Deep neural network(DNN)models have achieved remarkable performance across diverse tasks,leading to widespread commercial adoption.However,training high-accuracy models demands extensive data,substantial computational...Deep neural network(DNN)models have achieved remarkable performance across diverse tasks,leading to widespread commercial adoption.However,training high-accuracy models demands extensive data,substantial computational resources,and significant time investment,making them valuable assets vulnerable to unauthorized exploitation.To address this issue,this paper proposes an intellectual property(IP)protection framework for DNN models based on feature layer selection and hyper-chaotic mapping.Firstly,a sensitivity-based importance evaluation algorithm is used to identify the key feature layers for encryption,effectively protecting the core components of the model.Next,the L1 regularization criterion is applied to further select high-weight features that significantly impact the model’s performance,ensuring that the encryption process minimizes performance loss.Finally,a dual-layer encryption mechanism is designed,introducing perturbations into the weight values and utilizing hyperchaotic mapping to disrupt channel information,further enhancing the model’s security.Experimental results demonstrate that encrypting only a small subset of parameters effectively reduces model accuracy to random-guessing levels while ensuring full recoverability.The scheme exhibits strong robustness against model pruning and fine-tuning attacks and maintains consistent performance across multiple datasets,providing an efficient and practical solution for authorization-based DNN IP protection.展开更多
The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access...The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy(NLACP)to a machine-readable form.To study the automation process,we consider the hierarchical ABAC model as our reference model since it better reflects the requirements of real-world organizations.Therefore,this paper focuses on the questions of:how can we automatically infer the hierarchical structure of an ABAC model given NLACPs;and,how can we extract and define the set of authorization attributes based on the resulting structure.To address these questions,we propose an approach built upon recent advancements in natural language processing and machine learning techniques.For such a solution,the lack of appropriate data often poses a bottleneck.Therefore,we decouple the primary contributions of this work into:(1)developing a practical framework to extract authorization attributes of hierarchical ABAC system from natural language artifacts,and(2)generating a set of realistic synthetic natural language access control policies(NLACPs)to evaluate the proposed framework.Our experimental results are promising as we achieved-in average-an F1-score of 0.96 when extracting attributes values of subjects,and 0.91 when extracting the values of objects’attributes from natural language access control policies.展开更多
The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access...The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy(NLACP)to a machine-readable form.To study the automation process,we consider the hierarchical ABAC model as our reference model since it better reflects the requirements of real-world organizations.Therefore,this paper focuses on the questions of:how can we automatically infer the hierarchical structure of an ABAC model given NLACPs;and,how can we extract and define the set of authorization attributes based on the resulting structure.To address these questions,we propose an approach built upon recent advancements in natural language processing and machine learning techniques.For such a solution,the lack of appropriate data often poses a bottleneck.Therefore,we decouple the primary contributions of this work into:(1)developing a practical framework to extract authorization attributes of hierarchical ABAC system from natural language artifacts,and(2)generating a set of realistic synthetic natural language access control policies(NLACPs)to evaluate the proposed framework.Our experimental results are promising as we achieved-in average-an F1-score of 0.96 when extracting attributes values of subjects,and 0.91 when extracting the values of objects’attributes from natural language access control policies.展开更多
The conventional power systems are evolving as smart grids.In recent times cyberattacks on smart grids have been increasing.Among different attacks,False Data Injection(FDI)is considered as an emerging threat that has...The conventional power systems are evolving as smart grids.In recent times cyberattacks on smart grids have been increasing.Among different attacks,False Data Injection(FDI)is considered as an emerging threat that has significant impact.By exploiting the vulnerabilities of IEC 61850 Generic Object-Oriented Substation Events(GOOSE)and Sam-pled Values(SV)attackers can launch different FDI attacks.In this paper,a real-time set up capable of simulating FDI on GOOSE and SV protocols is developed to evaluate the impact of such attacks on power grid.IEC 62351 stipulates cybersecurity guidelines for GOOSE and SV,but only at communication or Information Technology(IT)level.Hence there is a need to develop a holistic security both at IT and Operation Technology(OT)level.In this regard,a novel sequence content resolver-based hybrid security scheme suitable to tackle FDI attacks on GOOSE and SV is proposed.Furthermore,the computational performance of the proposed hybrid security scheme is presented to demonstrate its applicability to the time critical GOOSE and SV protocols.展开更多
基金supported in part by the National Natural Science Foundation of China under Grant No.62172280in part by the Key Scientific Research Projects of Colleges and Universities in Henan Province,China under Grant No.23A520006in part by Henan Provincial Science and Technology Research Project under Grant No.222102210199.
