1 - 10 of 29
-
PublicationNear Real-time Detection and Rectification of Adversarial Patches( 2024-08-06)Neural networks tend to produce false predictions when exposed to adversarial examples. These incorrect predictions raise concerns about the safety and reliability of ML-based decision-making, presenting significant risks in real-world scenarios, particularly in the context of Autonomous Vehicles (AVs). Therefore, we propose a two-step method to address this issue. Firstly, we introduce a method to identify adversarial regions in the input samples, such as adversarial patches or stickers. Secondly, we leverage deep neural networks to correct the detected patches. This approach allows us to obtain accurate predictions from the neural networks after restoring the adversarial regions. Our evaluation results demonstrate that the proposed method is considerably faster than the average human response time, which includes traffic sign recognition and decision-making processes related to applying brakes or not. Additionally, we compare the impact of different restoration methods on the prediction results. Overall, the integration of the detection and correction methods within our proposed framework effectively mitigates the effect of adversarial examples in real-world scenarios.
-
PublicationDemo: CARLA-based Adversarial Attack Assessment on Autonomous Vehicles( 2024-08-06)Autonomous vehicles rely on a combination of sensors and sophisticated artificial intelligence (AI) systems to perceive their surroundings. The increasing use of AI in autonomous driving technology has brought to our attention the concerns of the implications of AI failure. In this work, we chose an object detector (OD) as an entry point to study the robustness against adversarial attacks like malicious traffic signs. We design and implement CARLA-A3 (CARLA-based Adversarial Attack Assessment), which is a toolkit aimed to streamline the simulation of adversarial conditions and evaluation of OD with several robustness metrics. The toolkit can serve to rapidly and quantitatively evaluate the effects of a malicious sign presented to the OD.
-
PublicationGRAIN - Truly Privacy-friendly and Self-sovereign Trust Establishment with GNS and TRAIN( 2024)
-
PublicationMANTRA: A Graph-based Unified Information Aggregation Foundation for Enhancing Cybersecurity Management in Critical Infrastructures( 2023-06)
-
PublicationA more User-Friendly Digital Wallet?( 2023)Identity wallets enable the management and use of digital identities and verification documents stored in one app. Users manage their data independently and decide for themselves which data they want to disclose for identification purposes. Recent research shows that current digital wallets face many usability problems, which makes it difficult for users to grasp their concept and how to use them. This paper presents an enhanced concept of a wallet, where its functionality is presented with user scenarios that have a user centric approach. The user scenarios illustrate a variety of possible uses of the wallet. For example, the new wallet concept envisions, how data can be transferred from one wallet to another person's wallet, how data can be managed by different people in one wallet, or how only individual pieces of information from credentials can be shared to maintain greater privacy for users.
-
PublicationA Comparative Security Analysis of the German Federal Postal Voting Process( 2021)
-
PublicationSecurity Concept with Distributed Trust-Levels for Autonomous Cooperative Vehicle Networks( 2021)The newly proposed cooperative intelligent transportation system (cITS) is a big step towards completely autonomous driving. It is a key requirement for vehicles to exchange crucial information. Only with exchanged data, such as hazard warnings or route planning each vehicle will have enough information to find its way without a driver. However, this data has to be authentic and trustworthy, since it will directly influence the behavior of every vehicle inside such a network. For authentic messages, public key infrastructure (PKI)-based asymmetric cryptography mechanisms were already proposed by different organizations, such as the European Telecommunications Standards Institute (ETSI). The second crucial information of trustworthiness is still missing. In this paper, a new security concept is presented, which introduces a trust-level for each vehicle to enable an assessment, whether data is trustworthy or not. Besides, a Pretty Good Privacy (PGP)-inspired certificate administration is proposed to manage the certificates and their affiliated trust-level. The new concept mitigates sybil attacks and increases the speed of data processing inside vehicles.
-
PublicationLeveraging Edge Computing and Differential Privacy to Securely Enable Industrial Cloud Collaboration Along the Value Chain( 2021)
-
PublicationExploiting Interfaces of Secure Encrypted Virtual Machines( 2020)Cloud computing is a convenient model for processing data remotely. However, users must trust their cloud provider with the confidentiality and integrity of the stored and processed data. To increase the protection of virtual machines, AMD introduced SEV, a hardware feature which aims to protect code and data in a virtual machine. This allows to store and process sensitive data in cloud environments without the need to trust the cloud provider or the underlying software. However, the virtual machine still depends on the hypervisor for performing certain activities, such as the emulation of special CPU instructions, or the emulation of devices. Yet, most code that runs in virtual machines was not written with an attacker model which considers the hypervisor as malicious. In this work, we introduce a new class of attacks in which a malicious hypervisor manipulates external interfaces of an SEV or SEV-ES virtual machine to make it act against its own interests. We start by showing how we can make use of virtual devices to extract encryption keys and secret data of a virtual machine. We then show how we can reduce the entropy of probabilistic kernel defenses in the virtual machine by carefully manipulating the results of the CPUID and RDTSC instructions. We continue by showing an approach for secret data exfiltration and code injection based on the forgery of MMIO regions over the VM's address space. Finally, we show another attack which forces decryption of the VM's stack and uses Return Oriented Programming to execute arbitrary code inside the VM. While our approach is also applicable to traditional virtualization environments, its severity significantly increases with the attacker model of SEV-ES, which aims to protect a virtual machine from a benign but vulnerable hypervisor.
-
PublicationAntiPatterns Regarding the Application of Cryptographic Primitives by the Example of Ransomware( 2020)
