Biblio
We show that the basic semidefinite programming relaxation value of any constraint satisfaction problem can be computed in NC; that is, in parallel polylogarithmic time and polynomial work. As a complexity-theoretic consequence we get that $\backslash$MIPone[k,c,s] $\backslash$subseteq $\backslash$PSPACE provided s/c $\backslash$leq (.62-o(1))k/2textasciicircumk, resolving a question of Austrin, H$\backslash$aa stad, and Pass. Here $\backslash$MIPone[k,c,s] is the class of languages decidable with completeness c and soundness s by an interactive proof system with k provers, each constrained to communicate just 1 bit.
HB+ is a lightweight authentication scheme, which is secure against passive attacks if the Learning Parity with Noise Problem (LPN) is hard. However, HB+ is vulnerable to a key-recovery, man-in-the-middle (MiM) attack dubbed GRS. The HB+DB protocol added a distance-bounding dimension to HB+, and was experimentally proven to resist the GRS attack. We exhibit several security flaws in HB+DB. First, we refine the GRS strategy to induce a different key-recovery MiM attack, not deterred by HB+DB's distancebounding. Second, we prove HB+DB impractical as a secure distance-bounding (DB) protocol, as its DB security-levels scale poorly compared to other DB protocols. Third, we refute that HB+DB's security against passive attackers relies on the hardness of LPN; moreover, (erroneously) requiring such hardness lowers HB+DB's efficiency and security. We also propose anew distance-bounding protocol called BLOG. It retains parts of HB+DB, yet BLOG is provably secure and enjoys better (asymptotical) security.
Driver's uncertainty during decision-making in overtaking results in long reaction times and potentially dangerous lane change maneuvers. Current lane change assistance systems focus on safety assessments providing either too conservative or excessive warnings, which influence driver's acceptance and trust in these systems. Inspired by the emancipation theory of trust, we expect systems providing information adapted to driver's uncertainty states to simultaneously help to reduce long reaction times and build the overall trust in automation. In previous work, we presented an adaptive lane change assistance system based on this concept utilizing a probabilistic model of driver's uncertainty. In this paper, we investigate whether the proposed system is able to improve reaction times and build trust in the automation as expected. A simulator study was conducted to compare the proposed system with an unassisted baseline and three reference systems not adaptive to driver's uncertainty. The results show while all systems reduce reaction times compared to the baseline, the proposed adaptive system is the most trusted and accepted.
Cyber security management of systems in the cyberspace has been a challenging problem for both practitioners and the research community. Their proprietary nature along with the complexity renders traditional approaches rather insufficient and creating the need for the adoption of a holistic point of view. This paper draws upon the principles theory game in order to present a novel systemic approach towards cyber security management, taking into account the complex inter-dependencies and providing cost-efficient defense solutions.
In this paper we discuss a simple and inexpensive method to introduce students to Newton's law of cooling using only their smartphones, according to the Bring-Your-Own-Device philosophy. A popular experiment in basic thermodynamics, both at a high-school and at University level, is the determination of the specific heat of solids and liquids using a water calorimeter, resourcing in many cases to a mercury thermometer. With our approach the analogical instrument is quickly turned into a digital device by analyzing the movement of the mercury with a video tracker. Thus, using very simple labware and the students' smartphones or tablets, it is possible to observe the decay behavior of the temperature of a liquid left to cool at room temperature. The dependence of the time constant with the mass and surface of the liquid can be easily probed, and the results of the different groups in the classroom can be brought together to observe the linear dependence1.
