The widespread dependency on open-source software makes it a fruitful target for malicious actors, as demonstrated by recurring attacks. The complexity of today's open-source supply chains results in a significant attack surface, giving attackers numerous opportunities to reach the goal of injecting malicious code into open-source artifacts that is then downloaded and executed by victims. This work proposes a general taxonomy for attacks on open-source supply chains, independent of specific programming languages or ecosystems, and covering all supply chain stages from code contributions to package distribution. Taking the form of an attack tree, it covers 107 unique vectors, linked to 94 real-world incidents, and mapped to 33 mitigating safeguards. User surveys conducted with 17 domain experts and 134 software developers positively validated the correctness, comprehensiveness and comprehensibility of the taxonomy, as well as its suitability for various use-cases. Survey participants also assessed the utility and costs of the identified safeguards, and whether they are used.
相關內容
分(fen)(fen)類(lei)(lei)(lei)(lei)學是(shi)(shi)(shi)分(fen)(fen)類(lei)(lei)(lei)(lei)的(de)(de)(de)(de)(de)實踐和(he)科學。Wikipedia類(lei)(lei)(lei)(lei)別(bie)(bie)說明(ming)了一(yi)(yi)(yi)種(zhong)分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa),可以通過自動(dong)方式提取Wikipedia類(lei)(lei)(lei)(lei)別(bie)(bie)的(de)(de)(de)(de)(de)完整分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)。截至(zhi)2009年,已經證明(ming),可以使用(yong)人工構(gou)建的(de)(de)(de)(de)(de)分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)(例如像(xiang)WordNet這樣(yang)的(de)(de)(de)(de)(de)計算詞典(dian)的(de)(de)(de)(de)(de)分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa))來改進(jin)和(he)重組(zu)Wikipedia類(lei)(lei)(lei)(lei)別(bie)(bie)分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)。
從廣義上講,分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)還適(shi)用(yong)于除父子層次結構(gou)以外的(de)(de)(de)(de)(de)關(guan)(guan)系(xi)方案,例如網(wang)絡結構(gou)。然后分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)可能(neng)(neng)包(bao)括有多父母的(de)(de)(de)(de)(de)單身孩子,例如,“汽車”可能(neng)(neng)與父母雙(shuang)方一(yi)(yi)(yi)起出現“車輛”和(he)“鋼結構(gou)”;但(dan)是(shi)(shi)(shi)對某些人而(er)言,這僅(jin)意味著(zhu)“汽車”是(shi)(shi)(shi)幾種(zhong)不(bu)同分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)的(de)(de)(de)(de)(de)一(yi)(yi)(yi)部分(fen)(fen)。分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)也可能(neng)(neng)只是(shi)(shi)(shi)將(jiang)事(shi)物組(zu)織成組(zu),或者是(shi)(shi)(shi)按字母順序排列(lie)的(de)(de)(de)(de)(de)列(lie)表;但(dan)是(shi)(shi)(shi)在(zai)(zai)這里,術語詞匯(hui)更合適(shi)。在(zai)(zai)知識管理中(zhong)的(de)(de)(de)(de)(de)當前用(yong)法(fa)(fa)(fa)中(zhong),分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)被(bei)認(ren)為比(bi)本體(ti)論(lun)窄(zhai),因(yin)為本體(ti)論(lun)應用(yong)了各(ge)種(zhong)各(ge)樣(yang)的(de)(de)(de)(de)(de)關(guan)(guan)系(xi)類(lei)(lei)(lei)(lei)型。
在(zai)(zai)數(shu)學上,分(fen)(fen)層分(fen)(fen)類(lei)(lei)(lei)(lei)法(fa)(fa)(fa)是(shi)(shi)(shi)給定(ding)對象(xiang)(xiang)(xiang)集的(de)(de)(de)(de)(de)分(fen)(fen)類(lei)(lei)(lei)(lei)樹結構(gou)。該結構(gou)的(de)(de)(de)(de)(de)頂部是(shi)(shi)(shi)適(shi)用(yong)于所有對象(xiang)(xiang)(xiang)的(de)(de)(de)(de)(de)單個分(fen)(fen)類(lei)(lei)(lei)(lei),即根節點。此根下的(de)(de)(de)(de)(de)節點是(shi)(shi)(shi)更具(ju)體(ti)的(de)(de)(de)(de)(de)分(fen)(fen)類(lei)(lei)(lei)(lei),適(shi)用(yong)于總分(fen)(fen)類(lei)(lei)(lei)(lei)對象(xiang)(xiang)(xiang)集的(de)(de)(de)(de)(de)子集。推(tui)理的(de)(de)(de)(de)(de)進(jin)展從一(yi)(yi)(yi)般到更具(ju)體(ti)。
Privacy and security researchers often rely on data collected through online crowdsourcing platforms such as Amazon Mechanical Turk (MTurk) and Prolific. Prior work -- which used data collected in the United States between 2013 and 2017 -- found that MTurk responses regarding security and privacy were generally representative for people under 50 or with some college education. However, the landscape of online crowdsourcing has changed significantly over the last five years, with the rise of Prolific as a major platform and the increasing presence of bots. This work attempts to replicate the prior results about the external validity of online privacy and security surveys. We conduct an online survey on MTurk (n=800), a gender-balanced survey on Prolific (n=800), and a representative survey on Prolific (n=800) and compare the responses to a probabilistic survey conducted by the Pew Research Center (n=4272). We find that MTurk response quality has degraded over the last five years, and our results do not replicate the earlier finding about the generalizability of MTurk responses. By contrast, we find that data collected through Prolific is generally representative for questions about user perceptions and experiences, but not for questions about security and privacy knowledge. We also evaluate the impact of Prolific settings, attention check questions, and statistical methods on the external validity of online surveys, and we develop recommendations about best practices for conducting online privacy and security surveys.
