Within the framework of maintaining a series of professional seminars, on December 2, 2021, the Institute of Information Technology, VNU held a seminar on “Information Security” with many interesting contents, especially in the context of argument transformation. and information security is very concerned nowadays.
The seminar was held under the chairmanship of Dr. Le Quang Minh, Head of Information Security Department, Institute of Information Technology, VNU. Attendees included a large number of scientists, experts in the field of information security, staff of the institute, graduate students, etc. The seminar was held in an online format on the zoom system.
The seminar consisted of three reports with the opening report titled: “The risk of information insecurity from the use of peripheral devices” by MSc. Ho Nguyen Khanh Duy, Deputy Head of Department of Cyber Security, iSPACE College of Cyber Security presented. The content of the report raises the issue of information insecurity coming from attack techniques that use peripheral devices as an intermediary such as portable hard drives, USB drives, mobile phones, etc., when users connect to the computer system. computer has been heavily warned in the reports of security companies. Even so, this is an existential threat and directly threatens systems from simple to complex, equipped with many modern security technologies due to the easy-to-access and implementation nature of the system. these techniques.
The second report with the content “Early detection of IoT Botnet malware with collaborative machine learning model” by MSc. Le Hai Viet, People’s Security Academy presented. The content of the report proposes to solve the problem of early detection of malicious code with two main trends: (1) shortening the monitoring time and (2) collecting the minimum necessary data for detection. malicious code. Approach (1) exposes many limitations as the IoT Botnet malware can be in a state of waiting for commands from the C&C server for a long time. Approach (2) may not be as obvious in terms of early detection in terms of specific time but ensures that the amount of data collected allows detection of malicious files with a low false negative rate. With this approach, the report will present a collaborative machine learning model for early detection of IoT Botnet malware based on the ability to combine minimal feature data collected from the V-Sandbox environment.
The final report was presented by MSc. Tran Anh Duy and Information Security Club, University of Science and Technology, VNU-HCM with the title “Attacking voice control devices by sound injection method”. The report addresses possible hazards with smart audio control devices. Currently, with the development of speech recognition technologies (Speech Recogni-tion – SR) on voice control systems (VCS), we are gradually familiar with many software. Smart virtual assistants like Apple Siri, Google Assistant or Alexa. These applications very well support hands-free activities as well as help people in many critical situations and are widely used around the world. However, with the popularity and utility, these virtual assistants can also become the target of attacks by hackers, these devices can be controlled to steal owner information and perform real actions. perform fraudulent activities. In this report, the authors have designed not only an auditory imperceptible attack, by tuning the command to the ultrasonic band (f>20 kHz), but also incorporating the following technologies: Malicious code and speech impersonation form a complete attack process. The authors also created a set of attack products and tested on some popular virtual assistant systems today and also mentioned several methods of defending against these attacks in many ways.