Public-key cryptography (PKC), widely used to protect communication in the Internet of Things (IoT), is the basis for establishing secured communication channels between multiple parties. The foreseeable breakthrough of quantum computers represents a risk for many PKC ecosystems. Almost all approaches in use today rely on the hardness of factoring large integers or computing (elliptic-curve) discrete logarithms. It is known that cryptography based on these problems can be broken in polynomial time by Shors algorithm, once a large enough quantum computer is built. In order to prepare for such an event, the integration of quantum-resistant cryptography on devices operating in the IoT is mandatory to achieve long-term security. Due to their limited resources, tight performance requirements and long-term life-cycles, this is especially challenging for Multi-Processor System-on-Chips (MPSoCs) operating in this context. At the same time, it must be provided that well-known implementation attacks, such as those targeting a cipher's execution time or its use of the processor cache, are inhibited, as they've successfully been used to attack cryptosystems in the pre-quantum era. Hence, this work presents an analysis of the security-critical polynomial multiplication routine within the NTRU algorithm and its susceptibility to timing and cache attacks. We also propose two different countermeasures to harden systems with or without caches against said attacks, and include the evaluation of the respective overheads. We demonstrate that security against timing and cache attacks can be achieved with reasonable overheads depending on the chosen parameters of NTRU.
Cross-VM attacks have emerged as a major threat on commercial clouds. These attacks commonly exploit hardware level leakages on shared physical servers. A co-located machine can readily feel the presence of a co-located instance with a heavy computational load through performance degradation due to contention on shared resources. Shared cache architectures such as the last level cache (LLC) have become a popular leakage source to mount cross-VM attack. By exploiting LLC leakages, researchers have already shown that it is possible to recover fine grain information such as cryptographic keys from popular software libraries. This makes it essential to verify implementations that handle sensitive data across the many versions and numerous target platforms, a task too complicated, error prone and costly to be handled by human beings. Here we propose a machine learning based technique to classify applications according to their cache access profiles. We show that with minimal and simple manual processing steps feature vectors can be used to train models using support vector machines to classify the applications with a high degree of success. The profiling and training steps are completely automated and do not require any inspection or study of the code to be classified. In native execution, we achieve a successful classification rate as high as 98% (L1 cache) and 78$\backslash$% (LLC) over 40 benchmark applications in the Phoronix suite with mild training. In the cross-VM setting on the noisy Amazon EC2 the success rate drops to 60$\backslash$% for a suite of 25 applications. With this initial study we demonstrate that it is possible to train meaningful models to successfully predict applications running in co-located instances.
Map-based services are becoming increasingly important in many applications. These services often need to show geospatial objects (e.g., cities and parks) in Web browsers, and being able to retrieve such objects efficiently is critical to achieving a low response time for user queries. In this demonstration we present a browser-based caching technique to store and load geospatial objects on a map in a Web page. The technique employs a hierarchical structure to store and index polygons, and does intelligent prefetching and cache replacement by utilizing the information about the user's recent browser activities. We demonstrate the usage of the technique in an application called TwitterMap for visualizing more than 1 billion tweets in real time. We show its effectiveness by using different replacement policies. The technique is implemented as a general-purpose Javascript library, making it suitable for other applications as well.
Many mobile apps, including augmented-reality games, bar-code readers, and document scanners, digitize information from the physical world by applying computer-vision algorithms to live camera data. However, because camera permissions for existing mobile operating systems are coarse (i.e., an app may access a camera's entire view or none of it), users are vulnerable to visual privacy leaks. An app violates visual privacy if it extracts information from camera data in unexpected ways. For example, a user might be surprised to find that an augmented-reality makeup app extracts text from the camera's view in addition to detecting faces. This paper presents results from the first large-scale study of visual privacy leaks in the wild. We build CamForensics to identify the kind of information that apps extract from camera data. Our extensive user surveys determine what kind of information users expected an app to extract. Finally, our results show that camera apps frequently defy users' expectations based on their descriptions.
submitted
Wireless mesh network (WMN) consists of mesh gateways, mesh routers and mesh clients. In hybrid WMN, both backbone mesh network and client mesh network are mesh connected. Capacity analysis of multi-hop wireless networks has proven to be an interesting and challenging research topic. The capacity of hybrid WMN depends on several factors such as traffic model, topology, scheduling strategy and bandwidth allocation strategy, etc. In this paper, the capacity of hybrid WMN is studied according to the traffic model and bandwidth allocation. The traffic of hybrid WMN is categorized into internal and external traffic. Then the capacity of each mesh client is deduced according to appropriate bandwidth allocation. The analytical results show that hybrid WMN achieves lower capacity than infrastructure WMN. The results and conclusions can guide for the construction of hybrid WMN.