Speculative attacks are still an active threat today that, even if initially focused on the x86 platform, reach across all modern hardware architectures. RISC-V is a newly proposed open instruction set architecture that has seen traction from both the industry and academia in recent years. In this paper we focus on the RISC-V cores where speculation is enabled and, as we show, where Spectre attacks are as effective as on x86. Even though RISC-V hardware mitigations were proposed in the past, they have not yet passed the prototype phase. Instead, we propose low-overhead software mitigations for Spectre-BTI, inspired from those used on the x86 architecture, and for Spectre-RSB, to our knowledge the first such mitigation to be proposed. We show that these mitigations work in practice and that they can be integrated in the LLVM toolchain. For transparency and reproducibility, all our programs and data are made publicly available online.
Context: A tertiary study can be performed to identify related reviews on a topic of interest. However, the elaboration of an appropriate and effective search string to detect secondary studies is challenging for Software Engineering (SE) researchers. Objective: The main goal of this study is to propose a suitable search string to detect secondary studies in SE, addressing issues such as the quantity of applied terms, relevance, recall and precision. Method: We analyzed seven tertiary studies under two perspectives: (1) structure -- strings' terms to detect secondary studies; and (2) field: where searching -- titles alone or abstracts alone or titles and abstracts together, among others. We validate our string by performing a two-step validation process. Firstly, we evaluated the capability to retrieve secondary studies over a set of 1537 secondary studies included in 24 tertiary studies in SE. Secondly, we evaluated the general capacity of retrieving secondary studies over an automated search using the Scopus digital library. Results: Our string was capable to retrieve an optimum value of over 90\% of the included secondary studies (recall) with a high general precision of almost 60\%. Conclusion: The suitable search string for finding secondary studies in SE contains the terms "systematic review", "literature review", "systematic mapping", "mapping study" and "systematic map".
Law enforcement agencies struggle with criminals using to end-to-end encryption (E2EE). A recent policy paper states: "while encryption is vital and privacy and cyber security must be protected, that should not come at the expense of wholly precluding law enforcement". The main argument is that E2EE hampers attribution and prosecution of criminals who rely on encrypted communication - ranging from drug syndicates to child sexual abuse material (CSAM) platforms. This statement - in policy circles dubbed 'going dark' - is not yet supported by empirical evidence. That is why, in our work, we analyse public court data from the Netherlands to show to what extent law enforcement agencies and the public prosecution service are impacted by the use of E2EE in bringing cases to court and their outcome. Our results show that Dutch courts appear to be as successful in convicting offenders who rely on E2EE as those who do not. Our data does not permit us to draw conclusions on the effect of E2EE on criminal investigations.
While the importance of automatic image analysis is continuously increasing, recent meta-research revealed major flaws with respect to algorithm validation. Performance metrics are particularly key for meaningful, objective, and transparent performance assessment and validation of the used automatic algorithms, but relatively little attention has been given to the practical pitfalls when using specific metrics for a given image analysis task. These are typically related to (1) the disregard of inherent metric properties, such as the behaviour in the presence of class imbalance or small target structures, (2) the disregard of inherent data set properties, such as the non-independence of the test cases, and (3) the disregard of the actual biomedical domain interest that the metrics should reflect. This living dynamically document has the purpose to illustrate important limitations of performance metrics commonly applied in the field of image analysis. In this context, it focuses on biomedical image analysis problems that can be phrased as image-level classification, semantic segmentation, instance segmentation, or object detection task. The current version is based on a Delphi process on metrics conducted by an international consortium of image analysis experts from more than 60 institutions worldwide.
