Defense Notices

Runtime attestation is a way to gain confidence in the current state of a remote target. 

Layered attestation is a way of extending that confidence from one component to another. 

Introspective solutions for layered attestation require strict isolation. 

The seL4 is uniquely well-suited to offer kernel properties sufficient to achieve such isolation. 

I design, implement, and evaluate introspective measurements and the layered runtime attestation of a Linux kernel hosted by the seL4. 

VERIAL can detect diamorphine-style rootkits with performance cost comparable to previous work. 

The accelerated melting of ice sheets in Greenland and Antarctica, driven by climate warming, is significantly contributing to global sea level rise. To better understand this phenomenon, airborne radars have been deployed to create echogram images that map snow accumulation patterns in these regions. Utilizing advanced radar systems developed by the Center for Remote Sensing and Integrated Systems (CReSIS), around 1.5 petabytes of climate data have been collected. However, extracting ice-related information, such as accumulation rates, remains limited due to the largely manual and time-consuming process of tracking internal layers in radar echograms. This highlights the need for automated solutions.

Machine learning and deep learning algorithms are well-suited for this task, given their near-human performance on optical images. The overlap between classical radar signal processing and machine learning techniques suggests that combining concepts from both fields could lead to optimized solutions.

In this work, we developed custom deep learning algorithms for automatic layer tracking (both supervised and self-supervised) to address the challenge of limited annotated data and achieve accurate tracking of radiostratigraphic layers in echograms. We introduce an iterative multi-class classification algorithm, termed “Row Block,” which sequentially tracks internal layers from the top to the bottom of an echogram based on the surface location. This approach was used in an active learning framework to expand the labeled dataset. We also developed deep learning segmentation algorithms by framing the echogram layer tracking problem as a binary segmentation task, followed by post-processing to generate vector-layer annotations using a connected-component 1-D layer-contour extractor.

Additionally, we aimed to provide the deep learning and scientific communities with a large, fully annotated dataset. This was achieved by synchronizing radar data with outputs from a regional climate model, creating what are currently the two largest machine-learning-ready Snow Radar datasets available, with 10,000 and 50,000 echograms, respectively.

The artificially intelligent Dietician Web application is an innovative piece of technology that makes use of artificial intelligence to offer individualised nutritional guidance and assistance. This web application uses advanced machine learning algorithms and natural language processing to provide users with individualized nutritional advice and assistance in meal planning. Users who are interested in improving their eating habits can benefit from this bot. The system collects relevant data about users' dietary choices, as well as information about calories, and provides insights into body mass index (BMI) and basal metabolic rate (BMR) through interactive conversations, resulting in tailored recommendations. To enhance its capacity for prediction, a number of classification methods, including naive Bayes, neural networks, random forests, and support vector machines, were utilised and evaluated. Following an exhaustive analysis, the model that proved to be the most effective random forest is selected for the purpose of incorporating it into the development of the artificial intelligence Dietician Web application. The purpose of this study is to emphasise the significance of the artificial intelligence Dietician Web application as a versatile and intelligent instrument that encourages the adoption of healthy eating habits and empowers users to make intelligent decisions regarding their dietary requirements.

Data science is revolutionizing the world of sports by uncovering hidden patterns and providing profound insights that enhance performance, strategy, and decision-making. This project, "Understanding Soccer Through Data Science," exemplifies the transformative power of data analytics in sports. By leveraging Graph Neural Networks (GNNs), this project delves deep into the intricate passing dynamics within soccer teams. 

A key innovation of this project is the development of a novel metric called PassNetScore, which aims to contextualize and provide meaningful insights into passing networks—a popular application of graph network theory in soccer. Utilizing the Statsbomb Event Data, which captures every event during a soccer match, including passes, shots, fouls, and substitutions, this project constructs detailed passing network graphs. Each player is represented as a node, and each pass as an edge, creating a comprehensive representation of team interactions on the pitch. The project harnesses the power of Spektral, a Python library for graph deep learning, to build and analyze these graphs. Key node features include players' average positions, total passes and expected threat of passes, while edges encapsulate the passing interactions and pass counts. 

The project explores two distinct models to calculate PassNetScore through predicting match outcomes. The first model is a basic GNN that employs a binary adjacency matrix to represent the presence or absence of passes between players. This model captures the fundamental structure of passing networks, highlighting key players and connections within the team. There are three variations of this model, each building on the binary model by adding new features to nodes or edges. The second model integrates GNN with Long Short-Term Memory (LSTM) networks to account for temporal dependencies in passing sequences. This advanced model provides deeper insights into how passing patterns evolve over time and how these dynamics impact match outcomes. To evaluate the effectiveness of these models, a suite of graph theory metrics is employed. These metrics illuminate the dynamics of team play and the influence of individual players, offering a comprehensive assessment of the PassNet Score metric. 

