Top 10 Arxiv Papers Today in Cryptography And Security


2.01 Mikeys
#1. Hacking Neural Networks: A Short Introduction
Michael Kissner
A large chunk of research on the security issues of neural networks is focused on adversarial attacks. However, there exists a vast sea of simpler attacks one can perform both against and with neural networks. In this article, we give a quick introduction on how deep learning in security works and explore the basic methods of exploitation, but also look at the offensive capabilities deep learning enabled tools provide. All presented attacks, such as backdooring, GPU-based buffer overflows or automated bug hunting, are accompanied by short open-source exercises for anyone to try out.
more | pdf | html
Figures
Tweets
BrundageBot: Hacking Neural Networks: A Short Introduction. Michael Kissner https://t.co/VfBii24A6c
jason_trost: Hacking Neural Networks: A Short Introduction Tutorial: https://t.co/OuGnmmGLuO Code: https://t.co/s6xlES0CG6 Awesome work by @Spellwrath
BrilandHitaj: Hacking Neural Networks by @Spellwrath https://t.co/iGq9cu5tFw P.S. I really like the term NeuralOverflow :)
StephenPiment: Hacking Neural Networks: A Short Introduction https://t.co/oWpQokgVwI
baskoroadi: RT @jason_trost: Hacking Neural Networks: A Short Introduction Tutorial: https://t.co/OuGnmmGLuO Code: https://t.co/s6xlES0CG6 Awesome work…
sychev_a_k: RT @jason_trost: Hacking Neural Networks: A Short Introduction Tutorial: https://t.co/OuGnmmGLuO Code: https://t.co/s6xlES0CG6 Awesome work…
Github

A small course on exploiting and defending neural networks

Repository: HackingNeuralNetworks
User: Kayzaks
Language: Python
Stargazers: 1091
Subscribers: 27
Forks: 105
Open Issues: 0
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 1
Total Words: 15583
Unqiue Words: 4105

2.009 Mikeys
#2. Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks
Stefan Hristozov, Manuel Huber, Georg Sigl
Many IoT use cases involve constrained battery-powered devices offering services in a RESTful manner to their communication partners. Such services may involve, e.g., costly computations or actuator/sensor usage, which may have significant influence on the power consumption of the service Providers. Remote attackers may excessively use those services in order to exhaust the Providers' batteries, which is a form of a Denial of Service (DoS) attack. Previous work proposed solutions based on lightweight symmetric authentication. These solutions scale poorly due to requiring pre-shared keys and do not provide protection against compromised service Requesters. In contrast, we consider more powerful attackers even capable of compromising legit Requesters. We propose a method that combines attacker detection and throttling, conducted by a third trusted Backend, with a lightweight authentication protocol. For attacker detection and throttling, we propose a novel approach using rate limitation algorithms. In addition, we propose and...
more | pdf | html
Figures
None.
Tweets
cynicalsecurity: S. Hristozov et al., “Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks” […we propose a method that combines attacker detection and throttling, conducted by a third trusted Backend, with a lightweight authentication protocol…] https://t.co/vLDzEEJNM5
marc_ahx: [1911.08134] Protecting RESTful IoT Devices from Battery Exhaustion DoS Attacks - https://t.co/UMkZQ2Px8t on @arxiv
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 0
Unqiue Words: 0

2.009 Mikeys
#3. MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State
Sam Ainsworth, Timothy M. Jones
The disclosure of the Spectre speculative-execution attacks in January 2018 has left a severe vulnerability that systems are still struggling with how to patch. The solutions that currently exist tend to have incomplete coverage, perform badly, or have highly undesirable edge cases that cause application domains to break. MuonTrap allows processors to continue to speculate, avoiding significant reductions in performance, without impacting security. We instead prevent the propagation of any state based on speculative execution, by placing the results of speculative cache accesses into a small, fast L0 filter cache, that is non-inclusive, non-exclusive with the rest of the cache hierarchy. This isolates all parts of the system that can't be quickly cleared on any change in threat domain. MuonTrap uses these speculative filter caches, which are cleared on context and protection-domain switches, along with a series of extensions to the cache coherence protocol and prefetcher. This renders systems immune to cross-domain information...
more | pdf | html
Figures
None.
Tweets
cynicalsecurity: S. Ainsworth and T. Jones, “MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State” [abstract as an image] https://t.co/qhQOkXlZOo https://t.co/ADGxLoOxYW
Underfox3: In this paper, researchers have proposed a new approach to mitigate speculative side-channel exploits between domains at low overheads in hardware, without removing speculation, by adding speculative filter caches to store vulnerable state. https://t.co/zeXL48SXIm https://t.co/vvGuXw1JOz
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 10738
Unqiue Words: 2858

