Top 10 Arxiv Papers Today in Cryptography And Security


2.019 Mikeys
#1. Mayall: A Framework for Desktop JavaScript Auditing and Post-Exploitation Analysis
Adam Rapley, Xavier Bellekens, Lynsay A. Shepherd, Colin McLean
Writing desktop applications in JavaScript offers developers the opportunity to write cross-platform applications with cutting edge capabilities. However in doing so, they are potentially submitting their code to a number of unsanctioned modifications from malicious actors. Electron is one such JavaScript application framework which facilitates this multi-platform out-the-box paradigm and is based upon the Node.js JavaScript runtime --- an increasingly popular server-side technology. In bringing this technology to the client-side environment, previously unrealized risks are exposed to users due to the powerful system programming interface that Node.js exposes. In a concerted effort to highlight previously unexposed risks in these rapidly expanding frameworks, this paper presents the Mayall Framework, an extensible toolkit aimed at JavaScript security auditing and post-exploitation analysis. The paper also exposes fifteen highly popular Electron applications and demonstrates that two thirds of applications were found to be using...
more | pdf | html
Figures
Tweets
cynicalsecurity: A. Ripley et al., “Mayall: A Framework for Desktop JavaScript Auditing and Post-Exploitation Analysis” […this paper presents the Mayall Framework, an extensible toolkit aimed at JavaScript security auditing and post-exploitation analysis.] https://t.co/nakwj0HnyF
Lynsay: New paper up on @arXiv “Mayall: A Framework for Desktop JavaScript Auditing and Post-Exploitation Analysis” authored with @noktec and @Doctor_Hacker #JavaScript #security https://t.co/R8bknZxJt9
ComputerPapers: Mayall: A Framework for Desktop JavaScript Auditing and Post-Exploitation Analysis. https://t.co/ZfP8KsZS8M
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 4
Total Words: 10354
Unqiue Words: 2970

2.01 Mikeys
#2. Towards a hardware-assisted information flow tracking ecosystem for ARM processors
Muhammad Abdul Wahab, Pascal Cotret, Mounir Nasr Allah, Guillaume Hiet, Vianney Lapotre, Guy Gogniat
This work details a hardware-assisted approach for information flow tracking implemented on reconfigurable chips. Current solutions are either time-consuming or hardly portable (modifications of both sofware/hardware layers). This work takes benefits from debug components included in ARMv7 processors to retrieve details on instructions committed by the CPU. First results in terms of silicon area and time overheads are also given.
more | pdf | html
Figures
Tweets
cynicalsecurity: M. Wahab et al., “Towards a hardware-assisted information flow tracking ecosystem for ARM processors” [This work details a hardware-assisted approach for information flow tracking implemented on reconfigurable chips…] https://t.co/3uz7VAWYhI
ComputerPapers: Towards a hardware-assisted information flow tracking ecosystem for ARM processors. https://t.co/oR0NCJik4X
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 6
Total Words: 1623
Unqiue Words: 831

2.004 Mikeys
#3. Opening the Doors to Dynamic Camouflaging: Harnessing the Power of Polymorphic Devices
Nikhil Rangarajan, Satwik Patnaik, Johann Knechtel, Ramesh Karri, Ozgur Sinanoglu, Shaloo Rakheja
Hardware-centric security threats have emerged in every stage of the IC supply chain. Prior defenses have been developed to protect against intellectual property (IP) piracy at different stages. However, so far only logic locking can protect the IP end to end. We present dynamic camouflaging to thwart IP reverse engineering at all stages in the supply chain. We exploit the multi-functionality, post-fabrication reconfigurability, and run-time polymorphism of spin-based devices, specifically the magneto-electric spin-orbit (MESO) device. Leveraging these properties, dynamic camouflaging is resilient to state-of-the-art attacks such as SAT, approximate SAT (AppSAT) and HackTest, and can further impede side-channel analysis. For MESO-based full-chip dynamic camouflaging we anticipate massive improvements in power (7,400x), performance (5.9x), and area (73x) over spin- and CMOS-based camouflaging. We outline the prospects of dynamic camouflaging for error-tolerant image processing applications.
more | pdf | html
Figures
Tweets
ComputerPapers: Opening the Doors to Dynamic Camouflaging: Harnessing the Power of Polymorphic Devices. https://t.co/cipPPXOn5d
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 6
Total Words: 6429
Unqiue Words: 2346