Through this innovative approach, the project demonstrates the powerful application of GNNs in sports analytics and offers a novel metric for evaluating passing networks based on match outcomes. This project paves the way for new strategies and insights that could revolutionize how teams analyze and improve their gameplay, showcasing the profound impact of data science in sports.

A Bloom Filter (BF) is a compact and space-efficient data structure that efficiently handles membership queries on infinite streams with numerous unique items. They are probabilistic data structures and allow false positives to avail the compactness. While querying for an item’s membership in the structure, if it returns true, the item might or might not be present in the stream, but a false response guarantees the item's absence. Bloom filters are widely used in real-world applications such as networking, databases, web applications, email spam filtering, biometric systems, security, cloud computing, and distributed systems due to their space-efficient and time-efficient properties. Bloom filters offer several advantages, particularly in storage compression and time-efficient data lookup. Additionally, the use of hashing ensures data security, i.e., if the BF is accessed by an unauthorized entity, no enrolled data can be reversed or traced back to the original content. In summary, BFs are powerful structures for storing data in a storage-efficient approach with low time complexity and high security. However, a disadvantage of the traditional Bloom filters is, they do not support dynamic operations, such as adding or deleting elements. Therefore, in this project, the idea of a Dynamic Bloom Filter has been demonstrated that offers the dynamicity feature that allows the addition or deletion of items. By integrating dynamic capabilities into Standard Bloom filters, their functionality, and robustness are enhanced, making them more suitable for several applications. For example, in a perpetual inventory system, inventory records are constantly updated after every inventory-related transaction, such as sales, purchases, or returns. In banking, dynamic data changes throughout the course of transactions. In the healthcare domain, hospitals can dynamically update and delete patients' medical histories.

The segmentation and classification of Printed Circuit Board (PCB) components offer multifaceted applications- primarily design validation, assembly verification, quality control optimization, and enhanced recycling processes. However, this field of study presents numerous challenges, mainly stemming from the heterogeneity of PCB component morphology and dimensionality, variations in packaging methodologies for functionally equivalent components, and limitations in the availability of image data. 

This study proposes a triad of approaches consisting of two segmentation-based and a classification-based architecture for PCB component detection. The first segmentation approach introduces an enhanced U-Net architecture with a custom loss function for improved multi-scale classification and segmentation accuracy. The second segmentation method leverages transfer learning, utilizing the Segment Anything Model (SAM) developed by Meta’s FAIR lab for both segmentation and classification. Lastly, Detectron2 with a ResNeXt-101 backbone, enhanced by Feature Pyramid Network (FPN), Region Proposal Network (RPN), and Region of Interest (ROI) Align has been proposed for multi-scale detection. The proposed methods are implemented on the FPIC dataset to detect the most commonly appearing components (resistor, capacitor, integrated circuit, LED, and button) in PCB. The first method outperforms existing state-of-the-art networks without pre-training, achieving a DICE score of 94.05%, an IoU score of 91.17%, and an accuracy of 94.90%. On the other hand, the second one surpasses both the previous state-of-the-art network and U-net in segmentation, attaining a DICE score of 97.08%, an IoU score of 93.95%, and an accuracy of 96.34%. Finally, the third one, being the first transfer learning-based approach to perform individual component classification on PCBs, achieves an average precision of 89.88%. Thus, the proposed triad of approaches will play a promising role in enhancing the robustness and accuracy of PCB quality assurance techniques.

The rapid development of AI has significantly impacted security and privacy, introducing both new cyber-attacks targeting AI models and challenges related to responsible use. As AI models become more widely adopted in real-world applications, attackers exploit adversarially altered samples to manipulate their behaviors and decisions. Simultaneously, the use of generative AI, like ChatGPT, has sparked debates about the integrity of AI-generated content.

