Presentation attack detection based on two-stream vision transformers with self-attention fusion

Aiming at the performance degradation of the existing presentation attack detection methods due to the illumination variation, a two-stream vision transformers framework (TSViT) based on transfer learning in two complementary spaces is proposed in this paper. The face images of RGB color space and multi-scale retinex with color restoration (MSRCR) space are fed to TSViT to learn the distinguishing features of presentation attack detection. To effectively fuse features from two sources (RGB color space images and MSRCR images), a feature fusion method based on self-attention is built, which can effectively capture the complementarity of two features. Experiments and analysis on Oulu-NPU, CASIA-MFSD, and Replay-Attack databases show that it outperforms most existing methods in intra-database testing and achieves good generalization performance in cross-database testing.     

Large eddy simulation of flow over square cylinder arrays in an octagonal configuration at subcritical Reynolds numbers

In this study, fluid flow over an array of eight, 0.029 m × 0.029 m, square cross‐section cylinders in an octagonal configuration is studied numerically. The mean force coefficients (drag and lift) and the vortex formation characteristics of the array are calculated numerically by utilizing a three‐dimensional large eddy simulation mathematical model for turbulence. The numerical simulation is performed with commercial software ANSYS Fluent 19R1. To investigate the parametric influences, three spacings between the cylinders (0.07, 0.14, and 0.2 m), two array attack angles (0° and 15°), and two Reynolds numbers (4060 and 45 800) are considered. The results comprise flow patterns and force coefficients' variations with Reynolds numbers. The lift force of the downstream cylinder reaches its maximum at α = 15°, and the drag force of the upstream cylinders finds its peak at α = 0°. It is observed through velocity and viscosity contour plots that vortex formation length near the cylinder increases at higher Reynolds number. Velocity vector plots are also presented to show fluid flow behavior near the cylinder. Furthermore, the predicted mean forces on the cylinders are slightly different for different Reynolds numbers, spacings, and angles of attack.     

一种标准模型下无证书签名方案的安全性分析与改进

无证书签名具有基于身份密码体制和传统公钥密码体制的优点，可解决复杂的公钥证书管理和密钥托管问题.Wu和Jing提出了一种强不可伪造的无证书签名方案，其安全性不依赖于理想的随机预言机.针对该方案的安全性，提出了两类伪造攻击.分析结果表明，该方案无法实现强不可伪造性，并在"malicious-but-passive"的密钥生成中心攻击下也是不安全的.为了提升该方案的安全性，设计了一个改进的无证书签名方案.在标准模型中证明了改进的方案对于适应性选择消息攻击是强不可伪造的，还能抵抗恶意的密钥生成中心攻击.此外，改进的方案具有较低的计算开销和较短的私钥长度，可应用于区块链、车联网、无线体域网等领域.     

GreyFan:一种Wi-Fi隐蔽信道攻击框架

针对现实网络中诸如侧信道攻击、HID 攻击等传统的物理攻击，物理隔离被认为是一种较为彻底的抵御网络攻击的安全防护手段。2018 年，业界首次提出了一种物理隔离环境下的 Wi-Fi 隐蔽信道方法——Ghost Tunnel，即在Wi-Fi尚未连接的状态下，无线AP可成功将数据传给发起连接请求的计算机。提出了一种基于Ghost Tunnel方法的攻击框架—— GreyFan，利用该攻击框架攻击者可以对未连接Wi-Fi的用户实施无感知攻击，如文件隐蔽传输、任意代码执行等，并分析了相应的防御技术。     

基于人体关节点数据的攻击性行为识别

针对人体攻击性行为识别问题，提出一种基于人体关节点数据的攻击性行为识别方法。首先，利用OpenPose获得单帧图像中的人体关节点数据，并通过最近邻帧特征加权法和分段多项式回归完成由人体自遮挡和环境因素所导致缺失值的补全；然后，对每个人体定义动态"安全距离"阈值，如果两人真实距离小于阈值，则构建行为特征矢量，其中包括帧间人体重心位移、人体关节旋转角角速度和发生交互时的最小攻击距离等；最后，提出改进的LightGBM算法w-LightGBM，并对攻击性行为进行识别。采用公共数据集UT-interaction对所提出的攻击性行为分类识别方法进行测试实验，准确率达到95.45%。实验结果表明，所提方法能够有效识别各种角度的攻击性行为。     

