorithm under consideration.  ...  ., black-box) threat models for encryption schemes are the chosen-plaintext attack (CPA) model and the chosen-ciphertext attack (CCA)  ...  Acknowledgments I am grateful to B. Preneel and B. Wyseur for sending a copy of [7] . I am also grateful to O. Billet, E. Diehl, and C. Salmon-Legagneur for comments.  ... 
doi:10.1007/978-1-4419-5906-5_627 fatcat:hcg3cqhaq5bf7awq32gc3ur7ja

Deep Neural Network Perception Models and Robust Autonomous Driving Systems [article]

Mohammad Javad Shafiee, Ahmadreza Jeddi, Amir Nazemi, Paul Fieguth,, Alexander Wong
2020 arXiv   pre-print
This paper analyzes the robustness of deep learning models in autonomous driving applications and discusses the practical solutions to address that.  ...  In other words, ensemble-based attacks generate adversarial samples using a white-box attack, which are then utilized to attack the target model in black box form, what is known as a transferable attack  ...  Typically the perturbation is measured using an l p norm: η = x − x p . (1) There are two types of adversarial attacks, white-box attacks and black-box attacks [16] .  ... 
arXiv:2003.08756v1 fatcat:w2ajk6ryrzg4bl5avd3thod5ti

Evaluation of Black-Box Web Application Security Scanners in Detecting Injection Vulnerabilities

Muzun Althunayyan, Neetesh Saxena, Shancang Li, Prosanta Gope
2022 Electronics  
To find web vulnerabilities before an attacker, security experts use black-box web application vulnerability scanners to check for security vulnerabilities in web applications.  ...  We also tested the black-box scanners in four modes to identify their limitations.  ...  For example, the common Angular framework is used in the front end to create a single-page application.  ... 
doi:10.3390/electronics11132049 fatcat:2ws2opko3fhwheczy7ug5gsr4u

Unsupervised Domain Adaptation of Black-Box Source Models [article]

Haojian Zhang, Yabin Zhang, Kui Jia, Lei Zhang
2021 arXiv   pre-print
domain; in other words, the source model itself is kept as a black-box one.  ...  and white-box attacks.  ...  However, exposing details of the trained source model for UDA use is prone to easily committed white-box attacks, bringing severe risks to source tasks themselves.  ... 
arXiv:2101.02839v2 fatcat:ushtjd2775eyjd57yxm4z5rxmu

Physically Realizable Adversarial Examples for LiDAR Object Detection

James Tu, Mengye Ren, Sivabalan Manivasagam, Ming Liang, Bin Yang, Richard Du, Frank Cheng, Raquel Urtasun
2020 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)  
Despite the fact that this poses a security concern for the self-driving industry, there has been very little exploration in terms of 3D perception, as most adversarial attacks have only been applied to  ...  In this paper, we address this issue and present a method to generate universal 3D adversarial objects to fool LiDAR detectors.  ...  Black box attack: A gradient-based attack is not always feasible in point cloud perception due to non-differentiable preprocessing stages that are common in modern point cloud detection models [41, 19  ... 
doi:10.1109/cvpr42600.2020.01373 dblp:conf/cvpr/TuRMLYDCU20 fatcat:f7ycwcr3zfdgllpi6ego5pgjhe

Physically Realizable Adversarial Examples for LiDAR Object Detection [article]

James Tu, Mengye Ren, Siva Manivasagam, Ming Liang, Bin Yang, Richard Du, Frank Cheng, Raquel Urtasun
2020 arXiv   pre-print
Despite the fact that this poses a security concern for the self-driving industry, there has been very little exploration in terms of 3D perception, as most adversarial attacks have only been applied to  ...  In this paper, we address this issue and present a method to generate universal 3D adversarial objects to fool LiDAR detectors.  ...  Black box attack: A gradient-based attack is not always feasible in point cloud perception due to non-differentiable preprocessing stages that are common in modern point cloud detection models [41, 19  ... 
arXiv:2004.00543v2 fatcat:ygq2dhrwuffcbbakhwttt4znia

Natural Black-Box Adversarial Examples against Deep Reinforcement Learning

Mengran Yu, Shiliang Sun
2022 PROCEEDINGS OF THE THIRTIETH AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE AND THE TWENTY-EIGHTH INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE CONFERENCE  
Black-box attacks in deep reinforcement learning usually retrain substitute policies to mimic behaviors of target policies as well as craft adversarial examples, and attack the target policies with these  ...  To the best of our knowledge, it is the first RL-based adversarial attack on a deep RL agent.  ...  The common practice of black-box attacks against DRL agents retrains a substitute policy in the same environment, crafts adversarial examples with the surrogate policy by utilizing white-box methods, and  ... 
doi:10.1609/aaai.v36i8.20876 fatcat:aidgsa77xfhtzke4wovikzo6l4

