Publications & Demonstrators

All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA

Publications

New explainability method for BERT-based model in fake news detection

Szczepański, M., Pawlicki, M., Kozik, R. et al.

The ubiquity of social media and their deep integration in the contemporary society has granted new ways to interact, exchange information, form groups, or earn money—all on a scale never seen before. Those possibilities paired with the widespread popularity contribute to the level of impact that social media display. Unfortunately,...More>>

Domains: BERT-model; Fake news

Analysis of a Laser-induced Instructions Replay Fault Model in a 32-bit Microcontroller

V. Khuat, J. M. Dutertre and J. L. Danger

In this paper, we present a method to obtain a new Laser Fault Injection (LFI)-induced fault model: replay of instructions on a 32-bit Microcontroller (MCU). This method allows a potential adversary to replay a block of two or four instructions with a fault rate up to 100%. These faults are...More>>

Domains: Laser Fault Injection

The double-edged sword of AI: Ethical Adversarial Attacks to counter artificial intelligence for crime

Choraś, M., Woźniak, M.

Artificial intelligence (AI) has found a myriad of applications in many domains of technology, and more importantly, in improving people’s lives. Sadly, AI solutions have already been utilized for various violations and theft, even receiving the name AI or Crime (AIC). This poses a challenge: are cybersecurity experts thus justified...More>>

Domains: AI, AIC, Ethical Adversarial Attacks

Experimental Analysis of the Electromagnetic Instruction Skip Fault Model and Consequences for Software Countermeasures

Jean-Max Dutertrea, Alexandre Menu, Olivier Potin, Jean-Baptiste Rigaud and Jean-Luc Danger

Microcontrollers storing valuable data or using security functions are vulnerable to fault injection attacks. Among the various types of faults, instruction skips induced at runtime proved to be effective against identification routines or encryption algorithms. Until recently, most research works assessed a fault model that consists in a single instruction...More>>

Domains: Hardware attacks, EM fault injection, Fault model

The proposition of balanced and explainable surrogate method for network intrusion detection in streamed real difficult data

Mateusz Szczepanski, Mikołaj Komisarek, Marek Pawlicki,Rafał KozikMichał Choraś

Handling the data imbalance problem is one of the crucial steps in a machine learning pipeline. The research community is well aware of the effects of data imbalance on machine learning algorithms. At the same time, there is a rising need for explainability of AI, especially in difficult, high-stake domains...More>>

Domains: Machine learning, Explainability, Data imbalance

Preprocessing Pipelines Including Block-Matching Convolutional Neural Network for Image Denoising to Robustify Deep Reidentification against Evasion Attacks

Marek Pawlicki, Ryszard S. Choraś

Artificial neural networks have become the go-to solution for computer vision tasks, including problems of the security domain. One such example comes in the form of reidentification, where deep learning can be part of the surveillance pipeline. The use case necessitates considering an adversarial setting—and neural networks have been shown...More>>

Domains: deep learning; computer vision; adversarial attacks; adversarial defences

Hybroid: Toward Android Malware Detection and Categorization with Program Code and Network Traffic

Mohammad Reza Norouzian, Peng Xu, Claudia Eckert, and Apostolis Zarras

Android malicious applications have become so sophisticated that they can bypass endpoint protection measures. Therefore, it is safe to admit that traditional anti-malware techniques have become cumbersome, thereby raising the need to develop efficient ways to detect Android malware. In this paper, we present Hybroid, a hybrid Android malware detection...More>>

Domains: Android, malware detection, F1-score, AUC

Development of the Information Security Management System Standard for Public Sector Organisations in Estonia

Mari Seeba, Raimundas Matulevičius, and Ilmar Toom

Standardisation gives us a common understanding or processes to do something in a commonly accepted way. In information security management, it means to achieve the appropriate security level in the context of known and unknown risks. Each government’s goal should be to provide digital services to its citizens with the...More>>

Domains: ISMS, Public Sector Organisations

Security Risk Estimation and Management in Autonomous Driving Vehicles

Abasi-amefon O. Affia, Raimundas Matulevičius, and Rando Tõnisson

Autonomous vehicles (AV) are intelligent information systems that perceive, collect, generate and disseminate information to improve knowledge to act autonomously and provide its required services of mobility, safety, and comfort to humans. This paper combines the security risk management (ISSRM) and operationally critical threat, asset, and vulnerability evaluation (OCTAVE allegro) methods...More>>

Domains: Autonomous vehicles, Self-driving cars, Security risk management, ISSRM, OCTAVE, Intelligent information systems