Matching Items (71)
Filtering by
- All Subjects: Computer Science
- Creators: Doupe, Adam
Description
Classical planning is a field of Artificial Intelligence concerned with allowing autonomous agents to make reasonable decisions in complex environments. This work investigates
the application of deep learning and planning techniques, with the aim of constructing generalized plans capable of solving multiple problem instances. We construct a Deep Neural Network that, given an abstract problem state, predicts both (i) the best action to be taken from that state and (ii) the generalized “role” of the object being manipulated. The neural network was tested on two classical planning domains: the blocks world domain and the logistic domain. Results indicate that neural networks are capable of making such
predictions with high accuracy, indicating a promising new framework for approaching generalized planning problems.
the application of deep learning and planning techniques, with the aim of constructing generalized plans capable of solving multiple problem instances. We construct a Deep Neural Network that, given an abstract problem state, predicts both (i) the best action to be taken from that state and (ii) the generalized “role” of the object being manipulated. The neural network was tested on two classical planning domains: the blocks world domain and the logistic domain. Results indicate that neural networks are capable of making such
predictions with high accuracy, indicating a promising new framework for approaching generalized planning problems.
ContributorsNakhleh, Julia Blair (Author) / Srivastava, Siddharth (Thesis director) / Fainekos, Georgios (Committee member) / Computer Science and Engineering Program (Contributor) / School of International Letters and Cultures (Contributor) / Barrett, The Honors College (Contributor)
Created2019-05
Description
Facial Expressions Recognition using the Convolution Neural Network has been actively researched upon in the last decade due to its high number of applications in the human-computer interaction domain. As Convolution Neural Networks have the exceptional ability to learn, they outperform the methods using handcrafted features. Though the state-of-the-art models achieve high accuracy on the lab-controlled images, they still struggle for the wild expressions. Wild expressions are captured in a real-world setting and have natural expressions. Wild databases have many challenges such as occlusion, variations in lighting conditions and head poses. In this work, I address these challenges and propose a new model containing a Hybrid Convolutional Neural Network with a Fusion Layer. The Fusion Layer utilizes a combination of the knowledge obtained from two different domains for enhanced feature extraction from the in-the-wild images. I tested my network on two publicly available in-the-wild datasets namely RAF-DB and AffectNet. Next, I tested my trained model on CK+ dataset for the cross-database evaluation study. I prove that my model achieves comparable results with state-of-the-art methods. I argue that it can perform well on such datasets because it learns the features from two different domains rather than a single domain. Last, I present a real-time facial expression recognition system as a part of this work where the images are captured in real-time using laptop camera and passed to the model for obtaining a facial expression label for it. It indicates that the proposed model has low processing time and can produce output almost instantly.
ContributorsChhabra, Sachin (Author) / Li, Baoxin (Thesis advisor) / Venkateswara, Hemanth (Committee member) / Srivastava, Siddharth (Committee member) / Arizona State University (Publisher)
Created2019
Description
Honeypots – cyber deception technique used to lure attackers into a trap. They contain fake confidential information to make an attacker believe that their attack has been successful. One of the prerequisites for a honeypot to be effective is that it needs to be undetectable. Deploying sniffing and event logging tools alongside the honeypot also helps understand the mindset of the attacker after successful attacks. Is there any data that backs up the claim that honeypots are effective in real life scenarios? The answer is no.Game-theoretic models have been helpful to approximate attacker and defender actions in cyber security. However, in the past these models have relied on expert- created data. The goal of this research project is to determine the effectiveness of honeypots using real-world data. So, how to deploy effective honeypots? This is where honey-patches come into play. Honey-patches are software patches designed to hinder the attacker’s ability to determine whether an attack has been successful or not. When an attacker launches a successful attack on a software, the honey-patch transparently redirects the attacker into a honeypot. The honeypot contains fake information which makes the attacker believe they were successful while in reality they were not.
After conducting a series of experiments and analyzing the results, there is a clear indication that honey-patches are not the perfect application security solution having both pros and cons.
ContributorsChauhan, Purv Rakeshkumar (Author) / Doupe, Adam (Thesis advisor) / Bao, Youzhi (Committee member) / Wang, Ruoyu (Committee member) / Arizona State University (Publisher)
Created2022
Description
High-order Markov Chains are useful in a variety of situations. However, theseprocesses are limited in the complexity of the domains they can model. In complex
domains, Markov models can require 100’s of Gigabytes of ram leading to the need of a
parsimonious model. In this work, I present the Max Markov Chain (MMC). A robust
model for estimating high-order datasets using only first-order parameters. High-order
Markov chains (HMC) and Markov approximations (MTDg) struggle to scale to large
state spaces due to the exponentially growing number of parameters required to model
these domains. MMC can accurately approximate these models using only first-order
parameters given the domain fulfills the MMC assumption. MMC naturally has better
sample efficiency, and the desired spatial and computational advantages over HMCs and
approximate HMCs. I will present evidence demonstrating the effectiveness of MMC in a
variety of domains and compare its performance with HMCs and Markov
approximations.
