-
Expanding the Attack Scenarios of SAE J1939: A Comprehensive Analysis of Established and Novel Vulnerabilities in Transport Protocol
Authors:
Hwejae Lee,
Hyosun Lee,
Saehee Jun,
Huy Kang Kim
Abstract:
Following the enactment of the UN Regulation, substantial efforts have been directed toward implementing intrusion detection and prevention systems (IDPSs) and vulnerability analysis in Controller Area Network (CAN). However, Society of Automotive Engineers (SAE) J1939 protocol, despite its extensive application in camping cars and commercial vehicles, has seen limited vulnerability identification…
▽ More
Following the enactment of the UN Regulation, substantial efforts have been directed toward implementing intrusion detection and prevention systems (IDPSs) and vulnerability analysis in Controller Area Network (CAN). However, Society of Automotive Engineers (SAE) J1939 protocol, despite its extensive application in camping cars and commercial vehicles, has seen limited vulnerability identification, which raises significant safety concerns in the event of security breaches. In this research, we explore and demonstrate attack techniques specific to SAE J1939 communication protocol. We introduce 14 attack scenarios, enhancing the discourse with seven scenarios recognized in the previous research and unveiling seven novel scenarios through our elaborate study. To verify the feasibility of these scenarios, we leverage a sophisticated testbed that facilitates real-time communication and the simulation of attacks. Our testing confirms the successful execution of 11 scenarios, underscoring their imminent threat to commercial vehicle operations. Some attacks will be difficult to detect because they only inject a single message. These results highlight unique vulnerabilities within SAE J1939 protocol, indicating the automotive cybersecurity community needs to address the identified risks.
△ Less
Submitted 2 June, 2024;
originally announced June 2024.
-
Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices
Authors:
Younghan Lee,
Sohee Jun,
Yungi Cho,
Woorim Han,
Hyungon Moon,
Yunheung Paek
Abstract:
With growing popularity, deep learning (DL) models are becoming larger-scale, and only the companies with vast training datasets and immense computing power can manage their business serving such large models. Most of those DL models are proprietary to the companies who thus strive to keep their private models safe from the model extraction attack (MEA), whose aim is to steal the model by training…
▽ More
With growing popularity, deep learning (DL) models are becoming larger-scale, and only the companies with vast training datasets and immense computing power can manage their business serving such large models. Most of those DL models are proprietary to the companies who thus strive to keep their private models safe from the model extraction attack (MEA), whose aim is to steal the model by training surrogate models. Nowadays, companies are inclined to offload the models from central servers to edge/endpoint devices. As revealed in the latest studies, adversaries exploit this opportunity as new attack vectors to launch side-channel attack (SCA) on the device running victim model and obtain various pieces of the model information, such as the model architecture (MA) and image dimension (ID). Our work provides a comprehensive understanding of such a relationship for the first time and would benefit future MEA studies in both offensive and defensive sides in that they may learn which pieces of information exposed by SCA are more important than the others. Our analysis additionally reveals that by grasping the victim model information from SCA, MEA can get highly effective and successful even without any prior knowledge of the model. Finally, to evince the practicality of our analysis results, we empirically apply SCA, and subsequently, carry out MEA under realistic threat assumptions. The results show up to 5.8 times better performance than when the adversary has no model information about the victim model.
△ Less
Submitted 5 March, 2024;
originally announced March 2024.
-
Five A$^{+}$ Network: You Only Need 9K Parameters for Underwater Image Enhancement
Authors:
Jingxia Jiang,
Tian Ye,
Jinbin Bai,
Sixiang Chen,
Wenhao Chai,
Shi Jun,
Yun Liu,
Erkang Chen
Abstract:
A lightweight underwater image enhancement network is of great significance for resource-constrained platforms, but balancing model size, computational efficiency, and enhancement performance has proven difficult for previous approaches. In this work, we propose the Five A$^{+}$ Network (FA$^{+}$Net), a highly efficient and lightweight real-time underwater image enhancement network with only…
▽ More
A lightweight underwater image enhancement network is of great significance for resource-constrained platforms, but balancing model size, computational efficiency, and enhancement performance has proven difficult for previous approaches. In this work, we propose the Five A$^{+}$ Network (FA$^{+}$Net), a highly efficient and lightweight real-time underwater image enhancement network with only $\sim$ 9k parameters and $\sim$ 0.01s processing time. The FA$^{+}$Net employs a two-stage enhancement structure. The strong prior stage aims to decompose challenging underwater degradations into sub-problems, while the fine-grained stage incorporates multi-branch color enhancement module and pixel attention module to amplify the network's perception of details. To the best of our knowledge, FA$^{+}$Net is the only network with the capability of real-time enhancement of 1080P images. Thorough extensive experiments and comprehensive visual comparison, we show that FA$^{+}$Net outperforms previous approaches by obtaining state-of-the-art performance on multiple datasets while significantly reducing both parameter count and computational complexity. The code is open source at https://github.com/Owen718/FiveAPlus-Network.
