-
A Passwordless MFA Utlizing Biometrics, Proximity and Contactless Communication
Authors:
Sneha Shukla,
Gaurav Varshney,
Shreya Singh,
Swati Goel
Abstract:
Despite being more secure and strongly promoted, two-factor (2FA) or multi-factor (MFA) schemes either fail to protect against recent phishing threats such as real-time MITM, controls/relay MITM, malicious browser extension-based phishing attacks, and/or need the users to purchase and carry other hardware for additional account protection. Leveraging the unprecedented popularity of NFC and BLE-ena…
▽ More
Despite being more secure and strongly promoted, two-factor (2FA) or multi-factor (MFA) schemes either fail to protect against recent phishing threats such as real-time MITM, controls/relay MITM, malicious browser extension-based phishing attacks, and/or need the users to purchase and carry other hardware for additional account protection. Leveraging the unprecedented popularity of NFC and BLE-enabled smartphones, we explore a new horizon for designing an MFA scheme. This paper introduces an advanced authentication method for user verification that utilizes the user's real-time facial biometric identity, which serves as an inherent factor, together with BLE- NFC-enabled mobile devices, which operate as an ownership factor. We have implemented a prototype authentication system on a BLE-NFC-enabled Android device, and initial threat modeling suggests that it is safe against known phishing attacks. The scheme has been compared with other popular schemes using the Bonneau et al. assessment framework in terms of usability, deployability, and security.
△ Less
Submitted 13 June, 2024;
originally announced June 2024.
-
Phi-3 Technical Report: A Highly Capable Language Model Locally on Your Phone
Authors:
Marah Abdin,
Sam Ade Jacobs,
Ammar Ahmad Awan,
Jyoti Aneja,
Ahmed Awadallah,
Hany Awadalla,
Nguyen Bach,
Amit Bahree,
Arash Bakhtiari,
Jianmin Bao,
Harkirat Behl,
Alon Benhaim,
Misha Bilenko,
Johan Bjorck,
Sébastien Bubeck,
Qin Cai,
Martin Cai,
Caio César Teodoro Mendes,
Weizhu Chen,
Vishrav Chaudhary,
Dong Chen,
Dongdong Chen,
Yen-Chun Chen,
Yi-Ling Chen,
Parul Chopra
, et al. (90 additional authors not shown)
Abstract:
We introduce phi-3-mini, a 3.8 billion parameter language model trained on 3.3 trillion tokens, whose overall performance, as measured by both academic benchmarks and internal testing, rivals that of models such as Mixtral 8x7B and GPT-3.5 (e.g., phi-3-mini achieves 69% on MMLU and 8.38 on MT-bench), despite being small enough to be deployed on a phone. The innovation lies entirely in our dataset…
▽ More
We introduce phi-3-mini, a 3.8 billion parameter language model trained on 3.3 trillion tokens, whose overall performance, as measured by both academic benchmarks and internal testing, rivals that of models such as Mixtral 8x7B and GPT-3.5 (e.g., phi-3-mini achieves 69% on MMLU and 8.38 on MT-bench), despite being small enough to be deployed on a phone. The innovation lies entirely in our dataset for training, a scaled-up version of the one used for phi-2, composed of heavily filtered publicly available web data and synthetic data. The model is also further aligned for robustness, safety, and chat format. We also provide some initial parameter-scaling results with a 7B and 14B models trained for 4.8T tokens, called phi-3-small and phi-3-medium, both significantly more capable than phi-3-mini (e.g., respectively 75% and 78% on MMLU, and 8.7 and 8.9 on MT-bench). Moreover, we also introduce phi-3-vision, a 4.2 billion parameter model based on phi-3-mini with strong reasoning capabilities for image and text prompts.
△ Less
Submitted 23 May, 2024; v1 submitted 22 April, 2024;
originally announced April 2024.
-
Optimizing Malware Detection in IoT Networks: Leveraging Resource-Aware Distributed Computing for Enhanced Security
Authors:
Sreenitha Kasarapu,
Sanket Shukla,
Sai Manoj Pudukotai Dinakarrao
Abstract:
In recent years, networked IoT systems have revolutionized connectivity, portability, and functionality, offering a myriad of advantages. However, these systems are increasingly targeted by adversaries due to inherent security vulnerabilities and limited computational and storage resources. Malicious applications, commonly known as malware, pose a significant threat to IoT devices and networks. Wh…
▽ More
In recent years, networked IoT systems have revolutionized connectivity, portability, and functionality, offering a myriad of advantages. However, these systems are increasingly targeted by adversaries due to inherent security vulnerabilities and limited computational and storage resources. Malicious applications, commonly known as malware, pose a significant threat to IoT devices and networks. While numerous malware detection techniques have been proposed, existing approaches often overlook the resource constraints inherent in IoT environments, assuming abundant resources for detection tasks. This oversight is compounded by ongoing workloads such as sensing and on-device computations, further diminishing available resources for malware detection. To address these challenges, we present a novel resource- and workload-aware malware detection framework integrated with distributed computing for IoT networks. Our approach begins by analyzing available resources for malware detection using a lightweight regression model. Depending on resource availability, ongoing workload executions, and communication costs, the malware detection task is dynamically allocated either on-device or offloaded to neighboring IoT nodes with sufficient resources. To safeguard data integrity and user privacy, rather than transferring the entire malware detection task, the classifier is partitioned and distributed across multiple nodes, and subsequently integrated at the parent node for comprehensive malware detection. Experimental analysis demonstrates the efficacy of our proposed technique, achieving a remarkable speed-up of 9.8x compared to on-device inference, while maintaining a high malware detection accuracy of 96.7%.
△ Less
Submitted 12 April, 2024;
originally announced April 2024.
-
Enhancing IoT Malware Detection through Adaptive Model Parallelism and Resource Optimization
Authors:
Sreenitha Kasarapu,
Sanket Shukla,
Sai Manoj Pudukotai Dinakarrao
Abstract:
The widespread integration of IoT devices has greatly improved connectivity and computational capabilities, facilitating seamless communication across networks. Despite their global deployment, IoT devices are frequently targeted for security breaches due to inherent vulnerabilities. Among these threats, malware poses a significant risk to IoT devices. The lack of built-in security features and li…
▽ More
The widespread integration of IoT devices has greatly improved connectivity and computational capabilities, facilitating seamless communication across networks. Despite their global deployment, IoT devices are frequently targeted for security breaches due to inherent vulnerabilities. Among these threats, malware poses a significant risk to IoT devices. The lack of built-in security features and limited resources present challenges for implementing effective malware detection techniques on IoT devices. Moreover, existing methods assume access to all device resources for malware detection, which is often not feasible for IoT devices deployed in critical real-world scenarios. To overcome this challenge, this study introduces a novel approach to malware detection tailored for IoT devices, leveraging resource and workload awareness inspired by model parallelism. Initially, the device assesses available resources for malware detection using a lightweight regression model. Based on resource availability, ongoing workload, and communication costs, the malware detection task is dynamically allocated either on-device or offloaded to neighboring IoT nodes with sufficient resources. To uphold data integrity and user privacy, instead of transferring the entire malware detection task, the classifier is divided and distributed across multiple nodes, then integrated at the parent node for detection. Experimental results demonstrate that this proposed technique achieves a significant speedup of 9.8 x compared to on-device inference, while maintaining a high malware detection accuracy of 96.7%.
△ Less
Submitted 12 April, 2024;
originally announced April 2024.
-
Learning to Localize Objects Improves Spatial Reasoning in Visual-LLMs
Authors:
Kanchana Ranasinghe,
Satya Narayan Shukla,
Omid Poursaeed,
Michael S. Ryoo,
Tsung-Yu Lin
Abstract:
Integration of Large Language Models (LLMs) into visual domain tasks, resulting in visual-LLMs (V-LLMs), has enabled exceptional performance in vision-language tasks, particularly for visual question answering (VQA). However, existing V-LLMs (e.g. BLIP-2, LLaVA) demonstrate weak spatial reasoning and localization awareness. Despite generating highly descriptive and elaborate textual answers, these…
▽ More
Integration of Large Language Models (LLMs) into visual domain tasks, resulting in visual-LLMs (V-LLMs), has enabled exceptional performance in vision-language tasks, particularly for visual question answering (VQA). However, existing V-LLMs (e.g. BLIP-2, LLaVA) demonstrate weak spatial reasoning and localization awareness. Despite generating highly descriptive and elaborate textual answers, these models fail at simple tasks like distinguishing a left vs right location. In this work, we explore how image-space coordinate based instruction fine-tuning objectives could inject spatial awareness into V-LLMs. We discover optimal coordinate representations, data-efficient instruction fine-tuning objectives, and pseudo-data generation strategies that lead to improved spatial awareness in V-LLMs. Additionally, our resulting model improves VQA across image and video domains, reduces undesired hallucination, and generates better contextual object descriptions. Experiments across 5 vision-language tasks involving 14 different datasets establish the clear performance improvements achieved by our proposed framework.
△ Less
Submitted 10 April, 2024;
originally announced April 2024.