Data is central to the development and evaluation of machine learning (ML) models. However, the use of problematic or inappropriate datasets can result in harms when the resulting models are deployed. To encourage responsible AI practice through more deliberate reflection on datasets and transparency around the processes by which they are created, researchers and practitioners have begun to advocate for increased data documentation and have proposed several data documentation frameworks. However, there is little research on whether these data documentation frameworks meet the needs of ML practitioners, who both create and consume datasets. To address this gap, we set out to understand ML practitioners' data documentation perceptions, needs, challenges, and desiderata, with the goal of deriving design requirements that can inform future data documentation frameworks. We conducted a series of semi-structured interviews with 14 ML practitioners at a single large, international technology company. We had them answer a list of questions taken from datasheets for datasets (Gebru, 2021). Our findings show that current approaches to data documentation are largely ad hoc and myopic in nature. Participants expressed needs for data documentation frameworks to be adaptable to their contexts, integrated into their existing tools and workflows, and automated wherever possible. Despite the fact that data documentation frameworks are often motivated from the perspective of responsible AI, participants did not make the connection between the questions that they were asked to answer and their responsible AI implications. In addition, participants often had difficulties prioritizing the needs of dataset consumers and providing information that someone unfamiliar with their datasets might need to know. Based on these findings, we derive seven design requirements for future data documentation frameworks.
With the advent of 5G commercialization, the need for more reliable, faster, and intelligent telecommunication systems are envisaged for the next generation beyond 5G (B5G) radio access technologies. Artificial Intelligence (AI) and Machine Learning (ML) are not just immensely popular in the service layer applications but also have been proposed as essential enablers in many aspects of B5G networks, from IoT devices and edge computing to cloud-based infrastructures. However, most of the existing surveys in B5G security focus on the performance of AI/ML models and their accuracy, but they often overlook the accountability and trustworthiness of the models' decisions. Explainable AI (XAI) methods are promising techniques that would allow system developers to identify the internal workings of AI/ML black-box models. The goal of using XAI in the security domain of B5G is to allow the decision-making processes of the security of systems to be transparent and comprehensible to stakeholders making the systems accountable for automated actions. In every facet of the forthcoming B5G era, including B5G technologies such as RAN, zero-touch network management, E2E slicing, this survey emphasizes the role of XAI in them and the use cases that the general users would ultimately enjoy. Furthermore, we presented the lessons learned from recent efforts and future research directions on top of the currently conducted projects involving XAI.
Deep Learning (DL) is the most widely used tool in the contemporary field of computer vision. Its ability to accurately solve complex problems is employed in vision research to learn deep neural models for a variety of tasks, including security critical applications. However, it is now known that DL is vulnerable to adversarial attacks that can manipulate its predictions by introducing visually imperceptible perturbations in images and videos. Since the discovery of this phenomenon in 2013~[1], it has attracted significant attention of researchers from multiple sub-fields of machine intelligence. In [2], we reviewed the contributions made by the computer vision community in adversarial attacks on deep learning (and their defenses) until the advent of year 2018. Many of those contributions have inspired new directions in this area, which has matured significantly since witnessing the first generation methods. Hence, as a legacy sequel of [2], this literature review focuses on the advances in this area since 2018. To ensure authenticity, we mainly consider peer-reviewed contributions published in the prestigious sources of computer vision and machine learning research. Besides a comprehensive literature review, the article also provides concise definitions of technical terminologies for non-experts in this domain. Finally, this article discusses challenges and future outlook of this direction based on the literature reviewed herein and [2].
As data are increasingly being stored in different silos and societies becoming more aware of data privacy issues, the traditional centralized training of artificial intelligence (AI) models is facing efficiency and privacy challenges. Recently, federated learning (FL) has emerged as an alternative solution and continue to thrive in this new reality. Existing FL protocol design has been shown to be vulnerable to adversaries within or outside of the system, compromising data privacy and system robustness. Besides training powerful global models, it is of paramount importance to design FL systems that have privacy guarantees and are resistant to different types of adversaries. In this paper, we conduct the first comprehensive survey on this topic. Through a concise introduction to the concept of FL, and a unique taxonomy covering: 1) threat models; 2) poisoning attacks and defenses against robustness; 3) inference attacks and defenses against privacy, we provide an accessible review of this important topic. We highlight the intuitions, key techniques as well as fundamental assumptions adopted by various attacks and defenses. Finally, we discuss promising future research directions towards robust and privacy-preserving federated learning.
Deep learning models on graphs have achieved remarkable performance in various graph analysis tasks, e.g., node classification, link prediction and graph clustering. However, they expose uncertainty and unreliability against the well-designed inputs, i.e., adversarial examples. Accordingly, various studies have emerged for both attack and defense addressed in different graph analysis tasks, leading to the arms race in graph adversarial learning. For instance, the attacker has poisoning and evasion attack, and the defense group correspondingly has preprocessing- and adversarial- based methods. Despite the booming works, there still lacks a unified problem definition and a comprehensive review. To bridge this gap, we investigate and summarize the existing works on graph adversarial learning tasks systemically. Specifically, we survey and unify the existing works w.r.t. attack and defense in graph analysis tasks, and give proper definitions and taxonomies at the same time. Besides, we emphasize the importance of related evaluation metrics, and investigate and summarize them comprehensively. Hopefully, our works can serve as a reference for the relevant researchers, thus providing assistance for their studies. More details of our works are available at //github.com/gitgiter/Graph-Adversarial-Learning.
小貼士
登錄享
注冊地址: 北京市海淀區羊坊店路18號2幢3層301-191