2.001 Mikeys
#4. ZKSENSE: a Privacy-Preserving Mechanism for Bot Detection in Mobile Devices
Panagiotis Papadopoulos, Inigo Querejeta Azurmendi, Jiexin Zhang, Matteo Varvello, Antonio Nappa, Benjamin Livshits
CAPTCHA systems have been widely deployed to identify and block fraudulent bot traffic. However, current solutions, such as Google's reCAPTCHA, often either (i) require additional user actions (e.g., users solving mathematical or image-based puzzles), or (ii) need to send the attestation data back to the server (e.g., user behavioral data, device fingerprints, etc.), thus raising significant privacy concerns. To address both of the above, in this paper we present ZKSENSE: the first zero knowledge proof-based bot detection system, specifically designed for mobile devices. Our approach is completely transparent to the users and does not reveal any sensitive sensor data to the service provider. To achieve this, ZKSENSE studies the mobile device's motion sensor outputs during user actions and assess their humanness locally with the use of an ML-based classifier trained by using sensor data from public sources and data collected from a small set of volunteers. We implement a proof of concept of our system as an Android service...
more | pdf | html
Figures
None.
Tweets
panpap88: @jeffbigham @ShriramKMurthi @svarvel_82 @jz448 @querejetaazinig @jeppojeps @convoluted_code @brave 4) Please @ShriramKMurthi @jeffbigham read more details about our work here https://t.co/QghlIMKvx5, we would love to hear your constructive feedback right after.
panpap88: Check zkSENSE, our privacy preserving and frictionless alternative to CAPTCHAs: - Working draft: https://t.co/QghlIMKvx5 - Demo: https://t.co/ltbFJFcu0Q Recent work with @svarvel_82 @jz448 @querejetaazinig @jeppojeps and @convoluted_code @brave
AndrewDeece: @amuellerml @karpathy @brave @DuckDuckGo This paper, https://t.co/gRW3AMlxpV has a solution, zkSENSE, w.r.t. “Numerous click farms with rows upon rows of zombie phone armies making money by simulating clicks, touch events, & views on ads that nobody actually watches”
ak1010: zkSENSE: a Privacy-Preserving Mechanism for Bot Detection in Mobile Devices https://t.co/vc3fs2Ib45
DistStateAndMe: RT @panpap88: Check zkSENSE, our privacy preserving and frictionless alternative to CAPTCHAs: - Working draft: https://t.co/QghlIMKvx5 - De…
malekz4deh: RT @panpap88: Check zkSENSE, our privacy preserving and frictionless alternative to CAPTCHAs: - Working draft: https://t.co/QghlIMKvx5 - De…
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 6
Total Words: 0
Unqiue Words: 0

1.998 Mikeys
#5. Zero-Interaction Security -- Towards Sound Experimental Validation
Mikhail Fomichev, Max Maass, Matthias Hollick
Reproducibility and realistic datasets are crucial for advancing research. Unfortunately, they are often neglected as valid scientific contributions in many young disciplines, with computer science being no exception. In this article, we show the challenges encountered when reproducing the work of others, collecting realistic data in the wild, and ensuring that our own work is reproducible in turn. The presented findings are based on our study investigating the limits of zero-interaction security (ZIS) -- a novel concept, leveraging sensor data collected by Internet of Things (IoT) devices to pair or authenticate devices. In particular, we share our experiences in reproducing five state-of-the-art ZIS schemes, collecting a comprehensive dataset of sensor data from the real world, evaluating these schemes on the collected data, and releasing the data, code, and documentation to facilitate reproducibility of our results. In our discussion, we outline general considerations when conducting similar studies and give specific examples...
more | pdf | html
Figures
None.
Tweets
hacksilon: Our latest paper, published in ACM GetMobile, was just released in the ACM DL and on ArXiv: https://t.co/u9z3hGrc8F It is a companion paper to our Zero-Interaction Security paper, and describes some of the challenges we faced when collecting the dataset for the paper. https://t.co/Nxn7v1zWzo
malexmave: RT @hacksilon: Our latest paper, published in ACM GetMobile, was just released in the ACM DL and on ArXiv: https://t.co/u9z3hGrc8F It is a…
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 0
Unqiue Words: 0

1.998 Mikeys
#6. Separating Local & Shuffled Differential Privacy via Histograms
Victor Balcer, Albert Cheu
Recent work in differential privacy has highlighted the shuffled model as a promising avenue to compute accurate statistics while keeping raw data in users' hands. We present a protocol in this model that estimates histograms with error independent of the domain size. This implies an arbitrarily large gap in sample complexity between the shuffled and local models. On the other hand, the models are equivalent when we impose the constraints of pure differential privacy and single-message randomizers.
more | pdf | html
Figures
None.
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 2
Total Words: 0
Unqiue Words: 0