-
Generative AI-Based Effective Malware Detection for Embedded Computing Systems
Authors:
Sreenitha Kasarapu,
Sanket Shukla,
Rakibul Hassan,
Avesta Sasan,
Houman Homayoun,
Sai Manoj Pudukotai Dinakarrao
Abstract:
One of the pivotal security threats for the embedded computing systems is malicious software a.k.a malware. With efficiency and efficacy, Machine Learning (ML) has been widely adopted for malware detection in recent times. Despite being efficient, the existing techniques require a tremendous number of benign and malware samples for training and modeling an efficient malware detector. Furthermore,…
▽ More
One of the pivotal security threats for the embedded computing systems is malicious software a.k.a malware. With efficiency and efficacy, Machine Learning (ML) has been widely adopted for malware detection in recent times. Despite being efficient, the existing techniques require a tremendous number of benign and malware samples for training and modeling an efficient malware detector. Furthermore, such constraints limit the detection of emerging malware samples due to the lack of sufficient malware samples required for efficient training. To address such concerns, we introduce a code-aware data generation technique that generates multiple mutated samples of the limitedly seen malware by the devices. Loss minimization ensures that the generated samples closely mimic the limitedly seen malware and mitigate the impractical samples. Such developed malware is further incorporated into the training set to formulate the model that can efficiently detect the emerging malware despite having limited exposure. The experimental results demonstrates that the proposed technique achieves an accuracy of 90% in detecting limitedly seen malware, which is approximately 3x more than the accuracy attained by state-of-the-art techniques.
△ Less
Submitted 12 April, 2024; v1 submitted 2 April, 2024;
originally announced April 2024.
-
TTPXHunter: Actionable Threat Intelligence Extraction as TTPs from Finished Cyber Threat Reports
Authors:
Nanda Rani,
Bikash Saha,
Vikas Maurya,
Sandeep Kumar Shukla
Abstract:
Understanding the modus operandi of adversaries aids organizations in employing efficient defensive strategies and sharing intelligence in the community. This knowledge is often present in unstructured natural language text within threat analysis reports. A translation tool is needed to interpret the modus operandi explained in the sentences of the threat report and translate it into a structured…
▽ More
Understanding the modus operandi of adversaries aids organizations in employing efficient defensive strategies and sharing intelligence in the community. This knowledge is often present in unstructured natural language text within threat analysis reports. A translation tool is needed to interpret the modus operandi explained in the sentences of the threat report and translate it into a structured format. This research introduces a methodology named TTPXHunter for the automated extraction of threat intelligence in terms of Tactics, Techniques, and Procedures (TTPs) from finished cyber threat reports. It leverages cyber domain-specific state-of-the-art natural language processing (NLP) to augment sentences for minority class TTPs and refine pinpointing the TTPs in threat analysis reports significantly. The knowledge of threat intelligence in terms of TTPs is essential for comprehensively understanding cyber threats and enhancing detection and mitigation strategies. We create two datasets: an augmented sentence-TTP dataset of 39,296 samples and a 149 real-world cyber threat intelligence report-to-TTP dataset. Further, we evaluate TTPXHunter on the augmented sentence dataset and the cyber threat reports. The TTPXHunter achieves the highest performance of 92.42% f1-score on the augmented dataset, and it also outperforms existing state-of-the-art solutions in TTP extraction by achieving an f1-score of 97.09% when evaluated over the report dataset. TTPXHunter significantly improves cybersecurity threat intelligence by offering quick, actionable insights into attacker behaviors. This advancement automates threat intelligence analysis, providing a crucial tool for cybersecurity professionals fighting cyber threats.
△ Less
Submitted 21 March, 2024; v1 submitted 5 March, 2024;
originally announced March 2024.
-
Stealing the Invisible: Unveiling Pre-Trained CNN Models through Adversarial Examples and Timing Side-Channels
Authors:
Shubhi Shukla,
Manaar Alam,
Pabitra Mitra,
Debdeep Mukhopadhyay
Abstract:
Machine learning, with its myriad applications, has become an integral component of numerous technological systems. A common practice in this domain is the use of transfer learning, where a pre-trained model's architecture, readily available to the public, is fine-tuned to suit specific tasks. As Machine Learning as a Service (MLaaS) platforms increasingly use pre-trained models in their backends,…
▽ More
Machine learning, with its myriad applications, has become an integral component of numerous technological systems. A common practice in this domain is the use of transfer learning, where a pre-trained model's architecture, readily available to the public, is fine-tuned to suit specific tasks. As Machine Learning as a Service (MLaaS) platforms increasingly use pre-trained models in their backends, it's crucial to safeguard these architectures and understand their vulnerabilities. In this work, we present an approach based on the observation that the classification patterns of adversarial images can be used as a means to steal the models. Furthermore, the adversarial image classifications in conjunction with timing side channels can lead to a model stealing method. Our approach, designed for typical user-level access in remote MLaaS environments exploits varying misclassifications of adversarial images across different models to fingerprint several renowned Convolutional Neural Network (CNN) and Vision Transformer (ViT) architectures. We utilize the profiling of remote model inference times to reduce the necessary adversarial images, subsequently decreasing the number of queries required. We have presented our results over 27 pre-trained models of different CNN and ViT architectures using CIFAR-10 dataset and demonstrate a high accuracy of 88.8% while keeping the query budget under 20.
△ Less
Submitted 19 February, 2024;
originally announced February 2024.
-
Universal Pyramid Adversarial Training for Improved ViT Performance
Authors:
Ping-yeh Chiang,
Yipin Zhou,
Omid Poursaeed,
Satya Narayan Shukla,
Ashish Shah,
Tom Goldstein,
Ser-Nam Lim
Abstract:
Recently, Pyramid Adversarial training (Herrmann et al., 2022) has been shown to be very effective for improving clean accuracy and distribution-shift robustness of vision transformers. However, due to the iterative nature of adversarial training, the technique is up to 7 times more expensive than standard training. To make the method more efficient, we propose Universal Pyramid Adversarial traini…
▽ More
Recently, Pyramid Adversarial training (Herrmann et al., 2022) has been shown to be very effective for improving clean accuracy and distribution-shift robustness of vision transformers. However, due to the iterative nature of adversarial training, the technique is up to 7 times more expensive than standard training. To make the method more efficient, we propose Universal Pyramid Adversarial training, where we learn a single pyramid adversarial pattern shared across the whole dataset instead of the sample-wise patterns. With our proposed technique, we decrease the computational cost of Pyramid Adversarial training by up to 70% while retaining the majority of its benefit on clean performance and distribution-shift robustness. In addition, to the best of our knowledge, we are also the first to find that universal adversarial training can be leveraged to improve clean model performance.
△ Less
Submitted 26 December, 2023;
originally announced December 2023.
-
Revisiting Kernel Temporal Segmentation as an Adaptive Tokenizer for Long-form Video Understanding
Authors:
Mohamed Afham,
Satya Narayan Shukla,
Omid Poursaeed,
Pengchuan Zhang,
Ashish Shah,
Sernam Lim
Abstract:
While most modern video understanding models operate on short-range clips, real-world videos are often several minutes long with semantically consistent segments of variable length. A common approach to process long videos is applying a short-form video model over uniformly sampled clips of fixed temporal length and aggregating the outputs. This approach neglects the underlying nature of long vide…
▽ More
While most modern video understanding models operate on short-range clips, real-world videos are often several minutes long with semantically consistent segments of variable length. A common approach to process long videos is applying a short-form video model over uniformly sampled clips of fixed temporal length and aggregating the outputs. This approach neglects the underlying nature of long videos since fixed-length clips are often redundant or uninformative. In this paper, we aim to provide a generic and adaptive sampling approach for long-form videos in lieu of the de facto uniform sampling. Viewing videos as semantically consistent segments, we formulate a task-agnostic, unsupervised, and scalable approach based on Kernel Temporal Segmentation (KTS) for sampling and tokenizing long videos. We evaluate our method on long-form video understanding tasks such as video classification and temporal action localization, showing consistent gains over existing approaches and achieving state-of-the-art performance on long-form video modeling.
△ Less
Submitted 20 September, 2023;
originally announced September 2023.
-
The Belebele Benchmark: a Parallel Reading Comprehension Dataset in 122 Language Variants
Authors:
Lucas Bandarkar,
Davis Liang,
Benjamin Muller,
Mikel Artetxe,
Satya Narayan Shukla,
Donald Husa,
Naman Goyal,
Abhinandan Krishnan,
Luke Zettlemoyer,
Madian Khabsa
Abstract:
We present Belebele, a multiple-choice machine reading comprehension (MRC) dataset spanning 122 language variants. Significantly expanding the language coverage of natural language understanding (NLU) benchmarks, this dataset enables the evaluation of text models in high-, medium-, and low-resource languages. Each question is based on a short passage from the Flores-200 dataset and has four multip…
▽ More
We present Belebele, a multiple-choice machine reading comprehension (MRC) dataset spanning 122 language variants. Significantly expanding the language coverage of natural language understanding (NLU) benchmarks, this dataset enables the evaluation of text models in high-, medium-, and low-resource languages. Each question is based on a short passage from the Flores-200 dataset and has four multiple-choice answers. The questions were carefully curated to discriminate between models with different levels of general language comprehension. The English dataset on its own proves difficult enough to challenge state-of-the-art language models. Being fully parallel, this dataset enables direct comparison of model performance across all languages. We use this dataset to evaluate the capabilities of multilingual masked language models (MLMs) and large language models (LLMs). We present extensive results and find that despite significant cross-lingual transfer in English-centric LLMs, much smaller MLMs pretrained on balanced multilingual data still understand far more languages. We also observe that larger vocabulary size and conscious vocabulary construction correlate with better performance on low-resource languages. Overall, Belebele opens up new avenues for evaluating and analyzing the multilingual capabilities of NLP systems.
△ Less
Submitted 25 July, 2024; v1 submitted 31 August, 2023;
originally announced August 2023.