2.004 Mikeys
#4. Phishing in an Academic Community: A Study of User Susceptibility and Behavior
Alejandra Diaz, Alan T. Sherman, Anupam Joshi
We present an observational study on the relationship between demographic factors and phishing susceptibility at the University of Maryland, Baltimore County (UMBC). In spring 2018, we delivered phishing attacks to 450 randomly-selected students on three different days (1,350 students total) to examine user click rates and demographics among UMBC's undergraduates. Participants were initially unaware of the study. Experiment 1 claimed to bill students; Experiment 2 enticed users with monetary rewards; and Experiment 3 threatened users with account cancellation. We found correlations resulting in lowered susceptibility based on college affiliation, academic year progression, cyber training, involvement in cyber clubs or cyber scholarship programs, time spent on the computer, and age demographics. We found no significant correlation between gender and susceptibility. Contrary to our expectations, we observed greater user susceptibility with greater phishing knowledge and awareness. Students who identified themselves as understanding...
more | pdf | html
Figures
Tweets
ComputerPapers: Phishing in an Academic Community: A Study of User Susceptibility and Behavior. https://t.co/0IOaXpodjT
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 4148
Unqiue Words: 1522

2.004 Mikeys
#5. Many Phish in the $\mathcal{C}$: A Coexisting-Choice-Criteria Model of Security Behavior
Iain Embrey, Kim Kaivanto
Normative decision theory proves inadequate for modeling human responses to the social-engineering campaigns of Advanced Persistent Threat (APT) attacks. Behavioral decision theory fares better, but still falls short of capturing social-engineering attack vectors, which operate through emotions and peripheral-route persuasion. We introduce a generalized decision theory, under which any decision will be made according to one of multiple coexisting choice criteria. We denote the set of possible choice criteria by $\mathcal{C}$. Thus the proposed model reduces to conventional Expected Utility theory when $|\,\mathcal{C}_{\text{EU}}|=1$, whilst Dual-Process (thinking fast vs. thinking slow) decision making corresponds to a model with $|\,\mathcal{C}_{\text{DP}}|=2$. We consider a more general case with $|\,\mathcal{C}|\geq 2$, which necessitates careful consideration of _how_, for a particular choice-task instance, one criterion comes to prevail over others. We operationalize this with a probability distribution that is conditional...
more | pdf | html
Figures
None.
Tweets
ComputerPapers: Many Phish in the $\mathcal{C}$: A Coexisting-Choice-Criteria Model of Security Behavior. https://t.co/ol2eZ1hcvN
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 7994
Unqiue Words: 2881

2.004 Mikeys
#6. McEliece Cryptosystem Based On Extended Golay Code
Amandeep Singh Bhatia, Ajay Kumar
With increasing advancements in technology, it is expected that the emergence of a quantum computer will potentially break many of the public-key cryptosystems currently in use. It will negotiate the confidentiality and integrity of communications. In this regard, we have privacy protectors (i.e. Post-Quantum Cryptography), which resists attacks by quantum computers, deals with cryptosystems that run on conventional computers and are secure against attacks by quantum computers. The practice of code-based cryptography is a trade-off between security and efficiency. In this chapter, we have explored The most successful McEliece cryptosystem, based on extended Golay code [24, 12, 8]. We have examined the implications of using an extended Golay code in place of usual Goppa code in McEliece cryptosystem. Further, we have implemented a McEliece cryptosystem based on extended Golay code using MATLAB. The extended Golay code has lots of practical applications. The main advantage of using extended Golay code is that it has codeword of...
more | pdf | html
Figures
Tweets
ComputerPapers: McEliece Cryptosystem Based On Extended Golay Code. https://t.co/hP7y32Keja
Github
None.
Youtube
None.
Other stats
Sample Sizes : [24]
Authors: 2
Total Words: 4311
Unqiue Words: 1315

