Biblio

We investigate directional differences when coupling Lamb waves in a structure to guided modes in an optical fiber sensor for detection of the ultrasonic wave propagation through the structure.

Wide bandgap power semiconductors are key enablers for increasing the power density of switch-mode power supplies. However, they require new gate drive technologies. This paper examines and characterizes a fabricated gate-driver in a class-E resonant inverter. The gate-driver's total area of 1.2mm2 includes two high-voltage transistors for gate-driving, integrated complementary metal-oxide-semiconductor (CMOS) gate-drivers, high-speed floating level-shifter and reset circuitry. A prototype printed circuit board (PCB) was designed to assess the implications of an electrostatic discharge (ESD) diode, its parasitic capacitance and package bondwire connections. The parasitic capacitance was estimated using its discharge time from an initial voltage and the capacitance is 56.7 pF. Both bondwires and the diode's parasitic capacitance is neglegible. The gate-driver's functional behaviour is validated using a parallel LC resonant tank resembling a self-oscillating gate-drive. Measurements and simulations show the ESD diode clamps the output voltage to a minimum of -2V.

In this short paper, we take a first step towards empirically assessing Internet-wide malicious activities generated from and targeted towards Internet-scale business sectors (i.e., financial, health, education, etc.) and critical infrastructure (i.e., utilities, manufacturing, government, etc.). Facilitated by an innovative and a collaborative large-scale effort, we have conducted discussions with numerous Internet entities to obtain rare and private information related to allocated IP blocks pertaining to the aforementioned sectors and critical infrastructure. To this end, we employ such information to attribute Internet-scale maliciousness to such sectors and realms, in an attempt to provide an in-depth analysis of the global cyber situational posture. We draw upon close to 16.8 TB of darknet data to infer probing activities (typically generated by malicious/infected hosts) and DDoS backscatter, from which we distill IP addresses of victims. By executing week-long measurements, we observed an alarming number of more than 11,000 probing machines and 300 DDoS attack victims hosted by critical sectors. We also generate rare insights related to the maliciousness of various business sectors, including financial, which typically do not report their hosted and targeted illicit activities for reputation-preservation purposes. While we treat the obtained results with strict confidence due to obvious sensitivity reasons, we postulate that such generated cyber threat intelligence could be shared with sector/critical infrastructure operators, backbone networks and Internet service providers to contribute to the overall threat remediation objective.

Modern distributed systems are characterized by complex deployment designed to ensure high availability through replication and diversity, to tolerate the presence of failures and to limit the possibility of successful compromising. However, software is not free from bugs that generate vulnerabilities that could be exploited by an attacker through multiple steps. This paper presents an attack-graph based multi-step attack detector aiming at detecting a possible on-going attack early enough to take proper countermeasures through; a Visualization interfaced with the described attack detector presents the security operator with the relevant pieces of information, allowing a better comprehension of the network status and providing assistance in managing attack situations (i.e., reactive analysis mode). We first propose an architecture and then we present the implementation of each building block. Finally, we provide an evaluation of the proposed approach aimed at highlighting the existing trade-off between accuracy of the detection and detection time.

Producing an editable model texture could be a challenging problem if the model is scanned from real world or generated by multi-view reconstruction algorithm. To solve this problem, we present a novel re-topology and UV remapping method based on neural network, which transforms arbitrary models with textured coordinates to a semi-regular meshes, and keeps models texture and removes the influence of lighting information. The main innovation of this paper is to use a neural network to find the appropriate location of the starting and ending points for models in the UV maps. Then each fragmented mesh is projected to the 2D planar domain. After calculating and optimizing the orientation field, a semi-regular mesh for each patch is then generated. Those patches can be projected back to three-dimension space and be spliced to a complete mesh. Experiments show that our method can achieve satisfactory performance.

This paper presents work towards realizing architectural support for Bluetooth Trusted I/O on SGX-enabled platforms, with the goal of providing I/O data protection that does not rely on system software security. Indeed, we are primarily concerned with protecting I/O from all software adversaries, including privileged software. In this paper we describe the challenges in designing and implementing Trusted I/O at the architectural level for Bluetooth. We propose solutions to these challenges. In addition, we describe our proof-of-concept work that extends existing over-the-air Bluetooth security all the way to an SGX enclave by securing user data between the Bluetooth Controller and an SGX enclave.