-
Functional Consistency across Retail Central Bank Digital Currency and Commercial Bank Money
Authors:
Lee Braine,
Shreepad Shukla,
Piyush Agrawal
Abstract:
Central banks are actively exploring central bank digital currencies (CBDCs) by conducting research, proofs of concept and pilots. However, adoption of a retail CBDC can risk fragmenting both payments markets and retail deposits if the retail CBDC and commercial bank money do not have common operational characteristics. In this paper, we focus on a potential UK retail CBDC, the 'digital pound', an…
▽ More
Central banks are actively exploring central bank digital currencies (CBDCs) by conducting research, proofs of concept and pilots. However, adoption of a retail CBDC can risk fragmenting both payments markets and retail deposits if the retail CBDC and commercial bank money do not have common operational characteristics. In this paper, we focus on a potential UK retail CBDC, the 'digital pound', and the Bank of England's 'platform model'. We first explore how the concept of functional consistency could mitigate the risk of fragmentation. We next identify the common operational characteristics that are required to achieve functional consistency across all forms of regulated retail digital money. We identify four design options based on the provision of these common operational characteristics by the central bank, payment interface providers (PIPs), technical service providers (TSPs) or a financial market infrastructure (FMI). We next identify architecturally-significant use cases and select key capabilities that support these use cases and the common operational characteristics. We evaluate the suitability of the design options to provide these key capabilities and draw insights. We conclude that no single design option could provide functional consistency across digital pounds and commercial bank money and, instead, a complete solution would need to combine the suitable design option(s) for each key capability and include common ecosystem services provided by an FMI and TSPs.
△ Less
Submitted 16 August, 2023;
originally announced August 2023.
-
Blockchain-Based Transferable Digital Rights of Land
Authors:
Ras Dwivedi,
Sumit Patel,
Prof. Sandeep Shukla
Abstract:
Land, being a scarce and valuable resource, is in high demand, especially in densely populated areas of older cities. Development authorities require land for infrastructure projects and other amenities, while landowners hold onto their land for both its usage and its financial value. Transferable Development Rights (TDRs) serve as a mechanism to separate the development rights associated with the…
▽ More
Land, being a scarce and valuable resource, is in high demand, especially in densely populated areas of older cities. Development authorities require land for infrastructure projects and other amenities, while landowners hold onto their land for both its usage and its financial value. Transferable Development Rights (TDRs) serve as a mechanism to separate the development rights associated with the land from the physical land itself. Development authorities acquire the land by offering compensation in the form of TDRs, which hold monetary value. In this paper, we present the tokenization of development rights, focusing on the implementation in collaboration with a development authority. While there have been previous implementations of land tokenization, we believe our approach is the first to tokenize development rights specifically. Our implementation addresses practical challenges related to record-keeping, ground verification of land, and the unique identification of stakeholders. We ensure the accurate evaluation of development rights by incorporating publicly available circle rates, which consider the ground development of the land and its surrounding areas.
△ Less
Submitted 11 August, 2023;
originally announced August 2023.
-
From Text to MITRE Techniques: Exploring the Malicious Use of Large Language Models for Generating Cyber Attack Payloads
Authors:
P. V. Sai Charan,
Hrushikesh Chunduri,
P. Mohan Anand,
Sandeep K Shukla
Abstract:
This research article critically examines the potential risks and implications arising from the malicious utilization of large language models(LLM), focusing specifically on ChatGPT and Google's Bard. Although these large language models have numerous beneficial applications, the misuse of this technology by cybercriminals for creating offensive payloads and tools is a significant concern. In this…
▽ More
This research article critically examines the potential risks and implications arising from the malicious utilization of large language models(LLM), focusing specifically on ChatGPT and Google's Bard. Although these large language models have numerous beneficial applications, the misuse of this technology by cybercriminals for creating offensive payloads and tools is a significant concern. In this study, we systematically generated implementable code for the top-10 MITRE Techniques prevalent in 2022, utilizing ChatGPT, and conduct a comparative analysis of its performance with Google's Bard. Our experimentation reveals that ChatGPT has the potential to enable attackers to accelerate the operation of more targeted and sophisticated attacks. Additionally, the technology provides amateur attackers with more capabilities to perform a wide range of attacks and empowers script kiddies to develop customized tools that contribute to the acceleration of cybercrime. Furthermore, LLMs significantly benefits malware authors, particularly ransomware gangs, in generating sophisticated variants of wiper and ransomware attacks with ease. On a positive note, our study also highlights how offensive security researchers and pentesters can make use of LLMs to simulate realistic attack scenarios, identify potential vulnerabilities, and better protect organizations. Overall, we conclude by emphasizing the need for increased vigilance in mitigating the risks associated with LLMs. This includes implementing robust security measures, increasing awareness and education around the potential risks of this technology, and collaborating with security experts to stay ahead of emerging threats.
△ Less
Submitted 24 May, 2023;
originally announced May 2023.
-
Understanding Rug Pulls: An In-Depth Behavioral Analysis of Fraudulent NFT Creators
Authors:
Trishie Sharma,
Rachit Agarwal,
Sandeep Kumar Shukla
Abstract:
The explosive growth of non-fungible tokens (NFTs) on Web3 has created a new frontier for digital art and collectibles, but also an emerging space for fraudulent activities. This study provides an in-depth analysis of NFT rug pulls, which are fraudulent schemes aimed at stealing investors' funds. Using data from 758 rug pulls across 10 NFT marketplaces, we examine the structural and behavioral pro…
▽ More
The explosive growth of non-fungible tokens (NFTs) on Web3 has created a new frontier for digital art and collectibles, but also an emerging space for fraudulent activities. This study provides an in-depth analysis of NFT rug pulls, which are fraudulent schemes aimed at stealing investors' funds. Using data from 758 rug pulls across 10 NFT marketplaces, we examine the structural and behavioral properties of these schemes, identify the characteristics and motivations of rug-pullers, and classify NFT projects into groups based on creators' association with their accounts. Our findings reveal that repeated rug pulls account for a significant proportion of the rise in NFT-related cryptocurrency crimes, with one NFT collection attempting 37 rug pulls within three months. Additionally, we identify the largest group of creators influencing the majority of rug pulls, and demonstrate the connection between rug-pullers of different NFT projects through the use of the same wallets to store and move money. Our study contributes to the understanding of NFT market risks and provides insights for designing preventative strategies to mitigate future losses.
△ Less
Submitted 15 April, 2023;
originally announced April 2023.
-
A general-purpose AI assistant embedded in an open-source radiology information system
Authors:
Saptarshi Purkayastha,
Rohan Isaac,
Sharon Anthony,
Shikhar Shukla,
Elizabeth A. Krupinski,
Joshua A. Danish,
Judy W. Gichoya
Abstract:
Radiology AI models have made significant progress in near-human performance or surpassing it. However, AI model's partnership with human radiologist remains an unexplored challenge due to the lack of health information standards, contextual and workflow differences, and data labeling variations. To overcome these challenges, we integrated an AI model service that uses DICOM standard SR annotation…
▽ More
Radiology AI models have made significant progress in near-human performance or surpassing it. However, AI model's partnership with human radiologist remains an unexplored challenge due to the lack of health information standards, contextual and workflow differences, and data labeling variations. To overcome these challenges, we integrated an AI model service that uses DICOM standard SR annotations into the OHIF viewer in the open-source LibreHealth Radiology Information Systems (RIS). In this paper, we describe the novel Human-AI partnership capabilities of the platform, including few-shot learning and swarm learning approaches to retrain the AI models continuously. Building on the concept of machine teaching, we developed an active learning strategy within the RIS, so that the human radiologist can enable/disable AI annotations as well as "fix"/relabel the AI annotations. These annotations are then used to retrain the models. This helps establish a partnership between the radiologist user and a user-specific AI model. The weights of these user-specific models are then finally shared between multiple models in a swarm learning approach.
△ Less
Submitted 18 March, 2023;
originally announced March 2023.
-
BiomedCLIP: a multimodal biomedical foundation model pretrained from fifteen million scientific image-text pairs
Authors:
Sheng Zhang,
Yanbo Xu,
Naoto Usuyama,
Hanwen Xu,
Jaspreet Bagga,
Robert Tinn,
Sam Preston,
Rajesh Rao,
Mu Wei,
Naveen Valluri,
Cliff Wong,
Andrea Tupini,
Yu Wang,
Matt Mazzola,
Swadheen Shukla,
Lars Liden,
Jianfeng Gao,
Matthew P. Lungren,
Tristan Naumann,
Sheng Wang,
Hoifung Poon
Abstract:
Biomedical data is inherently multimodal, comprising physical measurements and natural language narratives. A generalist biomedical AI model needs to simultaneously process different modalities of data, including text and images. Therefore, training an effective generalist biomedical model requires high-quality multimodal data, such as parallel image-text pairs. Here, we present PMC-15M, a novel d…
▽ More
Biomedical data is inherently multimodal, comprising physical measurements and natural language narratives. A generalist biomedical AI model needs to simultaneously process different modalities of data, including text and images. Therefore, training an effective generalist biomedical model requires high-quality multimodal data, such as parallel image-text pairs. Here, we present PMC-15M, a novel dataset that is two orders of magnitude larger than existing biomedical multimodal datasets such as MIMIC-CXR, and spans a diverse range of biomedical image types. PMC-15M contains 15 million biomedical image-text pairs collected from 4.4 million scientific articles. Based on PMC-15M, we have pretrained BiomedCLIP, a multimodal foundation model, with domain-specific adaptations tailored to biomedical vision-language processing. We conducted extensive experiments and ablation studies on standard biomedical imaging tasks from retrieval to classification to visual question-answering (VQA). BiomedCLIP achieved new state-of-the-art results in a wide range of standard datasets, substantially outperforming prior approaches. Intriguingly, by large-scale pretraining on diverse biomedical image types, BiomedCLIP even outperforms state-of-the-art radiology-specific models such as BioViL in radiology-specific tasks such as RSNA pneumonia detection. In summary, BiomedCLIP is a fully open-access foundation model that achieves state-of-the-art performance on various biomedical tasks, paving the way for transformative multimodal biomedical discovery and applications. We release our models at https://aka.ms/biomedclip to facilitate future research in multimodal biomedical AI.
△ Less
Submitted 16 January, 2024; v1 submitted 1 March, 2023;
originally announced March 2023.
