1.
Nazli Tekin, Abbas Acar, Ahmet Aris, A. Selcuk Uluagac, Vehbi Cagri Gungor
Energy consumption of on-device machine learning models for IoT intrusion detection Journal Article
Elsevier Internet of Things Journal, 2023.
Abstract | Links | BibTeX | Tags: IoT Security, Machine Learning Security
@article{TekinEnergyConsumption,
title = {Energy consumption of on-device machine learning models for IoT intrusion detection},
author = {Nazli Tekin and Abbas Acar and Ahmet Aris and A. Selcuk Uluagac and Vehbi Cagri Gungor},
url = {https://www.sciencedirect.com/science/article/pii/S2542660522001512},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {Elsevier Internet of Things Journal},
abstract = {Recently, Smart Home Systems (SHSs) have gained enormous popularity with the rapid
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.},
keywords = {IoT Security, Machine Learning Security},
pubstate = {published},
tppubtype = {article}
}
Recently, Smart Home Systems (SHSs) have gained enormous popularity with the rapid
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.
development of the Internet of Things (IoT) technologies. Besides offering many tangible
benefits, SHSs are vulnerable to attacks that lead to security and privacy concerns for SHS
users. Machine learning (ML)-based Intrusion Detection Systems (IDS) are proposed to address
such concerns. Conventionally, ML models are trained and tested on computationally powerful
platforms such as cloud services. Nevertheless, the data shared with the cloud is vulnerable to
privacy attacks and causes latency, which decreases the performance of real-time applications
like intrusion detection systems. Therefore, on-device ML models, in which the user data is kept
locally, have emerged as promising solutions to ensure the security and privacy of the data for
real-time applications. However, performing ML tasks requires high energy consumption. To
the best of our knowledge, no study has been conducted to analyze the energy consumption
of ML-based IDS. Therefore, in this paper, we perform a comparative analysis of on-device
ML algorithms in terms of energy consumption for IoT intrusion detection applications. For
a thorough analysis, we study the training and inference phases separately. For training, we
compare the cloud computing-based ML, edge computing-based ML, and IoT device-based ML
approaches. For the inference, we evaluate the TinyML approach to run the ML algorithms on
tiny IoT devices such as Micro Controller Units (MCUs). Comparative performance evaluations
show that deploying the Decision Tree (DT) algorithm on-device gives better results in terms
of training time, inference time, and power consumption.
2.
Ehsan Nowroozi, Mohammadreza Mohammadi, Pargol Golmohammadi, Yassine Mekdad, Mauro Conti, A. Selcuk Uluagac
Resisting Deep Learning Models Against Adversarial Attack Transferability Via Feature Randomization Journal Article
IEEE Transactions on Services Computing Journal, 2023.
Abstract | Links | BibTeX | Tags: Adverserial Machine Learning, Machine Learning Security
@article{Ehsan2023ML,
title = {Resisting Deep Learning Models Against Adversarial Attack Transferability Via Feature Randomization},
author = {Ehsan Nowroozi and Mohammadreza Mohammadi and Pargol Golmohammadi and Yassine Mekdad and Mauro Conti and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10315205},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {IEEE Transactions on Services Computing Journal},
abstract = {In the past decades, the rise of artificial intelligence has given us the capabilities to solve the most challenging problems in our day-to-day lives, such as cancer prediction and autonomous navigation. However, these applications might not be reliable if not secured against adversarial attacks. In addition, recent works demonstrated that some adversarial examples are transferable across different models. Therefore, it is crucial to avoid such transferability via robust models that resist adversarial manipulations. In this paper, we propose a feature randomization-based approach that resists eight adversarial attacks targeting deep learning models in the testing phase. Our novel approach consists of changing the training strategy in the target network classifier and selecting random feature samples. We consider the attacker with a Limited-Knowledge and Semi-Knowledge conditions to undertake the most prevalent types of adversarial attacks. We evaluate the robustness of our approach using the well-known UNSW-NB15 datasets that include realistic and synthetic attacks. Afterward, we demonstrate that our strategy outperforms the existing state-of-the-art approach, such as the Most Powerful Attack, which consists of fine-tuning the network model against specific adversarial attacks. Further, we demonstrate the practicality of our approach using the VIPPrint dataset through a comprehensive set of experiments. Finally, our experimental results show that our methodology can secure the target network and resists adversarial attack transferability by over 60%.},
keywords = {Adverserial Machine Learning, Machine Learning Security},
pubstate = {published},
tppubtype = {article}
}