In the business and research landscape of today, data analysis consumes public and proprietary data from numerous sources, and utilizes any one or more of popular data-parallel frameworks such as Hadoop, Spark and Flink. In the Data Lake setting these frameworks co-exist. Our earlier work has shown that data provenance in Data Lakes can aid with both traceability and management. The sheer volume of fine-grained provenance generated in a multi-framework application motivates the need for on-the-fly provenance processing. We introduce a new parallel stream processing algorithm that reduces fine-grained provenance while preserving backward and forward provenance. The algorithm is resilient to provenance events arriving out-of-order. It is evaluated using several strategies for partitioning a provenance stream. The evaluation shows that the parallel algorithm performs well in processing out-of-order provenance streams, with good scalability and accuracy.

Microsoft BitLocker full-disk encryption has been widely implemented at Lehigh University since 2014 on both laptop and desktop computers. This retrospective review will summarize BitLocker's selection factors, initial testing, mass deployment, and important lessons learned. Additionally, this review will also discuss the university's transition to Windows 10 and how it positively impacted the use of BitLocker.

The mining and metals industry is a critical component of the global economy. However, many operational and commercial practices remain inefficient and antiquated, leading to critical data omissions, security vulnerabilities, and even corruption. Mining supply chain faces several challenges like traceability, transparency, interoperability between supplier platforms and so on. Traditional systems are inefficient and hence this paper explores the use of an emerging digital technology named blockchain. The blockchain is a distributed digital ledger that keeps a record of every transaction securely and reliably without the need of third parties that reduces the exposure of the data to hackers. Blockchain technology improves productivity by replacing the standard contract with smart contracts. This paper outlines several key applications of blockchain for the mining industry.

Detecting violence in videos through automatic means is significant for law enforcement and analysis of surveillance cameras with the intent of maintaining public safety. Moreover, it may be a great tool for protecting children from accessing inappropriate content and help parents make a better informed decision about what their kids should watch. However, this is a challenging problem since the very definition of violence is broad and highly subjective. Hence, detecting such nuances from videos with no human supervision is not only technical, but also a conceptual problem. With this in mind, we explore how to better describe the idea of violence for a convolutional neural network by breaking it into more objective and concrete parts. Initially, our method uses independent networks to learn features for more specific concepts related to violence, such as fights, explosions, blood, etc. Then we use these features to classify each concept and later fuse them in a meta-classification to describe violence. We also explore how to represent time-based events in still-images as network inputs; since many violent acts are described in terms of movement. We show that using more specific concepts is an intuitive and effective solution, besides being complementary to form a more robust definition of violence. When compared to other methods for violence detection, this approach holds better classification quality while using only automatic features.

In 2009, Craig Gentry introduced the first "fully" homomorphic encryption scheme allowing arbitrary circuits to be evaluated on encrypted data. Homomorphic encryption is a very powerful cryptographic primitive, though it has often been viewed by practitioners as too inefficient for practical applications. However, the performance of these encryption schemes has come a long way from that of Gentry's original work: there are now several well-maintained libraries implementing homomorphic encryption schemes and protocols demonstrating impressive performance results, alongside an ongoing standardization effort by the community. In this tutorial we survey the existing homomorphic encryption landscape, providing both a general overview of the state of the art, as well as a deeper dive into several of the existing libraries. We aim to provide a thorough introduction to homomorphic encryption accessible by the broader computer security community. Several of the presenters are core developers of well-known publicly available homomorphic encryption libraries, and organizers of the homomorphic encryption standardization effort \textbackslashtextbackslashhrefhttp://homomorphicencryption.org/. This tutorial is targeted at application developers, security researchers, privacy engineers, graduate students, and anyone else interested in learning the basics of modern homomorphic encryption.The tutorial is divided into two parts: Part I is accessible by everyone comfortable with basic college-level math; Part II will cover more advanced topics, including descriptions of some of the different homomorphic encryption schemes and libraries, concrete example applications and code samples, and a deeper discussion on implementation challenges. Part II requires the audience to be familiar with modern C++.

Networks established among nanomachines, also called nanonetworks, are crucial since, a single nanomachine most likely cannot handle task by itself. At the nano scale, electromagnetic waves lose their effectiveness. Molecular communication via diffusion (MCvD) is a new concept that aims to solve this problem. Information is carried out by either the type of molecules, or their concentration. The robustness of this communication method, as in the example of classical communication, is very important. Channel coding is the component that make communication less erroneous. If the desired error performance is high, channel coding is mandatory. In this paper, the performance of Bose-Chaudhuri-Hocquenghem (BCH) and Reed-Solomon (RS) codes for MCvD are evaluated by simulation and results are analyzed.