-
Design of secure and robust cognitive system for malware detection
Authors:
Sanket Shukla
Abstract:
Machine learning based malware detection techniques rely on grayscale images of malware and tends to classify malware based on the distribution of textures in graycale images. Albeit the advancement and promising results shown by machine learning techniques, attackers can exploit the vulnerabilities by generating adversarial samples. Adversarial samples are generated by intelligently crafting and…
▽ More
Machine learning based malware detection techniques rely on grayscale images of malware and tends to classify malware based on the distribution of textures in graycale images. Albeit the advancement and promising results shown by machine learning techniques, attackers can exploit the vulnerabilities by generating adversarial samples. Adversarial samples are generated by intelligently crafting and adding perturbations to the input samples. There exists majority of the software based adversarial attacks and defenses. To defend against the adversaries, the existing malware detection based on machine learning and grayscale images needs a preprocessing for the adversarial data. This can cause an additional overhead and can prolong the real-time malware detection. So, as an alternative to this, we explore RRAM (Resistive Random Access Memory) based defense against adversaries. Therefore, the aim of this thesis is to address the above mentioned critical system security issues. The above mentioned challenges are addressed by demonstrating proposed techniques to design a secure and robust cognitive system. First, a novel technique to detect stealthy malware is proposed. The technique uses malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained. Results demonstrate that this technique is successful in differentiating classes of malware based on the features extracted. Secondly, I demonstrate the effects of adversarial attacks on a reconfigurable RRAM-neuromorphic architecture with different learning algorithms and device characteristics. I also propose an integrated solution for mitigating the effects of the adversarial attack using the reconfigurable RRAM architecture.
△ Less
Submitted 3 August, 2022;
originally announced August 2022.
-
On the Evaluation of User Privacy in Deep Neural Networks using Timing Side Channel
Authors:
Shubhi Shukla,
Manaar Alam,
Sarani Bhattacharya,
Debdeep Mukhopadhyay,
Pabitra Mitra
Abstract:
Recent Deep Learning (DL) advancements in solving complex real-world tasks have led to its widespread adoption in practical applications. However, this opportunity comes with significant underlying risks, as many of these models rely on privacy-sensitive data for training in a variety of applications, making them an overly-exposed threat surface for privacy violations. Furthermore, the widespread…
▽ More
Recent Deep Learning (DL) advancements in solving complex real-world tasks have led to its widespread adoption in practical applications. However, this opportunity comes with significant underlying risks, as many of these models rely on privacy-sensitive data for training in a variety of applications, making them an overly-exposed threat surface for privacy violations. Furthermore, the widespread use of cloud-based Machine-Learning-as-a-Service (MLaaS) for its robust infrastructure support has broadened the threat surface to include a variety of remote side-channel attacks. In this paper, we first identify and report a novel data-dependent timing side-channel leakage (termed Class Leakage) in DL implementations originating from non-constant time branching operation in a widely used DL framework PyTorch. We further demonstrate a practical inference-time attack where an adversary with user privilege and hard-label black-box access to an MLaaS can exploit Class Leakage to compromise the privacy of MLaaS users. DL models are vulnerable to Membership Inference Attack (MIA), where an adversary's objective is to deduce whether any particular data has been used while training the model. In this paper, as a separate case study, we demonstrate that a DL model secured with differential privacy (a popular countermeasure against MIA) is still vulnerable to MIA against an adversary exploiting Class Leakage. We develop an easy-to-implement countermeasure by making a constant-time branching operation that alleviates the Class Leakage and also aids in mitigating MIA. We have chosen two standard benchmarking image classification datasets, CIFAR-10 and CIFAR-100 to train five state-of-the-art pre-trained DL models, over two different computing environments having Intel Xeon and Intel i7 processors to validate our approach.
△ Less
Submitted 17 February, 2024; v1 submitted 1 August, 2022;
originally announced August 2022.
-
DNS based In-Browser Cryptojacking Detection
Authors:
Rohit Kumar Sachan,
Rachit Agarwal,
Sandeep Kumar Shukla
Abstract:
The metadata aspect of Domain Names (DNs) enables us to perform a behavioral study of DNs and detect if a DN is involved in in-browser cryptojacking. Thus, we are motivated to study different temporal and behavioral aspects of DNs involved in cryptojacking. We use temporal features such as query frequency and query burst along with graph-based features such as degree and diameter, and non-temporal…
▽ More
The metadata aspect of Domain Names (DNs) enables us to perform a behavioral study of DNs and detect if a DN is involved in in-browser cryptojacking. Thus, we are motivated to study different temporal and behavioral aspects of DNs involved in cryptojacking. We use temporal features such as query frequency and query burst along with graph-based features such as degree and diameter, and non-temporal features such as the string-based to detect if a DNs is suspect to be involved in the in-browser cryptojacking. Then, we use them to train the Machine Learning (ML) algorithms over different temporal granularities such as 2 hours datasets and complete dataset. Our results show DecisionTrees classifier performs the best with 59.5% Recall on cryptojacked DN, while for unsupervised learning, K-Means with K=2 perform the best. Similarity analysis of the features reveals a minimal divergence between the cryptojacking DNs and other already known malicious DNs. It also reveals the need for improvements in the feature set of state-of-the-art methods to improve their accuracy in detecting in-browser cryptojacking. As added analysis, our signature-based analysis identifies that none-of-the Indian Government websites were involved in cryptojacking during October-December 2021. However, based on the resource utilization, we identify 10 DNs with different properties than others.
△ Less
Submitted 10 May, 2022;
originally announced May 2022.
-
EPASAD: Ellipsoid decision boundary based Process-Aware Stealthy Attack Detector
Authors:
Vikas Maurya,
Rachit Agarwal,
Saurabh Kumar,
Sandeep Kumar Shukla
Abstract:
Due to the importance of Critical Infrastructure (CI) in a nation's economy, they have been lucrative targets for cyber attackers. These critical infrastructures are usually Cyber-Physical Systems (CPS) such as power grids, water, and sewage treatment facilities, oil and gas pipelines, etc. In recent times, these systems have suffered from cyber attacks numerous times. Researchers have been develo…
▽ More
Due to the importance of Critical Infrastructure (CI) in a nation's economy, they have been lucrative targets for cyber attackers. These critical infrastructures are usually Cyber-Physical Systems (CPS) such as power grids, water, and sewage treatment facilities, oil and gas pipelines, etc. In recent times, these systems have suffered from cyber attacks numerous times. Researchers have been developing cyber security solutions for CIs to avoid lasting damages. According to standard frameworks, cyber security based on identification, protection, detection, response, and recovery are at the core of these research. Detection of an ongoing attack that escapes standard protection such as firewall, anti-virus, and host/network intrusion detection has gained importance as such attacks eventually affect the physical dynamics of the system. Therefore, anomaly detection in physical dynamics proves an effective means to implement defense-in-depth. PASAD is one example of anomaly detection in the sensor/actuator data, representing such systems' physical dynamics. We present EPASAD, which improves the detection technique used in PASAD to detect these micro-stealthy attacks, as our experiments show that PASAD's spherical boundary-based detection fails to detect. Our method EPASAD overcomes this by using Ellipsoid boundaries, thereby tightening the boundaries in various dimensions, whereas a spherical boundary treats all dimensions equally. We validate EPASAD using the dataset produced by the TE-process simulator and the C-town datasets. The results show that EPASAD improves PASAD's average recall by 5.8% and 9.5% for the two datasets, respectively.
△ Less
Submitted 8 April, 2022;
originally announced April 2022.
-
An Illustrative Industry Architecture to Mitigate Potential Fragmentation across Central Bank Digital Currency and Commercial Bank Money
Authors:
Lee Braine,
Shreepad Shukla
Abstract:
Central banks are actively exploring central bank digital currencies (CBDCs) by conducting research, proofs of concept and pilots. However, adoption of a CBDC can risk fragmenting both payments markets and retail deposits. In this paper, we aim to provide a mitigation to this fragmentation risk by presenting an illustrative industry architecture which places CBDCs and commercial bank money on a si…
▽ More
Central banks are actively exploring central bank digital currencies (CBDCs) by conducting research, proofs of concept and pilots. However, adoption of a CBDC can risk fragmenting both payments markets and retail deposits. In this paper, we aim to provide a mitigation to this fragmentation risk by presenting an illustrative industry architecture which places CBDCs and commercial bank money on a similar footing. We introduce the concept of ecosystems providing a common programmability layer that interfaces with the account systems at both commercial banks and the central bank. We focus on a potential United Kingdom (UK) CBDC, including industry ecosystems interfacing with commercial banks using Open Banking application programming interfaces (APIs).
△ Less
Submitted 31 March, 2022;
originally announced March 2022.
-
Transform your Smartphone into a DSLR Camera: Learning the ISP in the Wild
Authors:
Ardhendu Shekhar Tripathi,
Martin Danelljan,
Samarth Shukla,
Radu Timofte,
Luc Van Gool
Abstract:
We propose a trainable Image Signal Processing (ISP) framework that produces DSLR quality images given RAW images captured by a smartphone. To address the color misalignments between training image pairs, we employ a color-conditional ISP network and optimize a novel parametric color mapping between each input RAW and reference DSLR image. During inference, we predict the target color image by des…
▽ More
We propose a trainable Image Signal Processing (ISP) framework that produces DSLR quality images given RAW images captured by a smartphone. To address the color misalignments between training image pairs, we employ a color-conditional ISP network and optimize a novel parametric color mapping between each input RAW and reference DSLR image. During inference, we predict the target color image by designing a color prediction network with efficient Global Context Transformer modules. The latter effectively leverage global information to learn consistent color and tone mappings. We further propose a robust masked aligned loss to identify and discard regions with inaccurate motion estimation during training. Lastly, we introduce the ISP in the Wild (ISPW) dataset, consisting of weakly paired phone RAW and DSLR sRGB images. We extensively evaluate our method, setting a new state-of-the-art on two datasets.