1.998 Mikeys
#7. The impact of quantum computing on real-world security: A 5G case study
Chris J Mitchell
This paper provides a detailed analysis of the impact of quantum computing on the security of 5G mobile telecommunications. This involves considering how cryptography is used in 5G, and how the security of the system would be affected by the advent of quantum computing. This leads naturally to the specification of a series of simple, phased, recommended changes intended to ensure that the security of 5G (as well as 3G and 4G) is not badly damaged if and when large scale quantum computing becomes a practical reality. By exploiting backwards-compatibility features of the 5G security system design, we are able to propose a novel multi-phase approach to upgrading security that allows for a simple and smooth migration to a post-quantum-secure system.
more | pdf | html
Figures
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 1
Total Words: 9260
Unqiue Words: 2363

1.998 Mikeys
#8. TaskShuffler++: Real-Time Schedule Randomization for Reducing Worst-Case Vulnerability to Timing Inference Attacks
Man-Ki Yoon, Jung-Eun Kim, Richard Bradford, Zhong Shao
This paper presents a schedule randomization algorithm that reduces the vulnerability of real-time systems to timing inference attacks which attempt to learn the timing of task execution. It utilizes run-time information readily available at each scheduling decision point to increase the level of uncertainty in task schedules, while preserving the original schedulability. The randomization algorithm significantly reduces an adversary's best chance to correctly predict what tasks would run at arbitrary times. This paper also proposes an information-theoretic measure that can quantify the worst-case vulnerability, from the defender's perspective, of an arbitrary real-time schedule.
more | pdf | html
Figures
None.
Tweets
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 4
Total Words: 0
Unqiue Words: 0

1.998 Mikeys
#9. REFIT: a Unified Watermark Removal Framework for Deep Learning Systems with Limited Data
Xinyun Chen, Wenxiao Wang, Chris Bender, Yiming Ding, Ruoxi Jia, Bo Li, Dawn Song
Deep neural networks (DNNs) have achieved tremendous success in various fields; however, training these models from scratch could be computationally expensive and requires a lot of training data. Recent work has explored different watermarking techniques to protect the pre-trained deep neural networks from potential copyright infringements; however, they could be vulnerable to adversaries who aim at removing the watermarks. In this work, we propose REFIT, a unified watermark removal framework based on fine-tuning, which does not rely on the knowledge of the watermarks and even the watermarking schemes. Firstly, we demonstrate that by properly designing the learning rate schedule for fine-tuning, an adversary is always able to remove the watermarks. Furthermore, we conduct a comprehensive study of a realistic attack scenario where the adversary has limited training data. To effectively remove the watermarks without compromising the model functionality under this weak threat model, we propose to incorporate two techniques: (1) an...
more | pdf | html
Figures
None.
Tweets
Memoirs: REFIT: a Unified Watermark Removal Framework for Deep Learning Systems with Limited Data. https://t.co/7cDLC6CnNv
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 7
Total Words: 0
Unqiue Words: 0

1.998 Mikeys
#10. NeuronInspect: Detecting Backdoors in Neural Networks via Output Explanations
Xijie Huang, Moustafa Alzantot, Mani Srivastava
Deep neural networks have achieved state-of-the-art performance on various tasks. However, lack of interpretability and transparency makes it easier for malicious attackers to inject trojan backdoor into the neural networks, which will make the model behave abnormally when a backdoor sample with a specific trigger is input. In this paper, we propose NeuronInspect, a framework to detect trojan backdoors in deep neural networks via output explanation techniques. NeuronInspect first identifies the existence of backdoor attack targets by generating the explanation heatmap of the output layer. We observe that generated heatmaps from clean and backdoored models have different characteristics. Therefore we extract features that measure the attributes of explanations from an attacked model namely: sparse, smooth and persistent. We combine these features and use outlier detection to figure out the outliers, which is the set of attack targets. We demonstrate the effectiveness and efficiency of NeuronInspect on MNIST digit recognition...
more | pdf | html
Figures
None.
Tweets
BrundageBot: NeuronInspect: Detecting Backdoors in Neural Networks via Output Explanations. Xijie Huang, Moustafa Alzantot, and Mani Srivastava https://t.co/dKlhnG4W6r
Memoirs: NeuronInspect: Detecting Backdoors in Neural Networks via Output Explanations. https://t.co/190423j9c4
Github
None.
Youtube
None.
Other stats
Sample Sizes : None.
Authors: 3
Total Words: 0
Unqiue Words: 0

About

Assert is a website where the best academic papers on arXiv (computer science, math, physics), bioRxiv (biology), BITSS (reproducibility), EarthArXiv (earth science), engrXiv (engineering), LawArXiv (law), PsyArXiv (psychology), SocArXiv (social science), and SportRxiv (sport research) bubble to the top each day.

