Emerging Information Security and Applications: 4th International Conference, EISA 2023, Hangzhou, China, December 6–7, 2023, Proceedings (Communications in Computer and Information Science)

Preface
Organization
Contents
PtbStolen: Pre-trained Encoder Stealing Through Perturbed Samples
1 Introduction
2 Preliminaries
2.1 Encoder Pre-training
2.2 Application in Downstream Tasks
3 Threat Model
3.1 Objectives
3.2 Capability
3.3 Background Knowledge
4 Details of PtbStolen
4.1 Overview
4.2 Problem Formulation
4.3 Algorithm of PtbStolen
5 Experiments
5.1 Attack Settings
5.2 Experimental Results
5.3 Cost Analysis
6 Related Works
6.1 Contrastive Learning
6.2 Model Stealing Attack
7 Conclusion
References
Towards Efficient Universal Adversarial Attack on Audio Classification Models: A Two-Step Method
1 Introduction
2 Related Works
2.1 Input-Dependent Adversarial Attacks
2.2 Universal Adversarial Attacks
3 The Proposed Method
3.1 Preliminaries
3.2 Craft Individual Perturbations
3.3 Fine-Turn Universal Perturbations
4 Experiments
4.1 Settings
4.2 Quantitative Evaluation on Untargeted Attack
4.3 Quantitative Evaluation on Targeted Attack
4.4 Attack with Different Normalization Methods
5 Conclusions
References
Privacy-Preserving Authenticated Federated Learning Scheme for Smart Healthcare System
1 Introduction
2 Related Work
3 Preliminaries
3.1 Federated Learning
3.2 Boneh-Goh-Nissim (BGN) Cryptosystem
3.3 Schnorr Signature
4 System Architecture and Security Model
4.1 System Architecture
4.2 Security Model
4.3 System Requirements
5 Proposed Specific Scheme
5.1 System Setup
5.2 Group Training
5.3 Server Aggregation
5.4 Local Model Update
6 Security Analysis
6.1 Correctness
6.2 Authentication of the Scheme
6.3 Data Privacy
7 Performance Evaluation
7.1 Evaluation Environment
7.2 Characteristic Analysis
7.3 Accuracy and System Runtime
7.4 Cryptosystem Runtime
7.5 Computational Cost of Clients Participating and Revoking Analysis
8 Conclusion
9 Discussion and Future Work
References
A Systematic Method for Constructing ICT Supply Chain Security Requirements
1 Introduction
2 Related Work
3 ICT Supply Chain Security Environment
3.1 Supply Chain Relationship
3.2 Product Life Cycle Stages
3.3 Security Driving Factors
3.4 Security Properties
4 ICT Supply Chain Security Requirements
4.1 Establishment Process of Security Requirements
4.2 Validation Process of Security Requirements
4.3 Summary of the ICT Supply Chain Security Requirements
5 Application of ICT Supply Chain Security Requirements
6 Conclusions and Future Work
References
Pairing Compression on Some Elliptic Curves with Subgroups of Embedding Degree 6 and Its Applications to Pairing-Based Cryptography
1 Introduction
1.1 Related Work
1.2 Contributions
2 Preliminaries
3 Pairing Compression
4 Applications to Pairing-Based Cryptography
4.1 BLS Short Signatures
4.2 Identity-Based Encryption
5 Conclusion
References
Enhancing Chinese Named Entity Recognition with Disentangled Expert Knowledge
1 Introduction
2 Related Work
2.1 Named Entity Recognition
2.2 Chinese Named Entity Recognition
3 Methods
3.1 Contextual Representation Generation
3.2 Disentangled Expert Knowledge Learning
3.3 Knowledge Enhancement
3.4 NER Prediction
3.5 Model Training
4 Experiments
4.1 Dataset
4.2 Evaluation Metrics
4.3 Implementation Details
4.4 Model Comparison
4.5 Performance on Fine-Grained Category
5 Conclusion
References
Deep Neural Network Model over Encrypted Data
1 Introduction
2 Related Work
3 DNN Classification Model for Ciphertext Data
3.1 General Framework of the Model
3.2 Communication Protocols
3.3 Classification Process
3.4 Security Analysis
4 Experiments
4.1 Experimental Setup
4.2 Analysis of Experimental Results
5 Conclusion
References
Toward the Tradeoffs Between Privacy, Fairness and Utility in Federated Learning
1 Introduction
2 Related Work
2.1 Fairness of FL
2.2 Privacy of FL
2.3 Fairness and Privacy of FL
3 Preliminaries
3.1 Fairness in FL
3.2 Privacy in FL
3.3 Problem Formulation
4 Method
4.1 Fairness Predictor (Model) in Client
4.2 Privacy Protection Method in Fair FL
5 Experiments
5.1 Dataset and Experimental Settings
5.2 Experimental Hyperparameter Settings
5.3 Performance Comparison Results
5.4 Analysis of Privacy and Fairness
6 Conclusion
References
Chinese Named Entity Recognition Within the Electric Power Domain
1 Introduction
2 Related Work
3 Method
3.1 Architecture
3.2 BERT Model
3.3 BiLSTM Model
3.4 CRF Model
4 Experiments
4.1 Electric Power Domain Dataset
4.2 Performance of Electric Power Dataset
4.3 Performance Comparison of NER Models
5 Conclusions
References
Adversarial Example Attacks and Defenses in DNS Data Exfiltration
1 Introduction
2 Background and Related Work
2.1 A Deeper Look into the DNS Protocol
2.2 Data Exfiltration
3 Preliminaries
3.1 Payload Analysis
3.2 Traffic Analysis
3.3 Data Exfiltration Detection Methods
4 Problem Formulation
4.1 Data Exfiltration Detection Using Machine Learning
4.2 Optimization Approach to Adversarial Example Packet Generation of Data Exfiltration Packets
4.3 Our Findings
5 Defense Against Malicious Evasion of DNS Exfiltration Detection
5.1 Ensemble Voting Approach
5.2 Adversarial Example Training
6 Conclusion
References
CONNECTION: COvert chaNnel NEtwork attaCk Through bIt-rate mOdulatioN
1 Introduction
2 Background
2.1 Covert Channel Characteristics
2.2 Brief Overview of Enterprise Networks
3 Related Works
4 Attacker Model
5 Bit-Rate Modulation as Covert Channel
5.1 Covert Sender
5.2 Covert Receiver
6 Evaluation of the Covert Channel
6.1 Results of Adversary Emulation in the Cyber Range
7 Discussion
8 Conclusions
References
Author Index