Deep neural network(DNN)has strong representation learning ability,but it is vulnerable and easy to be fooled by adversarial examples.In order to handle the vulnerability of DNN,many methods have been proposed.The gen...Deep neural network(DNN)has strong representation learning ability,but it is vulnerable and easy to be fooled by adversarial examples.In order to handle the vulnerability of DNN,many methods have been proposed.The general idea of existing methods is to reduce the chance of DNN models being fooled by observing some designed adversarial examples,which are generated by adding perturbations to the original images.In this paper,we propose a novel adversarial example generation method,called DCVAE-adv.Different from the existing methods,DCVAE-adv constructs adversarial examples by mixing both explicit and implicit perturbations without using original images.Furthermore,the proposed method can be applied to both white box and black box attacks.In addition,in the inference stage,the adversarial examples can be generated without loading the original images into memory,which greatly reduces the memory overhead.We compared DCVAE-adv with three most advanced adversarial attack algorithms:FGSM,AdvGAN,and AdvGAN++.The experimental results demonstrate that DCVAE-adv is superior to these state-of-the-art methods in terms of attack success rate and transfer ability for targeted attack.Our code is available at https://github.com/xzforeverlove/DCVAE-adv.展开更多
The white-box attack is a new attack context in which it is assumed that cryptographic software is implemented on an un-trusted platform and all the implementation details are controlled by the attackers. So far, almo...The white-box attack is a new attack context in which it is assumed that cryptographic software is implemented on an un-trusted platform and all the implementation details are controlled by the attackers. So far, almost all white-box solutions have been broken. In this study, we propose a white-box encryption scheme that is not a variant of obfuscating existing ciphers but a completely new solution. The new scheme is based on the unbalanced Feistel network as well as the ASASASA (where "A" means affine, and "S" means substitution) structure. It has an optional input block size and is suitable for saving space compared with other solutions because the space requirement grows slowly (linearly) with the growth of block size. Moreover, our scheme not only has huge white-box diversity and white-box ambiguity but also has a particular construction to bypass public white-box cryptanalysis techniques, including attacks aimed at white-box variants of existing ciphers and attacks specific to the ASASASA structure. More precisely, we present a definition of white-box security with regard to equivalent key, and prove that our scheme satisfies such security requirement.展开更多
White-box cryptography is critical in a communication system to protect the secret key from being disclosed in a cryptographic algorithm code implementation.The stream cipher is a main dataflow encryption approach in ...White-box cryptography is critical in a communication system to protect the secret key from being disclosed in a cryptographic algorithm code implementation.The stream cipher is a main dataflow encryption approach in mobile communication.However,research work on white-box cryptographic implementation for stream cipher is rare.A new white-box Zu Chongzhi-128(ZUC-128)cryptographic implementation algorithm named WBZUC was proposed.WBZUC adopts lookup table and random coding in the non-linear function to make the intermediate value chaotic without changing the final encryption result.Thus,the WBZUC algorithm’s security gets improved compared with the original ZUC-128 algorithm.As for the efficiency,a test experiment on WBZUC shows that the average speed of key generation,encryption,and decryption can reach at 33.74 kbit/s,23.31 kbit/s,24.06 kbit/s respectively.Despite its running speed is relatively a bit lower than original ZUC-128 algorithm,WBZUC can provide better security and comprehensive performance in mobile communication system environment.展开更多
The majority of published empirical correlations and mechanistic models are unable to provide accurate flowing bottom-hole pressure(FBHP)predictions when real-time field well data are used.This is because the empirica...The majority of published empirical correlations and mechanistic models are unable to provide accurate flowing bottom-hole pressure(FBHP)predictions when real-time field well data are used.This is because the empirical correlations and the empirical closure correlations for the mechanistic models were developed with experimental datasets.In addition,most machine learning(ML)FBHP prediction models were constructed with real-time well data points and published without any visible mathematical equation.This makes it difficult for other readers to use these ML models since the datasets used in their development are not open-source.This study presents a white-box adaptive neuro-fuzzy inference system(ANFIS)model for real-time prediction of multiphase FBHP in wellbores.1001 real well data points and 1001 normalized well data points were used in constructing twenty-eight