Publications & Demonstrators

All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA

Publications

Machine Learning – The Results Are Not the only Thing that Matters! What About Security, Explainability and Fairness?

Michał Choraś, Marek Pawlicki, Damian Puchalski, Rafał Kozik

Recent advances in machine learning (ML) and the surge in computational power have opened the way to the proliferation of ML and Artificial Intelligence (AI) in many domains and applications. Still, apart from achieving good accuracy and results, there are many challenges that need to be discussed in order...More>>

Domains: Machine, Learning, AI, Secure, ML, Explainable, Fairness

Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks

Ohm M., Plate H., Sykosch A., Meier M.

A software supply chain attack is characterized by the injection of malicious code into a software package in order to compromise dependent systems further down the chain. Recent years saw a number of supply chain attacks that leverage the increasing use of open source during software development, which is...More>>

Domains: Application, Security, Malware, Software, Supply, Chain.

ModelSpeX: Model Specification Using Explainable Artificial Intelligence Methods

Schlegel, Udo; Cakmak, Eren; Keim, Daniel A.

Abstract Explainable artificial intelligence (XAI) methods aim to reveal the non-transparent decision-making mechanisms of black-box models. The evaluation of insight generated by such XAI methods remains challenging as the applied techniques depend on many factors (e.g., parameters and human interpretation). We propose ModelSpeX, a visual analytics workflow to interactively extract...More>>

Domains: Computing, methodologies, Artificial, intelligence, Human-centered, computing, HCI, theory, concepts, models

Defending Network Intrusion Detection Systems against Adversarial Evasion Attacks

Marek Pawlicki; Michał Choraś; Rafał Kozik

Intrusion Detection and the ability to detect attacks is a crucial aspect to ensure cybersecurity. However, what if an IDS (Intrusion Detection System) itself is attacked; in other words what defends the defender? In this work, the focus is on countering attacks on machine learning-based cyberattack detectors. In principle, we...More>>

Domains: Intrusion, Detection, IDS, Machine, Learning

LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion

Damasevicius, Robertas; Venckauskas, Algimantas; Grigaliunas, Sarunas; Toldinas, Jevgenijus; Morkevicius, Nerijus; Aleliunas, Tautvydas; Smuikys, Paulius.

Network intrusion detection is one of the main problems in ensuring the security of modern computer networks, Wireless Sensor Networks (WSN), and the Internet-of-Things (IoT). In order to develop efficient network-intrusion-detection methods, realistic and up-to-date network flow datasets are required. Despite several recent efforts, there is still a lack of...More>>

Domains: Benchmark, dataset;, network, intrusion, detection;, attack;, cyber, security

Privacy-Preserving Contact Tracing: current solutions and open questions

Qiang Tang

The COVID-19 pandemic has posed a unique challenge for the world to find solutions, ranging from vaccines to ICT solutions to slow down the virus spreading. Due to the highly contagious nature of the virus, social distancing is one fundamental measure which has already adopted by many countries. At the...More>>

Domains: COVID-19, privacy-aware, contact, tracing, solutions

Building Next Generation Cyber Ranges with CRACK

Enrico Russo, Gabriele Costa, Alessandro Armando

Cyber Ranges are complex infrastructures hosting high quality exercises that simulate cybersecurity scenarios of real-world complexity. Building the computing infrastructure is only the first step towards the successful execution of the cyber exercises. The design, verification and deployment of scenarios are costly and error-prone activities. As a matter of...More>>

Domains: Cyber, Range, Cybersecurity, Training, Automated, design, Scenario, verification

Experimental Analysis of the Electromagnetic Instruction Skip Fault Model

Menu, Alexandre and Dutertre, Jean-Max and Potin, Olivier and Rigaud, Jean-Baptiste and Danger, Jean-Luc

Microcontrollers storing valuable data or using security functions are vulnerable to fault injection attacks. Among the various types of faults, instruction skips induced at runtime proved to be effective against identification routines or encryption algorithms. Until recently, most research works assessed a fault model that consists in a single...More>>

Domains: cryptography, fault, diagnosis, microcontrollers

Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors

Matteo Busi, Job Noorman, Jo Van Bulck, Letterio Galletta, Pierpaolo Degano, Jan Tobias Mühlberg, Frank Piessens

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory,or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that break, or at least significantly weaken the isolation that these mechanisms offer. Extending a processor with new architectural or micro-architectural features,...More>>

Domains: Microprocessors