文摘Deep neural network(DNN)models have achieved remarkable performance across diverse tasks,leading to widespread commercial adoption.However,training high-accuracy models demands extensive data,substantial computational resources,and significant time investment,making them valuable assets vulnerable to unauthorized exploitation.To address this issue,this paper proposes an intellectual property(IP)protection framework for DNN models based on feature layer selection and hyper-chaotic mapping.Firstly,a sensitivity-based importance evaluation algorithm is used to identify the key feature layers for encryption,effectively protecting the core components of the model.Next,the L1 regularization criterion is applied to further select high-weight features that significantly impact the model’s performance,ensuring that the encryption process minimizes performance loss.Finally,a dual-layer encryption mechanism is designed,introducing perturbations into the weight values and utilizing hyperchaotic mapping to disrupt channel information,further enhancing the model’s security.Experimental results demonstrate that encrypting only a small subset of parameters effectively reduces model accuracy to random-guessing levels while ensuring full recoverability.The scheme exhibits strong robustness against model pruning and fine-tuning attacks and maintains consistent performance across multiple datasets,providing an efficient and practical solution for authorization-based DNN IP protection.
文摘The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy(NLACP)to a machine-readable form.To study the automation process,we consider the hierarchical ABAC model as our reference model since it better reflects the requirements of real-world organizations.Therefore,this paper focuses on the questions of:how can we automatically infer the hierarchical structure of an ABAC model given NLACPs;and,how can we extract and define the set of authorization attributes based on the resulting structure.To address these questions,we propose an approach built upon recent advancements in natural language processing and machine learning techniques.For such a solution,the lack of appropriate data often poses a bottleneck.Therefore,we decouple the primary contributions of this work into:(1)developing a practical framework to extract authorization attributes of hierarchical ABAC system from natural language artifacts,and(2)generating a set of realistic synthetic natural language access control policies(NLACPs)to evaluate the proposed framework.Our experimental results are promising as we achieved-in average-an F1-score of 0.96 when extracting attributes values of subjects,and 0.91 when extracting the values of objects’attributes from natural language access control policies.
基金supported by Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The National Institute of Standards and Technology(NIST)has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy(NLACP)to a machine-readable form.To study the automation process,we consider the hierarchical ABAC model as our reference model since it better reflects the requirements of real-world organizations.Therefore,this paper focuses on the questions of:how can we automatically infer the hierarchical structure of an ABAC model given NLACPs;and,how can we extract and define the set of authorization attributes based on the resulting structure.To address these questions,we propose an approach built upon recent advancements in natural language processing and machine learning techniques.For such a solution,the lack of appropriate data often poses a bottleneck.Therefore,we decouple the primary contributions of this work into:(1)developing a practical framework to extract authorization attributes of hierarchical ABAC system from natural language artifacts,and(2)generating a set of realistic synthetic natural language access control policies(NLACPs)to evaluate the proposed framework.Our experimental results are promising as we achieved-in average-an F1-score of 0.96 when extracting attributes values of subjects,and 0.91 when extracting the values of objects’attributes from natural language access control policies.
文摘The conventional power systems are evolving as smart grids.In recent times cyberattacks on smart grids have been increasing.Among different attacks,False Data Injection(FDI)is considered as an emerging threat that has significant impact.By exploiting the vulnerabilities of IEC 61850 Generic Object-Oriented Substation Events(GOOSE)and Sam-pled Values(SV)attackers can launch different FDI attacks.In this paper,a real-time set up capable of simulating FDI on GOOSE and SV protocols is developed to evaluate the impact of such attacks on power grid.IEC 62351 stipulates cybersecurity guidelines for GOOSE and SV,but only at communication or Information Technology(IT)level.Hence there is a need to develop a holistic security both at IT and Operation Technology(OT)level.In this regard,a novel sequence content resolver-based hybrid security scheme suitable to tackle FDI attacks on GOOSE and SV is proposed.Furthermore,the computational performance of the proposed hybrid security scheme is presented to demonstrate its applicability to the time critical GOOSE and SV protocols.