△ Less
Submitted 12 July, 2022; v1 submitted 20 March, 2022;
originally announced March 2022.
-
Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots
Authors:
Upendra Bartwal,
Subhasis Mukhopadhyay,
Rohit Negi,
Sandeep Shukla
Abstract:
Cyber Security is a critical topic for organizations with IT/OT networks as they are always susceptible to attack, whether insider or outsider. Since the cyber landscape is an ever-evolving scenario, one must keep upgrading its security systems to enhance the security of the infrastructure. Tools like Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Threat I…
▽ More
Cyber Security is a critical topic for organizations with IT/OT networks as they are always susceptible to attack, whether insider or outsider. Since the cyber landscape is an ever-evolving scenario, one must keep upgrading its security systems to enhance the security of the infrastructure. Tools like Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Threat Intelligence Platform (TIP), Information Technology Service Management (ITSM), along with other defensive techniques like Intrusion Detection System (IDS), Intrusion Protection System (IPS), and many others enhance the cyber security posture of the infrastructure. However, the proposed protection mechanisms have their limitations, they are insufficient to ensure security, and the attacker penetrates the network. Deception technology, along with Honeypots, provides a false sense of vulnerability in the target systems to the attackers. The attacker deceived reveals threat intel about their modus operandi. We have developed a Security Orchestration, Automation, and Response (SOAR) Engine that dynamically deploys custom honeypots inside the internal network infrastructure based on the attacker's behavior. The architecture is robust enough to support multiple VLANs connected to the system and used for orchestration. The presence of botnet traffic and DDOS attacks on the honeypots in the network is detected, along with a malware collection system. After being exposed to live traffic for four days, our engine dynamically orchestrated the honeypots 40 times, detected 7823 attacks, 965 DDOS attack packets, and three malicious samples. While our experiments with static honeypots show an average attacker engagement time of 102 seconds per instance, our SOAR Engine-based dynamic honeypots engage attackers on average 3148 seconds.
△ Less
Submitted 14 January, 2022;
originally announced January 2022.
-
Towards Malicious address identification in Bitcoin
Authors:
Deepesh Chaudhari,
Rachit Agarwal,
Sandeep Kumar Shukla
Abstract:
The temporal aspect of blockchain transactions enables us to study the address's behavior and detect if it is involved in any illicit activity. However, due to the concept of change addresses (used to thwart replay attacks), temporal aspects are not directly applicable in the Bitcoin blockchain. Several pre-processing steps should be performed before such temporal aspects are utilized. We are moti…
▽ More
The temporal aspect of blockchain transactions enables us to study the address's behavior and detect if it is involved in any illicit activity. However, due to the concept of change addresses (used to thwart replay attacks), temporal aspects are not directly applicable in the Bitcoin blockchain. Several pre-processing steps should be performed before such temporal aspects are utilized. We are motivated to study the Bitcoin transaction network and use the temporal features such as burst, attractiveness, and inter-event time along with several graph-based properties such as the degree of node and clustering coefficient to validate the applicability of already existing approaches known for other cryptocurrency blockchains on the Bitcoin blockchain. We generate the temporal and non-temporal feature set and train the Machine Learning (ML) algorithm over different temporal granularities to validate the state-of-the-art methods. We study the behavior of the addresses over different time granularities of the dataset. We identify that after applying change-address clustering, in Bitcoin, existing temporal features can be extracted and ML approaches can be applied. A comparative analysis of results show that the behavior of addresses in Ethereum and Bitcoin is similar with respect to in-degree, out-degree and inter-event time. Further, we identify 3 suspects that showed malicious behavior across different temporal granularities. These suspects are not marked as malicious in Bitcoin.
△ Less
Submitted 22 December, 2021;
originally announced December 2021.
-
Reputation-based PoS for the Restriction of Illicit Activities on Blockchain: Algorand Usecase
Authors:
Mayank Pandey,
Rachit Agarwal,
Sandeep Kumar Shukla,
Nishchal Kumar Verma
Abstract:
In cryptocurrency-based permissionless blockchain networks, the decentralized structure enables any user to join and operate across different regions. The criminal entities exploit it by using cryptocurrency transactions on the blockchain to facilitate activities such as money laundering, gambling, and ransomware attacks. In recent times, different machine learning-based techniques can detect such…
▽ More
In cryptocurrency-based permissionless blockchain networks, the decentralized structure enables any user to join and operate across different regions. The criminal entities exploit it by using cryptocurrency transactions on the blockchain to facilitate activities such as money laundering, gambling, and ransomware attacks. In recent times, different machine learning-based techniques can detect such criminal elements based on blockchain transaction data. However, there is no provision within the blockchain to deal with such elements. We propose a reputation-based methodology for response to the users detected carrying out the aforementioned illicit activities. We select Algorand blockchain to implement our methodology by incorporating it within the consensus protocol. The theoretical results obtained prove the restriction and exclusion of criminal elements through block proposal rejection and attenuation of the voting power as a validator for such entities. Further, we analyze the efficacy of our method and show that it puts no additional strain on the communication resources.
△ Less
Submitted 25 August, 2022; v1 submitted 21 December, 2021;
originally announced December 2021.
-
Unsupervised paradigm for information extraction from transcripts using BERT
Authors:
Aravind Chandramouli,
Siddharth Shukla,
Neeti Nair,
Shiven Purohit,
Shubham Pandey,
Murali Mohana Krishna Dandu
Abstract:
Audio call transcripts are one of the valuable sources of information for multiple downstream use cases such as understanding the voice of the customer and analyzing agent performance. However, these transcripts are noisy in nature and in an industry setting, getting tagged ground truth data is a challenge. In this paper, we present a solution implemented in the industry using BERT Language Models…
▽ More
Audio call transcripts are one of the valuable sources of information for multiple downstream use cases such as understanding the voice of the customer and analyzing agent performance. However, these transcripts are noisy in nature and in an industry setting, getting tagged ground truth data is a challenge. In this paper, we present a solution implemented in the industry using BERT Language Models as part of our pipeline to extract key topics and multiple open intents discussed in the call. Another problem statement we looked at was the automatic tagging of transcripts into predefined categories, which traditionally is solved using supervised approach. To overcome the lack of tagged data, all our proposed approaches use unsupervised methods to solve the outlined problems. We evaluate the results by quantitatively comparing the automatically extracted topics, intents and tagged categories with human tagged ground truth and by qualitatively measuring the valuable concepts and intents that are not present in the ground truth. We achieved near human accuracy in extraction of these topics and intents using our novel approach
△ Less
Submitted 9 October, 2021; v1 submitted 3 October, 2021;
originally announced October 2021.
-
Understanding Money Trails of Suspicious Activities in a cryptocurrency-based Blockchain
Authors:
Banwari Lal,
Rachit Agarwal,
Sandeep Kumar Shukla
Abstract:
The decentralization, redundancy, and pseudo-anonymity features have made permission-less public blockchain platforms attractive for adoption as technology platforms for cryptocurrencies. However, such adoption has enabled cybercriminals to exploit vulnerabilities in blockchain platforms and target the users through social engineering to carry out malicious activities. Most of the state-of-the-art…
▽ More
The decentralization, redundancy, and pseudo-anonymity features have made permission-less public blockchain platforms attractive for adoption as technology platforms for cryptocurrencies. However, such adoption has enabled cybercriminals to exploit vulnerabilities in blockchain platforms and target the users through social engineering to carry out malicious activities. Most of the state-of-the-art techniques for detecting malicious actors depend on the transactional behavior of individual wallet addresses but do not analyze the money trails. We propose a heuristics-based approach that adds new features associated with money trails to analyze and find suspicious activities in cryptocurrency blockchains. Here, we focus only on the cyclic behavior and identify hidden patterns present in the temporal transactions graphs in a blockchain. We demonstrate our methods on the transaction data of the Ethereum blockchain. We find that malicious activities (such as Gambling, Phishing, and Money Laundering) have different cyclic patterns in Ethereum. We also identify two suspicious temporal cyclic path-based transfers in Ethereum. Our techniques may apply to other cryptocurrency blockchains with appropriate modifications adapted to the nature of the crypto-currency under investigation.
△ Less
Submitted 26 August, 2021;
originally announced August 2021.
-
Heteroscedastic Temporal Variational Autoencoder For Irregularly Sampled Time Series
Authors:
Satya Narayan Shukla,
Benjamin M. Marlin
Abstract:
Irregularly sampled time series commonly occur in several domains where they present a significant challenge to standard deep learning models. In this paper, we propose a new deep learning framework for probabilistic interpolation of irregularly sampled time series that we call the Heteroscedastic Temporal Variational Autoencoder (HeTVAE). HeTVAE includes a novel input layer to encode information…
▽ More
Irregularly sampled time series commonly occur in several domains where they present a significant challenge to standard deep learning models. In this paper, we propose a new deep learning framework for probabilistic interpolation of irregularly sampled time series that we call the Heteroscedastic Temporal Variational Autoencoder (HeTVAE). HeTVAE includes a novel input layer to encode information about input observation sparsity, a temporal VAE architecture to propagate uncertainty due to input sparsity, and a heteroscedastic output layer to enable variable uncertainty in output interpolations. Our results show that the proposed architecture is better able to reflect variable uncertainty through time due to sparse and irregular sampling than a range of baseline and traditional models, as well as recently proposed deep latent variable models that use homoscedastic output layers.
△ Less
Submitted 23 July, 2021;
originally announced July 2021.