In this dissertation, we investigate the security of modern AI systems and the detectability of AI-related threats, focusing on stealthy AI attacks and responsible AI use in academia. First, we reevaluate the stealthiness of 20 state-of-the-art attacks on six benchmark datasets, using 24 image quality metrics and over 30,000 user annotations. Our findings reveal that most attacks introduce noticeable perturbations, failing to remain stealthy. Motivated by this, we propose a novel model-poisoning neural Trojan, LoneNeuron, which minimally modifies the host neural network by adding a single neuron after the first convolution layer. LoneNeuron responds to feature-domain patterns that transform into invisible, sample-specific, and polymorphic pixel-domain watermarks, achieving a 100% attack success rate without compromising main task performance and enhancing stealth and detection resistance. Additionally, we examine the detectability of ChatGPT-generated content in academic writing. Presenting GPABench2, a dataset of over 2.8 million abstracts across various disciplines, we assess existing detection tools and challenges faced by over 240 evaluators. We also develop CheckGPT, a detection framework consisting of an attentive Bi-LSTM and a representation module, to capture subtle semantic and linguistic patterns in ChatGPT-generated text. Extensive experiments validate CheckGPT’s high applicability, transferability, and robustness.

Regular inspections are crucial for identifying and assessing damage in concrete dams, including a wide range of damage states. Manual inspections of dams are often constrained by cost, time, safety, and inaccessibility. Automating dam inspections using artificial intelligence has the potential to improve the efficiency and accuracy of data analysis. Computer vision and deep learning models have proven effective in detecting a variety of damage features using images, but their success relies on the availability of high-quality and diverse training data. This is because supervised learning, a common machine-learning approach for classification problems, uses labeled examples, in which each training data point includes features (damage images) and a corresponding label (pixel annotation). Unfortunately, public datasets of annotated images of concrete dam surfaces are scarce and inconsistent in quality, quantity, and representation.

To address this challenge, we present a novel approach that involves synthesizing a realistic environment using a 3D model of a dam. By overlaying this model with synthetically created photorealistic damage textures, we can render images to generate large and realistic datasets with high-fidelity annotations. Our pipeline uses NX and Blender for 3D model generation and assembly, Substance 3D Designer and Substance Automation Toolkit for texture synthesis and automation, and Unreal Engine 5 for creating a realistic environment and rendering images. This generated synthetic data is then used to train deep learning models in the subsequent steps. The proposed approach offers several advantages. First, it allows generation of large quantities of data that are essential for training accurate deep learning models. Second, the texture synthesis ensures generation of high-fidelity ground truths (annotations) that are crucial for making accurate detections. Lastly, the automation capabilities of the software applications used in this process provides flexibility to generate data with varied textures elements, colors, lighting conditions, and image quality overcoming the constraints of time. Thus, the proposed approach can improve the automation of dam inspection by improving the quality and quantity of training data.

Machine Learning (ML) has revolutionized various fields, from disease prediction to credit risk evaluation, by harnessing abundant data scattered across diverse sources. However, transporting data to a trusted server for centralized ML model training is not only costly but also raises privacy concerns, particularly with legislative standards like HIPAA in place. In response to these challenges, Federated Learning (FL) has emerged as a promising solution. FL involves training a collaborative model across a network of clients, each retaining its own private data. By conducting training locally on the participating clients, this approach eliminates the need to transfer entire training datasets while harnessing their computation capabilities. However, FL introduces unique privacy risks, security concerns, and robustness challenges. Firstly, FL is susceptible to malicious actors who may tamper with local data, manipulate the local training process, or intercept the shared model or gradients to implant backdoors that affect the robustness of the joint model. Secondly, due to the statistical and system heterogeneity within FL, substantial differences exist between the distribution of each local dataset and the global distribution, causing clients’ local objectives to deviate greatly from the global optima, resulting in a drift in local updates. Addressing such vulnerabilities and challenges is crucial before deploying FL systems in critical infrastructures.

In this dissertation, we present a multi-pronged approach to address the privacy, security, and robustness challenges in FL. This involves designing innovative privacy protection mechanisms and robust aggregation schemes to counter attacks during the training process. To address the privacy risk due to model or gradient interception, we present the design of a reliable and accountable blockchain-enabled privacy-preserving federated learning (PPFL) framework which leverages homomorphic encryption to protect individual client updates. The blockchain is adopted to support provenance of model updates during training so that malformed or malicious updates can be identified and traced back to the source. 