△ Less
Submitted 15 May, 2023;
originally announced May 2023.
-
Average Adjusted Association: Efficient Estimation with High Dimensional Confounders
Authors:
Sung Jae Jun,
Sokbae Lee
Abstract:
The log odds ratio is a well-established metric for evaluating the association between binary outcome and exposure variables. Despite its widespread use, there has been limited discussion on how to summarize the log odds ratio as a function of confounders through averaging. To address this issue, we propose the Average Adjusted Association (AAA), which is a summary measure of association in a hete…
▽ More
The log odds ratio is a well-established metric for evaluating the association between binary outcome and exposure variables. Despite its widespread use, there has been limited discussion on how to summarize the log odds ratio as a function of confounders through averaging. To address this issue, we propose the Average Adjusted Association (AAA), which is a summary measure of association in a heterogeneous population, adjusted for observed confounders. To facilitate the use of it, we also develop efficient double/debiased machine learning (DML) estimators of the AAA. Our DML estimators use two equivalent forms of the efficient influence function, and are applicable in various sampling scenarios, including random sampling, outcome-based sampling, and exposure-based sampling. Through real data and simulations, we demonstrate the practicality and effectiveness of our proposed estimators in measuring the AAA.
△ Less
Submitted 2 April, 2023; v1 submitted 27 May, 2022;
originally announced May 2022.
-
Whether the Health Care Practices For the Patients With Comorbidities Have Changed After the Outbreak of COVID-19; Big Data Public Sentiment Analysis
Authors:
Bilal Ahmad,
Sun Jun
Abstract:
After the pandemic of SARS-CoV-2, it has influenced the health care practices around the world. Initial investigations indicate that patients with comorbidities are more fragile to this SARS-CoV-2 infection. They suggested postponing the routine treatment of cancer patients. However, few meta-analyses suggested evidences are not sufficient to hold the claim of the frailty of cancer patients to COV…
▽ More
After the pandemic of SARS-CoV-2, it has influenced the health care practices around the world. Initial investigations indicate that patients with comorbidities are more fragile to this SARS-CoV-2 infection. They suggested postponing the routine treatment of cancer patients. However, few meta-analyses suggested evidences are not sufficient to hold the claim of the frailty of cancer patients to COVID-19, and they are not in favour of shelving the scheduled procedures. There are recent studies in which medical professionals, according to their competence, are referring to change the routine practices on how to manage the applicable therapeutic resources judiciously to combat this vital infection. This is a different study that reveals the cancer patients' viewpoint about how health care practices have been changed in their opinion during this pandemic year? Are they satisfied with their treatment or not? To serve the purpose, we gathered more than 60000 relevant tweets from Twitter to analyse the sentiment of cancer patients around the world. Our findings demonstrate that there is a surge in argument about cancer and its treatment after the outbreak of COVID-19. Most of the tweets are reasonable (52.6%) compared to the negative ones (24.3). We developed polarity and subjectivity distribution to better recognise the positivity/negativity in the sentiment. Results reveal that the polarity range of positive tweets is within the range of 0 to 0.5. Which means the tendency in the tweets is not so much positive but surely not negative. It is a piece of modest statistical evidence in support of how natural language processing (NLP) can be accepted to better understand the patient's behaviour in real-time, and it may facilitate the medical professional to make better decision to organise the routine management of cancer patients.
△ Less
Submitted 20 April, 2021;
originally announced April 2021.