We investigate a method of building a closed domain intelligent conversational agent using deep neural networks. A conversational agent is a dialog system intended to converse with a human, with a coherent structure. Our conversational agent uses a retrieval based model that identifies the intent of the input user query and maps it to a knowledge base to return appropriate results. Human conversations are based on context, but existing conversational agents are context insensitive. To overcome this limitation, our system uses a simple stack based context identification and storage system. The conversational agent generates responses according to the current context of conversation. allowing more human-like conversations.

Recent research has proposed middleware to enable efficient distributed apps over mobile-cloud platforms. This paper presents a Context-Aware File Discovery Service (CAFDS) that allows distributed mobile-cloud applications to find and access files of interest shared by collaborating users. CAFDS enables programmers to search for files defined by context and content features, such as location, creation time, or the presence of certain object types within an image file. CAFDS provides low-latency through a cloud-based metadata server, which uses a decision tree to locate the nearest files that satisfy the context and content features requested by applications. We implemented CAFDS in Android and Linux. Experimental results show CAFDS achieves substantially lower latency than peer-to-peer solutions that cannot leverage context information.

Flood of information is produced in a daily basis through the global internet usage arising from the online interactive communications among users. While this situation contributes significantly to the quality of human life, unfortunately it involves enormous dangers, since online texts with high toxicity can cause personal attacks, online harassment and bullying behaviors. This has triggered both industrial and research community in the last few years while there are several attempts to identify an efficient model for online toxic comment prediction. However, these steps are still in their infancy and new approaches and frameworks are required. On parallel, the data explosion that appears constantly, makes the construction of new machine learning computational tools for managing this information, an imperative need. Thankfully advances in hardware, cloud computing and big data management allow the development of Deep Learning approaches appearing very promising performance so far. For text classification in particular the use of Convolutional Neural Networks (CNN) have recently been proposed approaching text analytics in a modern manner emphasizing in the structure of words in a document. In this work, we employ this approach to discover toxic comments in a large pool of documents provided by a current Kaggle's competition regarding Wikipedia's talk page edits. To justify this decision we choose to compare CNNs against the traditional bag-of-words approach for text analysis combined with a selection of algorithms proven to be very effective in text classification. The reported results provide enough evidence that CNN enhance toxic comment classification reinforcing research interest towards this direction.

The aim of this research paper is to highlight the intellectual property place and role within an industrial knowledge-based organization which performs design activities. The research begins by presenting the importance of integrating intellectual property policy implementation with quality policy. The research is based on the setting of objectives in the intellectual property field. This research also establishes some intellectual property strategies, and improvement measures for intellectual property protection management. The basis for these activities is correlation of the quality policy with an intellectual property policy, as well as the point of strength identified in the studied organization. The issues discussed in this scientific paper conclude on the possibility of the implementation of standards in the intellectual property field.

Cryptographic channels aim to enable authenticated and confidential communication over the Internet. The general understanding seems to be that providing security in the sense of authenticated encryption for every (unidirectional) point-to-point link suffices to achieve this goal. As recently shown (in FSE17/ToSC17), however, the security properties of the unidirectional links do not extend, in general, to the bidirectional channel as a whole. Intuitively, the reason for this is that the increased interaction in bidirectional communication can be exploited by an adversary. The same applies, a fortiori, in a multi-party setting where several users operate concurrently and the communication develops in more directions. In the cryptographic literature, however, the targeted goals for group communication in terms of channel security are still unexplored. Applying the methodology of provable security, we fill this gap by defining exact (game-based) authenticity and confidentiality goals for broadcast communication, and showing how to achieve them. Importantly, our security notions also account for the causal dependencies between exchanged messages, thus naturally extending the bidirectional case where causal relationships are automatically captured by preserving the sending order. On the constructive side we propose a modular and yet efficient protocol that, assuming only point-to-point links between users, leverages (non-cryptographic) broadcast and standard cryptographic primitives to a full-fledged broadcast channel that provably meets the security notions we put forth.

Distributed Denial of Service (DDoS) attacks are intense and are targeted to major infrastructure, governments and military organizations in each country. There are a lot of mitigations about DDoS, and the concept of Content Delivery Network (CDN) has been able to avoid attacks on websites. However, since the existing CDN system is fundamentally centralized, it may be difficult to prevent DDoS. This paper describes the distributed CDN Schema using Private Blockchain which solves the problem of participation of existing transparent and unreliable nodes. This will explain DDoS mitigation that can be used by military and government agencies.