different Takagi eSugeno fuzzy inference systems(FIS)structures.The dataset was divided into two sets;80%for training and 20%for testing.Statistical performance analysis showed that a FIS with a 0.3 range of influence and trained with a normalized dataset achieved the best FBHP prediction performance.The optimal ANFIS black-box model was then translated into the ANFIS white-box model with the Gaussian input and the linear output membership functions and the extracted tuned premise and consequence parameter sets.Trend analysis revealed that the novel ANFIS model correctly simulates the anticipated effect of input parameters on FBHP.In addition,graphical and statistical error analyses revealed that the novel ANFIS model performed better than published mechanistic models,empirical correlations,and machine learning models.New training datasets covering wider input parameter ranges should be added to the original training dataset to improve the model's range of applicability and accuracy.展开更多
Deep neural networks are vulnerable to attacks from adversarial inputs.Corresponding attack research on human pose estimation(HPE),particularly for body joint detection,has been largely unexplored.Transferring classif...Deep neural networks are vulnerable to attacks from adversarial inputs.Corresponding attack research on human pose estimation(HPE),particularly for body joint detection,has been largely unexplored.Transferring classification-based attack methods to body joint regression tasks is not straightforward.Another issue is that the attack effectiveness and imperceptibility contradict each other.To solve these issues,we propose local imperceptible attacks on HPE networks.In particular,we reformulate imperceptible attacks on body joint regression into a constrained maximum allowable attack.Furthermore,we approximate the solution using iterative gradient-based strength refinement and greedy-based pixel selection.Our method crafts effective perceptual adversarial attacks that consider both human perception and attack effectiveness.We conducted a series of imperceptible attacks against state-of-the-art HPE methods,including HigherHRNet,DEKR,and ViTPose.The experimental results demonstrate that the proposed method achieves excellent imperceptibility while maintaining attack effectiveness by significantly reducing the number of perturbed pixels.Approximately 4%of the pixels can achieve sufficient attacks on HPE.展开更多
As it has been stepping into the e-time period, software, which is considered as the key factor of the network and computer development, has become an integral part of everyday life. Millions of people may perform tra...As it has been stepping into the e-time period, software, which is considered as the key factor of the network and computer development, has become an integral part of everyday life. Millions of people may perform transaction through internet, mobile phone, ATM, and send e-mails, handle word processing or spreadsheets for different purposes. In another word, the network and information have been related to our daily life completely. Then, by IT advancing, the awareness of software security becomes a hot and serious topic. This paper will give some comments in various aspects, such as, in the beginning of the SDLC (System Development Life Cycle), how do designers analyze the functional and non-functional requirements and choose the proper development model? And then the testing professors take which kinds of methods to test the software with white-box testing or black-box testing to discover the vulnerabilities and flaws. At the same time, the paper gives some examples to demonstrate why the security of software is pretty important and what we should do to secure that. In addition, the paper will talk something about the enterprises’ actions to build a more secure network environment.展开更多
Digital rights management(DRM) applications are usually confronted with threats like key extraction, code lifting, and illegal distribution. White-box cryptography aims at protecting software implementations of crypto...Digital rights management(DRM) applications are usually confronted with threats like key extraction, code lifting, and illegal distribution. White-box cryptography aims at protecting software implementations of cryptographic algorithms and can be employed into DRM applications to provide security. A general DRM solution based on white-box cryptography was proposed to address the three threats mentioned above. The method is to construct a general perturbation-enabled white-box compiler for lookup-table based white-box block ciphers, such that the white-box program generated by this compiler provides traceability along with resistance against key extraction and code lifting. To get a traceable white-box program, the idea of hiding a slight perturbation in the lookup-table was employed, aiming at perturbing its decryption functionality, so that each user can be identified. Security analysis and experimental results show that the proposed DRM solution is secure and practical.展开更多
基金supported by the Key R&D Program of Science and Technology Foundation of Hebei Province(No.19210310D)the Natural Science Foundation of Hebei Province(No.F2021201020).
