December 2024
·
6 Reads
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
December 2024
·
6 Reads
October 2024
·
18 Reads
With the advancement of deepfake generation techniques, the importance of deepfake detection in protecting multimedia content integrity has become increasingly obvious. Recently, temporal inconsistency clues have been explored to improve the generalizability of deepfake video detection. According to our observation, the temporal artifacts of forged videos in terms of motion information usually exhibits quite distinct inconsistency patterns along horizontal and vertical directions, which could be leveraged to improve the generalizability of detectors. In this paper, a transformer-based framework for Diffusion Learning of Inconsistency Pattern (DIP) is proposed, which exploits directional inconsistencies for deepfake video detection. Specifically, DIP begins with a spatiotemporal encoder to represent spatiotemporal information. A directional inconsistency decoder is adopted accordingly, where direction-aware attention and inconsistency diffusion are incorporated to explore potential inconsistency patterns and jointly learn the inherent relationships. In addition, the SpatioTemporal Invariant Loss (STI Loss) is introduced to contrast spatiotemporally augmented sample pairs and prevent the model from overfitting nonessential forgery artifacts. Extensive experiments on several public datasets demonstrate that our method could effectively identify directional forgery clues and achieve state-of-the-art performance.
October 2024
·
2 Reads
·
2 Citations
July 2024
·
3 Reads
June 2024
·
30 Reads
·
1 Citation
IEEE Transactions on Neural Networks and Learning Systems
Data clustering is a fundamental machine learning task that seeks to categorize a dataset into homogeneous groups. However, real data usually contain noise, which poses significant challenges to clustering algorithms. In this article, motivated by how the k -means algorithm is derived from a Gaussian mixture model (GMM), we propose a robust k -means-type algorithm, named k -means-type clustering based on t -distribution (KMTD), by assuming that the data points are drawn from a special multivariate t -mixture model (TMM). Compared to the Gaussian distribution, the t -distribution has a fatter tail. The proposed algorithm is more robust to noise. Like the k -means algorithm, the proposed algorithm is simpler than those based on a full TMM. Both synthetic and actual data are used to illustrate the proposed algorithm’s performance and efficiency. The experimental results demonstrated that the proposed algorithm operates more quickly than other sophisticated algorithms and, in most cases, achieves higher accuracy than the other algorithms.
January 2024
·
53 Reads
·
7 Citations
Computers & Security
January 2024
IEEE Transactions on Multimedia
With the advancement of deepfake generation techniques, the importance of deepfake detection in protecting multimedia content integrity has become increasingly obvious. Recently, temporal inconsistency clues have been explored to improve the generalizability of deepfake video detection. According to our observation, the temporal artifacts of forged videos in terms of motion information usually exhibits quite distinct inconsistency patterns along horizontal and vertical directions, which could be leveraged to improve the generalizability of detectors. In this paper, a transformer-based framework for D iffusion Learning of I nconsistency P attern (DIP) is proposed, which exploits directional inconsistencies for deepfake video detection. Specifically, DIP begins with a spatiotemporal encoder to represent spatiotemporal information. A directional inconsistency decoder is adopted accordingly, where direction-aware attention and inconsistency diffusion are incorporated to explore potential inconsistency patterns and jointly learn the inherent relationships. In addition, the SpatioTemporal Invariant Loss (STI Loss) is introduced to contrast spatiotemporally augmented sample pairs and prevent the model from overfitting nonessential forgery artifacts. Extensive experiments on several public datasets demonstrate that our method could effectively identify directional forgery clues and achieve state-of-the-art performance.
January 2024
·
1 Read
IEEE Transactions on Dependable and Secure Computing
Network traffic classification plays a crucial role in network management and cyberspace security. As the Internet evolves with new applications and protocols, traditional machine learning-based methods relying on feature mining have become obsolete. Instead, deep learning-based methods are becoming more popular in the field of traffic classification due to their end-to-end processing approach. However, the vulnerability of neural networks to adversarial examples significantly compromises their performance. In this paper, we propose Robust Byte-Label Joint Attention Network (RBLJAN), an efficient and robust deep learning-based framework for encrypted network traffic classification at both the packet-level and the flow-level. RBLJAN comprises a classifier and an adversarial traffic generator. The classifier utilizes mechanisms such as header-payload parallel processing and byte-label joint attention learning to capture implicit correlations between bytes and labels, enabling the construction of powerful packet representations. The generator produces adversarial examples that are fed to the classifier to enhance its robustness. Experimental results demonstrate that RBLJAN achieves over 99% average F1-score on real-world legitimate traffic datasets and achieves 97.86% average F1-score on malware identification. Moreover, RBLJAN exhibits superior performance in terms of detection speed and robustness compared to state-of-the-art methods in real-world scenarios.
November 2023
·
10 Reads
·
1 Citation
Lecture Notes in Computer Science
Website fingerprinting enables eavesdroppers to identify the website a user is visiting by network surveillance, even if the traffic is protected by anonymous communication technologies such as Tor. To defend against website fingerprinting attacks, Tor provides a circuit padding framework as the official way to implement padding defenses. However, the circuit padding framework can not support additional delay, which makes most defense schemes unworkable. In this paper, we study the patterns of HTTP requests and responses generated during website loading and analyze how these high-level features correlate with the underlying features of network traffic. We find that the HTTP requests sent and responses received continuously in a short period of time, which we call HTTP burst, have a significant impact on network traffic. Then we propose a novel website fingerprinting defense algorithm, Advanced Adaptive Padding(AAP). The design principle of AAP is similar to Adaptive Padding, which works by obfuscating burst features. AAP does not delay application packets and is in line with the design philosophy of low latency networks such as Tor. Besides, AAP uses a more sensible traffic obfuscation strategy, which makes it more effective. Experiments show that AAP outperforms other zero-delay defenses with moderate bandwidth overhead.
