Amirhosein Salehi; Siavash Ahmadi; Mohammad Reza Aref
Abstract
Industrial control systems are widely used in industrial sectors and critical infrastructures to monitor and control industrial processes. Recently, the security of industrial control systems has attracted a lot of attention, because these systems are now increasingly interacting with the Internet. Classic ...
Read More
Industrial control systems are widely used in industrial sectors and critical infrastructures to monitor and control industrial processes. Recently, the security of industrial control systems has attracted a lot of attention, because these systems are now increasingly interacting with the Internet. Classic systems are suffering from many security problems and with the expansionof Internet connectivity, they are now exposed to new types of threats and cyber-attacks. Addressing this, intrusion detection technology is one of the most important security solutions that is used in industrial control systems to identifypotential attacks and malicious activities. In this paper, we propose Stacked Autoencoder-Deep Neural Network (SAE-DNN), as a semi-supervised Intrusion Detection System (IDS) with appropriate performance and applicability on a wide range of Cyber-Physical Systems (CPSs). The proposed approach comprises a stacked autoencoder, a deep learning-based feature extractor, helping us with a low dimension and low noise representation of data. In addition, our system includes a deep neural network (DNN)-based classifier, which is used to detect anomalies with a high detection rate and low false positive rate in a real-time process. The SAE-DNN’s performance is evaluated on the WADI dataset, which is a real testbed for a water distribution system. The results indicate the superior performance of our approach over existing supervised and unsupervised methods while using a few percentages of labeled data.
Mojtaba Shirinjani; Siavash Ahmadi; Taraneh Eghlidos; Mohammad Reza Aref
Abstract
Large-scale data collection is challenging in alternative centralized learning as privacy concerns or prohibitive policies may rise. As a solution, Federated Learning (FL) is proposed wherein data owners, called participants, can train a common model collaboratively while their privacy is preserved. ...
Read More
Large-scale data collection is challenging in alternative centralized learning as privacy concerns or prohibitive policies may rise. As a solution, Federated Learning (FL) is proposed wherein data owners, called participants, can train a common model collaboratively while their privacy is preserved. However, recent attacks, namely Membership Inference Attacks (MIA) or Poisoning Attacks (PA), can threaten the privacy and performance in FL systems. This paper develops an innovative Adversarial-Resilient Privacy-preserving Scheme (ARPS) for FL to cope with preceding threats using differential privacy andcryptography. Our experiments display that ARPS can establish a private model with high accuracy outperforming state-of-the-art approaches. To the best of our knowledge, this work is the only scheme providing privacy protection beyond any output models in conjunction with Byzantine resiliency without sacrificing accuracy and efficiency.
Atiyeh Mirzaie; Siavash Ahmadi; Mohammad Reza Aref
Abstract
Conventional Bit-based Division Property (CBDP), as a generalization of integral property, has been a powerful tool for integral cryptanalysis of many block ciphers. Exploiting a Mixed Integral Linear Programming (MILP) optimizer, an alternative approach to searching integral distinguishers was proposed, ...
Read More
Conventional Bit-based Division Property (CBDP), as a generalization of integral property, has been a powerful tool for integral cryptanalysis of many block ciphers. Exploiting a Mixed Integral Linear Programming (MILP) optimizer, an alternative approach to searching integral distinguishers was proposed, which has overcome the bottleneck of the cipher block length. The MILP-aided method starts by modeling CBDP propagation by a system of linear inequalities. Then by choosing an appropriate objective function, the problem of searching distinguisher transforms into an MILP problem. As an application of this technique, we focused on a newly proposed lightweight block cipher SAND. SAND is a family of two AND-RX block ciphers SAND-64 and SAND-128, which was designed to overcome the difficulty regarding securityevaluation. For SAND-64, we found a 12-round distinguisher with 23 balanced bits and a data complexity of 263, with the superiority of a higher number of balanced bits than the designers’ one. Furthermore, we applied an integral attack on a 15 and 16-round SAND-64, including the key recovery step which resulted in time complexity of 2105 and 2109.91 and memory complexity of 252 and 285 bytes, respectively.
Siavash Ahmadi; Mohammad Reza Aref
Abstract
GOST block cipher designed in the 1970s and published in 1989 as the Soviet and Russian standard GOST 28147-89. In order to enhance the security of GOST block cipher after proposing various attacks on it, designers published a modified version of GOST, namely GOST2, in 2015 which has a new key schedule ...
Read More
GOST block cipher designed in the 1970s and published in 1989 as the Soviet and Russian standard GOST 28147-89. In order to enhance the security of GOST block cipher after proposing various attacks on it, designers published a modified version of GOST, namely GOST2, in 2015 which has a new key schedule and explicit choice for S-boxes. In this paper, by using three exactly identical portions of GOST2 and fixed point idea, more enhanced fixed point attacks for filtration of wrong keys are presented. More precisely, the focus of the new attacks is on reducing memory complexity while keeping other complexities unchanged as well. The results show a significant reduction in the memory complexity of the attacks, while the time complexity slightly increased in comparison to the previous fixed point attacks. To the best of our knowledge, the lowest memory complexity for an attack on full-round GOST2 block cipher is provided here.
Siavash Ahmadi; Zahra Ahmadian; Javad Mohajeri; Mohammad Reza Aref
Abstract
In the biclique attack, a shorter biclique usually results in less data complexity, but at the expense of more computational complexity. The early abort technique can be used in partial matching part of the biclique attack in order to slightly reduce the computations. In this paper, we make use of this ...
Read More
In the biclique attack, a shorter biclique usually results in less data complexity, but at the expense of more computational complexity. The early abort technique can be used in partial matching part of the biclique attack in order to slightly reduce the computations. In this paper, we make use of this technique, but instead of slight improvement in the computational complexity, we keep the amount of this complexity the same and reduce the data complexity enormously by a shorter biclique. With this approach, we analysed full-round of LBlock, and also LBlock with modified key schedule (which was designed to resist biclique attack) both with data complexity 2^12, while the data complexity of the best biclique attack on the former was 2^52 and for the latter there is no attack on the full-round cipher, so far. Then we proposed a new key schedule that is more resistant against biclique cryptanalysis, though the low diffusion of the cipher makes it vulnerable to this attack regardless of the strength of the key schedule. Also using this method, we analyzed TWINE-80 with 2^12 data complexity. The lowest data complexity for the prior attack on the TWINE-80 was 2^60. In all the attacks presented in this paper, the computational complexities are slightly improved in comparison to the existing attacks.