Search-based security testing of web applications

Julian Thomé, Alessandra Gorla, Andreas Zeller
2014 Proceedings of the 7th International Workshop on Search-Based Software Testing - SBST 2014  
As a black-box approach, BIO-FUZZ requires neither analysis nor instrumentation of server code; however, it even outperforms state-of-the-art whitebox vulnerability scanners.  ...  Our approach uses search-based testing to systematically evolve inputs to maximize their potential to expose vulnerabilities.  ...  Black-box Approach-SQLMAP sqlmap 7 is the most advanced black-box tool we are aware of.  ... 
doi:10.1145/2593833.2593835 dblp:conf/icse/ThomeGZ14 fatcat:nefk46prqrgqfjoqm5js3hnrnm

Defense Through Diverse Directions [article]

Christopher M. Bender, Yang Li, Yifeng Shi, Michael K. Reiter, Junier B. Oliva
2020 arXiv   pre-print
In this work we develop a novel Bayesian neural network methodology to achieve strong adversarial robustness without the need for online adversarial training.  ...  We demonstrate that by encouraging the network to distribute evenly across inputs, the network becomes less susceptible to localized, brittle features which imparts a natural robustness to targeted perturbations  ...  This quick increase and the disparity between white and black box performance in Table 1 may indicate that the penalty is prone to causing the defense to over fit by obfuscating gradients.  ... 
arXiv:2003.10602v1 fatcat:3j6h66e4m5hpbej5guif2onmxe

Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems [article]

Ron Bitton, Nadav Maman, Inderjeet Singh, Satoru Momiyama, Yuval Elovici, Asaf Shabtai
2021 arXiv   pre-print
Using the extension, security practitioners can apply attack graph analysis methods in environments that include ML components; thus, providing security practitioners with a methodological and practical  ...  In addition, to quantify the risk of adversarial machine learning (AML) threat, we introduce a novel scoring system, which assign a severity score to different AML attacks.  ...  A characteristic of an asset or a technology that makes them prone to an attack.  ... 
arXiv:2107.01806v2 fatcat:jxqg2zcax5gqdijfxo2bhy4f4m

The approaches to quantify web application security scanners quality: a review

Lim Kah Seng, Norafida Ithnin, Syed Zainudeen Mohd Said
2018 International Journal of Advanced Computer Research  
Acknowledgment We would like to express our gratitude to Dr Nilashi Mesbah for his contribution in sharing the knowledge.  ...  Besides this, we would also like to express our appreciation to Miss Hazinah Kutty Mammi upon her help in improving the paper quality and readability.  ...  It is also to clarify the strengths and limitations of white box and black box web application security scanners in vulnerability detection.  ... 
doi:10.19101/ijacr.2018.838012 fatcat:ta2yr6f2dvcvpiaon5xnmug4i4

Security of Deep Learning Methodologies: Challenges and Opportunities [article]

Shahbaz Rezaei, Xin Liu
2019 arXiv   pre-print
In this article, we highlight the security challenges and research opportunities of these methodologies, focusing on vulnerabilities and attacks unique to them.  ...  Any attack model that lays between while-box and black-box attack in terms of available information about the model is called gray-box attack.  ...  In other words, an attacker does not even have an access to the black-box meta-learner to send query to.  ... 
arXiv:1912.03735v1 fatcat:q3ttbz3n6ve63mnw35xmq66tx4

On Evaluating Adversarial Robustness [article]

Nicholas Carlini, Anish Athalye, Nicolas Papernot, Wieland Brendel, Jonas Rauber, Dimitris Tsipras, Ian Goodfellow, Aleksander Madry, Alexey Kurakin
2019 arXiv   pre-print
We hope that both researchers developing defenses as well as readers and reviewers who wish to understand the completeness of an evaluation consider our advice in order to avoid common pitfalls.  ...  Despite the significant amount of recent work attempting to design defenses that withstand adaptive attacks, few have succeeded; most papers that propose defenses are quickly shown to be incorrect.  ...  Acknowledgements We would like to thank Catherine Olsson and Úlfar Erlingsson for feedback on an early draft of this paper, and David Wagner for helpful discussions around content.  ... 
arXiv:1902.06705v2 fatcat:lvzbgzxnvbb2rgzd4tbiww2pjq
« Previous Showing results 1 — 15 out of 19,196 results