-
Deep Doubly Supervised Transfer Network for Diagnosis of Breast Cancer with Imbalanced Ultrasound Imaging Modalities
Authors:
Han Xiangmin,
Wang Jun,
Zhou Weijun,
Chang Cai,
Ying Shihui,
Shi Jun
Abstract:
Elastography ultrasound (EUS) provides additional bio-mechanical in-formation about lesion for B-mode ultrasound (BUS) in the diagnosis of breast cancers. However, joint utilization of both BUS and EUS is not popular due to the lack of EUS devices in rural hospitals, which arouses a novel modality im-balance problem in computer-aided diagnosis (CAD) for breast cancers. Current transfer learning (T…
▽ More
Elastography ultrasound (EUS) provides additional bio-mechanical in-formation about lesion for B-mode ultrasound (BUS) in the diagnosis of breast cancers. However, joint utilization of both BUS and EUS is not popular due to the lack of EUS devices in rural hospitals, which arouses a novel modality im-balance problem in computer-aided diagnosis (CAD) for breast cancers. Current transfer learning (TL) pay little attention to this special issue of clinical modality imbalance, that is, the source domain (EUS modality) has fewer labeled samples than those in the target domain (BUS modality). Moreover, these TL methods cannot fully use the label information to explore the intrinsic relation between two modalities and then guide the promoted knowledge transfer. To this end, we propose a novel doubly supervised TL network (DDSTN) that integrates the Learning Using Privileged Information (LUPI) paradigm and the Maximum Mean Discrepancy (MMD) criterion into a unified deep TL framework. The proposed algorithm can not only make full use of the shared labels to effectively guide knowledge transfer by LUPI paradigm, but also perform additional super-vised transfer between unpaired data. We further introduce the MMD criterion to enhance the knowledge transfer. The experimental results on the breast ultra-sound dataset indicate that the proposed DDSTN outperforms all the compared state-of-the-art algorithms for the BUS-based CAD.
△ Less
Submitted 29 June, 2020;
originally announced July 2020.
-
Systematic Classification of Attackers via Bounded Model Checking
Authors:
Eric Rothstein-Morris,
Sun Jun,
Sudipta Chattopadhyay
Abstract:
In this work, we study the problem of verification of systems in the presence of attackers using bounded model checking. Given a system and a set of security requirements, we present a methodology to generate and classify attackers, mapping them to the set of requirements that they can break. A naive approach suffers from the same shortcomings of any large model checking problem, i.e., memory shor…
▽ More
In this work, we study the problem of verification of systems in the presence of attackers using bounded model checking. Given a system and a set of security requirements, we present a methodology to generate and classify attackers, mapping them to the set of requirements that they can break. A naive approach suffers from the same shortcomings of any large model checking problem, i.e., memory shortage and exponential time. To cope with these shortcomings, we describe two sound heuristics based on cone-of-influence reduction and on learning, which we demonstrate empirically by applying our methodology to a set of hardware benchmark systems.
△ Less
Submitted 13 November, 2019;
originally announced November 2019.
-
Quantifying Attacker Capability Via Model Checking Multiple Properties (Extended Version)
Authors:
Eric Rothstein-Morris,
Sun Jun
Abstract:
This work aims to solve a practical problem, i.e., how to quantify the risk brought upon a system by different attackers. The answer is useful for optimising resource allocation for system defence. Given a set of safety requirements, we quantify the attacker capability in terms of the set of safety requirements an attacker can compromise. Given a system (in the presence of an attacker), model chec…
▽ More
This work aims to solve a practical problem, i.e., how to quantify the risk brought upon a system by different attackers. The answer is useful for optimising resource allocation for system defence. Given a set of safety requirements, we quantify the attacker capability in terms of the set of safety requirements an attacker can compromise. Given a system (in the presence of an attacker), model checking it against each safety requirement one by one is expensive and wasteful since the same state space is explored many times. We thus propose model checking multiple properties efficiently by means of coalgebraic model checking using enhanced coinduction techniques. We apply the proposed technique to a real-world water treatment system and the results show that our approach can effectively reduce the effort required for model checking.
△ Less
Submitted 16 November, 2018;
originally announced November 2018.
