Backdoor Detection System Using Artificial Neural Network and Genetic Algorithm

Salimi, Elham; Arastouie, Narges

doi:10.1109/iccis.2011.103

Cited by 8 publications

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Then, we construct software modules that encapsulate all attack components (poisoning and victim branches) inside a single process. Malicious functionality concealed in transient execution mode can remain unnoticed in software even after undergoing rigorous security checks such as symbolic execution [13], taint analysis [20], model checking [27], various methods to detect traditional software backdoors [59,60,63,66,71], and even existing Spectre detection tools [3,5,33,70]. According to recently proposed transient attack classification by Canella et al [15], transient trojans described in this paper present a practical example of the same address space transient execution attacks.…”

Section: Introductionmentioning

confidence: 99%

Exploring Branch Predictors for Constructing Transient Execution Trojans

Zhang

Koltermann

Evtyushkin

2020

Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Syste

View full text Add to dashboard Cite

Transient execution is one of the most critical features used in CPUs to achieve high performance. Recent Spectre attacks demonstrated how this feature can be manipulated to force applications to reveal sensitive data. The industry quickly responded with a series of software and hardware mitigations among which microcode patches are the most prevalent and trusted. In this paper, we argue that currently deployed protections still leave room for constructing attacks. We do so by presenting transient trojans, software modules that conceal their malicious activity within transient execution mode. They appear completely benign, pass static and dynamic analysis checks, but reveal sensitive data when triggered. To construct these trojans, we perform a detailed analysis of the attack surface currently present in today's systems with respect to the recommended mitigation techniques. We reverse engineer branch predictors in several recent x86_64 processors which allows us to uncover previously unknown exploitation techniques. Using these techniques, we construct three types of transient trojans and demonstrate their stealthiness and practicality.CCS Concepts • Security and privacy → Malicious design modifications; Side-channel analysis and countermeasures; Hardware reverse engineering.

show abstract

Section: Introductionmentioning

confidence: 99%

Exploring Branch Predictors for Constructing Transient Execution Trojans

Zhang

Koltermann

Evtyushkin

2020

Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Syste

View full text Add to dashboard Cite

show abstract

“…Backdoors can easily be installed on a victim system that they aim to its exploit, thus detecting them requires considerable policies. A basic principle for backdoor detection is to find distinctive features of the activity of interest [22]. Table 1 shows possible detour attacks, and Figure 2 shows the possible detoured path of attacks described in Table 1.…”

Section: Fig 1 Traditional Layered Security System For Web Servermentioning

confidence: 99%

Two-step hierarchical scheme for detecting detoured attacks to the web server

Choi

Cho

2013

COMSIS J

View full text Add to dashboard Cite

In this paper, we propose an improved detection scheme to protect a Web server from detoured attacks, which disclose confidential/ private information or disseminate malware codes through outbound traffic. Our scheme has a two-step hierarchy, whose detection methods are complementary to each other. The first step is a signature-based detector that uses Snort and detects the marks of disseminating malware, XSS, URL Spoofing and information leakage from the Web server. The second step is an anomaly-based detector which detects attacks by using the probability evaluation in HMM, driven by both payload and traffic characteristics of outbound packets. Through the verification analysis under the attacked Web server environment, we show that our proposed scheme improves the False Positive rate and detection efficiency for detecting detoured attacks to a Web server.

show abstract

“…A typical backdoor attack contaminates a small amount of samples into the training dataset, so that the resulting model will mis-classify any sample containing an attacker-designed trigger. Note that if a trigger is successfully injected into a DNN, the trigger-containing samples are either clustered in specific areas in the input space, or clustered in the latent space of the DNN ( [15]). To detect a potential trigger x in a given DNN, one approach is to study the data points around x in the input space or in the latent space.…”

Section: Introductionmentioning

confidence: 99%

Bounding The Number of Linear Regions in Local Area for Neural Networks with ReLU Activations

Zhu¹,

Lin²,

Tang³

2020

Preprint

View full text Add to dashboard Cite

The number of linear regions is one of the distinct properties of the neural networks using piecewise linear activation functions such as ReLU, comparing with those conventional ones using other activation functions. Previous studies showed this property reflected the expressivity of a neural network family ([14]); as a result, it can be used to characterize how the structural complexity of a neural network model affects the function it aims to compute. Nonetheless, it is challenging to directly compute the number of linear regions; therefore, many researchers focus on estimating the bounds (in particular the upper bound) of the number of linear regions for deep neural networks using ReLU. These methods, however, attempted to estimate the upper bound in the entire input space. The theoretical methods are still lacking to estimate the number of linear regions within a specific area of the input space, e.g., a sphere centered at a training data point such as an adversarial example or a backdoor trigger. In this paper, we present the first method to estimate the upper bound of the number of linear regions in any sphere in the input space of a given ReLU neural network. We implemented the method, and computed the bounds in deep neural networks using the piece-wise linear active function. Our experiments showed that, while training a neural network, the boundaries of the linear regions tend to move away from the training data points. In addition, we observe that the spheres centered at the training data points tend to contain more linear regions than any arbitrary points in the input space. To the best of our knowledge, this is the first study of bounding linear regions around a specific data point. We consider our research, with both theoretical proof and software implementation, as a first step toward the investigation of the structural complexity of deep neural networks in a specific input area.

show abstract

Backdoor Detection System Using Artificial Neural Network and Genetic Algorithm

Cited by 8 publications

References 5 publications

Exploring Branch Predictors for Constructing Transient Execution Trojans

Exploring Branch Predictors for Constructing Transient Execution Trojans

Two-step hierarchical scheme for detecting detoured attacks to the web server

Bounding The Number of Linear Regions in Local Area for Neural Networks with ReLU Activations

Contact Info

Product

Resources

About