IEEE CNS 2023 Cyber Resilience Workshop Program
7:30 AM - BREAKFAST AND REGISTRATION
8:50 AM - 9:00 AM OPENING REMARKS
9:00 AM - 10:00 AM - SESSION 1: Monitoring and Detection
Session Chair: Byron E Denham
- Enhancing ML-Based DoS Attack Detection Through Combinatorial Fusion
Evans Owusu (Fordham University, USA); Mohamed Rahouti (Fordham University, USA); Frank Hsu (Fordham University, USA); Kaiqi Xiong (University of South Florida, USA); Yufeng Xin (UNC Chapel Hill, USA)
- Early-Stage Conflict Detection in HLF-Based Delay-Critical IoT Networks
Aditya Pathak (University of Regina, Canada); Irfan S. Al-Anbagi (University of Regina, Canada); Howard Hamilton (University of Regina, Canada)
- Analysis of Decoy Strategies for Detecting Ransomware
Byron E Denham (University of Arkansas, USA); Dale R Thompson (University of Arkansas, USA)
10:00 AM - 10:30 AM - BREAK
10:30 AM - 11:30 AM - KEYNOTE
Speaker: Prof. David Mohaisen
Biography: David Mohaisen is a Professor of Computer Science at the University of Central Florida, where he has been since 2017. Previously, he was an Assistant Professor at SUNY Buffalo (2015-2017) and a Senior Scientist at Verisign Labs (2012-2015), which he joined after earning his Ph.D. in Computer Science from the University of Minnesota in 2012. His research interests are in applied security and privacy, covering networked systems, software systems, IoT and AR/VR, machine learning, and blockchain systems. His research has been published in top conferences and journals alike, with multiple best paper awards. Among other services, he has been an Associate Editor of IEEE TMC, IEEE TDSC, and IEEE TPDS. He is a senior member of ACM (2018) and IEEE (2015), a Distinguished Speaker of the ACM (2021-2023) and Distinguished Visitor of the IEEE Computer Society (2021-2023).
Title: Towards a Measurement-Guided Understanding of Blockchain Security: Attacks and Defenses
Abstract: Blockchains promise various security benefits in distributed systems, although their security is loosely understood. For instance, it is theoretically established that the Bitcoin blockchain safety relies on strong network synchrony and a stable network configuration, and violating the safety by a majority attack or eclipsing requires strong adversaries (e.g., 51% hash rate or an ISP controlling millions of IP addresses). These requirements are costly. Thus, notable attacks have yet to be observed in practice.
In this talk, we will empirically demonstrate that real-world blockchains, such as Bitcoin, do not conform to the ideal specifications of synchrony and stable network configurations. As a result, we show ways to reduce the requirement for violating blockchain safety by presenting two practical attacks, HashSplit and SyncAttack. In HashSplit, we first formulate an ideal functionality framework for the correct communication among the mining nodes that preserves safety. Our model specifies that strong network synchrony can only be guaranteed if the mining nodes form a completely connected topology and receive blocks simultaneously. However, our large-scale measurements suggest that the mining nodes must conform to the ideal model and receive blocks at different times. Using such settings, we instantiate a well-connected adversary to partition the network with only a 26% hash rate. In the SyncAttack, we unveil that the existing security models have largely ignored the permissionless nature of blockchains characterized by node churn. By exploiting the churn, an adversary can control all connections made among the newly arriving nodes by simply occupying all the incoming connection slots of the existing nodes. Supported by evidence from measurements and root-cause analysis that points to flaws in real-world implementations, we instantiate an adversary that can fork the blockchain with only 120 IP addresses, allowing the adversary to double-spend without any mining powers. We will also discuss defenses for secure blockchains against partitioning.
11:30 AM - 1:00 PM - LUNCH
1:00 PM - 2:00 PM - SESSION 2: Large Language Models for Cyber Resilience
Session Chair: Xingqi Wu
- Towards Evaluation and Understanding of Large Language Models for Cyber Operation Automation
Madeena Sultana and Adrian A Taylor (Defence R&D Canada, Canada); Li Li (DRDC, Canada); Suryadipta Majumdar (Concordia University, Canada)
- The Tables Have Turned: GPT-3 Distinguishing Passwords from Honeywords
Nilesh Chakraborty (Queen's University, Canada); Youssef Yamout (Queen's University, Canada); Mohammad Zulkernine (Queen's University, Canada)
- Exploring the Dark Side of AI: Advanced Phishing Attack Design and Deployment Using ChatGPT
Nils Begou and Jeremy Vinoy (Grenoble INP, LIG Lab, France); Andrzej Duda (Grenoble Institute of Technology, France); Maciej Korczyński (Université Grenoble Alpes, CNRS, Grenoble INP, LIG, France)
2:00 PM - 3:00 PM - SESSION 3: Resilient Networks and Applications
Session Chair: Juntao Chen
- Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection
Martin Husák and Michal Javornik (Masaryk University, Czech Republic)
- Attack Resilient Wireless Backhaul Connectivity with Optimized Fronthaul Coverage in UAV Networks
Xingqi Wu (University of Michigan, USA); Junaid Farooq (University of Michigan-Dearborn, USA)
- Adversarial Manipulation of Learning in Linear-Quadratic Zero-Sum Differential Games via Cost Poisoning
Son Tung Do (Fordham University, USA); Gabrielle Ebbrecht (Fordham University, USA); Juntao Chen (Fordham University, USA)
3:00 PM - 3:10 PM - CLOSING REMARKS