Kevin Shi

Mohammad Mamun, Kevin Shi

APT, known as Advanced Persistent Threat, is a difficult challenge for cyber defence. These threats make many traditional defences ineffective as the vulnerabilities exploited by these threats are insiders who have access to and are within the network. This paper proposes DeepTaskAPT, a heterogeneous task-tree based deep learning method to construct a baseline model based on sequences of tasks using a Long Short-Term Memory (LSTM) neural network that can be applied across different users to identify anomalous behaviour. Rather than applying the model to sequential log entries directly, as most current approaches do, DeepTaskAPT applies a process tree based task generation method to generate sequential log entries for the deep learning model. To assess the performance of DeepTaskAPT, we use a recently released synthetic dataset, DARPA Operationally Transparent Computing (OpTC) dataset and a real-world dataset, Los Alamos National Laboratory (LANL) dataset. Both of them are composed of host-based data collected from sensors. Our results show that DeepTaskAPT outperforms similar approaches e.g. DeepLog and the DeepTaskAPT baseline model demonstrate its capability to detect malicious traces in various attack scenarios while having high accuracy and low false-positive rates. To the best of knowledge this is the very first attempt of using recently introduced OpTC dataset for cyber threat detection.

Shiv Sondhi, Sherif Saad, Kevin Shi et al.

A critical component of any blockchain or distributed ledger technology (DLT) platform is the consensus algorithm. Blockchain consensus algorithms are the primary vehicle for the nodes within a blockchain network to reach an agreement. In recent years, many blockchain consensus algorithms have been proposed mainly for private and permissioned blockchain networks. However, the performance of these algorithms and their reliability in hostile environments or the presence of byzantine and other network failures are not well understood. In addition, the testing and validation of blockchain applications come with many technical challenges. In this paper, we apply chaos engineering and testing to understand the performance of consensus algorithms in the presence of different loads, byzantine failure and other communication failure scenarios. We apply chaos engineering to evaluate the performance of three different consensus algorithms (PBFT, Clique, Raft) and their respective blockchain platforms. We measure the blockchain network's throughput, latency, and success rate while executing chaos and load tests. We develop lightweight blockchain applications to execute our test in a semi-production environment. Our results show that using chaos engineering helps understand how different consensus algorithms perform in a hostile or unreliable environment and the limitations of blockchain platforms. Our work demonstrates the benefits of using chaos engineering in testing complex distributed systems such as blockchain networks.

Hadi Hosseini, Debmalya Mandal, Nisarg Shah et al.

The wisdom of the crowd has long become the de facto approach for eliciting information from individuals or experts in order to predict the ground truth. However, classical democratic approaches for aggregating individual \emph{votes} only work when the opinion of the majority of the crowd is relatively accurate. A clever recent approach, \emph{surprisingly popular voting}, elicits additional information from the individuals, namely their \emph{prediction} of other individuals' votes, and provably recovers the ground truth even when experts are in minority. This approach works well when the goal is to pick the correct option from a small list, but when the goal is to recover a true ranking of the alternatives, a direct application of the approach requires eliciting too much information. We explore practical techniques for extending the surprisingly popular algorithm to ranked voting by partial votes and predictions and designing robust aggregation rules. We experimentally demonstrate that even a little prediction information helps surprisingly popular voting outperform classical approaches.

Kevin Shi, Daniel Hsu, Allison Bishop

We propose a new randomized ensemble technique with a provable security guarantee against black-box transfer attacks. Our proof constructs a new security problem for random binary classifiers which is easier to empirically verify and a reduction from the security of this new model to the security of the ensemble classifier. We provide experimental evidence of the security of our random binary classifiers, as well as empirical results of the adversarial accuracy of the overall ensemble to black-box attacks. Our construction crucially leverages hidden randomness in the multiclass-to-binary reduction.

Daniel Hsu, Kevin Shi, Xiaorui Sun

This article considers algorithmic and statistical aspects of linear regression when the correspondence between the covariates and the responses is unknown. First, a fully polynomial-time approximation scheme is given for the natural least squares optimization problem in any constant dimension. Next, in an average-case and noise-free setting where the responses exactly correspond to a linear function of i.i.d. draws from a standard multivariate normal distribution, an efficient algorithm based on lattice basis reduction is shown to exactly recover the unknown linear function in arbitrary dimension. Finally, lower bounds on the signal-to-noise ratio are established for approximate recovery of the unknown linear function by any estimator.