2.004 Mikeys
#7. Tropical cryptography II: extensions by homomorphisms
Dima Grigoriev, Vladimir Shpilrain
We use extensions of tropical algebras as platforms for very efficient public key exchange protocols.
more | pdf | html
Figures
None.
Tweets
ComputerPapers: Tropical cryptography II: extensions by homomorphisms. https://t.co/bBo5NRlP7Z
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 2610
Unqiue Words: 785

2.004 Mikeys
#8. Achieving Differential Privacy using Methods from Calculus
Peeter Laud, Alisa Pankova, Martin Pettai
We introduce derivative sensitivity, an analogue to local sensitivity for continuous functions. We use this notion in an analysis that determines the amount of noise to be added to the result of a database query in order to obtain a certain level of differential privacy, and demonstrate that derivative sensitivity allows us to employ powerful mechanisms from calculus to perform the analysis for a variety of queries. We have implemented the analyzer and evaluated its efficiency and precision. We also show the flexibility of derivative sensitivity in specifying the quantitative privacy notion of the database, as desired by the data owner. Instead of only using the `number of changed rows' metric, our metrics can depend on the locations and amounts of changes in a much more nuanced manner. This will help to make sure that the distance is not larger than the data owner desires (which would undermine privacy), thereby encouraging the adoption of differentially private data analysis mechanisms.
more | pdf | html
Figures
None.
Tweets
ComputerPapers: Achieving Differential Privacy using Methods from Calculus. https://t.co/aBtDEe5kri
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 21440
Unqiue Words: 4130

1.998 Mikeys
#9. Efficient Public Blockchain Client for Lightweight Users
Lei Xu, Lin Chen, Zhimin Gao, Shouhuai Xu, Weidong Shi
Public blockchains provide a decentralized method for storing transaction data and have many applications in different sectors. In order for users to track transactions, a simple method is to let them keep a local copy of the entire public ledger. Since the size of the ledger keeps growing, this method becomes increasingly less practical, especially for lightweight users such as IoT devices and smartphones. In order to cope with the problem, several solutions have been proposed to reduce the storage burden. However, existing solutions either achieve a limited storage reduction (e.g., simple payment verification), or rely on some strong security assumption (e.g., the use of trusted server). In this paper, we propose a new approach to solving the problem. Specifically, we propose an \underline{e}fficient verification protocol for \underline{p}ublic \underline{b}lock\underline{c}hains, or EPBC for short. EPBC is particularly suitable for lightweight users, who only need to store a small amount of data that is {\it independent of} the...
more | pdf | html
Figures
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 5
Total Words: 5843
Unqiue Words: 1765

1.968 Mikeys
#10. Provenance-enabled Packet Path Tracing in the RPL-based Internet of Things
Sabah Suhail, Muhammad Abdellatif, Shashi Raj Pandey, Abid Khan, Choong Seon Hong
In the Internet of Things (IoT), things can be connected to the Internet via IPv6 and 6LoWPAN networks. The interconnection of resource-constrained and globally accessible things with untrusted and unreliable Internet make things vulnerable to attacks including data forging, false data injection, packet drop and many more, resulting in an unreliable and untrustworthy data, especially for the applications with critical decision-making processes. To ensure the trustworthiness of data, reliance on provenance is considered to be an effective mechanism to keep track of both data acquisition and data transmission. However, provenance management for sensor networks introduces several challenging requirements, such as low energy, bandwidth consumption, and efficient storage. This paper attempts to identify packet drop (either maliciously or due to any other network disruption) and detect faulty or misbehaving nodes in the Routing Protocol for Low-Power and Lossy Networks (RPL) by following a bi-fold provenance-enabled packed path tracing...
more | pdf | html
Figures
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 5
Total Words: 10457
Unqiue Words: 2856

About

Assert is a website where the best academic papers on arXiv (computer science, math, physics), bioRxiv (biology), BITSS (reproducibility), EarthArXiv (earth science), engrXiv (engineering), LawArXiv (law), PsyArXiv (psychology), SocArXiv (social science), and SportRxiv (sport research) bubble to the top each day.

Papers are scored (in real-time) based on how verifiable they are (as determined by their Github repos) and how interesting they are (based on Twitter).

To see top papers, follow us on twitter @assertpub_ (arXiv), @assert_pub (bioRxiv), and @assertpub_dev (everything else).

To see beautiful figures extracted from papers, follow us on Instagram.

