Nowadays, convolutional neural network (CNN) based steganalysis methods achieved great performance. While those methods are also facing security problems. In this paper, we proposed an attack scheme aiming at CNN based steganalyzer including two different attack methods 1) the LSB-Jstego Gradient Based Attack; 2) LSB-Jstego Evolutionary Algorithms Based Attack. The experiment results show that the attack strategies could achieve 96.02% and 90.25% success ratio separately on the target CNN. The proposed attack scheme is an effective way to fool the CNN based steganalyzer and in addition demonstrates the vulnerability of the neural networks in steganalysis. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.

In this paper, a low distortion reversible database watermarking method based on histogram gap is proposed in view of the large gap in histogram of database integer data. By using the method, the tolerance of the attribute column containing all integer data is firstly calculated and the prediction error is obtained according to the tolerance. Then according to the watermark bits to be embedded, the database tuples will be randomly grouped and the histogram can be constructed by using the prediction error. Finally, the histogram correction rule is used to find the histogram peak bin, the number of consecutive non-zero prediction errors on the left and right sides of the peak is obtained, and the histogram shift is performed on the side with a smaller number of non-zero prediction errors, and then the watermark embedding will be realized. The results of the experiments based on the published dataset of FCTD (Forest Cover Type Dataset) show that compared with the existing GAHSW which also considers distortion, the proposed method significantly reduces the number of histogram column shift while embedding the watermarks, greatly reduces the changes to the carrier data, and effectively reduces the database's data distortion caused by watermark embedding.

Existing algorithms experience difficulty resisting additive and subtractive attacks because the embedded watermarks are independent of the carrier programs. A dynamic software watermarking algorithm based on exception handling is proposed in this paper. The algorithm considers the fact that exception handling, which is difficult to remove, commonly exists in the programs to ensure the normal program operation. First, an exception type table is constructed, and the binary watermark to be embedded is mapped to a sequence of exception types by scrambling encoding. Second, corresponding trigger conditions and exception handlers are constructed, and watermark embeddable points are acquired in execution paths under secret inputs. Finally, the code segment of the constructed trigger conditions and exception handlers are inserted into the program with several meticulously designed identifiers. For watermark extraction, the triggered exception types can be obtained with the identifiers by executing the watermarked executable program under secret inputs. The mapping relationship between the exception type and watermark is utilized to decode the binary watermark. The algorithm analysis and experimental results show that the proposed algorithm can embed a watermark in the source code and extract it in an executable program. The algorithm demonstrates good performance against additive and subtractive attacks.

Due to the existence of multiple views in many real-world data sets, multi-view clustering is increasingly popular. Many approaches have been investigated, among which the subspace clustering methods finding the underlying subspaces of data have been developed recently. Although the subspace-based multi-view methods can achieve promising performance, the shared subspace information has not been fully utilized. To address this problem, a novel multi-view clustering model by simultaneously learning shared subspace and affinity matrix is proposed. In our method, a shared subspace is learned to preserve the effective consensus information of all views. Then, a subspace-based affinity matrix with adaptive neighbors is learned to assign the most suitable cluster to each data point. An iterative strategy is developed for solving this problem. Moreover, experiments on four benchmark data sets demonstrate that our algorithm outperforms other state-of-the-art algorithms.

The CAPTCHA has become an important issue in multimedia security. Aimed at a commonly used text-based CAPTCHA, this paper outlines some typical methods and summarizes the technological progress in text-based CAPTCHA breaking. First, the paper presents a comprehensive review of recent developments in the text-based CAPTCHA breaking field. Second, a framework of text-based CAPTCHA breaking technique is proposed. And the framework mainly consists of preprocessing, segmentation, combination, recognition, postprocessing, and other modules. Third, the research progress of the technique involved in each module is introduced, and some typical methods of segmentation and recognition are compared and analyzed. Lastly, the paper discusses some problems worth further research.

Digital image watermarking used to be an important tool for copyright protection. However, as neural network-based watermark removal methods have been proposed in recent years, the embedded watermark is increasingly easy to be erased, which poses a great threat to copyright protection. To address this issue, we propose an adversarial visible watermark scheme, which combines the visible watermark with the adversarial perturbation. By attacking the watermark removal network, we maximize the resistance of visible watermark against removal while minimizing the visual distortion. To further improve the robustness against various transformations (e.g. cropping, JPEG compression), we employ the region of interest and random pre-processing to embed the adversarial visible watermark. The experimental results show that the proposed scheme can effectively resist the removal of watermarks on different datasets and network structures while having good transferability and robustness, which enables the watermark to continue to be an effective copyright protection method. © 2024 Elsevier Ltd