November 2023
·
33 Reads
Lecture Notes in Computer Science
Improving and updating applications based on user reviews is crucial to the continuous development of modern mobile applications. However, software bug descriptions in user reviews are often written by non-professional users, and contain a lot of irrelevant text, making it challenging to conduct bug localization. The current software bug localization technologies based on user reviews are not able to address these challenges effectively, resulting in suboptimal results. To address this issue, we propose ReviewLocator, which focuses on key phrases and learning from historical bug reports. It first utilizes syntactic analysis or source file parsing to convert each user review or source file into phrase representations. Then it depends on Key Phrase-based Ranking using a newly proposed Bug Report-based Term Weight to map review phrase sets to source file phrase sets. In our experiments on eight applications from the Google Play Store, the results prove our proposal surpasses ChangeAdvisor and Where2Change with an absolute improvement of 0.076 and 0.055 in terms of MAP correspondingly.
... Feng et al. [288] tackle audio-visual inconsistencies through an anomaly detection method that trains autoregressive transformers to flag low-probability sequences, using a joint ResNet-18 and VGG-M encoder. Zou et al. [289] advance cross-modality and within-modality regularization by aligning distinct audio and visual signals through multimodal transformers, while Nie et al. [290] introduce FRADE, which relies on adaptive forgery-aware injection and audio-distilled cross-modal interaction to effectively bridge the audio-visual domain gap. Moreover, Yang et al. [314] introduce AVoiD-DF, a model based on a temporal-spatial encoder and a multimodal joint decoder. ...
October 2024
... However, an excessively small may increase the sensitivity to pairwise distances, making the assignment more similar to hard assignment. To balance robustness and sensitivity, we set to 1, ensuring an optimal distribution of nodes within clusters [51]. ...
June 2024
IEEE Transactions on Neural Networks and Learning Systems
... As advancements in computer network technology continue and various devices connect to the Internet, user privacy becomes increasingly vulnerable to malicious attacks. While encryption technologies like VPNs and Tor (Ramadhani 2018) offer protection to users (Sharma, Dangi, and Mishra 2021;Xiao et al. 2024), they can paradoxically serve as tools for attackers to conceal their identities. Traditional data packet inspection (DPI) methods have lost effectiveness against encrypted traffic (Papadogiannaki and Ioannidis 2021). ...
January 2024
Computers & Security
... In contrast, urban ST data are inherently dynamic with constantly evolving distributions, which renders offline models ineffective for practical deployment. To address distribution shifts in streaming data, online continual learning has proven effective in forecasting tasks such as long-term time series forecasting (LTSF) [47,66], natural language processing (NLP) [25,45], and stock prediction [54,82]. However, these methods cannot be directly applied to urban ST forecasting for the following two reasons. ...
October 2023
... Additionally, a one-class support vector machine (SVM) distinguishes nodes as either standard or phishing to tackle extreme data imbalances and network heterogeneity. Lin et al. [22] proposed a new network embedding method called Phish2vec to address the problem of phishing fraud detection in the Ethereum network. This method identifies phishing accounts using the transaction network's characteristics and smart contracts' logical relationship. ...
September 2023
Computers & Security
... We compare FlowID with nine network traffic detection methods from two categories: sequence-based methods (CNN [45], LSTM [46], App-Net [47]) and graph-based methods (TCGNN [48], HGNN [27], HGNN+ [49], Graph-DApp [35], GraphDDoS [50], TFE-GNN [51]). ...
August 2023
Engineering Applications of Artificial Intelligence
... DP (Lotfollahi et al. 2020) leverages CNNs and autoencoders to extract byte features. BLJAN (Mao et al. 2021) explores the correlation between packet bytes and their labels and encodes them into a joint embedding space to classify packets. EBSNN (Xiao et al. 2022) and ET-BERT (Lin et al. 2022) can also perform packet classification. ...
June 2021
... The demand for location-based services in mobile apps has raised concerns about location privacy leakage. Hu et al. (2021) introduced a hybrid approach that employs static code-level analysis to assess an app's intention to access location data and uses dynamic analysis with ML to predict the app's dynamic behaviour regarding location privacy. Saif et al. (2018) demonstrated that a hybrid analysis approach with deep belief networks outperformed naïve Bayes, SVM, and random forest for malware detection. ...
November 2021
Entropy
... For example, (a hybrid DL model based on CNN-BiLSTM for rumor detection) combined GloVe, CNN, and BiLSTM to represent text features. Wei et al. [8] utilized LSTM to extract high-level representations, and adopted SENet to apply the attention and gating mechanisms. Song et al. [84] combined CNN and LSTM to get the representations of original microblogs and repost sequences. ...
July 2021
... In this matter, Xiao et al. [101] address the challenge of detecting phishing websites in imbalanced datasets by leveraging CNN and Multi-Head Self-Attention (MHSA) mechanisms. To tackle the issue of dataset imbalance, they employ a Generative Adversarial Network (GAN) to generate synthetic phishing URLs to balance the dataset, making the number of phishing websites equal to legitimate websites. ...
June 2021
Computers & Security