Adversarial Black-Box Attacks in the Domain of Device Fingerprints

dc.contributor.authorAndersson, Joel
dc.contributor.authorÖrtenberg, Gustav
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data och informationstekniksv
dc.contributor.examinerDubhash, Devdatt
dc.contributor.supervisorSchneider, Gerardo
dc.date.accessioned2020-11-03T12:51:17Z
dc.date.available2020-11-03T12:51:17Z
dc.date.issued2020sv
dc.date.submitted2020
dc.description.abstractNetwork security products incorporate many different tools in order to secure large networks. State-of-the-artproductsoftenutilizemachinelearninginordertoclassify devices connected to a network to assign them different levels of trust without the need for authentication. These zero-configuration security mechanisms work similarly to image classifying Deep Neural Networks and are of interest for big organizations where large amounts of devices come and go every day. However, solutions leveraging the power of machine learning also inherit its vulnerability to adversarial samples. Previous work has shown that even in query-limited blackbox scenarios, which is the most limiting for an attacker, image classifiers are vulnerable to adversarial attacks that make use of specially crafted input vectors [24]. This study shows that known attack techniques against image classifiers can be successfully reapplied to classifiers in the domain of device fingerprints in computer networks. We provide proof of concept that previously discovered adversarial sampling techniques are applicable in the domain of device fingerprints by attacking a well known commercial classifier. We show that across ten different devices on average 9.9% of the adversarial samples were successfully misclassified by the classifier. The most prominent of those devices had 36% of its adversarial samplesmisclassified. Theseresultspointtotheneedformoresophisticatedtraining algorithmsaswellastheimportanceofnotbuildingsolutionsthatbuildsontrusting device- or user-supplied data.sv
dc.identifier.coursecodeMPCSNsv
dc.identifier.urihttps://hdl.handle.net/20.500.12380/302031
dc.language.isoengsv
dc.setspec.uppsokTechnology
dc.subjectAdversarial Machine Learningsv
dc.subjectAdversarial Samplessv
dc.subjectBlack-Box Attacksv
dc.subjectDevice Fingerprintingsv
dc.subjectNetwork Packet Sniffingsv
dc.subjectNetwork Securitysv
dc.subjectTransferabilitysv
dc.titleAdversarial Black-Box Attacks in the Domain of Device Fingerprintssv
dc.type.degreeExamensarbete för masterexamensv
dc.type.uppsokH
local.programmeComputer systems and networks (MPCSN), MSc
Ladda ner
Original bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
CSE 20-113 Andersson Örtenberg.pdf
Storlek:
1.54 MB
Format:
Adobe Portable Document Format
Beskrivning:
License bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
license.txt
Storlek:
1.14 KB
Format:
Item-specific license agreed upon to submission
Beskrivning: