Jonathan Pan scite author profile

Fung

2012

IJICS

Abstract-Malware is a major threat to organizations. It incurs significant resources to contain their malicious activities. It affects business continuity and induces risks to organizations. Current anti-Malware solutions are proving to be ineffective against modern Malware. Malware is being custom built to circumvent deployed defences against specific organizations or individuals belonging to certain organizations. When a Malware manages to penetrate an organization's defences, there is a need to quickly contain the Malware and to keep control over the organization's ICT assets before the risk escalates. In such incident, incident responders need to effectively carry out their containment plan. A prolonged containment response will induce greater risks to the attacked organization in the form of tarnished corporate image, data loss and affected business continuity. Such infiltration can spread like a biological epidemic outbreak. These epidemic-like outbreaks can be modelled using mathematical models. However there are no models to assess the effectiveness of incident response plan. While mathematical models can be extended to support the simulation of response plan, there are many variable considerations that the incident response plan would need to factor in. Hence this research paper proposes the use of an Agent Based Model to aid incident responders in modelling and planning their containment response plan to minimize the impact of a Malware outbreak. Also in this paper, the model is used to evaluate the effectiveness of coordinated, against a non-coordinated containment plan.

Screening Unknown Novel Psychoactive Substances Using GC-MS Based Machine Learning

Wong

Tan

et al. 2022

Preprint

In recent years, there is a large increase in structural diversity of novel psychoactive substances (NPS), exacerbating drug abuse issues as these variants evade classical detection methods such as spectral library matching. Gas chromatography mass spectrometry (GC-MS) is commonly used to identify these NPS. To tackle this issue, machine learning models are developed to address the analytical challenge of identifying unknown NPS, using only GC-MS data. 891 GC-MS spectra are used to train and evaluate multiple supervised machine learning classifiers, namely artificial neural network (ANN), convolutional neural network (CNN) and balanced random forest (BRF). 7 classes, comprising 6 NPS classes (cathinone, cannabinoids, phenethylamine, piperazine, tryptamines and fentanyl) and other unrelated compounds can be effectively classified with a macro-F1 score ~ 0.9, averaged across all cross-validation folds. These results indicate that machine learning models are a promising complement as an effective NPS detection tool.

Blackbox Trojanising of Deep Learning Models: Using Non-Intrusive Network Structure and Binary Alterations

2020

Recent advancements in Artificial Intelligence namely inDeep Learning has heightened its adoption in many applications. Some are playing important roles to the extent that we are heavily dependent on them for our livelihood. However, as with all technologies, there are vulnerabilities that malicious actors could exploit. A form of exploitation is to turn these technologies, intended for good, to become dual-purposed instruments to support deviant acts like malicious software trojans. As part of proactive defense, researchers are proactively identifying such vulnerabilities so that protective measures could be developed subsequently. This research explores a novel blackbox trojanising approach using a simple network structure modification to any deep learning image classification model that would transform a benign model into a deviant one with a simple manipulation of the weights to induce specific types of errors. Propositions to protect the occurrence of such simple exploits are discussed in this research. This research highlights the importance of providing sufficient safeguards to these models so that the intended good of AI innovation and adoption may be protected.

Physical Integrity Attack Detection of Surveillance Camera with Deep Learning based Video Frame Interpolation

2019

Surveillance cameras, which is a form of Cyber Physical System, are deployed extensively to provide visual surveillance monitoring of activities of interest or anomalies. However, these cameras are at risks of physical security attacks against their physical attributes or configuration like tampering of their recording coverage, camera positions or recording configurations like focus and zoom factors. Such adversarial alteration of physical configuration could also be invoked through cyber security attacks against the camera's software vulnerabilities to administratively change the camera's physical configuration settings. When such Cyber Physical attacks occur, they affect the integrity of the targeted cameras that would in turn render these cameras ineffective in fulfilling the intended security functions. There is a significant measure of research work in detection mechanisms of cyber-attacks against these Cyber Physical devices, however it is understudied area with such mechanisms against integrity attacks on physical configuration. This research proposes the use of the novel use of deep learning algorithms to detect such physical attacks originating from cyber or physical spaces. Additionally, we proposed the novel use of deep learningbased video frame interpolation for such detection that has comparatively better performance to other anomaly detectors in spatiotemporal environments.

Blackbox Trojanising of Deep Learning Models : Using non-intrusive network structure and binary alterations

2020

Preprint