Internet of Things (IoT) devices are becoming commonplace in our society, due to their widespread applications (e.g., environmental monitoring, smart cities, healthcare, surveillance, and battlefields such as Internet of Battlefield Things). Such devices are also generally capable of capturing a broad range of information, including digital artifacts that can be used for cyber threat intelligence and inform security mitigation strategy formulation. There are, however, a number of challenges associated with designing IoT cyber security and threat intelligence solutions. In addition to the technical challenges, there are also associated legal and policy challenges that need to be considered in the design and deployment of such solutions in practice.
In this presentation, we will explore the challenges from technical, legal and policy perspectives. For example, how do we use machine/deep learning to facilitate detection of real-time attacks against IoT devices and systems, and how can we automatically identify and collect digital evidence in a forensically sound manner which can be subsequently used for cyber threat intelligence? In the event that the attackers use sophisticated tools to obfuscate their trails, can we design machine/deep learning techniques to unobfuscate and/or identify and exploit vulnerabilities to get access to digital evidence? What are the potential legal implications and challenges? Can we also design explainable AI techniques to facilitate the explanation and inclusion of such digital evidence and cyber threat intelligence in court proceedings or presentations to C-level or boards in organizations? Based on these discussed challenges, we will identify potential opportunities for stakeholders in academia (e.g., students and researchers), industry and government.

Posting daily photos on online Social Network Platforms (SNPs) has become a trend. As a kind of sensitive privacy, social photos are often protected carefully by SNPs with various security mechanisms. However, these mechanisms can not stop users from losing control of their photos when someone forwards these photos to another platform. In this paper, we propose a blockchain-based privacy-preserving framework that provides powerful dissemination control for online photos in cross-social network sharing. In contrast to existing security mechanisms that run separately in centralized servers, which hardly create trust between each other, our framework achieves consistent consensus on photo dissemination control across independent and disparate platforms through carefully designed smart contract-based protocols. Considering the numerous participants in real photo dissemination, we present a novel concept of multi-owner dissemination tree to be compatible with all privacy preferences of subsequent forwarders in cross-SNPs photo sharing. This paper describes a prototype implementation on hyperledger Fabric 2.0 with demonstrating its preliminary performance by a real-world dataset and identifies the remaining challenges.

With the rapid growth of spatial electromagnetic devices, electromagnetic signals are becoming more and more dense and complex, traditional methods are increasingly difficult to cope with, so deep learning technology is gradually applied to this field. The deep learning network is deployed in the signal recognition carrier with form of model which can learn the essential characteristics of datasets. The performance of model quality largely determines the final effect of electromagnetic signal recognition. However, there are many problems in the process of deployment, and significant risks in both robustness and security. Therefore, this paper proposes a complete model quality evaluation index system in the field of electromagnetic signal recognition, and evaluates model performance based on business demand to ensure the working quality, break through the quality bottleneck and optimize the deployment of model in practical application.

This paper focuses on the distributed intelligent reflecting surface (IRS) assisted legitimate monitoring system to improve the availability of monitoring nodes, so that the legitimate monitors (LMs) can stably and sustainably conduct covert monitoring on both sides of suspicious communication. Our active monitoring scheme is consistent with the conventional dual-stage transmissions between suspicious transmitter (ST) and suspicious receiver (SR). Firstly, in the process of SR sending pilot to ST (PT stage), LMs control the phase shifts of IRSs and reflect the signal from SR to ST for pilot spoofing, resulting in the deviation of ST's channel estimation, and the suspicious information is leaked to the IRSs during data transmission (DT) stage. Considering that non-sudden factors in the real scene will destroy some monitoring parties resulting in monitoring interruption and system robustness damage, LMs control the IRSs' phase shifts to maximize the received SNR of the monitoring party with the worst channel quality in the DT stage. The above process can be equivalent to the joint optimization of IRSs' phase shift over PT and DT stages. The unit module constraint leads to the non convexity of problems, so Majorization-Minimization (MM) algorithm and Alternating Direction Method of Multipliers (ADMM) algorithm are used to solve them alternately. Both algorithms can guarantee at least convergence to the local optimal solution. Numerical results show that our minimum-SNR maximization scheme is superior to other benchmark schemes. It is also confirmed that the distributed IRSs system is better than the centralized IRS system.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is an important security technique designed to deter bots from abusing software systems, which has broader applications in cyberspace. CAPTCHAs come in a variety of forms, including the deciphering of obfuscated text, transcribing of audio messages, and tracking mouse movement, among others. This paper focuses on using deep learning techniques to recognize text-based CAPTCHAs. In particular, our work focuses on generating training datasets using different CAPTCHA schemes, along with a pre-processing technique allowing for character-based recognition. We have encapsulated the CRABI (CAPTCHA Recognition with Attached Binary Images) framework to give an image multiple labels for DNN models for the improvement in feature extraction. Using real-world dataset, performance evaluation are conducted to validate the efficacy of our proposed approach on several neural network architectures (e.g., custom CNN architecture, VGG16, ResNet50, and MobileNet). The experimental results confirm that over 90% accuracy can be achieved on most models.

At the physical layer, the combination of radio frequency (RF) fingerprint and deep learning has been widely used to identify wireless communication devices.
Considering that the traditional convolutional neural network (CNN) is applied to RF fingerprint, the classification performance is poor in the low signal to noise ratio (SRN) scenario, we propose an RF fingerprint classification method based on ensemble learning, which improves the classification accuracy on the basis of traditional CNN. Firstly, the RF signals of four power amplifiers are collected by acquisition equipment. These signals are composed of in-phase and quadrature signals, the sampling points are 200,000. After slicing the data samples and artificially introducing different SRN noises, it is then input into an improved CNN for training. Bagging and Boosting algorithms in ensemble learning are combined with the improved CNN to integrate multiple base classifiers and output the final classification results. Finally, the simulation results prove the proposed method. Its classification accuracy is better than traditional CNN in low SNR environment.

Machine learning (ML) classifiers have been increasingly used in Android malware detection and countermeasures for the past decade. However, ML-based solutions are vulnerable to adversarial evasion attacks. An attacker can craft a malicious sample carefully to fool an underlying pre-trained classifier. In this paper, we highlight the fragility of the ML classifiers against adversarial evasion attacks. We perform mimicry attacks based on Oracle and Generative Adversarial Network (GAN) against these classifiers using our proposed methodology. We use static analysis on Android applications to extract API-based features from a balanced excerpt of a well-known public dataset. The empirical results demonstrate that among ML classifiers, the detection capability of linear classifiers can be reduced as low as 0% by perturbing only up to 4 out of 315 extracted API features. As a countermeasure, we propose using ensemble classifiers and adversarial training to improve the evasion detection for Android malware detectors.

Human activity recognition (HAR) has received intensely attention in many applications, such as healthcare, human-computer interaction, and smart home. Existing HAR methods based on deep learning (DL) have been proposed in the last several years. However, these DL-based HAR methods are hard to balance between performance and cost, which truly limited the applications in practical scenarios. To solve this problem, this paper proposes a smartphone-aided HAR method using the residual multi-layer perceptron (Res-MLP). It composes of two linear layers and Gaussian error linear unit (GELU) activation function, and obtains Res-MLP network through residual. Experimental results show that the proposed HAR method can achieve a high classification accuracy of 96.72\% based on the public UCI HAR dataset.