Tracking 57,756 papers.

Search
Sort results based on if they are interesting or reproducible.
Interesting
Reproducible
Categories
All
Astrophysics
Cosmology and Nongalactic Astrophysics
Earth and Planetary Astrophysics
Astrophysics of Galaxies
High Energy Astrophysical Phenomena
Instrumentation and Methods for Astrophysics
Solar and Stellar Astrophysics
Condensed Matter
Disordered Systems and Neural Networks
Mesoscale and Nanoscale Physics
Materials Science
Other Condensed Matter
Quantum Gases
Soft Condensed Matter
Statistical Mechanics
Strongly Correlated Electrons
Superconductivity
Computer Science
Artificial Intelligence
Hardware Architecture
Computational Complexity
Computational Engineering, Finance, and Science
Computational Geometry
Computation and Language
Cryptography and Security
Computer Vision and Pattern Recognition
Computers and Society
Databases
Distributed, Parallel, and Cluster Computing
Digital Libraries
Discrete Mathematics
Data Structures and Algorithms
Emerging Technologies
Formal Languages and Automata Theory
General Literature
Graphics
Computer Science and Game Theory
Human-Computer Interaction
Information Retrieval
Information Theory
Machine Learning
Logic in Computer Science
Multiagent Systems
Multimedia
Mathematical Software
Numerical Analysis
Neural and Evolutionary Computing
Networking and Internet Architecture
Other Computer Science
Operating Systems
Performance
Programming Languages
Robotics
Symbolic Computation
Sound
Software Engineering
Social and Information Networks
Systems and Control
Economics
Econometrics
General Economics
Theoretical Economics
Electrical Engineering and Systems Science
Audio and Speech Processing
Image and Video Processing
Signal Processing
General Relativity and Quantum Cosmology
General Relativity and Quantum Cosmology
High Energy Physics - Experiment
High Energy Physics - Experiment
High Energy Physics - Lattice
High Energy Physics - Lattice
High Energy Physics - Phenomenology
High Energy Physics - Phenomenology
High Energy Physics - Theory
High Energy Physics - Theory
Mathematics
Commutative Algebra
Algebraic Geometry
Analysis of PDEs
Algebraic Topology
Classical Analysis and ODEs
Combinatorics
Category Theory
Complex Variables
Differential Geometry
Dynamical Systems
Functional Analysis
General Mathematics
General Topology
Group Theory
Geometric Topology
History and Overview
Information Theory
K-Theory and Homology
Logic
Metric Geometry
Mathematical Physics
Numerical Analysis
Number Theory
Operator Algebras
Optimization and Control
Probability
Quantum Algebra
Rings and Algebras
Representation Theory
Symplectic Geometry
Spectral Theory
Statistics Theory
Mathematical Physics
Mathematical Physics
Nonlinear Sciences
Adaptation and Self-Organizing Systems
Chaotic Dynamics
Cellular Automata and Lattice Gases
Pattern Formation and Solitons
Exactly Solvable and Integrable Systems
Nuclear Experiment
Nuclear Experiment
Nuclear Theory
Nuclear Theory
Physics
Accelerator Physics
Atmospheric and Oceanic Physics
Applied Physics
Atomic and Molecular Clusters
Atomic Physics
Biological Physics
Chemical Physics
Classical Physics
Computational Physics
Data Analysis, Statistics and Probability
Physics Education
Fluid Dynamics
General Physics
Geophysics
History and Philosophy of Physics
Instrumentation and Detectors
Medical Physics
Optics
Plasma Physics
Popular Physics
Physics and Society
Space Physics
Quantitative Biology
Biomolecules
Cell Behavior
Genomics
Molecular Networks
Neurons and Cognition
Other Quantitative Biology
Populations and Evolution
Quantitative Methods
Subcellular Processes
Tissues and Organs
Quantitative Finance
Computational Finance
Economics
General Finance
Mathematical Finance
Portfolio Management
Pricing of Securities
Risk Management
Statistical Finance
Trading and Market Microstructure
Quantum Physics
Quantum Physics
Statistics
Applications
Computation
Methodology
Machine Learning
Other Statistics
Statistics Theory
Feedback
Online
Stats
Tracking 57,756 papers.