-
A Levy Flight based Narrow Passage Sampling Method for Probabilistic Roadmap Planners
Authors:
Shubham Shukla,
Lokesh Kumar,
Titas Bera,
Ranjan Dasgupta
Abstract:
Sampling based probabilistic roadmap planners (PRM) have been successful in motion planning of robots with higher degrees of freedom, but may fail to capture the connectivity of the configuration space in scenarios with a critical narrow passage. In this paper, we show a novel technique based on Levy Flights to generate key samples in the narrow regions of configuration space, which, when combined…
▽ More
Sampling based probabilistic roadmap planners (PRM) have been successful in motion planning of robots with higher degrees of freedom, but may fail to capture the connectivity of the configuration space in scenarios with a critical narrow passage. In this paper, we show a novel technique based on Levy Flights to generate key samples in the narrow regions of configuration space, which, when combined with a PRM, improves the completeness of the planner. The technique substantially improves sample quality at the expense of a minimal additional computation, when compared with pure random walk based methods, however, still outperforms state of the art random bridge building method, in terms of number of collision calls, computational overhead and sample quality. The method is robust to the changes in the parameters related to the structure of the narrow passage, thus giving an additional generality. A number of 2D & 3D motion planning simulations are presented which shows the effectiveness of the method.
△ Less
Submitted 1 July, 2021;
originally announced July 2021.
-
Vulnerability and Transaction behavior based detection of Malicious Smart Contracts
Authors:
Rachit Agarwal,
Tanmay Thapliyal,
Sandeep Kumar Shukla
Abstract:
Smart Contracts (SCs) in Ethereum can automate tasks and provide different functionalities to a user. Such automation is enabled by the `Turing-complete' nature of the programming language (Solidity) in which SCs are written. This also opens up different vulnerabilities and bugs in SCs that malicious actors exploit to carry out malicious or illegal activities on the cryptocurrency platform. In thi…
▽ More
Smart Contracts (SCs) in Ethereum can automate tasks and provide different functionalities to a user. Such automation is enabled by the `Turing-complete' nature of the programming language (Solidity) in which SCs are written. This also opens up different vulnerabilities and bugs in SCs that malicious actors exploit to carry out malicious or illegal activities on the cryptocurrency platform. In this work, we study the correlation between malicious activities and the vulnerabilities present in SCs and find that some malicious activities are correlated with certain types of vulnerabilities. We then develop and study the feasibility of a scoring mechanism that corresponds to the severity of the vulnerabilities present in SCs to determine if it is a relevant feature to identify suspicious SCs. We analyze the utility of severity score towards detection of suspicious SCs using unsupervised machine learning (ML) algorithms across different temporal granularities and identify behavioral changes. In our experiments with on-chain SCs, we were able to find a total of 1094 benign SCs across different granularities which behave similar to malicious SCs, with the inclusion of the smart contract vulnerability scores in the feature set.
△ Less
Submitted 25 June, 2021;
originally announced June 2021.
-
Identifying malicious accounts in Blockchains using Domain Names and associated temporal properties
Authors:
Rohit Kumar Sachan,
Rachit Agarwal,
Sandeep Kumar Shukla
Abstract:
The rise in the adoption of blockchain technology has led to increased illegal activities by cyber-criminals costing billions of dollars. Many machine learning algorithms are applied to detect such illegal behavior. These algorithms are often trained on the transaction behavior and, in some cases, trained on the vulnerabilities that exist in the system. In our approach, we study the feasibility of…
▽ More
The rise in the adoption of blockchain technology has led to increased illegal activities by cyber-criminals costing billions of dollars. Many machine learning algorithms are applied to detect such illegal behavior. These algorithms are often trained on the transaction behavior and, in some cases, trained on the vulnerabilities that exist in the system. In our approach, we study the feasibility of using metadata such as Domain Name (DN) associated with the account in the blockchain and identify whether an account should be tagged malicious or not. Here, we leverage the temporal aspects attached to the DNs. Our results identify 144930 DNs that show malicious behavior, and out of these, 54114 DNs show persistent malicious behavior over time. Nonetheless, none of these identified malicious DNs were reported in new officially tagged malicious blockchain DNs.
△ Less
Submitted 25 June, 2021;
originally announced June 2021.
-
Fast and Accurate Single-Image Depth Estimation on Mobile Devices, Mobile AI 2021 Challenge: Report
Authors:
Andrey Ignatov,
Grigory Malivenko,
David Plowman,
Samarth Shukla,
Radu Timofte,
Ziyu Zhang,
Yicheng Wang,
Zilong Huang,
Guozhong Luo,
Gang Yu,
Bin Fu,
Yiran Wang,
Xingyi Li,
Min Shi,
Ke Xian,
Zhiguo Cao,
Jin-Hua Du,
Pei-Lin Wu,
Chao Ge,
Jiaoyang Yao,
Fangwen Tu,
Bo Li,
Jung Eun Yoo,
Kwanggyoon Seo,
Jialei Xu
, et al. (13 additional authors not shown)
Abstract:
Depth estimation is an important computer vision problem with many practical applications to mobile devices. While many solutions have been proposed for this task, they are usually very computationally expensive and thus are not applicable for on-device inference. To address this problem, we introduce the first Mobile AI challenge, where the target is to develop an end-to-end deep learning-based d…
▽ More
Depth estimation is an important computer vision problem with many practical applications to mobile devices. While many solutions have been proposed for this task, they are usually very computationally expensive and thus are not applicable for on-device inference. To address this problem, we introduce the first Mobile AI challenge, where the target is to develop an end-to-end deep learning-based depth estimation solutions that can demonstrate a nearly real-time performance on smartphones and IoT platforms. For this, the participants were provided with a new large-scale dataset containing RGB-depth image pairs obtained with a dedicated stereo ZED camera producing high-resolution depth maps for objects located at up to 50 meters. The runtime of all models was evaluated on the popular Raspberry Pi 4 platform with a mobile ARM-based Broadcom chipset. The proposed solutions can generate VGA resolution depth maps at up to 10 FPS on the Raspberry Pi 4 while achieving high fidelity results, and are compatible with any Android or Linux-based mobile devices. A detailed description of all models developed in the challenge is provided in this paper.
△ Less
Submitted 17 May, 2021;
originally announced May 2021.
-
A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images
Authors:
Abhijitt Dhavlle,
Sanket Shukla
Abstract:
Our computer systems for decades have been threatened by various types of hardware and software attacks of which Malwares have been one of them. This malware has the ability to steal, destroy, contaminate, gain unintended access, or even disrupt the entire system. There have been techniques to detect malware by performing static and dynamic analysis of malware files, but, stealthy malware has circ…
▽ More
Our computer systems for decades have been threatened by various types of hardware and software attacks of which Malwares have been one of them. This malware has the ability to steal, destroy, contaminate, gain unintended access, or even disrupt the entire system. There have been techniques to detect malware by performing static and dynamic analysis of malware files, but, stealthy malware has circumvented the static analysis method and for dynamic analysis, there have been previous works that propose different methods to detect malware but, in this work we propose a novel technique to detect malware. We use malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained. We show that this technique is successful in differentiating classes of malware based on the features extracted.
△ Less
Submitted 14 April, 2021;
originally announced April 2021.
-
Security of Healthcare Data Using Blockchains: A Survey
Authors:
Mayank Pandey,
Rachit Agarwal,
Sandeep K. Shukla,
Nishchal K. Verma
Abstract:
The advancement in the healthcare sector is entering into a new era in the form of Health 4.0. The integration of innovative technologies like Cyber-Physical Systems (CPS), Big Data, Cloud Computing, Machine Learning, and Blockchain with Healthcare services has led to improved performance and efficiency through data-based learning and interconnection of systems. On the other hand, it has also incr…
▽ More
The advancement in the healthcare sector is entering into a new era in the form of Health 4.0. The integration of innovative technologies like Cyber-Physical Systems (CPS), Big Data, Cloud Computing, Machine Learning, and Blockchain with Healthcare services has led to improved performance and efficiency through data-based learning and interconnection of systems. On the other hand, it has also increased complexities and has brought its own share of vulnerabilities due to the heavy influx, sharing, and storage of healthcare data. The protection of the same from cyber-attacks along with privacy preservation through authenticated access is one of the significant challenges for the healthcare sector. For this purpose, the use of blockchain-based networks can lead to a considerable reduction in the vulnerabilities of the healthcare systems and secure their data. This chapter explores blockchain's role in strengthening healthcare data security by answering the questions related to what data use, when we need, why we need, who needs, and how state-of-the-art techniques use blockchains to secure healthcare data. As a case study, we also explore and analyze the state-of-the-art implementations for blockchain in healthcare data security for the COVID-19 pandemic. In order to provide a path to future research directions, we identify and discuss the technical limitations and regulatory challenges associated with blockchain-based healthcare data security implementation.
△ Less
Submitted 23 March, 2021;
originally announced March 2021.
-
Detecting Malicious Accounts showing Adversarial Behavior in Permissionless Blockchains
Authors:
Rachit Agarwal,
Tanmay Thapliyal,
Sandeep K. Shukla
Abstract:
Different types of malicious activities have been flagged in multiple permissionless blockchains such as bitcoin, Ethereum etc. While some malicious activities exploit vulnerabilities in the infrastructure of the blockchain, some target its users through social engineering techniques. To address these problems, we aim at automatically flagging blockchain accounts that originate such malicious expl…
▽ More
Different types of malicious activities have been flagged in multiple permissionless blockchains such as bitcoin, Ethereum etc. While some malicious activities exploit vulnerabilities in the infrastructure of the blockchain, some target its users through social engineering techniques. To address these problems, we aim at automatically flagging blockchain accounts that originate such malicious exploitation of accounts of other participants. To that end, we identify a robust supervised machine learning (ML) algorithm that is resistant to any bias induced by an over representation of certain malicious activity in the available dataset, as well as is robust against adversarial attacks. We find that most of the malicious activities reported thus far, for example, in Ethereum blockchain ecosystem, behaves statistically similar. Further, the previously used ML algorithms for identifying malicious accounts show bias towards a particular malicious activity which is over-represented. In the sequel, we identify that Neural Networks (NN) holds up the best in the face of such bias inducing dataset at the same time being robust against certain adversarial attacks.