Cryptography and encryption is a topic that is blurred by its complexity making it difficult for the majority of the public to easily grasp. The focus of our research is based on SSL technology involving CAs, a centralized system that manages and issues certificates to web servers and computers for validation of identity. We first explain how the certificate provides a secure connection creating a trust between two parties looking to communicate with one another over the internet. Then the paper goes into what happens when trust is compromised and how information that is being transmitted could possibly go into the hands of the wrong person. We are proposing a browser plugin, Certificate Authority Rescue Engine (CAre), to serve as an added source of security with simplicity and visibility. In order to see why CAre will be an added benefit to average and technical users of the internet, one must understand what website security entails. Therefore, this paper will dive deep into website security through the use of public key infrastructure and its core components; certificates, certificate authorities, and their relationship with web browsers.
An operating system kernel written in the Rust language would have extremely fine-grained isolation boundaries, have no memory leaks, and be safe from a wide range of security threats and memory bugs. Previous efforts towards this end concluded that writing a kernel requires changing Rust. This paper reaches a different conclusion, that no changes to Rust are needed and a kernel can be implemented with a very small amount of unsafe code. It describes how three sample kernel mechanisms–-DMA, USB, and buffer caches–-can be built using these abstractions.
Detection and prevention of data breaches in corporate networks is one of the most important security problems of today's world. The techniques and applications proposed for solution are not successful when attackers attempt to steal data using steganography. Steganography is the art of storing data in a file called cover, such as picture, sound and video. The concealed data cannot be directly recognized in the cover. Steganalysis is the process of revealing the presence of embedded messages in these files. There are many statistical and signature based steganalysis algorithms. In this work, the detection of steganographic images with steganalysis techniques is reviewed and a system has been developed which automatically detects steganographic images in network traffic by using open source tools.
The modern world is becoming increasingly dependent on computing and communication technology to function, but unfortunately its application and impact on areas such as critical infrastructure and industrial control system (ICS) networks remains to be thoroughly studied. Significant research has been conducted to address the myriad security concerns in these areas, but they are virtually all based on artificial testbeds or simulations designed on assumptions about their behavior either from knowledge of traditional IT networking or from basic principles of ICS operation. In this work, we provide the most detailed characterization of an example ICS to date in order to determine if these common assumptions hold true. A live power distribution substation is observed over the course of two and a half years to measure its behavior and evolution over time. Then, a horizontal study is conducted that compared this behavior with three other substations from the same company. Although most predictions were found to be correct, some unexpected behavior was observed that highlights the fundamental differences between ICS and IT networks including round trip times dominated by processing speed as opposed to network delay, several well known TCP features being largely irrelevant, and surprisingly large jitter from devices running real-time operating systems. The impact of these observations is discussed in terms of generality to other embedded networks, network security applications, and the suitability of the TCP protocol for this environment.
Secure by design is an approach to developing secure software systems from the ground up. In such approach, the alternate security tactics are first thought, among them, the best are selected and enforced by the architecture design, and then used as guiding principles for developers. Thus, design flaws in the architecture of a software system mean that successful attacks could result in enormous consequences. Therefore, secure by design shifts the main focus of software assurance from finding security bugs to identifying architectural flaws in the design. Current research in software security has been neglecting vulnerabilities which are caused by flaws in a software architecture design and/or deteriorations of the implementation of the architectural decisions. In this paper, we present the concept of Common Architectural Weakness Enumeration (CAWE), a catalog which enumerates common types of vulnerabilities rooted in the architecture of a software and provides mitigation techniques to address them. The CAWE catalog organizes the architectural flaws according to known security tactics. We developed an interactive web-based solution which helps designers and developers explore this catalog based on architectural choices made in their project. CAWE catalog contains 224 weaknesses related to security architecture. Through this catalog, we aim to promote the awareness of security architectural flaws and stimulate the security design thinking of developers, software engineers, and architects.