In the past decades, the rise of artificial intelligence has given us the capabilities to solve the most challenging problems in our day-to-day lives, such as cancer prediction and autonomous navigation. However, these applications might not be reliable if not secured against adversarial attacks. In addition, recent works demonstrated that some adversarial examples are transferable across different models. Therefore, it is crucial to avoid such transferability via robust models that resist adversarial manipulations. In this paper, we propose a feature randomization-based approach that resists eight adversarial attacks targeting deep learning models in the testing phase. Our novel approach consists of changing the training strategy in the target network classifier and selecting random feature samples. We consider the attacker with a Limited-Knowledge and Semi-Knowledge conditions to undertake the most prevalent types of adversarial attacks. We evaluate the robustness of our approach using the well-known UNSW-NB15 datasets that include realistic and synthetic attacks. Afterward, we demonstrate that our strategy outperforms the existing state-of-the-art approach, such as the Most Powerful Attack, which consists of fine-tuning the network model against specific adversarial attacks. Further, we demonstrate the practicality of our approach using the VIPPrint dataset through a comprehensive set of experiments. Finally, our experimental results show that our methodology can secure the target network and resists adversarial attack transferability by over 60%.
3.
Ahmet Arış, Faraz Naseem, Leonardo Babun, Ege Tekiner, Selcuk Uluagac
MINOS: A Lightweight Real-Time Cryptojacking Detection System Conference Paper
In the Processings of 28th the Network and Distributed System Security Symposium (NDSS), 2021.
Abstract | Links | BibTeX | Tags: Cryptojacking, Machine Learning Security, Malware
@conference{FarazMinos,
title = {MINOS: A Lightweight Real-Time Cryptojacking Detection System},
author = {Ahmet Arış and Faraz Naseem and Leonardo Babun and Ege Tekiner and Selcuk Uluagac},
url = {https://www.researchgate.net/profile/Ahmet-Aris/publication/349109071_MINOS_A_Lightweight_Real-Time_Cryptojacking_Detection_System/links/61488e123c6cb310697fba33/MINOS-A-Lightweight-Real-Time-Cryptojacking-Detection-System.pdf},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {In the Processings of 28th the Network and Distributed System Security Symposium (NDSS)},
abstract = {Emerging WebAssembly (Wasm)-based cryptojacking malware covertly uses the computational resources of users without their consent or knowledge. Indeed, most victims of this malware are unaware of such unauthorized use of their computing power due to techniques employed by cryptojacking malware authors such as CPU throttling and obfuscation. A number of dynamic analysis-based detection mechanisms exist that aim to circumvent such techniques. However, since these mechanisms use dynamic features, the collection of such features, as well as the actual detection of the malware, require that the cryptojacking malware run for a certain amount of time, effectively mining for that period, and therefore causing significant overhead. To solve these limitations, in this paper, we propose MINOS, a novel, extremely lightweight cryptojacking detection system that uses deep learning techniques to accurately detect the presence of unwarranted Wasm-based mining activity in real-time. MINOS uses an image-based classification technique to distinguish between benign webpages and those using Wasm to implement unauthorized mining. Specifically, the classifier implements a convolutional neural network (CNN) model trained with a comprehensive dataset of current malicious and benign Wasm binaries. MINOS achieves exceptional accuracy with a low TNR and FPR. Moreover, our extensive performance analysis of MINOS shows that the proposed detection technique can detect mining activity instantaneously from the most current in-the-wild cryptojacking malware with an accuracy of 98.97 percent, in an average of 25.9 milliseconds while using a},
keywords = {Cryptojacking, Machine Learning Security, Malware},
pubstate = {published},
tppubtype = {conference}
}
Emerging WebAssembly (Wasm)-based cryptojacking malware covertly uses the computational resources of users without their consent or knowledge. Indeed, most victims of this malware are unaware of such unauthorized use of their computing power due to techniques employed by cryptojacking malware authors such as CPU throttling and obfuscation. A number of dynamic analysis-based detection mechanisms exist that aim to circumvent such techniques. However, since these mechanisms use dynamic features, the collection of such features, as well as the actual detection of the malware, require that the cryptojacking malware run for a certain amount of time, effectively mining for that period, and therefore causing significant overhead. To solve these limitations, in this paper, we propose MINOS, a novel, extremely lightweight cryptojacking detection system that uses deep learning techniques to accurately detect the presence of unwarranted Wasm-based mining activity in real-time. MINOS uses an image-based classification technique to distinguish between benign webpages and those using Wasm to implement unauthorized mining. Specifically, the classifier implements a convolutional neural network (CNN) model trained with a comprehensive dataset of current malicious and benign Wasm binaries. MINOS achieves exceptional accuracy with a low TNR and FPR. Moreover, our extensive performance analysis of MINOS shows that the proposed detection technique can detect mining activity instantaneously from the most current in-the-wild cryptojacking malware with an accuracy of 98.97 percent, in an average of 25.9 milliseconds while using a
4.