△ Less
Submitted 28 January, 2021;
originally announced January 2021.
-
Multi-Time Attention Networks for Irregularly Sampled Time Series
Authors:
Satya Narayan Shukla,
Benjamin M. Marlin
Abstract:
Irregular sampling occurs in many time series modeling applications where it presents a significant challenge to standard deep learning models. This work is motivated by the analysis of physiological time series data in electronic health records, which are sparse, irregularly sampled, and multivariate. In this paper, we propose a new deep learning framework for this setting that we call Multi-Time…
▽ More
Irregular sampling occurs in many time series modeling applications where it presents a significant challenge to standard deep learning models. This work is motivated by the analysis of physiological time series data in electronic health records, which are sparse, irregularly sampled, and multivariate. In this paper, we propose a new deep learning framework for this setting that we call Multi-Time Attention Networks. Multi-Time Attention Networks learn an embedding of continuous-time values and use an attention mechanism to produce a fixed-length representation of a time series containing a variable number of observations. We investigate the performance of this framework on interpolation and classification tasks using multiple datasets. Our results show that the proposed approach performs as well or better than a range of baseline and recently proposed models while offering significantly faster training times than current state-of-the-art methods.
△ Less
Submitted 7 June, 2021; v1 submitted 25 January, 2021;
originally announced January 2021.
-
Detecting Hostile Posts using Relational Graph Convolutional Network
Authors:
Sarthak,
Shikhar Shukla,
Karm Veer Arya
Abstract:
This work is based on the submission to the competition Hindi Constraint conducted by AAAI@2021 for detection of hostile posts in Hindi on social media platforms. Here, a model is presented for detection and classification of hostile posts and further classify into fake, offensive, hate and defamation using Relational Graph Convolutional Networks. Unlike other existing work, our approach is focuse…
▽ More
This work is based on the submission to the competition Hindi Constraint conducted by AAAI@2021 for detection of hostile posts in Hindi on social media platforms. Here, a model is presented for detection and classification of hostile posts and further classify into fake, offensive, hate and defamation using Relational Graph Convolutional Networks. Unlike other existing work, our approach is focused on using semantic meaning along with contextutal information for better classification. The results from AAAI@2021 indicates that the proposed model is performing at par with Google's XLM-RoBERTa on the given dataset. Our best submission with RGCN achieves an F1 score of 0.97 (7th Rank) on coarse-grained evaluation and achieved best performance on identifying fake posts. Among all submissions to the challenge, our classification system with XLM-Roberta secured 2nd rank on fine-grained classification.
△ Less
Submitted 7 April, 2021; v1 submitted 10 January, 2021;
originally announced January 2021.
-
A Survey on Principles, Models and Methods for Learning from Irregularly Sampled Time Series
Authors:
Satya Narayan Shukla,
Benjamin M. Marlin
Abstract:
Irregularly sampled time series data arise naturally in many application domains including biology, ecology, climate science, astronomy, and health. Such data represent fundamental challenges to many classical models from machine learning and statistics due to the presence of non-uniform intervals between observations. However, there has been significant progress within the machine learning commun…
▽ More
Irregularly sampled time series data arise naturally in many application domains including biology, ecology, climate science, astronomy, and health. Such data represent fundamental challenges to many classical models from machine learning and statistics due to the presence of non-uniform intervals between observations. However, there has been significant progress within the machine learning community over the last decade on developing specialized models and architectures for learning from irregularly sampled univariate and multivariate time series data. In this survey, we first describe several axes along which approaches to learning from irregularly sampled time series differ including what data representations they are based on, what modeling primitives they leverage to deal with the fundamental problem of irregular sampling, and what inference tasks they are designed to perform. We then survey the recent literature organized primarily along the axis of modeling primitives. We describe approaches based on temporal discretization, interpolation, recurrence, attention and structural invariance. We discuss similarities and differences between approaches and highlight primary strengths and weaknesses.
△ Less
Submitted 5 January, 2021; v1 submitted 30 November, 2020;
originally announced December 2020.
-
Audience Creation for Consumables -- Simple and Scalable Precision Merchandising for a Growing Marketplace
Authors:
Shreyas S,
Harsh Maheshwari,
Avijit Saha,
Samik Datta,
Shashank Jain,
Disha Makhija,
Anuj Nagpal,
Sneha Shukla,
Suyash S
Abstract:
Consumable categories, such as grocery and fast-moving consumer goods, are quintessential to the growth of e-commerce marketplaces in developing countries. In this work, we present the design and implementation of a precision merchandising system, which creates audience sets from over 10 million consumers and is deployed at Flipkart Supermart, one of the largest online grocery stores in India. We…
▽ More
Consumable categories, such as grocery and fast-moving consumer goods, are quintessential to the growth of e-commerce marketplaces in developing countries. In this work, we present the design and implementation of a precision merchandising system, which creates audience sets from over 10 million consumers and is deployed at Flipkart Supermart, one of the largest online grocery stores in India. We employ temporal point process to model the latent periodicity and mutual-excitation in the purchase dynamics of consumables. Further, we develop a likelihood-free estimation procedure that is robust against data sparsity, censure and noise typical of a growing marketplace. Lastly, we scale the inference by quantizing the triggering kernels and exploiting sparse matrix-vector multiplication primitive available on a commercial distributed linear algebra backend. In operation spanning more than a year, we have witnessed a consistent increase in click-through rate in the range of 25-70% for banner-based merchandising in the storefront, and in the range of 12-26% for push notification-based campaigns.
△ Less
Submitted 17 November, 2020;
originally announced November 2020.
-
Overview of the Ninth Dialog System Technology Challenge: DSTC9
Authors:
Chulaka Gunasekara,
Seokhwan Kim,
Luis Fernando D'Haro,
Abhinav Rastogi,
Yun-Nung Chen,
Mihail Eric,
Behnam Hedayatnia,
Karthik Gopalakrishnan,
Yang Liu,
Chao-Wei Huang,
Dilek Hakkani-Tür,
Jinchao Li,
Qi Zhu,
Lingxiao Luo,
Lars Liden,
Kaili Huang,
Shahin Shayandeh,
Runze Liang,
Baolin Peng,
Zheng Zhang,
Swadheen Shukla,
Minlie Huang,
Jianfeng Gao,
Shikib Mehri,
Yulan Feng
, et al. (14 additional authors not shown)
Abstract:
This paper introduces the Ninth Dialog System Technology Challenge (DSTC-9). This edition of the DSTC focuses on applying end-to-end dialog technologies for four distinct tasks in dialog systems, namely, 1. Task-oriented dialog Modeling with unstructured knowledge access, 2. Multi-domain task-oriented dialog, 3. Interactive evaluation of dialog, and 4. Situated interactive multi-modal dialog. This…
▽ More
This paper introduces the Ninth Dialog System Technology Challenge (DSTC-9). This edition of the DSTC focuses on applying end-to-end dialog technologies for four distinct tasks in dialog systems, namely, 1. Task-oriented dialog Modeling with unstructured knowledge access, 2. Multi-domain task-oriented dialog, 3. Interactive evaluation of dialog, and 4. Situated interactive multi-modal dialog. This paper describes the task definition, provided datasets, baselines and evaluation set-up for each track. We also summarize the results of the submitted systems to highlight the overall trends of the state-of-the-art technologies for the tasks.
△ Less
Submitted 12 November, 2020;
originally announced November 2020.
-
Zero-Pair Image to Image Translation using Domain Conditional Normalization
Authors:
Samarth Shukla,
Andrés Romero,
Luc Van Gool,
Radu Timofte
Abstract:
In this paper, we propose an approach based on domain conditional normalization (DCN) for zero-pair image-to-image translation, i.e., translating between two domains which have no paired training data available but each have paired training data with a third domain. We employ a single generator which has an encoder-decoder structure and analyze different implementations of domain conditional norma…
▽ More
In this paper, we propose an approach based on domain conditional normalization (DCN) for zero-pair image-to-image translation, i.e., translating between two domains which have no paired training data available but each have paired training data with a third domain. We employ a single generator which has an encoder-decoder structure and analyze different implementations of domain conditional normalization to obtain the desired target domain output. The validation benchmark uses RGB-depth pairs and RGB-semantic pairs for training and compares performance for the depth-semantic translation task. The proposed approaches improve in qualitative and quantitative terms over the compared methods, while using much fewer parameters. Code available at https://github.com/samarthshukla/dcn
△ Less
Submitted 11 November, 2020;
originally announced November 2020.
-
Gaussian MRF Covariance Modeling for Efficient Black-Box Adversarial Attacks
Authors:
Anit Kumar Sahu,
Satya Narayan Shukla,
J. Zico Kolter
Abstract:
We study the problem of generating adversarial examples in a black-box setting, where we only have access to a zeroth order oracle, providing us with loss function evaluations. Although this setting has been investigated in previous work, most past approaches using zeroth order optimization implicitly assume that the gradients of the loss function with respect to the input images are \emph{unstruc…
▽ More
We study the problem of generating adversarial examples in a black-box setting, where we only have access to a zeroth order oracle, providing us with loss function evaluations. Although this setting has been investigated in previous work, most past approaches using zeroth order optimization implicitly assume that the gradients of the loss function with respect to the input images are \emph{unstructured}. In this work, we show that in fact substantial correlations exist within these gradients, and we propose to capture these correlations via a Gaussian Markov random field (GMRF). Given the intractability of the explicit covariance structure of the MRF, we show that the covariance structure can be efficiently represented using the Fast Fourier Transform (FFT), along with low-rank updates to perform exact posterior estimation under this model. We use this modeling technique to find fast one-step adversarial attacks, akin to a black-box version of the Fast Gradient Sign Method~(FGSM), and show that the method uses fewer queries and achieves higher attack success rates than the current state of the art. We also highlight the general applicability of this gradient modeling setup.