动态网络是指随着时间的推移而不断变化的网络,其广泛存在于现实生活中,类似社交网络、通信网络、计算机拓扑网络等都是比较常见的动态网络。动态网络的特点在于其结构会随网络演化过程不断发生变化,在这些变化中可能存在部分异常变化。对动态网络进行异常检测有助于我们及时发现导致异常的事件,防止进一步造成损失。本文以动态网络为研究对象,以网络表示学习为主要途径,检测动态网络异常事件并定位异常节点集。本文的主要工作如下:（1）针对现有图表示学习方法对原始图形结构的学习能力不强的问题,结合频繁子图挖掘相关技术,提出了一种基于N边子图的图表示学习方法。首先在图集中对各图进行N边子图抽取,使用DFSCode编码来对子图进行唯一标识;之后将各图对应的N边子图集输入到doc2vec模型中,获得各个图的向量表示。在真实数据集上进行实验对比,使用机器学习方法对学习到的图的向量表示进行分类,实验证明本文提出的方法在大多数实验数据集上分类准确率有了5%左右的提升。（2）鉴于网络表示学习在捕捉网络结构方面存在的优势,提出了一种基于网络表示学习的动态网络异常事件检测方法。该方法由基于节点自我图的动态网络表示学习和动态网络异常检测策略两部分组成。该方法结合目前流行的神经网络文档向量表示模型,在对动态网络按时间切片处理后生成网络序列,基于节点的邻域特征生成节点序列综合学习节点及网络的向量表示,基于各时间片网络相应的向量表示进行网络相似性度量,识别是否发生了异常事件,在确定异常事件后进而通过节点相似性度量来定位异常事件下的异常节点。在安然邮件数据集和AS级Internet动态网络数据集上进行了实验验证,实验结果证明了该方法的有效性。（3）针对现有的网络表示学习方法在面向加权动态网络时没有学习边与权重的对应关系、在进行异常链接检测时无法有效地识别权重异常的问题,提出了一种针对加权动态网络的网络表示学习方法,该方法通过将权重视为特殊的节点,采用深度自编码神经网络来获得节点的向量表示,可以同时学习网络结构信息与边的权重信息,较传统网络表示学习方法在异常链接检测方面准确率有10%左右的提升。（4）针对动态网络中异常事件传播模式、持续时间的多样性,使得单个时间片网络难以完整地捕获整个异常事件的问题,首次将异常链接与基于全连接神经网络的异常群体检测模型相结合,克服了传统基于全连接神经网络的异常群体检测模型无法识别节点链接结构改变的缺点,有效地提高了异常群体检测的适用性。最后在真实数据集上的进行实验验证,证明了该方法的广泛适用性,不仅可以有效地识别节点通信量突增异常,而且可以有效识别节点链接结构改变异常。

The increasing amount of graph-structured data catalyzes analytics over graph databases using semantic queries. Motivated by the ubiquity of commercial cloud platforms, data owners are willing to store their graph databases remotely. However, data privacy has emerged as a widespread concern since the cloud platforms are not fully trusted. One viable solution is to encrypt sensitive data before outsourcing, which inevitably hinders data retrieval. To enable queries over encrypted data, searchable symmetric encryption (SSE) has been introduced. Yet, the most well-studied class of SSE schemes focuses on retrieving textual files given keywords, which cannot be applied to graph databases directly. This paper extends our preliminary work (FC'17) and proposes GraphShield, a structured encryption scheme for graphs. Beyond shortest distance queries, GraphShield can support other classic graph-based queries (e.g., maximum flow) and more complicated analytics (e.g., PageRank). Technically, we incorporate a suite of (efficient) cryptographic primitives and tailor some extra secure protocols for facilitating graph analytics. Our scheme also allows updates on the encrypted graph with forward privacy guaranteed. We formalize the security model and prove the adaptive security with reasonable leakage. Finally, we implement our scheme on various real-world datasets, and the experiment results demonstrate its practicality and scalability.

Traditional steganography methods are usually designed on a lossless channel; thus, messages are often not extracted correctly from an image transmitted over a lossy channel that includes attacks such as scaling. To address this issue, in recent years, the field of robust steganography has emerged. In this paper, the process of image scaling by interpolation is first observed and serves as the basis for proposing the idea of inverse interpolation. Subsequently, the idea of constructing an inverse interpolation equation set is proposed to solve the problem of intersectional blocks during the inverse interpolation process. Then, the scaling factor's valid range of inverse interpolation is analyzed. Next, the inverse interpolation is successfully applied in robust image steganography. A method that combines antiscaling and antidetection is proposed. Afterward, actual tests on the top 9 mobile phone brands with 28 models and 2 social communication apps that are currently popular in China are done. The scaling factor's valid range of the proposed method is verified to match the actual lossy channel. The experimental results show that the proposed method achieves a reliable extraction of embedded messages for common interpolation scaling attacks while maintaining high statistical detection resistance.

Convolutional neural networks (CNN) is a popular architecture in machine learning for its predictive power, notably in computer vision and medical image analysis. Its great predictive power requires extensive computation, which encourages model owners to host the prediction service in a cloud platform. This article proposes a CNN prediction scheme that preserves privacy in the outsourced setting, i.e., the model-hosting server cannot learn the query, (intermediate) results, and the model. Similar to SecureML (S&P'17), a representative work that provides model privacy, we employ two non-colluding servers with secret sharing and triplet generation to minimize the usage of heavyweight cryptography. We made the following optimizations for both overall latency and accuracy. 1) We adopt asynchronous computation and SIMD for offline triplet generation and parallelizable online computation. 2) As MiniONN (CCS'17) and its improvement by the generic EzPC compiler (EuroS&P'19), we use a garbled circuit for the non-polynomial ReLU activation to keep the same accuracy as the underlying network (instead of approximating it in SecureML prediction). 3) For the pooling in CNN, we employ (linear) average-pooling, which achieves almost the same accuracy as the (non-linear, and hence less efficient) max-pooling exhibited by MiniONN and EzPC. Considering both offline and online costs, our experiments on the MNIST dataset show a latency reduction of 122 x, 14.63 x, and 36.69x compared to SecureML, MiniONN, and EzPC; and a reduction of communication costs by 1.09 x, 36.69 x, and 31.32 x, respectively. On the CIFAR dataset, our scheme achieves a lower latency by 7.14x and 3.48x and lower communication costs by 13.88x and 77.46x when compared with MiniONN and EzPC, respectively.