Human behavior is inherently complex and challenging to model. Due to the high
number of parameters required for traditional Markov models, the excessive computing
requirements make real-time human simulation computationally expensive and
impractical. I argue in certain situations, the behavior of humans follows that of a
sparsely connected Markov model. In this work I focus on the subset of Markov Models
which are just that, sparsely connected.
ContributorsBucklew, Mitchell (Author) / Zhang, Yu T (Thesis advisor) / Srivastava, Siddharth (Committee member) / Kambhampati, Subbarao (Committee member) / Arizona State University (Publisher)
Created2022
Description
Human civilization within the last two decades has largely transformed into an online one, with many of its associated activities taking place on computers and complex networked systems -- their analog and real-world equivalents having been rendered obsolete.These activities run the gamut from the ordinary and mundane, like ordering food, to complex and large-scale, such as those involving critical infrastructure or global trade and communications.
Unfortunately, the activities of human civilization also involve criminal, adversarial, and malicious ones with the result that they also now have their digital equivalents.
Ransomware, malware, and targeted cyberattacks are a fact of life today and are instigated not only by organized criminal gangs, but adversarial nation-states and organizations as well.
Needless to say, such actions result in disastrous and harmful real-world consequences. As the complexity and variety of software has evolved, so too has the ingenuity of attacks that exploit them; for example modern cyberattacks typically involve sequential exploitation of multiple software vulnerabilities.Compared to a decade ago, modern software stacks on personal computers, laptops, servers, mobile phones, and even Internet of Things (IoT) devices involve a dizzying array of interdependent programs and software libraries, with each of these components presenting attractive attack-surfaces for adversarial actors.
However, the responses to this still rely on paradigms that can neither react quickly enough nor scale to increasingly dynamic, ever-changing, and complex software environments.
Better approaches are therefore needed, that can assess system readiness and vulnerabilities, identify potential attack vectors and strategies (including ways to counter them), and proactively detect vulnerabilities in complex software before they can be exploited. In this dissertation, I first present a mathematical model and associated algorithms to identify attacker strategies for sequential cyberattacks based on attacker state, attributes and publicly-available vulnerability information.Second, I extend the model and design algorithms to help identify defensive courses of action against attacker strategies.
Finally, I present my work to enhance the ability of coverage-based fuzzers to identify software vulnerabilities by providing visibility into complex, internal program-states.
ContributorsPaliath, Vivin Suresh (Author) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Wang, Ruoyu (Committee member) / Shakarian, Paulo (Committee member) / Arizona State University (Publisher)
Created2023
Description
The rise in popularity of applications and services that charge for access to proprietary trained models has led to increased interest in the robustness of these models and the security of the environments in which inference is conducted. State-of-the-art attacks extract models and generate adversarial examples by inferring relationships between a model’s input and output. Popular variants of these attacks have been shown to be deterred by countermeasures that poison predicted class distributions and mask class boundary gradients. Neural networks are also vulnerable to timing side-channel attacks. This work builds on top of Subneural, an attack framework that uses floating point timing side channels to extract neural structures. Novel applications of addition timing side channels are introduced, allowing the signs and arrangements of leaked parameters to be discerned more efficiently. Addition timing is also used to leak network biases, making the framework applicable to a wider range of targets. The enhanced framework is shown to be effective against models protected by prediction poisoning and gradient masking adversarial countermeasures and to be competitive with adaptive black box adversarial attacks against stateful defenses. Mitigations necessary to protect against floating-point timing side-channel attacks are also presented.
ContributorsVipat, Gaurav (Author) / Shoshitaishvili, Yan (Thesis advisor) / Doupe, Adam (Committee member) / Srivastava, Siddharth (Committee member) / Arizona State University (Publisher)
Created2023
Description
This thesis presents a study on the fuzzing of Linux binaries to find occluded bugs. Fuzzing is a widely-used technique for identifying software bugs. Despite their effectiveness, state-of-the-art fuzzers suffer from limitations in efficiency and effectiveness. Fuzzers based on random mutations are fast but struggle to generate high-quality inputs. In contrast, fuzzers based on symbolic execution produce quality inputs but lack execution speed. This paper proposes FlakJack, a novel hybrid fuzzer that patches the binary on the go to detect occluded bugs guarded by surface bugs. To dynamically overcome the challenge of patching binaries, the paper introduces multiple patching strategies based on the type of bug detected. The performance of FlakJack was evaluated on ten widely-used real-world binaries and one chaff dataset binary. The results indicate that many bugs found recently were already present in previous versions but were occluded by surface bugs. FlakJack’s approach improved the bug-finding ability by patching surface bugs that usually guard occluded bugs, significantly reducing patching cycles. Despite its unbalanced approach compared to other coverage-guided fuzzers, FlakJack is fast, lightweight, and robust. False- Positives can be filtered out quickly, and the approach is practical in other parts of the target. The paper shows that the FlakJack approach can significantly improve fuzzing performance without relying on complex strategies.
