Skip to main content

Showing 1–14 of 14 results for author: Hitaj, D

Searching in archive cs. Search in all archives.
.
  1. arXiv:2403.13523  [pdf, other

    cs.LG cs.AI cs.CR

    Have You Poisoned My Data? Defending Neural Networks against Data Poisoning

    Authors: Fabio De Gaspari, Dorjan Hitaj, Luigi V. Mancini

    Abstract: The unprecedented availability of training data fueled the rapid development of powerful neural networks in recent years. However, the need for such large amounts of data leads to potential threats such as poisoning attacks: adversarial manipulations of the training data aimed at compromising the learned model to achieve a given adversarial goal. This paper investigates defenses against clean-la… ▽ More

    Submitted 20 March, 2024; originally announced March 2024.

    Comments: Paper accepted for publication at European Symposium on Research in Computer Security (ESORICS) 2024

  2. arXiv:2403.03593  [pdf, other

    cs.CR cs.AI

    Do You Trust Your Model? Emerging Malware Threats in the Deep Learning Ecosystem

    Authors: Dorjan Hitaj, Giulio Pagnotta, Fabio De Gaspari, Sediola Ruko, Briland Hitaj, Luigi V. Mancini, Fernando Perez-Cruz

    Abstract: Training high-quality deep learning models is a challenging task due to computational and technical requirements. A growing number of individuals, institutions, and companies increasingly rely on pre-trained, third-party models made available in public repositories. These models are often used directly or integrated in product pipelines with no particular precautions, since they are effectively ju… ▽ More

    Submitted 6 March, 2024; originally announced March 2024.

    Comments: 16 pages, 9 figures

  3. arXiv:2303.00431  [pdf, other

    cs.CV cs.CY cs.LG

    OliVaR: Improving Olive Variety Recognition using Deep Neural Networks

    Authors: Hristofor Miho, Giulio Pagnotta, Dorjan Hitaj, Fabio De Gaspari, Luigi V. Mancini, Georgios Koubouris, Gianluca Godino, Mehmet Hakan, Concepcion Muñoz Diez

    Abstract: The easy and accurate identification of varieties is fundamental in agriculture, especially in the olive sector, where more than 1200 olive varieties are currently known worldwide. Varietal misidentification leads to many potential problems for all the actors in the sector: farmers and nursery workers may establish the wrong variety, leading to its maladaptation in the field; olive oil and table o… ▽ More

    Submitted 1 March, 2023; originally announced March 2023.

    Comments: 10 pages, 9 figures

  4. DOLOS: A Novel Architecture for Moving Target Defense

    Authors: Giulio Pagnotta, Fabio De Gaspari, Dorjan Hitaj, Mauro Andreolini, Michele Colajanni, Luigi V. Mancini

    Abstract: Moving Target Defense and Cyber Deception emerged in recent years as two key proactive cyber defense approaches, contrasting with the static nature of the traditional reactive cyber defense. The key insight behind these approaches is to impose an asymmetric disadvantage for the attacker by using deception and randomization techniques to create a dynamic attack surface. Moving Target Defense typica… ▽ More

    Submitted 27 September, 2023; v1 submitted 1 March, 2023; originally announced March 2023.

    Comments: 16 pages

    Journal ref: IEEE Transactions on Information Forensics and Security, 2023

  5. arXiv:2301.11050  [pdf, other

    cs.CR cs.CY cs.LG

    Minerva: A File-Based Ransomware Detector

    Authors: Dorjan Hitaj, Giulio Pagnotta, Fabio De Gaspari, Lorenzo De Carli, Luigi V. Mancini

    Abstract: Ransomware attacks have caused billions of dollars in damages in recent years, and are expected to cause billions more in the future. Consequently, significant effort has been devoted to ransomware detection and mitigation. Behavioral-based ransomware detection approaches have garnered considerable attention recently. These behavioral detectors typically rely on process-based behavioral profiles t… ▽ More

    Submitted 16 April, 2024; v1 submitted 26 January, 2023; originally announced January 2023.

    Comments: 14 pages

  6. arXiv:2202.06091  [pdf, other

    cs.CR cs.IT cs.LG

    TATTOOED: A Robust Deep Neural Network Watermarking Scheme based on Spread-Spectrum Channel Coding

    Authors: Giulio Pagnotta, Dorjan Hitaj, Briland Hitaj, Fernando Perez-Cruz, Luigi V. Mancini

    Abstract: Watermarking of deep neural networks (DNNs) has gained significant traction in recent years, with numerous (watermarking) strategies being proposed as mechanisms that can help verify the ownership of a DNN in scenarios where these models are obtained without the permission of the owner. However, a growing body of work has demonstrated that existing watermarking mechanisms are highly susceptible to… ▽ More

    Submitted 3 June, 2024; v1 submitted 12 February, 2022; originally announced February 2022.

    Comments: 12 pages

  7. arXiv:2201.08786  [pdf, other

    cs.CR cs.LG

    FedComm: Federated Learning as a Medium for Covert Communication

    Authors: Dorjan Hitaj, Giulio Pagnotta, Briland Hitaj, Fernando Perez-Cruz, Luigi V. Mancini

    Abstract: Proposed as a solution to mitigate the privacy implications related to the adoption of deep learning, Federated Learning (FL) enables large numbers of participants to successfully train deep neural networks without having to reveal the actual private training data. To date, a substantial amount of research has investigated the security and privacy properties of FL, resulting in a plethora of innov… ▽ More

    Submitted 17 May, 2023; v1 submitted 21 January, 2022; originally announced January 2022.