Papers are scored (in real-time) based on how verifiable they are (as determined by their Github repos) and how interesting they are (based on Twitter).

To see top papers, follow us on twitter @assertpub_ (arXiv), @assert_pub (bioRxiv), and @assertpub_dev (everything else).

To see beautiful figures extracted from papers, follow us on Instagram.

Tracking 225,776 papers.

Search
Sort results based on if they are interesting or reproducible.
Interesting
Reproducible
Categories
All
Astrophysics
Cosmology and Nongalactic Astrophysics
Earth and Planetary Astrophysics
Astrophysics of Galaxies
High Energy Astrophysical Phenomena
Instrumentation and Methods for Astrophysics
Solar and Stellar Astrophysics
Condensed Matter
Disordered Systems and Neural Networks
Mesoscale and Nanoscale Physics
Materials Science
Other Condensed Matter
Quantum Gases
Soft Condensed Matter
Statistical Mechanics
Strongly Correlated Electrons
Superconductivity
Computer Science
Artificial Intelligence
Hardware Architecture
Computational Complexity
Computational Engineering, Finance, and Science
Computational Geometry
Computation and Language
Cryptography and Security
Computer Vision and Pattern Recognition
Computers and Society
Databases
Distributed, Parallel, and Cluster Computing
Digital Libraries
Discrete Mathematics
Data Structures and Algorithms
Emerging Technologies
Formal Languages and Automata Theory
General Literature
Graphics
Computer Science and Game Theory
Human-Computer Interaction
Information Retrieval
Information Theory
Machine Learning
Logic in Computer Science
Multiagent Systems
Multimedia
Mathematical Software
Numerical Analysis
Neural and Evolutionary Computing
Networking and Internet Architecture
Other Computer Science
Operating Systems
Performance
Programming Languages
Robotics
Symbolic Computation
Sound
Software Engineering
Social and Information Networks
Systems and Control
Economics
Econometrics
General Economics
Theoretical Economics
Electrical Engineering and Systems Science
Audio and Speech Processing
Image and Video Processing
Signal Processing
General Relativity and Quantum Cosmology
General Relativity and Quantum Cosmology
High Energy Physics - Experiment
High Energy Physics - Experiment
High Energy Physics - Lattice
High Energy Physics - Lattice
High Energy Physics - Phenomenology
High Energy Physics - Phenomenology
High Energy Physics - Theory
High Energy Physics - Theory
Mathematics
Commutative Algebra
Algebraic Geometry
Analysis of PDEs
Algebraic Topology
Classical Analysis and ODEs
Combinatorics
Category Theory
Complex Variables
Differential Geometry
Dynamical Systems
Functional Analysis
General Mathematics
General Topology
Group Theory
Geometric Topology
History and Overview
Information Theory
K-Theory and Homology
Logic
Metric Geometry
Mathematical Physics
Numerical Analysis
Number Theory
Operator Algebras
Optimization and Control
Probability
Quantum Algebra
Rings and Algebras
Representation Theory
Symplectic Geometry
Spectral Theory
Statistics Theory
Mathematical Physics
Mathematical Physics
Nonlinear Sciences
Adaptation and Self-Organizing Systems
Chaotic Dynamics
Cellular Automata and Lattice Gases
Pattern Formation and Solitons
Exactly Solvable and Integrable Systems
Nuclear Experiment
Nuclear Experiment
Nuclear Theory
Nuclear Theory
Physics
Accelerator Physics
Atmospheric and Oceanic Physics
Applied Physics
Atomic and Molecular Clusters
Atomic Physics
Biological Physics
Chemical Physics
Classical Physics
Computational Physics
Data Analysis, Statistics and Probability
Physics Education
Fluid Dynamics
General Physics
Geophysics
History and Philosophy of Physics
Instrumentation and Detectors
Medical Physics
Optics
Plasma Physics
Popular Physics
Physics and Society
Space Physics
Quantitative Biology
Biomolecules
Cell Behavior
Genomics
Molecular Networks
Neurons and Cognition
Other Quantitative Biology
Populations and Evolution
Quantitative Methods
Subcellular Processes
Tissues and Organs
Quantitative Finance
Computational Finance
Economics
General Finance
Mathematical Finance
Portfolio Management
Pricing of Securities
Risk Management
Statistical Finance
Trading and Market Microstructure
Quantum Physics
Quantum Physics
Statistics
Applications
Computation
Methodology
Machine Learning
Other Statistics
Statistics Theory
Feedback
Online
Stats
Tracking 225,776 papers.