ContributorsPraveen Menon, Gokulkrishna (Author) / Bao, Tiffany (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2023
Description
Reverse engineering is a process focused on gaining an understanding for the intricaciesof a system. This practice is critical in cybersecurity as it promotes the
findings and patching of vulnerabilities as well as the counteracting of malware. Disassemblers
and decompilers have become essential when reverse engineering due to
the readability of information they transcribe from binary files. However, these tools
still tend to produce involved and complicated outputs that hinder the acquisition of
knowledge during binary analysis. Cognitive Load Theory (CLT) explains that this
hindrance is due to the human brain’s inability to process superfluous amounts of
data. CLT classifies this data into three cognitive load types — intrinsic, extraneous,
and germane — that each can help gauge complex procedures.
In this research paper, a novel program call graph is presented accounting for
these CLT principles. The goal of this graphical view is to reduce the cognitive load
tied to the depiction of binary information and to enhance the overall binary analysis
process. This feature was implemented within the binary analysis tool, angr and it’s
user interface counterpart, angr-management. Additionally, this paper will examine a
conducted user study to quantitatively and qualitatively evaluate the effectiveness of
the newly proposed proximity view (PV). The user study includes a binary challenge
solving portion measured by defined metrics and a survey phase to receive direct participant
feedback regarding the view. The results from this study show statistically
significant evidence that PV aids in challenge solving and improves the overall understanding
binaries. The results also signify that this improvement comes with the
cost of time. The survey section of the user study further indicates that users find
PV beneficial to the reverse engineering process, but additional information needs to
be included in future developments.
ContributorsSmits, Sean (Author) / Wang, Ruoyu (Thesis advisor) / Shoshitaishvili, Yan (Thesis advisor) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2022
Description
Binary analysis and software debugging are critical tools in the modern softwaresecurity ecosystem. With the security arms race between attackers discovering and
exploiting vulnerabilities and the development teams patching bugs ever-tightening,
there is an immense need for more tooling to streamline the binary analysis and
debugging processes. Whether attempting to find the root cause for a buffer overflow
or a segmentation fault, the analysis process often involves manually tracing the
movement of data throughout a program’s life cycle. Up until this point, there has
not been a viable solution to the human limitation of maintaining a cohesive mental
image of the intricacies of a program’s data flow.
This thesis proposes a novel data dependency graph (DDG) analysis as an addi-
tion to angr’s analyses suite. This new analysis ingests a symbolic execution trace
in order to generate a directed acyclic graph of the program’s data dependencies. In
addition to the development of the backend logic needed to generate this graph, an
angr management view to visualize the DDG was implemented. This user interface
provides functionality for ancestor and descendant dependency tracing and sub-graph
creation. To evaluate the analysis, a user study was conducted to measure the view’s
efficacy in regards to binary analysis and software debugging. The study consisted
of a control group and experimental group attempting to solve a series of 3 chal-
lenges and subsequently providing feedback concerning perceived functionality and
comprehensibility pertaining to the view.
The results show that the view had a positive trend in relation to challenge-solving
accuracy in its target domain, as participants solved 32% more challenges 21% faster
when using the analysis than when using vanilla angr management.
ContributorsCapuano, Bailey Kellen (Author) / Shoshitaishvili, Yan (Thesis advisor) / Wang, Ruoyu (Thesis advisor) / Doupe, Adam (Committee member) / Arizona State University (Publisher)
Created2022
Description
With improvements in automation and system capabilities, human responsibilities in those advanced systems can get more complicated; greater situational awareness and performance may be asked of human agents in roles such as fail-safe operators. This phenomenon of automation improvements requiring more from humans in the loop, is connected to the well-known “paradox of automation”. Unfortunately, humans have cognitive limitations that can constrain a person's performance on a task. If one considers human cognitive limitations when designing solutions or policies for human agents, then better results are possible. The focus of this dissertation is on improving human involvement in planning and execution for Sequential Decision Making (SDM) problems. Existing work already considers incorporating humans into planning and execution in SDM, but with limited consideration for cognitive limitations. The work herein focuses on how to improve human involvement through problems in motion planning, planning interfaces, Markov Decision Processes (MDP), and human-team scheduling. This done by first discussing the human modeling assumptions currently used in the literature and their shortcomings. Then this dissertation tackles a set of problems by considering problem-specific human cognitive limitations --such as those associated with memory and inference-- as well as use lessons from fields such as cognitive ergonomics.
ContributorsGopalakrishnan, Sriram (Author) / Kambhampati, Subbarao (Thesis advisor) / Srivastava, Siddharth (Committee member) / Scheutz, Matthias (Committee member) / Zhang, Yu (Tony) (Committee member) / Arizona State University (Publisher)
Created2022