The emerging Internet of Things needs edge-computing - this is an established fact. In turn, edge computing needs infrastructure decentralisation. What is not necessarily established yet is that infrastructure decentralisation needs a distributed model of Internet governance and decentralised trust schemes. We discuss the features of a decentralised IoT and edge-computing ecosystem and list the components that need to be designed, as well the challenges that need to be addressed.

The aim of this investigation is to classify real-life facial images into one of six types of emotions. For solving this problem, we propose to use deep machine learning algorithms and convolutional neural network (CNN). CNN is a modern type of neural network, which allows for rapid detection of various objects, as well as to make an effective object classification. For acceleration of CNN learning stage, we use supercomputer NVIDIA DGX-1. This process was implemented in parallel on a large number of independent streams on GPU. Numerical experiments for algorithms were performed on the images of Multi-Pie image database with various lighting of scene and angle rotation of head. For developed models, several metrics of quality were calculated. The designing algorithm was used in real-time video processing in human-computer interaction systems. Moreover, expression recognition can apply in such fields as retail analysis, security, video games, animations, psychiatry, automobile safety, educational software, etc.

Data lineage is a fundamental type of information that describes the relationships between input and output data items in a workflow. As such, an immense amount of data-intensive applications with logic over the input-output relationships can be expressed declaratively in lineage terms. Unfortunately, many applications resort to hand-tuned implementations because either lineage systems are not fast enough to meet their requirements or due to no knowledge of the lineage capabilities. Recently, we introduced a set of implementation design principles and associated techniques to optimize lineage-enabled database engines and realized them in our prototype database engine, namely, Smoke. In this demonstration, we showcase lineage as the building block across a variety of data-intensive applications, including tooltips and details on demand; crossfilter; and data profiling. In addition, we show how Smoke outperforms alternative lineage systems to meet or improve on existing hand-tuned implementations of these applications.

Users often need to authenticate at situated displays in order to, for example, make purchases, access sensitive information, or confirm an identity. However, the exposure of interactions in public spaces introduces a large attack surface (e.g., observation, smudge or thermal attacks). A plethora of authentication models and input modalities that aim at disguising users' input has been presented in the past. However, a comprehensive analysis on the requirements for secure and usable authentication on public displays is still missing. This work presents 13 design considerations suitable to inform practitioners and researchers during the development process of authentication systems for situated displays in public spaces. It draws on a comprehensive analysis of prior literature and subsequent discussion with five experts in the fields of pervasive displays, human-computer-interaction and usable security.

Assuring the integrity of biometric fingerprint templates in fingerprint databases is of paramount importance. Fingerprint templates contain a set of fingerprint minutiae which are various points of interest in a fingerprint. Most times, it is assumed that the stored biometric fingerprint templates are well protected and, as such, researchers are more concerned with improving/developing biometric systems that will not suffer from an unacceptable rate of false alarms and/or missed detections. The introduction of forensic techniques into biometrics for biometric template manipulation detection is of great importance and little research has been carried in this area. This paper investigates possible forensic techniques that could be used for stored biometric fingerprint templates tampering detection. A Support Vector Machine (SVM) classification approach is used for this task. The original and tampered templates are used to train the SVM classifier. The fingerprint datasets from the Biometrics Ideal Test (BIT) [13] are used for training and testing the classifier. Our proposed approach detects alterations with an accuracy of 90.5%.

Phishing attacks are one of the most common and least defended security threats today. We present an approach which uses natural language processing techniques to analyze text and detect inappropriate statements which are indicative of phishing attacks. Our approach is novel compared to previous work because it focuses on the natural language text contained in the attack, performing semantic analysis of the text to detect malicious intent. To demonstrate the effectiveness of our approach, we have evaluated it using a large benchmark set of phishing emails.

Dynamic Information Flow Tracking (DIFT) has been proposed to detect stealthy and persistent cyber attacks that evade existing defenses such as firewalls and signature-based antivirus systems. A DIFT defense taints and tracks suspicious information flows across the network in order to identify possible attacks, at the cost of additional memory overhead for tracking non-adversarial information flows. In this paper, we present the first analytical model that describes the interaction between DIFT and adversarial information flows, including the probability that the adversary evades detection and the performance overhead of the defense. Our analytical model consists of a multi-stage game, in which each stage represents a system process through which the information flow passes. We characterize the optimal strategies for both the defense and adversary, and derive efficient algorithms for computing the strategies. Our results are evaluated on a realworld attack dataset obtained using the Refinable Attack Investigation (RAIN) framework, enabling us to draw conclusions on the optimal adversary and defense strategies, as well as the effect of valid information flows on the interaction between adversary and defense.