We studied the challenges in FL due to heterogeneous data distributions and found that existing FL algorithms often suffer from slow and unstable convergence and are vulnerable to poisoning attacks, particularly in extreme non-independent and identically distributed (non-IID) settings. We propose a robust aggregation scheme, named CONTRA, to mitigate data poisoning attacks and ensure an accuracy guarantee even under attack. This defense strategy identifies malicious clients by evaluating the cosine similarity of their gradient contributions and subsequently removes them from FL training. Finally, we introduce FL-GMM, an algorithm designed to tackle data heterogeneity while prioritizing privacy. It iteratively constructs a personalized classifier for each client while aligning local-global feature representations. By aligning local distributions with global semantic information, FL-GMM minimizes the impact of data diversity. Moreover, FL-GMM enhances security by transmitting derived model parameters via secure multiparty computation, thereby avoiding vulnerabilities to reconstruction attacks observed in other approaches. 

As internet services like high-definition videos, cloud computing, and artificial intelligence keep growing, optical networks need to keep up with the demand for more capacity. Optical amplifiers play a crucial role in offsetting fiber loss and enabling long-distance wavelength division multiplexing (WDM) transmission in high-capacity systems. Various methods have been proposed to enhance the capacity and reach of fiber communication systems, including advanced modulation formats, dense wavelength division multiplexing (DWDM) over ultra-wide bands, space-division multiplexing, and high-performance digital signal processing (DSP) technologies. To sustain higher data rates while maximizing the spectral efficiency of multi-level modulated signals, a higher Optical signal-to-noise ratio (OSNR) is necessary. Despite advancements in coherent optical communication systems, the spectral efficiency of multi-level modulated signals is ultimately constrained by fiber nonlinearity. Raman amplification is an attractive solution for wide-band amplification with low noise figures in multi-band systems. Distributed Raman Amplification (DRA) has been deployed in recent high-capacity transmission experiments to achieve a relatively flat signal power distribution along the optical path and offers the unique advantage of using conventional low-loss silica fibers as the gain medium, effectively transforming passive optical fibers into active or amplifying waveguides. Additionally, DRA provides gain at any wavelength by selecting the appropriate pump wavelength, enabling operation in signal bands outside the Erbium-doped fiber amplifier (EDFA) bands. Forward (FW) Raman pumping in DRA can be adopted to further improve the DRA performance as it is more efficient in OSNR improvement because the optical noise is generated near the beginning of the fiber span and attenuated along the fiber. Dual-order FW pumping helps to reduce the non-linear effect of the optical signal and improves OSNR by more uniformly distributing the Raman gain along the transmission span. The major concern with Forward Distributed Raman Amplification (FW DRA) is the fluctuation in pump power, known as relative intensity noise (RIN), which transfers from the pump laser to both the intensity and phase of the transmitted optical signal as they propagate in the same direction. Additionally, another concern of FW DRA is the rise in signal optical power near the start of the fiber span, leading to an increase in the Kerr-effect-induced non-linear phase shift of the signal. These factors, including RIN transfer-induced noise and non-linear noise, contribute to the degradation of the system performance in FW DRA systems at the receiver. As the performance of DRA with backward pumping is well understood with a relatively low impact of RIN transfer, our study is focused on the FW pumping scheme. Our research is intended to provide a comprehensive analysis of the system performance impact of dual-order FW Raman pumping, including signal intensity and phase noise induced by the RINs of both the 1st and the 2nd order pump lasers, as well as the impacts of linear and nonlinear noise. The efficiencies of pump RIN to signal intensity and phase noise transfer are theoretically analyzed and experimentally verified by applying a shallow intensity modulation to the pump laser to mimic the RIN. The results indicate that the efficiency of the 2nd order pump RIN to signal phase noise transfer can be more than 2 orders of magnitude higher than that from the 1st order pump. Then the performance of the dual-order FW Raman configurations is compared with that of single-order Raman pumping to understand the trade-offs of system parameters. The nonlinear interference (NLI) noise is analyzed to study the overall OSNR improvement when employing a 2nd order Raman pump. Finally, a DWDM system with 16-QAM modulation is used as an example to investigate the benefit of DRA with dual order Raman pumping and with different pump RIN levels. We also consider a DRA system using a 1st order incoherent pump together with a 2nd order coherent pump. Although dual-order FW pumping corresponds to a slight increase of linear amplified spontaneous emission (ASE) compared to using only a 1st order pump, its major advantage comes from the reduction of nonlinear interference noise in a DWDM system. Because the RIN of the 2nd order pump has much higher impact than that of the 1st order pump, there should be more stringent requirement on the RIN of the 2nd order pump laser when dual order FW pumping scheme is used for DRA for efficient fiber-optic communication. Also, the result of system performance analysis reveals that higher baud rate systems, like those operating at 100Gbaud, are less affected by pump laser RIN due to the low-pass characteristics of the transfer of pump RIN to signal phase noise.