-
Utilizing Probase in Open Directory Project-based Text Classification
Authors:
So-Young Jun,
Dinara Aliyeva,
Ji-Min Lee,
SangKeun Lee
Abstract:
Open Directory Project (ODP) has been successfully utilized in text classification due to its representation ability of various categories. However, ODP includes a limited number of entities, which play an important role in classification tasks. In this paper, we enrich the semantics of ODP categories with Probase entities. To effectively incorporate Probase entities in ODP categories, we first re…
▽ More
Open Directory Project (ODP) has been successfully utilized in text classification due to its representation ability of various categories. However, ODP includes a limited number of entities, which play an important role in classification tasks. In this paper, we enrich the semantics of ODP categories with Probase entities. To effectively incorporate Probase entities in ODP categories, we first represent each ODP category and Probase entity in terms of concepts. Next, we measure the semantic relevance between an ODP category and a Probase entity based on the concept vector. Finally, we use Probase entity to enrich the semantics of the ODP categories. Our experimental results show that the proposed methodology exhibits a significant improvement over state-of-the-art techniques in the ODP-based text classification.
△ Less
Submitted 13 May, 2018;
originally announced May 2018.
-
BigSparse: High-performance external graph analytics
Authors:
Sang-Woo Jun,
Andy Wright,
Sizhuo Zhang,
Shuotao Xu,
Arvind
Abstract:
We present BigSparse, a fully external graph analytics system that picks up where semi-external systems like FlashGraph and X-Stream, which only store vertex data in memory, left off. BigSparse stores both edge and vertex data in an array of SSDs and avoids random updates to the vertex data, by first logging the vertex updates and then sorting the log to sequentialize accesses to the SSDs. This ne…
▽ More
We present BigSparse, a fully external graph analytics system that picks up where semi-external systems like FlashGraph and X-Stream, which only store vertex data in memory, left off. BigSparse stores both edge and vertex data in an array of SSDs and avoids random updates to the vertex data, by first logging the vertex updates and then sorting the log to sequentialize accesses to the SSDs. This newly introduced sorting overhead is reduced significantly by interleaving sorting with vertex reduction operations. In our experiments on a server with 32GB to 64GB of DRAM, BigSparse outperforms other in-memory and semi-external graph analytics systems for algorithms such as PageRank, BreadthFirst Search, and Betweenness-Centrality for terabyte-size graphs with billions of vertices. BigSparse is capable of highspeed analytics of much larger graphs, on the same machine configuration.
△ Less
Submitted 20 October, 2017;
originally announced October 2017.
-
Learning across scales - A multiscale method for Convolution Neural Networks
Authors:
Eldad Haber,
Lars Ruthotto,
Elliot Holtham,
Seong-Hwan Jun
Abstract:
In this work we establish the relation between optimal control and training deep Convolution Neural Networks (CNNs). We show that the forward propagation in CNNs can be interpreted as a time-dependent nonlinear differential equation and learning as controlling the parameters of the differential equation such that the network approximates the data-label relation for given training data. Using this…
▽ More
In this work we establish the relation between optimal control and training deep Convolution Neural Networks (CNNs). We show that the forward propagation in CNNs can be interpreted as a time-dependent nonlinear differential equation and learning as controlling the parameters of the differential equation such that the network approximates the data-label relation for given training data. Using this continuous interpretation we derive two new methods to scale CNNs with respect to two different dimensions. The first class of multiscale methods connects low-resolution and high-resolution data through prolongation and restriction of CNN parameters. We demonstrate that this enables classifying high-resolution images using CNNs trained with low-resolution images and vice versa and warm-starting the learning process. The second class of multiscale methods connects shallow and deep networks and leads to new training strategies that gradually increase the depths of the CNN while re-using parameters for initializations.
△ Less
Submitted 22 June, 2017; v1 submitted 6 March, 2017;
originally announced March 2017.
-
In-Storage Embedded Accelerator for Sparse Pattern Processing
Authors:
Sang-Woo Jun,
Huy T. Nguyen,
Vijay N. Gadepally,
Arvind
Abstract:
We present a novel architecture for sparse pattern processing, using flash storage with embedded accelerators. Sparse pattern processing on large data sets is the essence of applications such as document search, natural language processing, bioinformatics, subgraph matching, machine learning, and graph processing. One slice of our prototype accelerator is capable of handling up to 1TB of data, and…
▽ More
We present a novel architecture for sparse pattern processing, using flash storage with embedded accelerators. Sparse pattern processing on large data sets is the essence of applications such as document search, natural language processing, bioinformatics, subgraph matching, machine learning, and graph processing. One slice of our prototype accelerator is capable of handling up to 1TB of data, and experiments show that it can outperform C/C++ software solutions on a 16-core system at a fraction of the power and cost; an optimized version of the accelerator can match the performance of a 48-core server.
△ Less
Submitted 10 November, 2016;
originally announced November 2016.