文摘Deep neural network(DNN)has strong representation learning ability,but it is vulnerable and easy to be fooled by adversarial examples.In order to handle the vulnerability of DNN,many methods have been proposed.The general idea of existing methods is to reduce the chance of DNN models being fooled by observing some designed adversarial examples,which are generated by adding perturbations to the original images.In this paper,we propose a novel adversarial example generation method,called DCVAE-adv.Different from the existing methods,DCVAE-adv constructs adversarial examples by mixing both explicit and implicit perturbations without using original images.Furthermore,the proposed method can be applied to both white box and black box attacks.In addition,in the inference stage,the adversarial examples can be generated without loading the original images into memory,which greatly reduces the memory overhead.We compared DCVAE-adv with three most advanced adversarial attack algorithms:FGSM,AdvGAN,and AdvGAN++.The experimental results demonstrate that DCVAE-adv is superior to these state-of-the-art methods in terms of attack success rate and transfer ability for targeted attack.Our code is available at https://github.com/xzforeverlove/DCVAE-adv.
基金This work was supported by the National Natural Science Foundation of China under Grant Nos. 61272440, 61472251, and U1536101, and China Postdoctoral Science Foundation under Grant Nos. 2013M531174 and 2014T70417.
文摘The white-box attack is a new attack context in which it is assumed that cryptographic software is implemented on an un-trusted platform and all the implementation details are controlled by the attackers. So far, almost all white-box solutions have been broken. In this study, we propose a white-box encryption scheme that is not a variant of obfuscating existing ciphers but a completely new solution. The new scheme is based on the unbalanced Feistel network as well as the ASASASA (where "A" means affine, and "S" means substitution) structure. It has an optional input block size and is suitable for saving space compared with other solutions because the space requirement grows slowly (linearly) with the growth of block size. Moreover, our scheme not only has huge white-box diversity and white-box ambiguity but also has a particular construction to bypass public white-box cryptanalysis techniques, including attacks aimed at white-box variants of existing ciphers and attacks specific to the ASASASA structure. More precisely, we present a definition of white-box security with regard to equivalent key, and prove that our scheme satisfies such security requirement.
基金supported by the Beijing Natural Science Foundation(4232034)the Fundamental Research Funds for the Central Universities(328202222)the“Communication Engineering”and“Electronic Information Engineering”National First-Class Undergraduate Major Construction Project。
文摘White-box cryptography is critical in a communication system to protect the secret key from being disclosed in a cryptographic algorithm code implementation.The stream cipher is a main dataflow encryption approach in mobile communication.However,research work on white-box cryptographic implementation for stream cipher is rare.A new white-box Zu Chongzhi-128(ZUC-128)cryptographic implementation algorithm named WBZUC was proposed.WBZUC adopts lookup table and random coding in the non-linear function to make the intermediate value chaotic without changing the final encryption result.Thus,the WBZUC algorithm’s security gets improved compared with the original ZUC-128 algorithm.As for the efficiency,a test experiment on WBZUC shows that the average speed of key generation,encryption,and decryption can reach at 33.74 kbit/s,23.31 kbit/s,24.06 kbit/s respectively.Despite its running speed is relatively a bit lower than original ZUC-128 algorithm,WBZUC can provide better security and comprehensive performance in mobile communication system environment.