AKM Iqtidar Newaz, Amit Kumar Sikder, Mohammad Ashiqur Rahman, A. Selcuk Uluagac
HealthGuard: A Machine Learning-Based Security Framework for Smart Healthcare Systems Conference Paper
In the Proceedings of the 6th International Conference on Social Networks Analysis, Management and Security (SNAMS), 2019.
Abstract | Links | BibTeX | Tags: Machine Learning Security
@conference{Newaz2019Hcguard,
title = {HealthGuard: A Machine Learning-Based Security Framework for Smart Healthcare Systems},
author = {AKM Iqtidar Newaz and Amit Kumar Sikder and Mohammad Ashiqur Rahman and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8931716},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
booktitle = {In the Proceedings of the 6th International Conference on Social Networks Analysis, Management and Security (SNAMS)},
abstract = {The integration of Internet-of-Things and pervasive computing in medical devices have made the modern healthcare system “smart.” Today, the function of the healthcare system is not limited to treat the patients only. With the help of implantable medical devices and wearables, Smart Healthcare System (SHS) can continuously monitor different vital signs of a patient and automatically detect and prevent critical medical conditions. However, these increasing functionalities of SHS raise several security concerns and attackers can exploit the SHS in numerous ways: they can impede normal function of the SHS, inject false data to change vital signs, and tamper a medical device to change the outcome of a medical emergency. In this paper, we propose HealthGuard, a novel machine learning-based security framework to detect malicious activities in a SHS. HealthGuard observes the vital signs of different connected devices of a SHS and correlates the vitals to understand the changes in body functions of the patient to distinguish benign and malicious activities. HealthGuard utilizes four different machine learning-based detection techniques (Artificial Neural Network, Decision Tree, Random Forest, k-Nearest Neighbor) to detect malicious activities in a SHS. We trained HealthGuard with data collected for eight different smart medical devices for twelve benign events including seven normal user activities and five disease-affected events. Furthermore, we evaluated the performance of HealthGuard against three different malicious threats. Our extensive evaluation shows that HealthGuard is an effective security framework for SHS with an accuracy of 91 % and an F1 score of 90 %.},
keywords = {Machine Learning Security},
pubstate = {published},
tppubtype = {conference}
}
The integration of Internet-of-Things and pervasive computing in medical devices have made the modern healthcare system “smart.” Today, the function of the healthcare system is not limited to treat the patients only. With the help of implantable medical devices and wearables, Smart Healthcare System (SHS) can continuously monitor different vital signs of a patient and automatically detect and prevent critical medical conditions. However, these increasing functionalities of SHS raise several security concerns and attackers can exploit the SHS in numerous ways: they can impede normal function of the SHS, inject false data to change vital signs, and tamper a medical device to change the outcome of a medical emergency. In this paper, we propose HealthGuard, a novel machine learning-based security framework to detect malicious activities in a SHS. HealthGuard observes the vital signs of different connected devices of a SHS and correlates the vitals to understand the changes in body functions of the patient to distinguish benign and malicious activities. HealthGuard utilizes four different machine learning-based detection techniques (Artificial Neural Network, Decision Tree, Random Forest, k-Nearest Neighbor) to detect malicious activities in a SHS. We trained HealthGuard with data collected for eight different smart medical devices for twelve benign events including seven normal user activities and five disease-affected events. Furthermore, we evaluated the performance of HealthGuard against three different malicious threats. Our extensive evaluation shows that HealthGuard is an effective security framework for SHS with an accuracy of 91 % and an F1 score of 90 %.
Citations: 8413
h-index: 44
i10-index: 107