Key-dependent side-channel cube attack on CRAFT

CRAFT is a tweakable block cipher introduced in 2019 that aims to provide strong protection against differential fault analysis. In this paper, we show that CRAFT is vulnerable to side-channel cube attacks. We apply side-channel cube attacks to CRAFT with the Hamming weight leakage assumption. We found that the first half of the secret key can be recovered from the Hamming weight leakage after the first round. Next, using the recovered key bits, we continue our attack to recover the second half of the secret key. We show that the set of equations that are solvable varies depending on the value of the key bits. Our result shows that 99.90% of the key space can be fully recovered within a practical time.     

Using deep learning to combine static and dynamic power analyses of cryptographic circuits

Side-channel attacks have shown to be efficient tools in breaking cryptographic hardware. Many conventional algorithms have been proposed to perform side-channel attacks exploiting the dynamic power leakage. In recent years, with the development of processing technology, static power has emerged as a new potential source for side-channel leakage. Both types of power leakage have their advantages and disadvantages. In this work, we propose to use the deep neural network technique to combine the benefits of both static and dynamic power. This approach replaces the classifier in template attacks with our proposed long short-term memory network schemes. Hence, instead of deriving a specific probability density model for one particular type of power leakage, we gain the ability of combining different leakage sources using a structural algorithm. In this paper, we propose three schemes to combine the static and dynamic power leakage. The performance of these schemes is compared using simulated test circuits designed with a 45-nm library.     

Difference angle quantization index modulation scheme for image watermarking

In this paper, we propose a new angle quantization index modulation (AQIM) method, called the difference AQIM (DAQIM) method. The proposed method aims to improve the watermarking performance against gain attacks. Unlike the original AQIM method (Ourique et al., Angle QIM: a novel watermark embedding scheme robust against amplitude scaling distortions, in: Proceedings of IEEE International Conference on Acoustics, Speech, and Signal Processing, vol. 2, 2005, pp. 797–800), the DAQIM method quantizes the difference of the two angles instead of the angles themselves. The main advantage of the DAQIM method is to disperse the interference to the watermark signal from one angle to more angles. Thus, the watermark has a higher ability to resist attacks. We perform a theoretical analysis of the document-to-watermark ratio (DWR) based on our proposed method. We show that our proposed method can obtain a lower embedding distortion compared to the AQIM and the gradient direction watermarking (GDWM) (Nezhadarya et al., IEEE Trans. Inf. Forensics Secur., 6(4), 2011, 1200–1213), methods under the same robustness and payload conditions. The experimental results demonstrate that our proposed method outperforms common existing methods in terms of the robustness against various attacks such as the JPEG quantization noise, additive white Gaussian noise (AWGN), cropping effect and mean filtering.     

一种军棋机器博弈的多棋子协同博弈方法

针对在军棋博弈不完全信息对弈中，面对棋子不同价值、不同位置、不同搭配所产生的不同棋力，传统的单子意图搜索算法，不能满足棋子之间的协同性与沟通性，同时也缺乏对敌方的引诱与欺骗等高级对抗能力。本文提出一种结合UCT搜索策略的高价值棋子博弈方法，实现高价值棋子协同博弈的策略。实战经验表明:高价值多棋子军棋协同博弈策略优于单棋子军棋博弈策略。     

A Novel DDoS Attack Detection Method Using Optimized Generalized Multiple Kernel Learning

Distributed Denial of Service (DDoS) attack has become one of the most destructive network attacks which can pose a mortal threat to Internet security. Existing detection methods cannot effectively detect early attacks. In this paper, we propose a detection method of DDoS attacks based on generalized multiple kernel learning (GMKL) combining with the constructed parameter R. The super-fusion feature value (SFV) and comprehensive degree of feature (CDF) are defined to describe the characteristic of attack flow and normal flow. A method for calculating R based on SFV and CDF is proposed to select the combination of kernel function and regularization paradigm. A DDoS attack detection classifier is generated by using the trained GMKL model with R parameter. The experimental results show that kernel function and regularization parameter selection method based on R parameter reduce the randomness of parameter selection and the error of model detection, and the proposed method can effectively detect DDoS attacks in complex environments with higher detection rate and lower error rate.