文摘The majority of published empirical correlations and mechanistic models are unable to provide accurate flowing bottom-hole pressure(FBHP)predictions when real-time field well data are used.This is because the empirical correlations and the empirical closure correlations for the mechanistic models were developed with experimental datasets.In addition,most machine learning(ML)FBHP prediction models were constructed with real-time well data points and published without any visible mathematical equation.This makes it difficult for other readers to use these ML models since the datasets used in their development are not open-source.This study presents a white-box adaptive neuro-fuzzy inference system(ANFIS)model for real-time prediction of multiphase FBHP in wellbores.1001 real well data points and 1001 normalized well data points were used in constructing twenty-eight different Takagi eSugeno fuzzy inference systems(FIS)structures.The dataset was divided into two sets;80%for training and 20%for testing.Statistical performance analysis showed that a FIS with a 0.3 range of influence and trained with a normalized dataset achieved the best FBHP prediction performance.The optimal ANFIS black-box model was then translated into the ANFIS white-box model with the Gaussian input and the linear output membership functions and the extracted tuned premise and consequence parameter sets.Trend analysis revealed that the novel ANFIS model correctly simulates the anticipated effect of input parameters on FBHP.In addition,graphical and statistical error analyses revealed that the novel ANFIS model performed better than published mechanistic models,empirical correlations,and machine learning models.New training datasets covering wider input parameter ranges should be added to the original training dataset to improve the model's range of applicability and accuracy.
基金National Natural Science Foundation of China,No.61972458Natural Science Foundation of Zhejiang Province,No.LZ23F020002.
文摘Deep neural networks are vulnerable to attacks from adversarial inputs.Corresponding attack research on human pose estimation(HPE),particularly for body joint detection,has been largely unexplored.Transferring classification-based attack methods to body joint regression tasks is not straightforward.Another issue is that the attack effectiveness and imperceptibility contradict each other.To solve these issues,we propose local imperceptible attacks on HPE networks.In particular,we reformulate imperceptible attacks on body joint regression into a constrained maximum allowable attack.Furthermore,we approximate the solution using iterative gradient-based strength refinement and greedy-based pixel selection.Our method crafts effective perceptual adversarial attacks that consider both human perception and attack effectiveness.We conducted a series of imperceptible attacks against state-of-the-art HPE methods,including HigherHRNet,DEKR,and ViTPose.The experimental results demonstrate that the proposed method achieves excellent imperceptibility while maintaining attack effectiveness by significantly reducing the number of perturbed pixels.Approximately 4%of the pixels can achieve sufficient attacks on HPE.
文摘As it has been stepping into the e-time period, software, which is considered as the key factor of the network and computer development, has become an integral part of everyday life. Millions of people may perform transaction through internet, mobile phone, ATM, and send e-mails, handle word processing or spreadsheets for different purposes. In another word, the network and information have been related to our daily life completely. Then, by IT advancing, the awareness of software security becomes a hot and serious topic. This paper will give some comments in various aspects, such as, in the beginning of the SDLC (System Development Life Cycle), how do designers analyze the functional and non-functional requirements and choose the proper development model? And then the testing professors take which kinds of methods to test the software with white-box testing or black-box testing to discover the vulnerabilities and flaws. At the same time, the paper gives some examples to demonstrate why the security of software is pretty important and what we should do to secure that. In addition, the paper will talk something about the enterprises’ actions to build a more secure network environment.
基金supported by the National Key Research and Development Program of China (2017YFB0802000)the National Natural Science Foundations of China (61672412,61972457)the National Cryptography Development Fund of China (MMJJ20170104, MMJJ20180219)。
文摘Digital rights management(DRM) applications are usually confronted with threats like key extraction, code lifting, and illegal distribution. White-box cryptography aims at protecting software implementations of cryptographic algorithms and can be employed into DRM applications to provide security. A general DRM solution based on white-box cryptography was proposed to address the three threats mentioned above. The method is to construct a general perturbation-enabled white-box compiler for lookup-table based white-box block ciphers, such that the white-box program generated by this compiler provides traceability along with resistance against key extraction and code lifting. To get a traceable white-box program, the idea of hiding a slight perturbation in the lookup-table was employed, aiming at perturbing its decryption functionality, so that each user can be identified. Security analysis and experimental results show that the proposed DRM solution is secure and practical.