    Comments: 13 pages

  8. arXiv:2105.06165  [pdf, other

    cs.CR cs.LG

    PassFlow: Guessing Passwords with Generative Flows

    Authors: Giulio Pagnotta, Dorjan Hitaj, Fabio De Gaspari, Luigi V. Mancini

    Abstract: Recent advances in generative machine learning models rekindled research interest in the area of password guessing. Data-driven password guessing approaches based on GANs, language models and deep latent variable models have shown impressive generalization performance and offer compelling properties for the task of password guessing. In this paper, we propose PassFlow, a flow-based generative mode… ▽ More

    Submitted 14 December, 2021; v1 submitted 13 May, 2021; originally announced May 2021.

    Comments: 12 pages, 6 figures, 6 tables

  9. arXiv:2103.17059  [pdf, other

    cs.CR cs.LG

    Reliable Detection of Compressed and Encrypted Data

    Authors: Fabio De Gaspari, Dorjan Hitaj, Giulio Pagnotta, Lorenzo De Carli, Luigi V. Mancini

    Abstract: Several cybersecurity domains, such as ransomware detection, forensics and data analysis, require methods to reliably identify encrypted data fragments. Typically, current approaches employ statistics derived from byte-level distribution, such as entropy estimation, to identify encrypted fragments. However, modern content types use compression techniques which alter data distribution pushing it cl… ▽ More

    Submitted 31 March, 2021; originally announced March 2021.

    Comments: 12 pages, 8 figures. arXiv admin note: substantial text overlap with arXiv:2010.07754

  10. arXiv:2103.01914  [pdf, other

    cs.LG cs.CR

    Evaluating the Robustness of Geometry-Aware Instance-Reweighted Adversarial Training

    Authors: Dorjan Hitaj, Giulio Pagnotta, Iacopo Masi, Luigi V. Mancini

    Abstract: In this technical report, we evaluate the adversarial robustness of a very recent method called "Geometry-aware Instance-reweighted Adversarial Training"[7]. GAIRAT reports state-of-the-art results on defenses to adversarial attacks on the CIFAR-10 dataset. In fact, we find that a network trained with this method, while showing an improvement over regular adversarial training (AT), is biasing the… ▽ More

    Submitted 5 March, 2021; v1 submitted 2 March, 2021; originally announced March 2021.

    Comments: 6 pages, 2 figures, 1 table

  11. arXiv:2010.16204  [pdf, other

    cs.CR cs.LG

    Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks

    Authors: Dorjan Hitaj, Briland Hitaj, Sushil Jajodia, Luigi V. Mancini

    Abstract: To this date, CAPTCHAs have served as the first line of defense preventing unauthorized access by (malicious) bots to web-based services, while at the same time maintaining a trouble-free experience for human visitors. However, recent work in the literature has provided evidence of sophisticated bots that make use of advancements in machine learning (ML) to easily bypass existing CAPTCHA-based def… ▽ More

    Submitted 4 November, 2020; v1 submitted 30 October, 2020; originally announced October 2020.

    Comments: 17 pages, 4 figures. Accepted for publication on IEEE Intelligent Systems magazine

  12. arXiv:2010.07754  [pdf, other

    cs.CR cs.LG

    EnCoD: Distinguishing Compressed and Encrypted File Fragments

    Authors: Fabio De Gaspari, Dorjan Hitaj, Giulio Pagnotta, Lorenzo De Carli, Luigi V. Mancini

    Abstract: Reliable identification of encrypted file fragments is a requirement for several security applications, including ransomware detection, digital forensics, and traffic analysis. A popular approach consists of estimating high entropy as a proxy for randomness. However, many modern content types (e.g. office documents, media files, etc.) are highly compressed for storage and transmission efficiency.… ▽ More

    Submitted 15 October, 2020; originally announced October 2020.

    Comments: 19 pages, 6 images, 2 tables. Accepted for publication at the 14th International Conference on Network and System Security (NSS2020)

  13. arXiv:1911.02423  [pdf, other

    cs.CR cs.LG

    The Naked Sun: Malicious Cooperation Between Benign-Looking Processes

    Authors: Fabio De Gaspari, Dorjan Hitaj, Giulio Pagnotta, Lorenzo De Carli, Luigi V. Mancini

    Abstract: Recent progress in machine learning has generated promising results in behavioral malware detection. Behavioral modeling identifies malicious processes via features derived by their runtime behavior. Behavioral features hold great promise as they are intrinsically related to the functioning of each malware, and are therefore considered difficult to evade. Indeed, while a significant amount of resu… ▽ More

    Submitted 6 November, 2019; originally announced November 2019.

    Comments: 15 pages, 6 figures, 4 tables

  14. arXiv:1809.00615  [pdf, other

    cs.CR cs.LG

    Have You Stolen My Model? Evasion Attacks Against Deep Neural Network Watermarking Techniques

    Authors: Dorjan Hitaj, Luigi V. Mancini

    Abstract: Deep neural networks have had enormous impact on various domains of computer science, considerably outperforming previous state of the art machine learning techniques. To achieve this performance, neural networks need large quantities of data and huge computational resources, which heavily increases their construction costs. The increased cost of building a good deep neural network model gives ris… ▽ More

    Submitted 3 September, 2018; originally announced September 2018.

    Comments: 7 pages, 4 figures, 1 table