△ Less
Submitted 8 October, 2020;
originally announced October 2020.
-
Unsupervised Learning Based Robust Multivariate Intrusion Detection System for Cyber-Physical Systems using Low Rank Matrix
Authors:
Aneet K. Dutta,
Bhaskar Mukhoty,
Sandeep K. Shukla
Abstract:
Regular and uninterrupted operation of critical infrastructures such as power, transport, communication etc. are essential for proper functioning of a country. Cyber-attacks causing disruption in critical infrastructure service in the past, are considered as a significant threat. With the advancement in technology and the progress of the critical infrastructures towards IP based communication, cyb…
▽ More
Regular and uninterrupted operation of critical infrastructures such as power, transport, communication etc. are essential for proper functioning of a country. Cyber-attacks causing disruption in critical infrastructure service in the past, are considered as a significant threat. With the advancement in technology and the progress of the critical infrastructures towards IP based communication, cyber-physical systems are lucrative targets of the attackers. In this paper, we propose a robust multivariate intrusion detection system called RAD for detecting attacks in the cyber-physical systems in O(d) space and time complexity, where d is the number parameters in the system state vector. The proposed Intrusion Detection System(IDS) is developed in an unsupervised learning setting without using labelled data denoting attacks. It allows a fraction of the training data to be corrupted by outliers or under attack, by subscribing to robust training procedure. The proposed IDS outperforms existing anomaly detection techniques in several real-world datasets and attack scenarios.
△ Less
Submitted 7 September, 2020;
originally announced September 2020.
-
Historical Context and Key Features of Digital Money Tokens
Authors:
Shreepad Shukla
Abstract:
Digital money tokens have attracted the attention of financial institutions, central banks, regulators, international associations and fintechs. Their research and experimentation with digital money tokens has included creating innovative technical and operational frameworks. In this paper, we present a 'money tree' which places this recent concept of digital money tokens into a historical context…
▽ More
Digital money tokens have attracted the attention of financial institutions, central banks, regulators, international associations and fintechs. Their research and experimentation with digital money tokens has included creating innovative technical and operational frameworks. In this paper, we present a 'money tree' which places this recent concept of digital money tokens into a historical context by illustrating their evolution from more traditional forms of money. We then identify key features of digital money tokens with options and examples. We hope this paper will be of interest to the financial services industry and we look forward to feedback.
△ Less
Submitted 25 August, 2020;
originally announced August 2020.
-
Adaptive Chemotaxis for improved Contour Tracking using Spiking Neural Networks
Authors:
Shashwat Shukla,
Rohan Pathak,
Vivek Saraswat,
Udayan Ganguly
Abstract:
In this paper we present a Spiking Neural Network (SNN) for autonomous navigation, inspired by the chemotaxis network of the worm Caenorhabditis elegans. In particular, we focus on the problem of contour tracking, wherein the bot must reach and subsequently follow a desired concentration setpoint. Past schemes that used only klinokinesis can follow the contour efficiently but take excessive time t…
▽ More
In this paper we present a Spiking Neural Network (SNN) for autonomous navigation, inspired by the chemotaxis network of the worm Caenorhabditis elegans. In particular, we focus on the problem of contour tracking, wherein the bot must reach and subsequently follow a desired concentration setpoint. Past schemes that used only klinokinesis can follow the contour efficiently but take excessive time to reach the setpoint. We address this shortcoming by proposing a novel adaptive klinotaxis mechanism that builds upon a previously proposed gradient climbing circuit. We demonstrate how our klinotaxis circuit can autonomously be configured to perform gradient ascent, gradient descent and subsequently be disabled to seamlessly integrate with the aforementioned klinokinesis circuit. We also incorporate speed regulation (orthokinesis) to further improve contour tracking performance. Thus for the first time, we present a model that successfully integrates klinokinesis, klinotaxis and orthokinesis. We demonstrate via contour tracking simulations that our proposed scheme achieves an 2.4x reduction in the time to reach the setpoint, along with a simultaneous 8.7x reduction in average deviation from the setpoint.
△ Less
Submitted 1 August, 2020;
originally announced August 2020.
-
A Comprehensive Survey of Aadhar and Security Issues
Authors:
Isha Pali,
Lisa Krishania,
Divya Chadha,
Asmita Kandar,
Gaurav Varshney,
Sneha Shukla
Abstract:
The concept of Aadhaar came with the need for a unique identity for every individual. To implement this, the Indian government created the authority UIDAI to distribute and generate user identities for every individual based on their demographic and biometric data. After the implementation, came the security issues and challenges of Aadhaar and its authentication. So, our study focuses on the jour…
▽ More
The concept of Aadhaar came with the need for a unique identity for every individual. To implement this, the Indian government created the authority UIDAI to distribute and generate user identities for every individual based on their demographic and biometric data. After the implementation, came the security issues and challenges of Aadhaar and its authentication. So, our study focuses on the journey of Aadhaar from its history to the current condition. The paper also describes the authentication process, and the updates happened over time. We have also provided an analysis of the security attacks witnessed so far as well as the possible countermeasure and its classification. Our main aim is to cover all the security aspects related to Aadhaar to avoid possible security attacks. Also, we have included the current updates and news related to Aadhaar.
△ Less
Submitted 18 July, 2020;
originally announced July 2020.
-
Simple and Efficient Hard Label Black-box Adversarial Attacks in Low Query Budget Regimes
Authors:
Satya Narayan Shukla,
Anit Kumar Sahu,
Devin Willmott,
J. Zico Kolter
Abstract:
We focus on the problem of black-box adversarial attacks, where the aim is to generate adversarial examples for deep learning models solely based on information limited to output label~(hard label) to a queried data input. We propose a simple and efficient Bayesian Optimization~(BO) based approach for developing black-box adversarial attacks. Issues with BO's performance in high dimensions are avo…
▽ More
We focus on the problem of black-box adversarial attacks, where the aim is to generate adversarial examples for deep learning models solely based on information limited to output label~(hard label) to a queried data input. We propose a simple and efficient Bayesian Optimization~(BO) based approach for developing black-box adversarial attacks. Issues with BO's performance in high dimensions are avoided by searching for adversarial examples in a structured low-dimensional subspace. We demonstrate the efficacy of our proposed attack method by evaluating both $\ell_\infty$ and $\ell_2$ norm constrained untargeted and targeted hard label black-box attacks on three standard datasets - MNIST, CIFAR-10 and ImageNet. Our proposed approach consistently achieves 2x to 10x higher attack success rate while requiring 10x to 20x fewer queries compared to the current state-of-the-art black-box adversarial attacks.
△ Less
Submitted 11 June, 2021; v1 submitted 13 July, 2020;
originally announced July 2020.
-
Detecting Malicious Accounts in Permissionless Blockchains using Temporal Graph Properties
Authors:
Rachit Agarwal,
Shikhar Barve,
Sandeep K. Shukla
Abstract:
The temporal nature of modeling accounts as nodes and transactions as directed edges in a directed graph -- for a blockchain, enables us to understand the behavior (malicious or benign) of the accounts. Predictive classification of accounts as malicious or benign could help users of the permissionless blockchain platforms to operate in a secure manner. Motivated by this, we introduce temporal feat…
▽ More
The temporal nature of modeling accounts as nodes and transactions as directed edges in a directed graph -- for a blockchain, enables us to understand the behavior (malicious or benign) of the accounts. Predictive classification of accounts as malicious or benign could help users of the permissionless blockchain platforms to operate in a secure manner. Motivated by this, we introduce temporal features such as burst and attractiveness on top of several already used graph properties such as the node degree and clustering coefficient. Using identified features, we train various Machine Learning (ML) algorithms and identify the algorithm that performs the best in detecting which accounts are malicious. We then study the behavior of the accounts over different temporal granularities of the dataset before assigning them malicious tags. For Ethereum blockchain, we identify that for the entire dataset - the ExtraTreesClassifier performs the best among supervised ML algorithms. On the other hand, using cosine similarity on top of the results provided by unsupervised ML algorithms such as K-Means on the entire dataset, we were able to detect 554 more suspicious accounts. Further, using behavior change analysis for accounts, we identify 814 unique suspicious accounts across different temporal granularities.
△ Less
Submitted 28 January, 2021; v1 submitted 10 July, 2020;
originally announced July 2020.
-
Neural Networks for Fashion Image Classification and Visual Search
Authors:
Fengzi Li,
Shashi Kant,
Shunichi Araki,
Sumer Bangera,
Swapna Samir Shukla
Abstract:
We discuss two potentially challenging problems faced by the ecommerce industry. One relates to the problem faced by sellers while uploading pictures of products on the platform for sale and the consequent manual tagging involved. It gives rise to misclassifications leading to its absence from search results. The other problem concerns with the potential bottleneck in placing orders when a custome…
▽ More
We discuss two potentially challenging problems faced by the ecommerce industry. One relates to the problem faced by sellers while uploading pictures of products on the platform for sale and the consequent manual tagging involved. It gives rise to misclassifications leading to its absence from search results. The other problem concerns with the potential bottleneck in placing orders when a customer may not know the right keywords but has a visual impression of an image. An image based search algorithm can unleash the true potential of ecommerce by enabling customers to click a picture of an object and search for similar products without the need for typing. In this paper, we explore machine learning algorithms which can help us solve both these problems.
△ Less
Submitted 17 May, 2020;
originally announced May 2020.